last executing test programs:

2m53.639620039s ago: executing program 32 (id=4405):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000400)=ANY=[@ANYRES32=0x0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xf4, &(0x7f0000001040), &(0x7f00000000c0)=0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
fcntl$setstatus(r3, 0x4, 0x2000)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x400}}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010fcff0001000000240002000000000073cd40880923bb56c6fb52c39d561bbeeac7ba471fae290a0b401b96ad7515881a75b0afa760bfbcb17c5aa94f704ec284507105f292ff74dd9588ebb024a16ad10ef74253f69f09dac43f8c0821a959330c"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ioctl$sock_SIOCBRADDBR(0xffffffffffffffff, 0x89a0, &(0x7f0000000500)='pimreg\x00')
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x153)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, &(0x7f0000000440)=""/182, 0xcb, 0xb6, 0x0, 0x400, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000001000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
write$binfmt_format(r5, &(0x7f0000000000)='1\x00', 0x1)
r6 = socket$packet(0x11, 0x3, 0x300)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f00000005c0)={0x0, 0x11, 0x6, @broadcast}, 0x10)
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0x0, 0xa}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

2m38.057626935s ago: executing program 33 (id=4593):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newtaction={0x98, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xfffffffd, 0x0, 0x4, 0x5, 0x4}, 0x3, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
io_uring_setup(0xc90, &(0x7f0000000080)={0x0, 0x0, 0x10})
r5 = io_uring_setup(0x3d67, &(0x7f0000000000)={0x0, 0xef3f, 0x1000, 0x3, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0x14, &(0x7f0000003480)={0x1237, 0x0, 0x4, &(0x7f00000001c0), 0x0}, 0x1)
io_uring_enter(r5, 0x18, 0x0, 0x1f, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_clone(0x126400, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000001c00c9242bbd7000fbdbdf2507000000", @ANYRES32=r7, @ANYBLOB="80001e0a0a000200aaaaaaaaaa1b000008000f"], 0x30}, 0x1, 0x0, 0x0, 0xc0041}, 0x0)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180))
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
syz_emit_ethernet(0x31, &(0x7f0000000300)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @broadcast, @val={@void, {0x8100, 0x6, 0x1}}, {@llc_tr={0x11, {@snap={0xaa, 0x1fe, "af", "39fd91", 0x7, "154891a70ffaba5d6f9e643c9cb1fbd65a006eb734d22b"}}}}}, &(0x7f00000003c0)={0x0, 0x4, [0x71f, 0x387, 0x605, 0x2ab]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

2m4.076939227s ago: executing program 2 (id=4988):
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000000), 0xfc, 0x59c, &(0x7f0000001500)="$eJzs3e9rJGcdAPDvbHbz4y6aKH1RhdbDFu6KXnLp2TaI9k4Q3xWU6usz5PZCuE32SDZtEw7N4R8giNiCb/SVbwT/AEHuTyiCYN+LFeXQq4JFtCMzO5vspTu3SS67q8nnA5N5duaZ+X6f2d3Z2ZlnMwGcWRci4npEjEXECxExU0yvFEPstoes3gcP7y5nQxJp+vpfk0iKaVm1JGIsKZY9Xyw22R49aqo92tzeub3UaNQ3isnzrbU785vbO5dX15ZW6iv19atXF15efGXxpcUrJ9LOrF2vfv1PP/nhL77x6m+++OYfbvzl0veyfKeL+Z12nLT2Nqll22JPNSI2BhFsBMaK9vwrbetdqzrstAAAKJEd4386Ij6fH//PxFifY7XxrnIy8OwAAACAk5Bem45/JxHpEdWOvAQAAAAwKpW8D2xSmSv6AkxHpTI31+7D+1ScqzSam60v3Gpurd9s95WdjVrl1mqjfiXvUzsREbUke7ywd0ah/fjFvG42JI/0Af7xzFQ+f2652bg5ihMeAAAAcAadP/D9/x8z7e//AAAAwCkzW4zPjTgPAAAAYHBmR50AAAAAMHDH+P4/Pog8AAAAgIH45muvZUPauf/1zTe2t24337h8s755e25ta3luublxZ26l2VxppBMRa/3W12g273wp1rfemm/VN1vzm9s7N9aaW+utG6uP3AIbAAAAGKJPfe7+e0lE7H55Kh+ic21/rGQBvxWAU6NyyHpp9uf9weYCDFfZxzxw+lUfP7usm+/EIHIBhqvWHiWjzgMYnX47gMmyGu8eK5yfDwEAwAhc/Mz999Lk49f/q/vnBoBT6rDX/4HTp+T6fzoz7ESAoSu9/t+nYwDw/6+mByCcef2v/5d4N591vX+ENO27LgAAYKCm8yGpzBXXAqej8mHaFrNRS26tNupXIuKTEfH7mdpE9nghXzLxowEAAAAAAAAAAAAAAAAAAAAAAAAAOKQ0TSI9huqxlgIAAABGIaLy56S4D/DFmeenD54fGE8+zG8F/FGapm/+9PW331pqtTYWsul/y6ePR0TrnWz6+ChOXwAAAABdOnf5z7+/v1gbcTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFYfPLy73BmGGffB1yJitlf8akzm48moRcS5vydR7VouiYixE4i/ey8inu4VP8nSitkii4PxKxExlWfxxPErRbEs/jNpmvaMf/6Jo8PZdj/b/1zv9f6vxIV83Pv9X20P1540fmf/d75rH9yJ39n/je3F/+pe8GzP84lDxvjs73413/XwO/vFifb8au/9Xyd+UrL/fa5XsOrHJ3332zs7ZbmlP4+42Gl7GhFd8btjzbfW7sxvbu9cXl1bWqmv1NevXl14efGVxZcWr8zfWm3Ui7/7K3473Sv+6Jlff1QW/8GFiHMR6czDu8vjnZyKD5bZ9ugryV4q44/k9HxWqJWted9/9hfrrp2v9cG9iEvP7W3/9Ptdz//T+bjn9v/ZP9Nc/jmQzb9YfCYku+1yRPHyjYhnf/nbZ0vbf2+yKB39+b/Uv+m5F771gz8esioAMASb2zu3lxqN+sbAC++kaXq4ytlRaXmdtDga60xJInYP1skO4E64FVMRUTIrYicm96ZMFVs1Drvmp0pTfX8qYkjPzlEL145SOZ040ost2f0faOAZLoznL8iR7pYAAIAB2D/6H3UmAAAAAAAAAAAAAAAAAAAAcHYN4/+KHYy5O5qmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA81n8DAAD//x3CzJ0=")
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
r1 = epoll_create1(0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r5 = inotify_init1(0x800)
dup3(r5, r4, 0x0)
r6 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x3, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x4, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r6, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000400)={0xa})
epoll_pwait(r1, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x1, 0x1, 0x5, 0x2, 0x3, 0xb, 0x40, 0x5, 0x9, 0x0, 0x0, 0x4, 0x4, 0x80}, 0xe)
r9 = fspick(r0, &(0x7f0000000180)='./file0\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r9, 0x5, &(0x7f0000000040)='\x00', 0x0, r9)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f00008a2000/0x3000)=nil, 0x3000, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r10, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d440fe0000000000002900000004000000", 0xfe60)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

2m1.598681111s ago: executing program 2 (id=5011):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
close(r0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r3=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r3}}], 0x20, 0x2400e044}, 0x0)

2m0.673969474s ago: executing program 2 (id=5021):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0500000004000000df7f000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
dup2(r1, r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x96, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x74, 0x0, @opaque="e3ea97ce389df615d10be1fe50137f7ac72ea8751df6742b55bd9d82992781d0f725feddf950beec02b6cc77303c0770fbf3ebe7b470a3b05e0e009b07711c03590afcdecc32edc284df7a3efe4007a24d364b07271d4419c5dea1d13a6ae054eb39a700785b7dff09def89a"}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
unshare(0x22020600)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x2c, 0x0, 0x301, 0x0, 0x25dfdbfb, {0x1c}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}]}]}, 0x2c}}, 0x40006)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r4, 0x4010744d, &(0x7f0000000180))

2m0.23129847s ago: executing program 2 (id=5030):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='mm_page_alloc\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x562, &(0x7f0000000440)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIuHMyla+uPCV7MS9HhQG+8miE9K6PpMpp0rHXgduFuvJEheOFAvNd7L4f/gH/FQIdDRvHGm8hJT7quSdasy9rMfD5w2vfNe5L3PDnnefOenIQEMLQmsj+FiJcj4psk4nBEJHnbaOSNE2vrrT68Xs6WJBqNT/5KsvX2R0S59Vit+x3MKy9FxK9fRZwstPdbW16ZL1Uq6WJe3xsLVyZryyunLi2U5tK59PL0zMyZt2am333n7b7E2fhy7f/Hdz848/Xx1e9+vn/kdhJn41DensXVh25ubKxMxET+nIzF2U0rTvWhs0GS7PYGsC0jeZ6PRTYGHI6RPOuB/77sZbEBDKlE/sOQas0DWuf2fToPfmE8eH/tBKg9/tG190ZiX/Pc6MBq8tiZUXa+O96H/rM+fvnjzu1sif69DwGwpRs3I+L06Gj7+Jfk49/2ne5hnc19GP9g59zN5j9vdJr/FNbnP9Fh/nOwQ+5ux9b5X7jfh266yuZ/73Wc/65ftBofyWv/a875xpKLlyppNrb9PyJOxNjerP6k6zlnVu81urVtnP9lS9Z/ay6Yb8f90b2P32e2VC89S8wbPbgZ8UrH+W+yvv+TDvs/ez7O99jHsfTOa93ato7/+Wr8GPF6x/3/6IpWVpqsd70+Odk8HiZbR0W7v28d+61b/7sdf7b/Dzw5/vFk4/Xa2tP38cO+f9K8uG9z22PxR+/H/57k02Z5T37btVK9vjgVsSf5qP326Uf3bdVb62fxnzj+5PGv0/G/PyI+7zH+W0d/erVb2yDs/9mn2v9PX7j34Rffd+u/t/HvzWbpRH5LL+Nfrxv4LM8dAAAAAAAADJpCRByKpFBcLxcKxeLa5zuOxoFCpVqrn7xYXbo8G83vyo7HWKF1pfvwhs9DTOWfh23VpzfVZyLiSER8O7K/WS+Wq5XZ3Q4eAAAAAAAAAAAAAAAAAAAABsTBLt//z/w+0rb6Z3/u/CYCz5Of/IbhtWX+9+OXnoCB5PUfhpf8h+El/2F4yX8YXvIfhpf8h+El/2F4yX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq/PnzmVLY/Xh9XJWn726vDRfvXpqNq3NFxeWysVydfFKca5anaukxXJ1YavHq1SrV6amY+naZD2t1SdryysXFqpLl+sXLi2U5tIL6diORAUAAAAAAAAAAAAAAAAAAAAvltryynypUkkXFRS2VRgdjM1Q6HNht0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjk3wAAAP//cHo1gQ==")
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000000c0)={[{@user_xattr}, {@jqfmt_vfsold}, {@noinit_itable}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x55f, &(0x7f0000000400)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7P0J6V0XQZTTrWOnC7cDfeyBBEHIj3eu/l8B/wrxjoYMgoeuFN5KQnXbYmTdZlS2c+HzjlffOe5D1PznnevifnhAQwtCayP4WIlyLi6yTiUEQkedto5I0T6+utPbg2my1J1Ouf/Jk01svqzddqPm9/Xvl/RPz6ZcSJwuZ+qyurC6VyOV3K65O1xcuT1ZXVkxcXS/PpfHppembm9Fsz0+++83bfYn393N/ffXzng9NfHVv79ud7h28lcSYO5G2tcTyF662ViZjI35OxOPPYilN96GwnSQa9AWzLSJ7nY5GNAYdiJM964L/vi4iod7Jnq0bgxZdIcRhSzXlA89y+T+fBL4z776+fAG2Of3T9s5HY0zg32reWPHJmlJ3vjveh/6yPX/64fStbon+fQwB0df1GRJwaHd08/iX5+Ld9p3pY5/E+jH/w/NzJ5j9vtJv/FDbmP9Fm/rO/Te5uR/f8L9zrQzcdZfO/99rOfzcuWo2P5LWDjTnfWHLhYjnNxrb/RcTxGNud1be6nnN67W69U1vr/C9bsv6bc8F8O+6N7n70OXOlWulpYm51/0bEy23nv8nG/k/a7P/s/TjXYx9H09uvdmrrHv+zVf8x4rW2+//hFa1k6+uTk43jYbJ5VGz2182jv3Xqf9DxZ/t/39bxjyet12urT97HD3v+STu1PRJ/9H7870o+bZR35Y9dLdVqS1MRu5KPNj8+/fC5zXpz/Sz+48e2Hv/aHf97I+KzHuO/eeSnV3qKf0D7f+6J9v+TF+5++Pn3nfrvbfx7s1E6nj/Sy/jX6wY+zXsHAAAAAAAAO00hIg5EUihulAuFYnH9/o4jsa9QrlRrJy5Uli/NReO7suMxVmhe6T7Ucj/EVH4/bLM+/Vh9JiIOR8Q3I3sb9eJspTw36OABAAAAAAAAAAAAAAAAAABgh9jf4fv/md9HBr11wDPnJ79heHXN/3780hOwI/n/D8NL/sPwkv8wvOQ/DC/5D8NL/sPwkv8wvOQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAA9NW5s2ezpb724NpsVp+7srK8ULlyci6tLhQXl2eLs5Wly8X5SmW+nBZnK4vdXq9cqVyemo7lq5O1tFqbrK6snl+sLF+qnb+4WJpPz6djzyUqAAAAAAAAAAAAAAAAAAAAeLFUV1YXSuVyuqSgsK3CaO8rXzm4Q7ZZoXth0CMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADz0bwAAAP//DqozVA==")
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x100008)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10000, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000ff0000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="ad00000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfffffffb, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6, 0x0, 0xe}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x44}}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r5}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000a00)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000002440)='ext4_allocate_blocks\x00', r1}, 0x18)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, 0x0)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1m59.670320868s ago: executing program 2 (id=5035):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x10000, &(0x7f0000000200)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c6e6f636173652c73686f72746e616d653d6d697865642c726f6469722c73686f72746e616d653d6d697865642c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c726f6469722c757466383d312c616c6c6f775f7574696d653d30303030303030303030303030303030303030373335312c6572726f72733d72656d6f756e742d726f2c736d61636b6673666c6f6f723d756e8b5f786c2174653d312c00"], 0x6, 0x2d0, &(0x7f0000000300)="$eJzs3b1uHFUUAOAz653ZBYp1QYWQGAkKqihOS7MWSiSEKyIXQAGGJBLyrpBiyRI/YklFS0NBwRNQ8SA0iBdAokWiI0iRLprZmf1xJhstYRMg39f4+N5z5p67O7bHha/ff3F6eqOMW3c+/yWGwyx64xjH3Sz2oxetL2PN+OsAAP7L7qYUv6e5beqyiBjuri0AYIe2/vn/w85bAgB27Prb77x5eHR09a2yHMa16Vfnx9Vv9tXH+fzhrfgoJnEzLsco7kXUDwp51E8LVXgtpTTrl5X9eGU6Oz+uKqfv/dhc//C3iLr+IEaxXw8tnjbq+jeOrh6Ucyv1s6qPZ5v1x1X9lRjF84vitforHfVxXMSrL6/0fylG8dOH8XFM4kbdxLL+i4OyfD1988dn71btVfXZ7Px4UOctpb3H/NYAAAAAAAAAAAAAAAAAAAAAAPA/dqk5O2cQ9fk91VBz/s7eveqTPMrW/vr5PPP6rL3Q6vlAKaVZiu/a83Uul2WZmsRlfT9e6Ef/yewaAAAAAAAAAAAAAAAAAAAA/l3OPvn09GQyuXn7Hwna0wD6EfHn9Yi/e53xyshLsTl50Kx5Mpn0mnA9pz9YGYm9NieL2NhGtYnuqZStLtF79Nfwmft6boLvP8i3vODw4Tl591oXg/4j7Ku9u05Psu7XcBDtyLC5Sb4tIpY5RTxkifZdLx6Uk2Kb26/onBptvffiuTqYbciJbFNjr/0631czkl3cRVG/qp3leRNEHt1fMsMH3M/dwf3fKzKndQAAAAAAAAAAAAAAAAAAwE5liz/67Zi8s7G0lwY7awsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHquzxf//XwQ/5xGLkXxtqglmTXHH1MWgiNtnT3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAX+CgAA//8wK1Yb")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)

1m58.860286539s ago: executing program 2 (id=5040):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b40000001000090400000000000000", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m58.83918915s ago: executing program 34 (id=5040):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b40000001000090400000000000000", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m46.466261852s ago: executing program 5 (id=5251):
r0 = epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, 0x0)
read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0x10000, @ipv4={'\x00', '\xff\xff', @local}, 0x9}, @in6={0xa, 0x4e22, 0x3ff, @local, 0x2}], 0x38)
r4 = socket(0x2, 0x80805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000200)={<r6=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x7a, &(0x7f0000000340)={<r7=>r6, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f0000000480)={r7}, &(0x7f0000000400)=0x8)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000))

1m46.423625072s ago: executing program 5 (id=5253):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
rename(&(0x7f0000000580)='./file0\x00', 0x0)

1m46.423189752s ago: executing program 5 (id=5254):
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x8, 0x26, 0x40, 0x7, 0x0, 0x0, 0xa005a, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x7, 0x1}, 0x100987, 0x2, 0xb, 0x4, 0x81, 0x2, 0x5, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x4, 0x12011, r0, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x7fffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r1)
unshare(0x22020400)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@abs={0x1}, 0x6e)
bind$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

1m46.361848303s ago: executing program 5 (id=5255):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x4, 0x0, 0x0, 'queue0\x00'})
r2 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c1, &(0x7f00000005c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZzWSNMZHNyu1+Ps0++8zznfk9k4fsbJEnH748Obqfx8MnX/wSWZZEZxjDOEliEJ1ofBULht8EAPAsOymK+L2Y2SSXRES2vbIAgC1a7+9/d9786VLKAgC26N677729f3Bw550ssrg7+fp4VP5nX/6cHd9/GB/HOB7Ea9GP04jqQWE3qqeFsnm3KIppNy8N4uZkejwqk5MPntbn3/8tosrvRT8GVdfZ00aVf+vgzl4+08pPyzqer68/LPO3ox8vnoUX8reX5GOUxquvtOq/Ff34+aP4JMZxvypinv9yL8/fLL794/P3y/LKfDI9HvWqcXPFziW/NAAAAAAAAAAAAAAAAAAAAAAAXGG36r1zepHfiJuTsqvef2fnNNLy17wxWNyfZ5ZPmhO19wcqimJaxPetLQXzoh44z3fjpW57Y0EAAAAAAAAAAAAAAAAAAAC4vh5/+tnR4Xj84NGFNJrdALoR8ee9iP96nmGr50asHtyrr3k4Hnfq5sKYp2m7J3aaMUnEyjLKSVzQbfm3xnPna24aP/xYTnCTE2atnteXT3B3+/NqVtfRYbL8Wr1oerJ6kXyXRszHpLHmtdJ/OlTEJssvXXqov/Hc0xeqxnTFmEhWFfbGr7M7V/ck52eRVnd1aXy3brTi59bGWq97ZLP4398rkmq3jt723owAAAAAAAAAAAAAAAAAAOCam3/6d8nBJyujncJHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Iubf/79BY1qH1xicxqPH//MUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAb+CgAA//8HIVi7")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x275a, 0x0)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r3, 0x40047211, &(0x7f00000000c0)=0x4)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x8882)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x4}, 0xd023})
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x11, 0x2, 0x6, 0x4, 0x0, 0x70bd29, 0x25dfdbff, [@sadb_sa={0x2, 0x1, 0x4d6, 0x9, 0x81, 0xb3, 0x4}]}, 0x20}}, 0x40000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
write$sndseq(r4, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0xfd, @tick=0x4, {}, {}, @raw32}], 0x1c)
sendmsg$key(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[], 0x38}}, 0x0)
rseq(&(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={0x0, 0x1, 0x7, 0xf2, 0x7}, 0x2}, 0x20, 0x1, 0x0)
r7 = openat2(r2, &(0x7f0000000980)='./file1\x00', &(0x7f00000009c0)={0x101000, 0x188, 0x3a}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r10=>0x0})
bind$can_raw(r9, &(0x7f0000000200)={0x1d, r10}, 0x10)
sendmsg$nl_route_sched(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r10, {0x1, 0x6}, {0x4}, {0x1}}}, 0x24}}, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x23, &(0x7f0000000b40)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000a00)=""/252, 0xfc, 0x1, &(0x7f0000000b00)=""/21, 0x15}, &(0x7f0000000b80)=0x40)
r11 = accept4$unix(0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000180)=0x6e, 0x0)
recvmsg$unix(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000480)=""/111, 0x6f}], 0x1, &(0x7f0000000500)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x100}, 0x103)

1m46.246139185s ago: executing program 5 (id=5258):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000740)=@framed={{}, [@btf_id={0x18, 0xa, 0x3, 0x0, 0x3}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000100)=0x100000001)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x3e}, 0x18)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(0xffffffffffffffff)

1m46.008083518s ago: executing program 5 (id=5261):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000001300)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m46.007905858s ago: executing program 35 (id=5261):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000001300)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m8.835247764s ago: executing program 3 (id=5826):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001500)="b25b365cfe54a7c6fc7ea6155a71b613b02d1645aab67271075189c3540c4dd19ebfb3c4acf87f2eeb258e62cc6ae96db360d874500cb86b4185ee533bf708", 0x3f}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)="08e0ac8fb1d99df61d7b518d0a62071e7ec69f658d5a52d7eb7ea31db43f8cf570f335a80860ac4cc240dc149d8468493db8aad089f590d62e0bcb9d1dcee636ee311ee51839b7201745baef82209b2ab741dc5ea481ae9dcebe39b1101a42a8c82de46107541c240ad0d9ee4a9340cffd72aaea692a60993637c81d23a0d0ebbae66f1eb2771df2482c043d8715ae788b56cc91eaa4d6bbdec82d8f91eb822d0b5f3ebd86", 0xa5}, {&(0x7f0000000180)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce90bfdbcfb8a86a74f6799f98c36e23e210f053830ac8e978a0785884001a7099c4b9016f1a65a57390caf78c272cbf9711f94505dd525af1ff7d013438df5b844226f41b81e58eb73366", 0x4b}, {&(0x7f0000000540)="f2e659a0b00d26c2ee15", 0xa}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001680)="d8", 0x1}, {&(0x7f0000001600)="f2964dd16e01d56b414499264923beda58d7da0313c1ccafe53965750f25bdaa6b56a87307ec23d48b6f35ce49a813a2bc3cb23fdf42826bdc16788ff466919594de5bf8a1fa5d825947271ade4a95efeb170c", 0x53}, {&(0x7f0000001340)="b8", 0x1}, {&(0x7f0000000500)="01", 0x1}, {&(0x7f0000000280)="87", 0x1}], 0x7}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)}], 0x1}}], 0x4, 0x4000000)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

1m8.834882374s ago: executing program 3 (id=5827):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x200, 0x800, 0x25dfdbee, {0x0, 0x0, 0x0, 0x0, {0x4, 0x5}, {0x0, 0x6}, {0x5, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_TARGET={0x8, 0x1, 0xa0}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b0568", @ANYBLOB], 0x3}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
ioctl$BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b0400000000000000bc45ff810500000000000058000b480400945f64009400060000005a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff14f763c19bead13fb00bc0513903bb1ae8a7a9d5f629a5cfa69d76fa8d4351c3ddea5522fb50cdc7c4ef92832a38ad965a9a76", 0x8b}], 0x1)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX])
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000300)={<r5=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, &(0x7f00000003c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000240), r5, 0x81}}, 0x18)
socket$key(0xf, 0x3, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1m7.962125687s ago: executing program 3 (id=5842):
mknodat$null(0xffffffffffffff9c, 0x0, 0xb0a54e68b1cd2fdb, 0x103)
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xfde1, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)

1m7.931668537s ago: executing program 3 (id=5843):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x100000001}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100644f90917cfed1ae513e9f3606bf90530000000000000000010000000500aff1c65bc807a0b8050001000000040004000500060000000300"], 0x30}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'\x00', 0x1})
ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x1)
ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x3)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
write$binfmt_register(r2, &(0x7f0000000140)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x2007, 0x3a, 'M', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n;H\xd8\xdf\x9a, \\E\xd4\xab\x1ed', 0x3a, './file2', 0x3a, [0x46]}, 0x4b)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r7=>0x0})
r8 = syz_io_uring_setup(0x10d1, &(0x7f0000000340)={0x0, 0x6bf6, 0x100, 0x3, 0x11}, &(0x7f00000000c0)=<r9=>0x0, &(0x7f0000000300)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r10, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x3fffe, 0x2, 0x0, {0x0, r11}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x1000, 0x0, 0x0, 0x1000004}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r9, r10, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r8, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001780)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r7, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r7], 0x7c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)

1m7.0152579s ago: executing program 3 (id=5853):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x200, 0x800, 0x25dfdbee, {0x0, 0x0, 0x0, 0x0, {0x4, 0x5}, {0x0, 0x6}, {0x5, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_TARGET={0x8, 0x1, 0xa0}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b0568", @ANYBLOB], 0x3}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
ioctl$BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b0400000000000000bc45ff810500000000000058000b480400945f64009400060000005a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff14f763c19bead13fb00bc0513903bb1ae8a7a9d5f629a5cfa69d76fa8d4351c3ddea5522fb50cdc7c4ef92832a38ad965a9a76", 0x8b}], 0x1)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX])
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000300)={<r5=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, &(0x7f00000003c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000240), r5, 0x81}}, 0x18)
socket$key(0xf, 0x3, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1m6.055133433s ago: executing program 3 (id=5862):
r0 = socket$netlink(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000035b1ce4c000000000008000000c596020008000000951d000000000000"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$inet(0x2, 0x80001, 0x84)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$getregset(0x4204, r4, 0x2, 0x0)
r5 = socket$inet(0x2, 0x2, 0x88)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r5, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x5}, 0x2004c000)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)
getsockopt$WPAN_WANTACK(r6, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000380)=0x4)
close(0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="720adfff0000000071103900000000009500000000000000bfc78aea7422f4267f2da4ccfea3eae301d43b679fd7797451588f405b4b48ae2ef365164d046ce680646b214065ebf029ce90b4418d68be18385a052aae578da89b8a4158c1b66c26f07157704ee1b226355c342a8a210d43f7cd07d40644098f4c4481f0c6655122d546abf22eca8b9b2fa1fc288829f547d391f716a371191aa924c5382fd00472b219950d132ee8a608aa58ee845dfb206585a6a4dfa10ac7ed679816e47253e7e03dd17269b374"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, 0x0, 0x40)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x123402, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1m6.043516953s ago: executing program 36 (id=5862):
r0 = socket$netlink(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000035b1ce4c000000000008000000c596020008000000951d000000000000"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$inet(0x2, 0x80001, 0x84)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$getregset(0x4204, r4, 0x2, 0x0)
r5 = socket$inet(0x2, 0x2, 0x88)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r5, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x5}, 0x2004c000)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)
getsockopt$WPAN_WANTACK(r6, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000380)=0x4)
close(0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="720adfff0000000071103900000000009500000000000000bfc78aea7422f4267f2da4ccfea3eae301d43b679fd7797451588f405b4b48ae2ef365164d046ce680646b214065ebf029ce90b4418d68be18385a052aae578da89b8a4158c1b66c26f07157704ee1b226355c342a8a210d43f7cd07d40644098f4c4481f0c6655122d546abf22eca8b9b2fa1fc288829f547d391f716a371191aa924c5382fd00472b219950d132ee8a608aa58ee845dfb206585a6a4dfa10ac7ed679816e47253e7e03dd17269b374"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, 0x0, 0x40)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x123402, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

49.772453979s ago: executing program 7 (id=6057):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001540)=@newtaction={0x488, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x1, 0xb5, 0x649f, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0x7fffffff, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x226, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x6, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0x9, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x2000007, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xff, 0x7, 0x2, 0x7ff, 0x6, {0x9, 0x1, 0x8, 0xef3, 0x9, 0x1}, {0x2, 0x1, 0x2, 0x827, 0x29a, 0x100}, 0x3, 0x9, 0x7}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)

49.74401662s ago: executing program 7 (id=6058):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, r2)
r4 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, 0x0)
r5 = add_key$user(&(0x7f0000000600), &(0x7f0000000640)={'syz', 0x2}, &(0x7f0000000680)="3166d1a9", 0x4, r4)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000780)={r5}, &(0x7f00000007c0)=ANY=[@ANYBLOB="656e633d6f61657020686173683d686d6163287368610035362d636529000000000000000000000000000000000000000010000000811700"/78], 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x2000000000000055, &(0x7f0000000480)=ANY=[], 0x0, 0x7e, 0x0, 0x0, 0x41100, 0x36, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r8 = open(&(0x7f0000000580)='./file1\x00', 0x64842, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
creat(&(0x7f0000000540)='./file0\x00', 0x16d)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
bind$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs={0x1}, 0x2)
ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x40187013, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000480)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x84800)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r8, 0xc018937c, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0}, './bus\x00'})
dup(r9)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r10 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
perf_event_open(&(0x7f0000000880)={0x5, 0x80, 0x6, 0x3, 0x3c, 0x1, 0x0, 0xc684, 0x80000, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={&(0x7f0000000400)}, 0x10208, 0x1, 0x800, 0x6, 0x3, 0xfd0, 0x6, 0x0, 0x3, 0x0, 0x2}, 0x0, 0xe, 0xffffffffffffffff, 0xa)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r10) (fail_nth: 9)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000440)={'syz', 0x3}, 0x0, 0x0, r3)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023896)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x80000, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRESHEX=r7, @ANYBLOB="2c774c0ad06a90", @ANYRESHEX=r3])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)

49.329772465s ago: executing program 7 (id=6060):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000180)={0x80, 0x2a, 0x3})

49.319529825s ago: executing program 7 (id=6062):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000880)={0x6, &(0x7f0000000840)=[{0x1, 0x0, 0x7, 0x8000}, {0x9, 0x9, 0x1, 0x7ff}, {0x9, 0x1, 0x9, 0x7}, {0x2, 0x9, 0xfe, 0xb44a}, {0x1, 0xf1, 0x9, 0x70d8}, {0x116, 0xe, 0x4, 0x2}]})
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x2001}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000800), r1)
r2 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
pipe(&(0x7f00000008c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x7, 0x9)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x1c8, 0xc8, 0x8, 0x1c8, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@ipv6={@local, @private1, [0xffffff00, 0xff000000], [0xff, 0x34da508f3e8fb0eb, 0xff000000, 0xff], 'veth0_to_batadv\x00', 'veth1_to_team\x00', {0xff}, {0xff}, 0x89, 0x7, 0x7, 0x38}, 0x0, 0x190, 0x1c8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x100, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee0500000000000000ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06d7d4e252c3394fed47bf78c70f607b0178fa5ea3350ebc989f1f34a214e67442ce98bbaa8e0f7323a4ca0a7be6c60c527bac2b500", 0x1, 0x3}}, @common=@hl={{0x28}, {0x3, 0x11}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x6, 0x7}, {0x3, 0x3, 0x6}, {0x1, 0x1, 0x2}, 0x3, 0x29b}}}, {{@ipv6={@remote, @loopback, [], [], 'macvtap0\x00', 'syzkaller1\x00', {}, {0xff}, 0x16, 0x0, 0x2}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00', {0xfffffffffffffffd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f00000007c0)={'syztnl0\x00', &(0x7f0000000740)={'ip6gre0\x00', <r7=>0x0, 0x2f, 0x7, 0x3, 0x6, 0x10, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @empty, 0x80, 0x7, 0x2}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffee9, 0x0, 0x0, 0xfffffffffffffc79, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r8}, 0x10)
write$P9_RWRITE(r5, &(0x7f0000000040)={0xb, 0x77, 0x87}, 0x10c00)
read(r4, &(0x7f0000032440)=""/102364, 0x18fdc)
mknod$loop(0x0, 0x0, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r9 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)

48.442496768s ago: executing program 7 (id=6074):
r0 = socket$netlink(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x10)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r1, 0x2007ffc)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, @void, @value}, 0x94)
sendfile(r1, r1, 0x0, 0x800000009)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r2, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fbdbdf251e00000008000300", @ANYRES32=r4, @ANYBLOB="50002f800c0002000203aaaaaaaaaaaa0c000380080001000200000034000380080001000000000028000380060001000200000008000200030000000c0004"], 0x6c}, 0x1, 0x0, 0x0, 0x20000041}, 0x4880)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010100}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:hald_cache_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

47.313129863s ago: executing program 7 (id=6093):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x200, 0x800, 0x25dfdbee, {0x0, 0x0, 0x0, 0x0, {0x4, 0x5}, {0x0, 0x6}, {0x5, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_TARGET={0x8, 0x1, 0xa0}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b0568", @ANYBLOB], 0x3}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
ioctl$BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b0400000000000000bc45ff810500000000000058000b480400945f64009400060000005a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff14f763c19bead13fb00bc0513903bb1ae8a7a9d5f629a5cfa69d76fa8d4351c3ddea5522fb50cdc7c4ef92832a38ad965a9a76b283", 0x8d}], 0x1)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX])
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000300)={<r5=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, &(0x7f00000003c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000240), r5, 0x81}}, 0x18)
socket$key(0xf, 0x3, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

32.250552532s ago: executing program 37 (id=6093):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x200, 0x800, 0x25dfdbee, {0x0, 0x0, 0x0, 0x0, {0x4, 0x5}, {0x0, 0x6}, {0x5, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_TARGET={0x8, 0x1, 0xa0}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b0568", @ANYBLOB], 0x3}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
ioctl$BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b0400000000000000bc45ff810500000000000058000b480400945f64009400060000005a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff14f763c19bead13fb00bc0513903bb1ae8a7a9d5f629a5cfa69d76fa8d4351c3ddea5522fb50cdc7c4ef92832a38ad965a9a76b283", 0x8d}], 0x1)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX])
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000300)={<r5=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, &(0x7f00000003c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000240), r5, 0x81}}, 0x18)
socket$key(0xf, 0x3, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

6.947246094s ago: executing program 9 (id=6501):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x58}}, 0x0)

6.910311465s ago: executing program 9 (id=6502):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001540)=@newtaction={0x488, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x1, 0xb5, 0x649f, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0x7fffffff, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x226, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x6, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0x9, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x2000007, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xff, 0x7, 0x2, 0x7ff, 0x6, {0x9, 0x1, 0x8, 0xef3, 0x9, 0x1}, {0x2, 0x1, 0x2, 0x827, 0x29a, 0x100}, 0x3, 0x9, 0x7}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)

6.894645925s ago: executing program 9 (id=6503):
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f0000000500)=""/136, 0x88, <r0=>0x0, &(0x7f0000000a00)=""/4096, 0x1000}}, 0x10)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
readv(r1, &(0x7f0000000580)=[{0x0}, {0x0}, {&(0x7f0000000840)=""/245, 0xf5}], 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xc, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a1b"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x2, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
accept4(r3, 0x0, 0x0, 0x800)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, 0x0)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
ioctl$TCSETSW2(r5, 0x402c542c, &(0x7f0000000140)={0x106, 0x8001, 0xe, 0x3, 0x7, "63ff08000000000010000100000100000000fc", 0x64, 0x1})
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
r6 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r6, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
connect$llc(r6, &(0x7f0000000340)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random="48bd00"}, 0x10)

6.011582017s ago: executing program 9 (id=6513):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=")
open(&(0x7f0000000180)='./bus\x00', 0x10137e, 0x11)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendto$unix(0xffffffffffffffff, &(0x7f0000000000)="b100050400000400000000000700000033", 0xfffffffffffffdfc, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
r5 = shmget$private(0x0, 0x3000, 0x28d, &(0x7f00003e4000/0x3000)=nil)
shmctl$IPC_SET(r5, 0x1, &(0x7f0000000000)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x0, 0xff7e, 0x0, 0xffffffffffffffff, 0x2280})
setuid(0xee01)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3, 0x5012, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
shmctl$IPC_STAT(r5, 0x2, &(0x7f0000000240)=""/95)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5400000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000100000000002c0012800b00010067726574617000001c00028006000e000200000006000f000700000008000700ac14142808000a00c6331f6a4391d6c6091aafd83891e374f19b668cac6bfab624ecb32397b20c233aabba22085829b109fa40abcde4e4fc1f4ea9515d171753802b7c7368dfc0c3920adb046ef41c6a3ef4881a9d32c5064b52f07ee2c04d3f2c653cd0a6182bdabb4208d36344f1c1c53fcf5eadc13a9a2b1fd2d83d797e", @ANYRES32=r4, @ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x104)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x28}}, 0x0)

5.79002502s ago: executing program 9 (id=6517):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc0000000000000000000000000000000000000000000000fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000440005007f000001000000000000000000000000000000003c00000000000000fc02000000000000000000000000000000000000000000000000000000000000000000000c000800"], 0x178}}, 0x0)

5.554098724s ago: executing program 9 (id=6521):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x2000009e, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
preadv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f00000018c0)=""/220, 0xdc}], 0x1, 0x0, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x16, &(0x7f0000000240)=ANY=[@ANYRESHEX=r0, @ANYRESOCT=0x0], &(0x7f0000000300)='GPL\x00', 0x7ffffd, 0x0, 0x0, 0x41000, 0x16, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x62040200)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x7, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0xc1100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0xf6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc91542382b09e080}, 0x40db, 0x0, 0x4, 0x8, 0x8, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

5.529285744s ago: executing program 38 (id=6521):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x2000009e, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
preadv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f00000018c0)=""/220, 0xdc}], 0x1, 0x0, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x16, &(0x7f0000000240)=ANY=[@ANYRESHEX=r0, @ANYRESOCT=0x0], &(0x7f0000000300)='GPL\x00', 0x7ffffd, 0x0, 0x0, 0x41000, 0x16, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x62040200)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x7, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0xc1100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0xf6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc91542382b09e080}, 0x40db, 0x0, 0x4, 0x8, 0x8, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

3.791560098s ago: executing program 8 (id=6547):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000001f)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000003d)
close_range(r0, 0xffffffffffffffff, 0x0)

3.749098368s ago: executing program 8 (id=6548):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="78010000170001000000000000000000fc0000000000000000000000000000000000000000000000fe8000000000000000000000000000bbac1414bb000000000000000000000000fc00"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000ffffffff00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000440005007f000001000000000000000000000000000000003c00000000000000fc02000000000000000000000000000000000000000000000000000000000000000000000c000800"], 0x178}}, 0x0)

3.682612149s ago: executing program 8 (id=6551):
r0 = socket$inet6(0xa, 0x3, 0x8)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000540)=0x2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004580), 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x5}, 0x18)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def1f", 0xe9}, {&(0x7f0000001080)="f96be6c391f1f8b23ae44a70a75f4a5ed0e013f808d3907ab089ee65d16a6c6f5c666dad31257fb48b66d940a3819d0809971ea8274a65901ba7b32c2f8b64909bc77cebdb3d1fe42679c0bad81bbc987e", 0x51}], 0x2}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6", 0x61}], 0x1}}], 0x2, 0xc0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000003c0)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x5, 0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff}, {0xffffffff, 0x0, 0x9, 0x100000000002}]})
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000140)={r3, &(0x7f00000002c0)="6802e0c78b9849ca89a37090c466cd1ef10b04f61f6c011b5e5fc8351ac2d9eb705693a00c0bf6d87b762a4390120c5801d7586719ec41caa3e799e8dca86a0da47344929548958d1734719095fcf696288e71a56e75d8d9a4a02de7a2591bfd10325a6122a20e09f32b305d46aaffa4a9037513639ef116c030cda87f1258cd61d2fcdec3e1ddef21c38659aefd3057cfbb496d45113a3e217000ca5ade92e7f683e55b640100c28152aff7ba9aea774e2e96a60fa2548e846e0ea9fb1fd387"}, 0x20)
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003500)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r8, {0xc, 0x4}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffc}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x40, 0xe, 0x2}, {0x801, 0x7}}}]}}]}]}]}}]}, 0x70}}, 0x20040054)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v3, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)
recvmmsg(r0, &(0x7f0000001e00)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")

2.92105333s ago: executing program 4 (id=6570):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001540)=@newtaction={0x488, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x1, 0xb5, 0x649f, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0x7fffffff, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x226, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x6, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0x9, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x2000007, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xff, 0x7, 0x2, 0x7ff, 0x6, {0x9, 0x1, 0x8, 0xef3, 0x9, 0x1}, {0x2, 0x1, 0x2, 0x827, 0x29a, 0x100}, 0x3, 0x9, 0x7}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)

2.90415154s ago: executing program 4 (id=6571):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000200)='.\x00', 0x8000, 0x9722314c2dfe968)
fcntl$notify(r1, 0x402, 0x8000003d)
close_range(r0, r1, 0x0)

2.88833617s ago: executing program 4 (id=6572):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYRESHEX=r2], 0x7c}, 0x1, 0x0, 0x0, 0x20000001}, 0x4004110)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
dup2(r1, r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
lsetxattr$security_capability(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000240), &(0x7f00000002c0)=@v2={0x2000000, [{0x6, 0xd62e}, {0x5, 0x1}]}, 0x14, 0x0)
lchown(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0xee01)

2.87008427s ago: executing program 4 (id=6573):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000001f)
r1 = open(&(0x7f0000000200)='.\x00', 0x8000, 0x9722314c2dfe968)
close_range(r0, r1, 0x0)

2.666960793s ago: executing program 8 (id=6584):
r0 = socket$inet6(0xa, 0x3, 0x8)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000540)=0x2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004580), 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x5}, 0x18)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def1f", 0xe9}, {&(0x7f0000001080)="f96be6c391f1f8b23ae44a70a75f4a5ed0e013f808d3907ab089ee65d16a6c6f5c666dad31257fb48b66d940a3819d0809971ea8274a65901ba7b32c2f8b64909bc77cebdb3d1fe42679c0bad81bbc987e", 0x51}], 0x2}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6", 0x61}], 0x1}}], 0x2, 0xc0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000003c0)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x5, 0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff}, {0xffffffff, 0x0, 0x9, 0x100000000002}]})
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000140)={r3, &(0x7f00000002c0)="6802e0c78b9849ca89a37090c466cd1ef10b04f61f6c011b5e5fc8351ac2d9eb705693a00c0bf6d87b762a4390120c5801d7586719ec41caa3e799e8dca86a0da47344929548958d1734719095fcf696288e71a56e75d8d9a4a02de7a2591bfd10325a6122a20e09f32b305d46aaffa4a9037513639ef116c030cda87f1258cd61d2fcdec3e1ddef21c38659aefd3057cfbb496d45113a3e217000ca5ade92e7f683e55b640100c28152aff7ba9aea774e2e96a60fa2548e846e0ea9fb1fd387"}, 0x20)
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003500)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r8, {0xc, 0x4}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffc}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x40, 0xe, 0x2}, {0x801, 0x7}}}]}}]}]}]}}]}, 0x70}}, 0x20040054)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v3, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)
recvmmsg(r0, &(0x7f0000001e00)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")

2.666127653s ago: executing program 4 (id=6575):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=")
open(&(0x7f0000000180)='./bus\x00', 0x10137e, 0x11)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendto$unix(0xffffffffffffffff, &(0x7f0000000000)="b100050400000400000000000700000033", 0xfffffffffffffdfc, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
r5 = shmget$private(0x0, 0x3000, 0x28d, &(0x7f00003e4000/0x3000)=nil)
shmctl$IPC_SET(r5, 0x1, &(0x7f0000000000)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x0, 0xff7e, 0x0, 0xffffffffffffffff, 0x2280})
setuid(0xee01)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3, 0x5012, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
shmctl$IPC_STAT(r5, 0x2, &(0x7f0000000240)=""/95)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5400000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000100000000002c0012800b00010067726574617000001c00028006000e000200000006000f000700000008000700ac14142808000a00c6331f6a4391d6c6091aafd83891e374f19b668cac6bfab624ecb32397b20c233aabba22085829b109fa40abcde4e4fc1f4ea9515d171753802b7c7368dfc0c3920adb046ef41c6a3ef4881a9d32c5064b52f07ee2c04d3f2c653cd0a6182bdabb4208d36344f1c1c53fcf5eadc13a9a2b1fd2d83d797e", @ANYRES32=r4, @ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x104)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x28}}, 0x0)

2.408367467s ago: executing program 4 (id=6580):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000000c0)={0x800080, 0x80, 0xffffffbc, 0x7, 0x0, 0x55a})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f0000000bc0)={0x800080, 0x858, 0x8, 0x7, 0x43, 0x558})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

1.4488s ago: executing program 8 (id=6601):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800c3d5082f9cd4ca930000000400089500000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_icmp(0xa, 0x2, 0x3a)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0x3, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000440)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f00000003c0)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ipv6_route\x00')
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, 0x0, 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r7, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00000000000000000000000000000000000000000500000000000002000700000000000000000000000000e00000020000000000"], 0x13c}}, 0x20040880)
sendmmsg$inet6(r4, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000400)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)
pread64(r3, &(0x7f0000001240)=""/102400, 0x19000, 0x2000000000)

1.128719195s ago: executing program 0 (id=6598):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=")
open(&(0x7f0000000180)='./bus\x00', 0x10137e, 0x11)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendto$unix(0xffffffffffffffff, &(0x7f0000000000)="b100050400000400000000000700000033", 0xfffffffffffffdfc, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
r5 = shmget$private(0x0, 0x3000, 0x28d, &(0x7f00003e4000/0x3000)=nil)
shmctl$IPC_SET(r5, 0x1, &(0x7f0000000000)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x0, 0xff7e, 0x0, 0xffffffffffffffff, 0x2280})
setuid(0xee01)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3, 0x5012, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
shmctl$IPC_STAT(r5, 0x2, &(0x7f0000000240)=""/95)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5400000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000100000000002c0012800b00010067726574617000001c00028006000e000200000006000f000700000008000700ac14142808000a00c6331f6a4391d6c6091aafd83891e374f19b668cac6bfab624ecb32397b20c233aabba22085829b109fa40abcde4e4fc1f4ea9515d171753802b7c7368dfc0c3920adb046ef41c6a3ef4881a9d32c5064b52f07ee2c04d3f2c653cd0a6182bdabb4208d36344f1c1c53fcf5eadc13a9a2b1fd2d83d797e", @ANYRES32=r4, @ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x104)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x28}}, 0x0)

1.101429575s ago: executing program 0 (id=6600):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000740), 0x517640, 0x0)
write(r0, &(0x7f0000000780)="591c4c36f76b1d29e52f995c39d1f10ccd62c5d8124c2f78b0f8e0f1108e60b1d40c81", 0x23)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000680)='cachefiles_ref\x00', r1, 0x0, 0x9}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES8=r4, @ANYRES8=r4, @ANYRESOCT=r3, @ANYBLOB="e83682d2817b4ff9c8fb5b1c8a9e321f96171172e086b4761f2722ffed4b7e1105cd02b62d53a3d19ff5d0f4ba6dafeda99bce2e40a4a4994430a53d2244622cb30e51afcf1f0ce992d63f26080c175e206e85742a6ac199fc88e81c6c8b4b1d87bde1ba06a23413cfa1025dd8cb1f76144cf3e2b573ff4d629021", @ANYRESOCT=r2, @ANYRESDEC], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_create(0x3, &(0x7f0000000200)={0x0, 0xc, 0x0, @thr={&(0x7f0000000180)="90445dc252667c55db5652dd6fca9ac399a1aad054a054e89dbaf8f3d47e424fbb9d6b7c0f072acf8804c0ecee1040ab486c83b66f2bbe43d3554c2ca7d77210c07cade9bb1f1777e05a", &(0x7f00000004c0)="2267d7641e746f25bc0216e67f1d9e711c41be6652d2f644edc2eaecef61d1172176c8723a10cbb376451dba90ebc2aa07fdef7906f56b27280bd764256f23c1d63269e3bc0a1012ea66b3a64dc926a6308ae3dbf96af2952afae92fe44af47f91e623ed900da2c5d6bedbc4ea3d2d7857cbd95d9fd2d5969e4ccd1f13384144b5b8d8649e525960000c38351a11486825c4f585e10a48c3fe1d79b316ef91a42a420f94124b71e8ed2aa80dbc12b46b6318cb310c94a92aa05cf80ea833a054d819237a6ff4339ffe"}}, &(0x7f0000000240))
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x503, 0x900, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_DATA={0x4}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @local}]}}}]}, 0x44}}, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001200010a001800000000000080"], 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0x1000001}, 0x18)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000004c0)={0x0, 0x3e8, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}, @TCA_RATE={0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r12 = getpid()
sched_setscheduler(r12, 0x2, 0x0)
ptrace$pokeuser(0x6, r12, 0x3, 0x1)
write$binfmt_aout(r11, &(0x7f0000000200)=ANY=[@ANYBLOB="03040000b5"], 0xc8)
setsockopt$inet_tcp_int(r8, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000002c0))
r13 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r13}, 0x10)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r14, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

1.083496975s ago: executing program 6 (id=6602):
r0 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x2001b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ptrace(0x10, 0x0)
ptrace$peeksig(0x4209, 0x0, &(0x7f0000000340)={0x0, 0x1000000, 0x2e}, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8801)
mknodat$loop(r1, &(0x7f00000003c0)='./file0\x00', 0x200, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000540)={@private2={0xfc, 0x2, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r4})
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0f00000002000000400a1b000180000000264000949226b4f7cbf5f71d66d7424c9f27cb889c16bc4c008402fc5fcb2fbf98445581c494ab9d9a2c4ed4a1cebf0cc6446cfeff309add9e3e0abdbd4d2f7488ae133f87edc29125f7", @ANYRES32=r2, @ANYBLOB="f900"/20, @ANYRES32=r4, @ANYRES32, @ANYBLOB="05000000040000000500"/28], 0x50)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f0000000080)=r0}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x14, 0xc, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000440)={'#! ', './file1'}, 0xb)
openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r8, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, r6, {0xee01, <r9=>0xffffffffffffffff}}, './file0\x00'})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRESOCT=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704304d776dd4096b7800000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r11}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r12 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$PTP_PEROUT_REQUEST(r12, 0x80503d0a, &(0x7f0000000080)={{0x8, 0x7}, {0xc, 0x80000000}, 0x4, 0x1})
ioctl$TUNSETGROUP(r8, 0x400454ce, r9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r7}, 0x10)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.014002136s ago: executing program 0 (id=6603):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
close(r0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140), &(0x7f0000000240)=0x4)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b}}], 0x20, 0x2400e044}, 0x0)

934.354808ms ago: executing program 1 (id=6607):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x178}}, 0x0)

919.434628ms ago: executing program 1 (id=6608):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
connect$llc(r0, &(0x7f0000000340)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random="48bd00"}, 0x10)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
dup3(r0, r1, 0x0)

901.745018ms ago: executing program 1 (id=6609):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYRESHEX=r2], 0x7c}, 0x1, 0x0, 0x0, 0x20000001}, 0x4004110)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
dup2(r1, r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
lsetxattr$security_capability(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000240), &(0x7f00000002c0)=@v2={0x2000000, [{0x6, 0xd62e}, {0x5, 0x1}]}, 0x14, 0x0)
lchown(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0xee01)

878.541008ms ago: executing program 1 (id=6610):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) (fail_nth: 4)

429.871415ms ago: executing program 6 (id=6611):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)
capset(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)

429.020605ms ago: executing program 1 (id=6612):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000000), 0x1, 0x4bb, &(0x7f0000000580)="$eJzs3cuLXFUaAPCvqtLP9EweMwxJBiaBDGQepKsfDOmemcUMDMzMIjBMwI1CbLsrbUx1V9NVHdNNFh3dZeFCFAVx4d6/wI1ZGQVxrXtxIRGNLagglNxbVUm/KpaxUyV9fz+o9Dn33NR3Thff4da59/YNILNOJf/kIkYi4oOIONSobt3hVOPHxt3rs8krF/X6hc9z6X5JvbVr6/8djIj1iBiMiP//O+Kp3M641dW1KzPlcmm5WS/WFpaK1dW1s5cXZuZL86XF8alz09NTY5MT03s21psvPHPz/Fv/7X/z6+fv3H7xnbeTbo002zaPYy81ht4XRzZtOxARf38UwXqg0BzPUK87wkNJPr9fRcTpNP8PRSH9NIEsqNfr9e/qA+2a1+vAvpVPj4Fz+dGIaJTz/6qPNo7hfx3D+XKlWvvzpcrK4lzjWPlw9OUvXS6XxprfFQ5HXy6pj6fl+/WJbfXJiPQY+KXCUFofna2U57o71QHbHNyW/18V8vnRpBJ/6nXXgG7wlR+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/IpP+dP5+86q373+eurq5cqVw9O5fMCQsrs6OzleWl0flKZT69Z2fhh96vXKksjf8lVq4Va6VqrVhdXbu4UFlZrF1M7+u/WOrryqiAThw5eeujXESs/3UofSX6m21yFfa3ej0Xvb4HGeiNQq8nIKBnLP1BdvmOD+zyJ3q3GGzXsLT3fQG6I9/rDgA9c+a483+QVdb/Ibus/0N2OcYHrP9D9lj/h+wa2fn8r/T5P7/Y9OyusYj4ZUR8WOgbaD3rC9gP8p/mmsf/Zw79fmR7a3/um/QUQX9EPPvahVeuzdRqy+PJ9i/uba+92tw+0Yv+A51q5WkrjwGA7Nq4e3229epm3M/+2bgIYWf8A821ycH0HOXwRm7LtQq5Pbp2Yf1GRBzbLX6u+bzzxpmP4Y3CjvhHmz9zjbdI+3sgfW56d+If3xT/d5vin/jJvxXIhlvJ/DO2W/7l05yOe/m3df4Z2aNrJ9rPf/l781+hzfx3ssMYT7/+3Cdt49+IOLFr/Fa8wTTW9vhJ3850GP/OE4/9pl1b/Y3G++wWvyUpFWsLS8Xq6trZ9O/IzZcWx6fOTU9PjU1OTBfTNepia6V6p78de//2g8Y/3CZ+u/H/o9mnP3Y4/m9/+97jpx4Q/w+nd//8j7aJnxj6EU/o/3Li4yfbtSXx59qMP78z/rvD0WqNmOwwfvXl/wx0uCsA0AXV1bUrM+VyaVlBQeEhCgM/j27seaHXMxPwqN1P+l73BAAAAAAAAAAAAOhUNy4n7vUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g+8DAAD//3bC1tg=")
open(&(0x7f0000000180)='./bus\x00', 0x10137e, 0x11)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendto$unix(0xffffffffffffffff, &(0x7f0000000000)="b100050400000400000000000700000033", 0xfffffffffffffdfc, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
r5 = shmget$private(0x0, 0x3000, 0x28d, &(0x7f00003e4000/0x3000)=nil)
shmctl$IPC_SET(r5, 0x1, &(0x7f0000000000)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x0, 0xff7e, 0x0, 0xffffffffffffffff, 0x2280})
setuid(0xee01)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3, 0x5012, 0xffffffffffffffff, 0x0)
getpgrp(0x0)
shmctl$IPC_STAT(r5, 0x2, &(0x7f0000000240)=""/95)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5400000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000100000000002c0012800b00010067726574617000001c00028006000e000200000006000f000700000008000700ac14142808000a00c6331f6a4391d6c6091aafd83891e374f19b668cac6bfab624ecb32397b20c233aabba22085829b109fa40abcde4e4fc1f4ea9515d171753802b7c7368dfc0c3920adb046ef41c6a3ef4881a9d32c5064b52f07ee2c04d3f2c653cd0a6182bdabb4208d36344f1c1c53fcf5eadc13a9a2b1fd2d83d797e", @ANYRES32=r4, @ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x104)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x28}}, 0x0)

299.457576ms ago: executing program 6 (id=6613):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYRESHEX=r2], 0x7c}, 0x1, 0x0, 0x0, 0x20000001}, 0x4004110)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0)
dup2(r1, r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18)
lsetxattr$security_capability(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000240), &(0x7f00000002c0)=@v2={0x2000000, [{0x6, 0xd62e}, {0x5, 0x1}]}, 0x14, 0x0)
lchown(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0xee01)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x8, &(0x7f0000000180)=0x8, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000400)='task_rename\x00', r5, 0x0, 0x3}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x58}}, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r7, &(0x7f0000000600)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000680)={0xe8, r8, 0x1, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x64010101}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x31a2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x80000001}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4ac9}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x23}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2a}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1e, 0x4}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xff}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}]}, 0xe8}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

228.749657ms ago: executing program 6 (id=6614):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r3=>0x0, <r4=>0x0})
timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {r3, r4+60000000}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0xffffff84, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000080)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000140)=ANY=[@ANYBLOB='-', @ANYRESOCT], 0x44)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0b0400000000000000000200000028000480240001800b000100657874686472000014000280080007400000000008000640000000030900010073797a30000000000900020073797a32"], 0x84}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x100000001}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00'})
lchown(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0xee01)

194.585948ms ago: executing program 0 (id=6615):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0)
chdir(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
sendto$inet6(r0, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

193.429278ms ago: executing program 1 (id=6616):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001540)=@newtaction={0x488, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x1, 0xb5, 0x649f, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0x7fffffff, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x226, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x6, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0x9, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x2000007, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xff, 0x7, 0x2, 0x7ff, 0x6, {0x9, 0x1, 0x8, 0xef3, 0x9, 0x1}, {0x2, 0x1, 0x2, 0x827, 0x29a, 0x100}, 0x3, 0x9, 0x7}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)

50.86263ms ago: executing program 6 (id=6617):
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000007f180100002200000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000bf03000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]})
acct(0x0)
bpf$BPF_GET_BTF_INFO(0xa, &(0x7f00000003c0)={r0, 0x0, 0x0}, 0x10)

21.84356ms ago: executing program 0 (id=6618):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x178}}, 0x0)

20.98774ms ago: executing program 6 (id=6619):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000007f180100002200000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000bf03000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]})
acct(0x0)
bpf$BPF_GET_BTF_INFO(0xa, &(0x7f00000003c0)={r1, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=0x0, @ANYRES32=r0, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r4}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
r8 = dup3(r7, r6, 0x0)
mq_notify(r8, &(0x7f0000000000)={0x0, 0x11, 0x1, @tid=r5})
stat(&(0x7f0000000980)='./file0\x00', &(0x7f0000000a00))
getpgrp(0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000340)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000080)=0xe8)
quotactl$Q_QUOTAON(0xffffffff00000402, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, r9, &(0x7f00000000c0)='./file1\x00')

3.23518ms ago: executing program 0 (id=6620):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r1=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r1}}], 0x20, 0x2400e044}, 0x0)

0s ago: executing program 8 (id=6621):
socket(0x29, 0x5, 0xfffffffd)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000e80)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000f9c81ea6b94cbaaf82dd104036dd2b6b996ebf74cc53fd31e25f356f53919e620f6e919b39f712ca1bfc615ff9848c9e325e52104a94c2b3c031d982e6caaee31fbfc87c613a25c6a4396ba53c87db1ab025313911eadb7ff108ef1115bbc1558249e57ad320ec635bd8b9241152bf8f8a3254077414edbcb0ab0c31d1316c008b143f4649f3f35ca7648e62dc77dbd2269f5b680068ff13309e8097472f370396b164dbd885d65be749cd2178ba8b4c5c087b174715768fd5f22fc39556c0f7712d3b91684f0fb459c7fdc30126e4b6e929414ae39945d768e235870b966119a66f37496499e9891935b91088381c293213dd0a7c121df1e4f8449e0db363bea3f0b9e131de43d715669dc5d15c4207fd0ec3c21b4b6ea3f97439345dffc6e07102fa1b92c81916cc0614dbc41c69c8383082acab533fdfe0b52f23a895b52af0aa07afe70dd06c54e1154768b4e42ba52eb5395b76bf921b435cab462bf4eee3cc47cccc5b2c9d4ba92430f35817baf918ccdc7da47bc5f0bcda19060ce437ce3c4a212c1d55ac61f3"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x5, &(0x7f0000000100), 0x0, 0x5aa, &(0x7f0000001940)="$eJzs3c9rHFUcAPDvm2zSpKkmFUFrDwYKtqAmTVpRRLDFevPgj4InwZikpXTbhiaCrRVTqP+B/gGCNy/isYgU9eLVm+AfIMUiNRdvkdnsbjfNbtptdzM18/nANPNmdvt9k/Dd9/bte7MBlNZE/k8WsS8iFlPEWMu5StRPTqw/7p/bV+ZWb1+ZS7G29t7fKVL9WOPxqf5ztP7k4Yj47acUTwxsjrt06fLZ2Wp14WK9PLV8bnFq6dLlF8+cmz29cHrh/Mz0y9MvHT0yc/RwT65zT0T8Mnmicu3UG/u/m/tm7+c/fHs9xbFmnVuvo1cmYqL5/7fKf6+v9DpYQQbq19P6J06VAitEVxp/v8GIeCrGYiCGmufG4ot3Cq0c0FdrKWINKKkk/6GkGv2A/P1vYyu2RwJsl1vH1wcAGmN7+RYjUTtYGxuM4drYwO7VFK3DOikiejEyl8dYfC6N5Vv0aRwOaG/lakQ83a79T7XcHK+N4uf5n23I/ywi3q7/zI+/+4DxJ+4qy3/YPg+T/x+25P9HDxhf/gMAAAAAAEDv3DgeES+0+/wva87/iTbzf0Yj4lgP4t/787/sZg/CAG3cOh7xWkSsts7/22h8oP45/2O1+QCD6dSZ6sLhiHg8Ig7F4K68PL1FjIn9vw52PNcy/y/fVocioj4XcF12s7Jr43PmZ5dnH/R6gTtuXY14ppLnf4qN+Z+a7X9q0/7nrweL9xlj7cTrP3c6tyn/b1+ZW9yQ/0C/rH0dcbBt+3/nzhVp6/tzTNX6A1ONXsFmn35w/ftO8eU/FCdv/3dvnf/jqfV+PUvdx/jsrz8eIv/b9/+H0snaLWcadyv5ZHZ5+eJ0xFB6a/Pxme7rDDtRIx8a+ZLn/6ED7fI/27L/PxIRK53DjLQWTv745rVOD9T+Q3Hy/J/vqv3vfufA+1/92yn+/bX/R2tt+qH6EeN/0FbW2LnfBC22ugAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/5RFxJ5I2WRzP8smJyNGI+LJ2J1VLywtP3/qwsfn5/Nzte//zxrf9Du2Xk6N7/8fbynP3FU+EhF7I+LLgZFaeXLuQnW+6IsHAAAAAAAAAAAAAAAAAACAR8Roh/X/uT8Hiq4d0HeVoisAFEb+Q3l1l/9DfasHsM2Gu27/B/tVFWD76f9Decl/KC/5D+X1EPm/0st6ANuvsj4MCJSQ/j8AAAAAAOwoe5+98XuKiJVXR2pbtCzwMc8fdras6AoAhXGLHygvU3+gvLzHB9I9zndeHnCvZwIAAAAAAAAAAAAAvXJwn/X/UFbW/0N5Wf8P5WX9P5SX9/iA9f8AAAAAAAAAAAAA8OhbunT57Gy1unCxiJ1d9UoUE/2uneFCo9sp1U48GtXYaqfgFyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDpvwAAAP//PDTyjg==")
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
sendto$inet6(r4, &(0x7f0000000280)='S', 0x1, 0x8000, 0x0, 0x0)
close(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000180)=0x808, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000c00)='ext4_sync_fs\x00', r2, 0x0, 0xfffffffffffffff8}, 0x18)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000bc0)={0x3}, 0x8)
sync()
socket$nl_sock_diag(0x10, 0x3, 0x4)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x24000000)

kernel console output (not intermixed with test programs):

1][T22160] msdos: Bad value for 'gid'
[  494.741936][T22160] msdos: Bad value for 'gid'
[  494.831331][T22169] lo speed is unknown, defaulting to 1000
[  494.838915][T22173] loop9: detected capacity change from 0 to 512
[  494.882483][T22177] loop8: detected capacity change from 0 to 512
[  494.897564][T22177] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.910736][T22177] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  494.922417][T22173] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  494.931207][T22173] EXT4-fs (loop9): orphan cleanup on readonly fs
[  494.939805][T22173] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  494.953252][T22177] EXT4-fs error (device loop8): ext4_lookup:1787: inode #12: comm syz.8.6154: iget: bad i_size value: 2533274857506816
[  494.968908][T22173] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  494.981343][T22173] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.6152: bg 0: block 40: padding at end of block bitmap is not set
[  495.006048][T22173] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  495.043454][T22177] EXT4-fs error (device loop8): ext4_lookup:1787: inode #12: comm syz.8.6154: iget: bad i_size value: 2533274857506816
[  495.067416][T22173] EXT4-fs (loop9): 1 truncate cleaned up
[  495.104348][T22173] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  495.148628][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.187080][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.199463][T22191] IPVS: set_ctl: invalid protocol: 46 172.20.20.170:20004
[  495.222204][T22193] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6157'.
[  495.233804][T22191] loop8: detected capacity change from 0 to 128
[  495.243332][T22193] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  495.252300][T22193] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  495.253599][T22190] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  495.261060][T22193] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  495.268887][T22190] FAT-fs (loop8): Filesystem has been set read-only
[  495.284293][T22193] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  495.299551][T22190] syz.8.6156: attempt to access beyond end of device
[  495.299551][T22190] loop8: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  495.313496][T22193] vxlan0: entered promiscuous mode
[  495.332013][T22190] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  495.340104][T22190] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  495.408475][T22191] syz.8.6156: attempt to access beyond end of device
[  495.408475][T22191] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.424399][T22191] syz.8.6156: attempt to access beyond end of device
[  495.424399][T22191] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.440056][T22190] syz.8.6156: attempt to access beyond end of device
[  495.440056][T22190] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.453534][T22198] loop9: detected capacity change from 0 to 512
[  495.454123][T22190] syz.8.6156: attempt to access beyond end of device
[  495.454123][T22190] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.475365][T22190] syz.8.6156: attempt to access beyond end of device
[  495.475365][T22190] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.489527][T22190] syz.8.6156: attempt to access beyond end of device
[  495.489527][T22190] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.503774][T22190] syz.8.6156: attempt to access beyond end of device
[  495.503774][T22190] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.519133][T22190] syz.8.6156: attempt to access beyond end of device
[  495.519133][T22190] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.521399][T22198] EXT4-fs (loop9): 1 orphan inode deleted
[  495.532492][T22190] syz.8.6156: attempt to access beyond end of device
[  495.532492][T22190] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  495.543974][   T31] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  495.554867][T22198] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  495.575908][T22198] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  495.606830][T22201] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6156'.
[  495.615793][T22201] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6156'.
[  495.649876][T22203] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6159'.
[  495.703562][T22203] loop8: detected capacity change from 0 to 512
[  495.710551][T22203] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  495.719761][T22203] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  495.730413][T22203] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended
[  495.740397][T22203] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  495.750158][T22203] System zones: 0-2, 18-18, 34-35
[  495.756077][T22203] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  495.805853][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.069122][T22217] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6163'.
[  496.186094][T22217] lo speed is unknown, defaulting to 1000
[  496.253102][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.917097][T22231] lo speed is unknown, defaulting to 1000
[  497.336748][   T29] kauditd_printk_skb: 323 callbacks suppressed
[  497.336769][   T29] audit: type=1400 audit(1748986592.705:19909): avc:  denied  { nosuid_transition } for  pid=22232 comm="syz.6.6167" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process2 permissive=1
[  497.364030][   T29] audit: type=1400 audit(1748986592.705:19910): avc:  denied  { transition } for  pid=22232 comm="syz.6.6167" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1902 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  497.393844][   T29] audit: type=1400 audit(1748986592.705:19911): avc:  denied  { entrypoint } for  pid=22232 comm="syz.6.6167" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1902 scontext=system_u:object_r:hugetlbfs_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  497.423768][   T29] audit: type=1400 audit(1748986592.705:19912): avc:  denied  { share } for  pid=22232 comm="syz.6.6167" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  497.443841][   T29] audit: type=1400 audit(1748986592.705:19913): avc:  denied  { noatsecure } for  pid=22232 comm="syz.6.6167" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  497.887672][T22261] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  497.895268][T22261] vhci_hcd: default hub control req: 6001 v8001 i0001 l0
[  498.662360][T22273] FAULT_INJECTION: forcing a failure.
[  498.662360][T22273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  498.675642][T22273] CPU: 0 UID: 0 PID: 22273 Comm: syz.0.6180 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  498.675705][T22273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  498.675722][T22273] Call Trace:
[  498.675738][T22273]  <TASK>
[  498.675749][T22273]  __dump_stack+0x1d/0x30
[  498.675849][T22273]  dump_stack_lvl+0xe8/0x140
[  498.675875][T22273]  dump_stack+0x15/0x1b
[  498.675897][T22273]  should_fail_ex+0x265/0x280
[  498.675926][T22273]  should_fail+0xb/0x20
[  498.675985][T22273]  should_fail_usercopy+0x1a/0x20
[  498.676016][T22273]  _copy_to_user+0x20/0xa0
[  498.676051][T22273]  simple_read_from_buffer+0xb5/0x130
[  498.676081][T22273]  proc_fail_nth_read+0x100/0x140
[  498.676126][T22273]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  498.676235][T22273]  vfs_read+0x1a0/0x6f0
[  498.676258][T22273]  ? __rcu_read_unlock+0x4f/0x70
[  498.676289][T22273]  ? __fget_files+0x184/0x1c0
[  498.676340][T22273]  ksys_read+0xda/0x1a0
[  498.676370][T22273]  __x64_sys_read+0x40/0x50
[  498.676399][T22273]  x64_sys_call+0x2d77/0x2fb0
[  498.676420][T22273]  do_syscall_64+0xd2/0x200
[  498.676516][T22273]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  498.676550][T22273]  ? clear_bhb_loop+0x40/0x90
[  498.676579][T22273]  ? clear_bhb_loop+0x40/0x90
[  498.676609][T22273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.676697][T22273] RIP: 0033:0x7fcac8abd37c
[  498.676718][T22273] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  498.676822][T22273] RSP: 002b:00007fcac7106030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  498.676846][T22273] RAX: ffffffffffffffda RBX: 00007fcac8ce6080 RCX: 00007fcac8abd37c
[  498.676863][T22273] RDX: 000000000000000f RSI: 00007fcac71060a0 RDI: 0000000000000007
[  498.676880][T22273] RBP: 00007fcac7106090 R08: 0000000000000000 R09: 0000000000000000
[  498.676897][T22273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  498.676913][T22273] R13: 0000000000000001 R14: 00007fcac8ce6080 R15: 00007fff357afb18
[  498.676992][T22273]  </TASK>
[  499.011291][T22277] lo speed is unknown, defaulting to 1000
[  499.387125][T22282] netlink: 'syz.0.6182': attribute type 3 has an invalid length.
[  499.507363][   T29] audit: type=1400 audit(1748986594.975:19914): avc:  denied  { read } for  pid=22279 comm="syz.0.6182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  499.541237][T22284] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=22284 comm=syz.0.6182
[  500.565782][   T29] audit: type=1326 audit(1748986596.060:19915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22302 comm="syz.9.6189" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0bb947e969 code=0x0
[  500.720263][   T29] audit: type=1400 audit(1748986596.224:19916): avc:  denied  { shutdown } for  pid=22302 comm="syz.9.6189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  500.954266][T22312] lo speed is unknown, defaulting to 1000
[  501.497883][T22324] lo speed is unknown, defaulting to 1000
[  502.277665][   T29] audit: type=1326 audit(1748986597.787:19917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.301512][   T29] audit: type=1326 audit(1748986597.787:19918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.325357][   T29] audit: type=1326 audit(1748986597.787:19919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.342011][T22336] loop9: detected capacity change from 0 to 512
[  502.349075][   T29] audit: type=1326 audit(1748986597.787:19920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.378969][   T29] audit: type=1326 audit(1748986597.787:19921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.402680][   T29] audit: type=1326 audit(1748986597.787:19922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.426474][   T29] audit: type=1326 audit(1748986597.787:19923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.450116][   T29] audit: type=1326 audit(1748986597.787:19924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.473763][   T29] audit: type=1326 audit(1748986597.787:19925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.497427][   T29] audit: type=1326 audit(1748986597.787:19926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22333 comm="syz.9.6198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bb947e969 code=0x7ffc0000
[  502.710332][T22336] EXT4-fs (loop9): 1 orphan inode deleted
[  502.716749][T22336] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  502.731853][T22068] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:31: Failed to release dquot type 1
[  502.762509][T22336] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  502.782580][T22347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=22347 comm=syz.0.6209
[  502.886119][T22356] FAULT_INJECTION: forcing a failure.
[  502.886119][T22356] name failslab, interval 1, probability 0, space 0, times 0
[  502.898873][T22356] CPU: 1 UID: 0 PID: 22356 Comm: syz.0.6201 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  502.898911][T22356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  502.898958][T22356] Call Trace:
[  502.898968][T22356]  <TASK>
[  502.898976][T22356]  __dump_stack+0x1d/0x30
[  502.898998][T22356]  dump_stack_lvl+0xe8/0x140
[  502.899047][T22356]  dump_stack+0x15/0x1b
[  502.899064][T22356]  should_fail_ex+0x265/0x280
[  502.899091][T22356]  should_failslab+0x8c/0xb0
[  502.899125][T22356]  __kmalloc_noprof+0xa5/0x3e0
[  502.899163][T22356]  ? security_inode_init_security+0xc5/0x330
[  502.899212][T22356]  ? current_umask+0x2f/0x40
[  502.899251][T22356]  security_inode_init_security+0xc5/0x330
[  502.899297][T22356]  ? __pfx_shmem_initxattrs+0x10/0x10
[  502.899388][T22356]  shmem_mknod+0xad/0x180
[  502.899421][T22356]  vfs_mknod+0x2ce/0x310
[  502.899448][T22356]  unix_bind+0x321/0x920
[  502.899545][T22356]  __sys_bind+0x1ce/0x2a0
[  502.899585][T22356]  __x64_sys_bind+0x3f/0x50
[  502.899616][T22356]  x64_sys_call+0x2086/0x2fb0
[  502.899661][T22356]  do_syscall_64+0xd2/0x200
[  502.899773][T22356]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  502.899800][T22356]  ? clear_bhb_loop+0x40/0x90
[  502.899828][T22356]  ? clear_bhb_loop+0x40/0x90
[  502.899918][T22356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.899944][T22356] RIP: 0033:0x7fcac8abe969
[  502.899960][T22356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.899984][T22356] RSP: 002b:00007fcac7127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  502.900081][T22356] RAX: ffffffffffffffda RBX: 00007fcac8ce5fa0 RCX: 00007fcac8abe969
[  502.900094][T22356] RDX: 000000000000006e RSI: 0000200000000080 RDI: 0000000000000004
[  502.900107][T22356] RBP: 00007fcac7127090 R08: 0000000000000000 R09: 0000000000000000
[  502.900119][T22356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  502.900133][T22356] R13: 0000000000000000 R14: 00007fcac8ce5fa0 R15: 00007fff357afb18
[  502.900156][T22356]  </TASK>
[  503.181581][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  503.213661][T22363] FAULT_INJECTION: forcing a failure.
[  503.213661][T22363] name failslab, interval 1, probability 0, space 0, times 0
[  503.226596][T22363] CPU: 1 UID: 0 PID: 22363 Comm: syz.0.6204 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  503.226631][T22363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  503.226647][T22363] Call Trace:
[  503.226721][T22363]  <TASK>
[  503.226729][T22363]  __dump_stack+0x1d/0x30
[  503.226752][T22363]  dump_stack_lvl+0xe8/0x140
[  503.226773][T22363]  dump_stack+0x15/0x1b
[  503.226795][T22363]  should_fail_ex+0x265/0x280
[  503.226832][T22363]  should_failslab+0x8c/0xb0
[  503.226906][T22363]  kmem_cache_alloc_noprof+0x50/0x310
[  503.226958][T22363]  ? dst_alloc+0xbd/0x100
[  503.226995][T22363]  dst_alloc+0xbd/0x100
[  503.227035][T22363]  ip_route_output_key_hash_rcu+0xf16/0x1440
[  503.227067][T22363]  ip_route_output_flow+0x7b/0x130
[  503.227094][T22363]  udp_sendmsg+0x1197/0x13b0
[  503.227124][T22363]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  503.227176][T22363]  ? avc_has_perm+0xd3/0x150
[  503.227284][T22363]  ? __pfx_udp_sendmsg+0x10/0x10
[  503.227378][T22363]  inet_sendmsg+0xac/0xd0
[  503.227496][T22363]  __sock_sendmsg+0x102/0x180
[  503.227525][T22363]  ____sys_sendmsg+0x345/0x4e0
[  503.227616][T22363]  ___sys_sendmsg+0x17b/0x1d0
[  503.227675][T22363]  __sys_sendmmsg+0x178/0x300
[  503.227822][T22363]  __x64_sys_sendmmsg+0x57/0x70
[  503.227864][T22363]  x64_sys_call+0x2f2f/0x2fb0
[  503.227894][T22363]  do_syscall_64+0xd2/0x200
[  503.227933][T22363]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  503.228039][T22363]  ? clear_bhb_loop+0x40/0x90
[  503.228067][T22363]  ? clear_bhb_loop+0x40/0x90
[  503.228167][T22363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  503.228195][T22363] RIP: 0033:0x7fcac8abe969
[  503.228214][T22363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  503.228239][T22363] RSP: 002b:00007fcac7127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  503.228328][T22363] RAX: ffffffffffffffda RBX: 00007fcac8ce5fa0 RCX: 00007fcac8abe969
[  503.228350][T22363] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000004
[  503.228364][T22363] RBP: 00007fcac7127090 R08: 0000000000000000 R09: 0000000000000000
[  503.228376][T22363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  503.228391][T22363] R13: 0000000000000000 R14: 00007fcac8ce5fa0 R15: 00007fff357afb18
[  503.228487][T22363]  </TASK>
[  503.465928][T22367] loop9: detected capacity change from 0 to 512
[  503.558236][T22367] EXT4-fs (loop9): 1 orphan inode deleted
[  503.564618][T22367] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  503.586654][T22068] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:31: Failed to release dquot type 1
[  503.615716][T22367] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  503.679723][T22376] lo speed is unknown, defaulting to 1000
[  504.089620][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.268766][T22390] loop9: detected capacity change from 0 to 128
[  504.295675][T22390] vfat: Unknown parameter '@'
[  504.418390][T22396] loop9: detected capacity change from 0 to 512
[  504.474990][T22396] EXT4-fs warning (device loop9): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  504.475178][T22399] FAULT_INJECTION: forcing a failure.
[  504.475178][T22399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  504.486633][T22396] EXT4-fs warning (device loop9): dx_probe:849: Enable large directory feature to access it
[  504.486665][T22396] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.6216: Corrupt directory, running e2fsck is recommended
[  504.499736][T22399] CPU: 1 UID: 0 PID: 22399 Comm: syz.8.6218 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  504.499779][T22399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  504.499797][T22399] Call Trace:
[  504.499807][T22399]  <TASK>
[  504.499819][T22399]  __dump_stack+0x1d/0x30
[  504.499851][T22399]  dump_stack_lvl+0xe8/0x140
[  504.499880][T22399]  dump_stack+0x15/0x1b
[  504.499961][T22399]  should_fail_ex+0x265/0x280
[  504.499991][T22399]  should_fail+0xb/0x20
[  504.500016][T22399]  should_fail_usercopy+0x1a/0x20
[  504.500048][T22399]  _copy_to_user+0x20/0xa0
[  504.500085][T22399]  simple_read_from_buffer+0xb5/0x130
[  504.500167][T22399]  proc_fail_nth_read+0x100/0x140
[  504.500202][T22399]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  504.500243][T22399]  vfs_read+0x1a0/0x6f0
[  504.500272][T22399]  ? __rcu_read_unlock+0x4f/0x70
[  504.500375][T22399]  ? __fget_files+0x184/0x1c0
[  504.500413][T22399]  ksys_read+0xda/0x1a0
[  504.500445][T22399]  __x64_sys_read+0x40/0x50
[  504.500475][T22399]  x64_sys_call+0x2d77/0x2fb0
[  504.500535][T22399]  do_syscall_64+0xd2/0x200
[  504.500577][T22399]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  504.500614][T22399]  ? clear_bhb_loop+0x40/0x90
[  504.500643][T22399]  ? clear_bhb_loop+0x40/0x90
[  504.500687][T22399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.500718][T22399] RIP: 0033:0x7fd9b8a7d37c
[  504.500739][T22399] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  504.500765][T22399] RSP: 002b:00007fd9b70e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  504.500792][T22399] RAX: ffffffffffffffda RBX: 00007fd9b8ca5fa0 RCX: 00007fd9b8a7d37c
[  504.500890][T22399] RDX: 000000000000000f RSI: 00007fd9b70e70a0 RDI: 0000000000000005
[  504.500907][T22399] RBP: 00007fd9b70e7090 R08: 0000000000000000 R09: 0000000000000000
[  504.500924][T22399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.500944][T22399] R13: 0000000000000000 R14: 00007fd9b8ca5fa0 R15: 00007ffe694b4458
[  504.501009][T22399]  </TASK>
[  504.820467][T22396] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -117
[  504.829118][T22396] EXT4-fs error (device loop9): ext4_iget_extra_inode:5035: inode #15: comm syz.9.6216: corrupted in-inode xattr: invalid ea_ino
[  504.855771][T22396] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.6216: couldn't read orphan inode 15 (err -117)
[  504.929300][T22406] FAULT_INJECTION: forcing a failure.
[  504.929300][T22406] name failslab, interval 1, probability 0, space 0, times 0
[  504.942056][T22406] CPU: 1 UID: 0 PID: 22406 Comm: syz.8.6219 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  504.942103][T22406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  504.942120][T22406] Call Trace:
[  504.942129][T22406]  <TASK>
[  504.942140][T22406]  __dump_stack+0x1d/0x30
[  504.942167][T22406]  dump_stack_lvl+0xe8/0x140
[  504.942187][T22406]  dump_stack+0x15/0x1b
[  504.942227][T22406]  should_fail_ex+0x265/0x280
[  504.942268][T22406]  should_failslab+0x8c/0xb0
[  504.942302][T22406]  kmem_cache_alloc_node_noprof+0x57/0x320
[  504.942372][T22406]  ? alloc_vmap_area+0x231/0xe50
[  504.942448][T22406]  alloc_vmap_area+0x231/0xe50
[  504.942481][T22406]  ? should_failslab+0x8c/0xb0
[  504.942554][T22406]  ? __kmalloc_cache_node_noprof+0x18a/0x320
[  504.942598][T22406]  __get_vm_area_node+0x173/0x1d0
[  504.942676][T22406]  __vmalloc_node_range_noprof+0x273/0xe00
[  504.942723][T22406]  ? copy_process+0x399/0x1fe0
[  504.942773][T22406]  ? __rcu_read_unlock+0x4f/0x70
[  504.942809][T22406]  __vmalloc_node_noprof+0x89/0xc0
[  504.942928][T22406]  ? copy_process+0x399/0x1fe0
[  504.942955][T22406]  ? copy_process+0x399/0x1fe0
[  504.942987][T22406]  dup_task_struct+0x449/0x6a0
[  504.943017][T22406]  ? strncpy_from_user+0x177/0x230
[  504.943113][T22406]  copy_process+0x399/0x1fe0
[  504.943197][T22406]  ? kstrtouint+0x76/0xc0
[  504.943235][T22406]  ? strncpy_from_user_nofault+0xa7/0xf0
[  504.943330][T22406]  ? __rcu_read_unlock+0x4f/0x70
[  504.943351][T22406]  ? trace_reschedule_exit+0xd/0xc0
[  504.943373][T22406]  kernel_clone+0x16c/0x5b0
[  504.943417][T22406]  __x64_sys_clone+0xe6/0x120
[  504.943463][T22406]  x64_sys_call+0x2c59/0x2fb0
[  504.943490][T22406]  do_syscall_64+0xd2/0x200
[  504.943586][T22406]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  504.943641][T22406]  ? clear_bhb_loop+0x40/0x90
[  504.943670][T22406]  ? clear_bhb_loop+0x40/0x90
[  504.943694][T22406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.943740][T22406] RIP: 0033:0x7fd9b8a7e969
[  504.943758][T22406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.943830][T22406] RSP: 002b:00007fd9b70a4fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  504.943851][T22406] RAX: ffffffffffffffda RBX: 00007fd9b8ca6160 RCX: 00007fd9b8a7e969
[  504.943886][T22406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[  504.943903][T22406] RBP: 00007fd9b70a5090 R08: 0000000000000000 R09: 0000000000000000
[  504.943920][T22406] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  504.943980][T22406] R13: 0000000000000001 R14: 00007fd9b8ca6160 R15: 00007ffe694b4458
[  504.944065][T22406]  </TASK>
[  504.944098][T22406] syz.8.6219: vmalloc error: size 16384, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  505.222931][T22406] CPU: 1 UID: 0 PID: 22406 Comm: syz.8.6219 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  505.222971][T22406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  505.222988][T22406] Call Trace:
[  505.222998][T22406]  <TASK>
[  505.223008][T22406]  __dump_stack+0x1d/0x30
[  505.223048][T22406]  dump_stack_lvl+0xe8/0x140
[  505.223074][T22406]  dump_stack+0x15/0x1b
[  505.223096][T22406]  warn_alloc+0x12b/0x1a0
[  505.223236][T22406]  __vmalloc_node_range_noprof+0x297/0xe00
[  505.223312][T22406]  ? __rcu_read_unlock+0x4f/0x70
[  505.223409][T22406]  __vmalloc_node_noprof+0x89/0xc0
[  505.223454][T22406]  ? copy_process+0x399/0x1fe0
[  505.223487][T22406]  ? copy_process+0x399/0x1fe0
[  505.223518][T22406]  dup_task_struct+0x449/0x6a0
[  505.223555][T22406]  ? strncpy_from_user+0x177/0x230
[  505.223629][T22406]  copy_process+0x399/0x1fe0
[  505.223661][T22406]  ? kstrtouint+0x76/0xc0
[  505.223782][T22406]  ? strncpy_from_user_nofault+0xa7/0xf0
[  505.223812][T22406]  ? __rcu_read_unlock+0x4f/0x70
[  505.223840][T22406]  ? trace_reschedule_exit+0xd/0xc0
[  505.223870][T22406]  kernel_clone+0x16c/0x5b0
[  505.223909][T22406]  __x64_sys_clone+0xe6/0x120
[  505.223964][T22406]  x64_sys_call+0x2c59/0x2fb0
[  505.224000][T22406]  do_syscall_64+0xd2/0x200
[  505.224040][T22406]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  505.224152][T22406]  ? clear_bhb_loop+0x40/0x90
[  505.224180][T22406]  ? clear_bhb_loop+0x40/0x90
[  505.224212][T22406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.224240][T22406] RIP: 0033:0x7fd9b8a7e969
[  505.224261][T22406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.224327][T22406] RSP: 002b:00007fd9b70a4fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  505.224351][T22406] RAX: ffffffffffffffda RBX: 00007fd9b8ca6160 RCX: 00007fd9b8a7e969
[  505.224368][T22406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[  505.224468][T22406] RBP: 00007fd9b70a5090 R08: 0000000000000000 R09: 0000000000000000
[  505.224484][T22406] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  505.224500][T22406] R13: 0000000000000001 R14: 00007fd9b8ca6160 R15: 00007ffe694b4458
[  505.224525][T22406]  </TASK>
[  505.224619][T22406] Mem-Info:
[  505.236418][T22396] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.236802][T22406] active_anon:33152 inactive_anon:40 isolated_anon:0
[  505.236802][T22406]  active_file:22920 inactive_file:2808 isolated_file:0
[  505.236802][T22406]  unevictable:0 dirty:169 writeback:0
[  505.236802][T22406]  slab_reclaimable:3461 slab_unreclaimable:59774
[  505.236802][T22406]  mapped:33318 shmem:19518 pagetables:1850
[  505.236802][T22406]  sec_pagetables:0 bounce:0
[  505.236802][T22406]  kernel_misc_reclaimable:0
[  505.236802][T22406]  free:1787672 free_pcp:27905 free_cma:0
[  505.326877][T22396] EXT4-fs warning (device loop9): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  505.331709][T22406] Node 0 active_anon:125184kB inactive_anon:160kB active_file:91680kB inactive_file:11232kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:133272kB dirty:676kB writeback:0kB shmem:70764kB writeback_tmp:0kB kernel_stack:4192kB pagetables:7400kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  505.336300][T22396] EXT4-fs warning (device loop9): dx_probe:849: Enable large directory feature to access it
[  505.340906][T22406] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  505.345618][T22396] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.6216: Corrupt directory, running e2fsck is recommended
[  505.350097][T22406] lowmem_reserve[]: 0
[  505.496509][T22396] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 3: comm syz.9.6216: path /79/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  505.508695][T22406]  2882 7861 7861
[  505.628983][T22406] Node 0 DMA32 free:2947912kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951440kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  505.649839][T22396] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 64: comm syz.9.6216: path /79/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  505.659333][T22406] lowmem_reserve[]: 0 0 4978 4978
[  505.684903][T22406] Node 0 Normal free:4151340kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:105944kB inactive_anon:160kB active_file:91680kB inactive_file:11248kB unevictable:0kB writepending:724kB present:5242880kB managed:5098232kB mlocked:0kB bounce:0kB free_pcp:129400kB local_pcp:19624kB free_cma:0kB
[  505.717465][T22406] lowmem_reserve[]: 0 0 0 0
[  505.722409][T22406] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  505.735267][T22406] Node 0 DMA32: 4*4kB (M) 1*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947912kB
[  505.751504][T22406] Node 0 Normal: 262*4kB (UM) 238*8kB (M) 131*16kB (UM) 33*32kB (ME) 42*64kB (ME) 21*128kB (UME) 1*256kB (E) 7*512kB (U) 49*1024kB (U) 53*2048kB (U) 971*4096kB (UME) = 4151256kB
[  505.769545][T22406] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  505.778943][T22406] 37848 total pagecache pages
[  505.783651][T22406] 40 pages in swap cache
[  505.787935][T22406] Free swap  = 124836kB
[  505.792348][T22406] Total swap = 124996kB
[  505.796559][T22406] 2097051 pages RAM
[  505.800543][T22406] 0 pages HighMem/MovableOnly
[  505.805261][T22406] 80793 pages reserved
[  505.844379][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.930778][T22421] pim6reg1: entered promiscuous mode
[  505.936223][T22421] pim6reg1: entered allmulticast mode
[  506.005652][T22410] lo speed is unknown, defaulting to 1000
[  506.122853][T22410] chnl_net:caif_netlink_parms(): no params data found
[  506.281525][T22410] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.288674][T22410] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.882484][T22410] bridge_slave_0: entered allmulticast mode
[  506.889147][T22410] bridge_slave_0: entered promiscuous mode
[  506.908399][T22454] lo speed is unknown, defaulting to 1000
[  506.919372][T22447] lo speed is unknown, defaulting to 1000
[  506.971384][T22410] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.978546][T22410] bridge0: port 2(bridge_slave_1) entered disabled state
[  507.034926][T22410] bridge_slave_1: entered allmulticast mode
[  507.041679][T22410] bridge_slave_1: entered promiscuous mode
[  507.107759][T22410] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  507.140278][T22460] lo speed is unknown, defaulting to 1000
[  507.175530][T22410] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  507.231325][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  507.231344][   T29] audit: type=1326 audit(1748986602.846:20194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22468 comm="syz.0.6236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8abe969 code=0x7ffc0000
[  507.240294][T22471] FAULT_INJECTION: forcing a failure.
[  507.240294][T22471] name failslab, interval 1, probability 0, space 0, times 0
[  507.274040][T22471] CPU: 1 UID: 0 PID: 22471 Comm: syz.0.6236 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  507.274070][T22471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  507.274084][T22471] Call Trace:
[  507.274093][T22471]  <TASK>
[  507.274128][T22471]  __dump_stack+0x1d/0x30
[  507.274155][T22471]  dump_stack_lvl+0xe8/0x140
[  507.274179][T22471]  dump_stack+0x15/0x1b
[  507.274197][T22471]  should_fail_ex+0x265/0x280
[  507.274219][T22471]  should_failslab+0x8c/0xb0
[  507.274343][T22471]  kmem_cache_alloc_noprof+0x50/0x310
[  507.274376][T22471]  ? audit_log_start+0x365/0x6c0
[  507.274451][T22471]  audit_log_start+0x365/0x6c0
[  507.274493][T22471]  audit_seccomp+0x48/0x100
[  507.274575][T22471]  ? __seccomp_filter+0x68c/0x10d0
[  507.274649][T22471]  __seccomp_filter+0x69d/0x10d0
[  507.274683][T22471]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  507.274770][T22471]  ? vfs_write+0x75e/0x8e0
[  507.274864][T22471]  ? __rcu_read_unlock+0x4f/0x70
[  507.274923][T22471]  ? __fget_files+0x184/0x1c0
[  507.274958][T22471]  __secure_computing+0x82/0x150
[  507.274989][T22471]  syscall_trace_enter+0xcf/0x1e0
[  507.275023][T22471]  do_syscall_64+0xac/0x200
[  507.275055][T22471]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  507.275154][T22471]  ? clear_bhb_loop+0x40/0x90
[  507.275181][T22471]  ? clear_bhb_loop+0x40/0x90
[  507.275204][T22471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.275232][T22471] RIP: 0033:0x7fcac8abe969
[  507.275252][T22471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  507.275290][T22471] RSP: 002b:00007fcac7127038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2
[  507.275315][T22471] RAX: ffffffffffffffda RBX: 00007fcac8ce5fa0 RCX: 00007fcac8abe969
[  507.275392][T22471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  507.275409][T22471] RBP: 00007fcac7127090 R08: 0000000000000000 R09: 0000000000000000
[  507.275425][T22471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  507.275451][T22471] R13: 0000000000000000 R14: 00007fcac8ce5fa0 R15: 00007fff357afb18
[  507.275473][T22471]  </TASK>
[  507.275481][T22471] audit: audit_lost=17 audit_rate_limit=0 audit_backlog_limit=64
[  507.288967][   T29] audit: type=1326 audit(1748986602.846:20195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22469 comm="syz.6.6237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  507.297866][T22471] audit: out of memory in audit_log_start
[  507.525431][   T29] audit: type=1326 audit(1748986602.846:20196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22469 comm="syz.6.6237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  507.549124][   T29] audit: type=1326 audit(1748986602.846:20197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22469 comm="syz.6.6237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  507.554531][T22410] team0: Port device team_slave_0 added
[  507.572731][   T29] audit: type=1326 audit(1748986602.846:20198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22469 comm="syz.6.6237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  507.602065][   T29] audit: type=1326 audit(1748986602.846:20199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22469 comm="syz.6.6237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  507.625610][   T29] audit: type=1326 audit(1748986602.846:20200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22469 comm="syz.6.6237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  507.651196][   T29] audit: type=1326 audit(1748986602.846:20201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22469 comm="syz.6.6237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  507.690151][T22410] team0: Port device team_slave_1 added
[  507.719317][T22410] batman_adv: batadv0: Adding interface: batadv_slave_0
[  507.726342][T22410] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.752448][T22410] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  507.763887][T22410] batman_adv: batadv0: Adding interface: batadv_slave_1
[  507.770901][T22410] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.797087][T22410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  507.990648][T22410] hsr_slave_0: entered promiscuous mode
[  508.000490][T22410] hsr_slave_1: entered promiscuous mode
[  508.010284][T22482] loop8: detected capacity change from 0 to 512
[  508.017989][T22410] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  508.028649][T22410] Cannot create hsr debugfs directory
[  508.271813][T22482] EXT4-fs (loop8): 1 orphan inode deleted
[  508.285486][T22482] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  508.309422][T22482] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  508.351349][T22501] lo speed is unknown, defaulting to 1000
[  508.596960][T22505] bridge1: entered promiscuous mode
[  508.602463][T22505] bridge1: entered allmulticast mode
[  508.613644][T22505] team0: Port device bridge1 added
[  508.686086][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  508.699072][T22410] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  508.704738][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.719831][T22410] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  508.731062][T22410] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  508.738243][T22509] FAULT_INJECTION: forcing a failure.
[  508.738243][T22509] name failslab, interval 1, probability 0, space 0, times 0
[  508.750973][T22509] CPU: 1 UID: 0 PID: 22509 Comm: syz.8.6246 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  508.751011][T22509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  508.751027][T22509] Call Trace:
[  508.751035][T22509]  <TASK>
[  508.751043][T22509]  __dump_stack+0x1d/0x30
[  508.751109][T22509]  dump_stack_lvl+0xe8/0x140
[  508.751135][T22509]  dump_stack+0x15/0x1b
[  508.751163][T22509]  should_fail_ex+0x265/0x280
[  508.751196][T22509]  should_failslab+0x8c/0xb0
[  508.751231][T22509]  kmem_cache_alloc_node_noprof+0x57/0x320
[  508.751290][T22509]  ? __alloc_skb+0x101/0x320
[  508.751326][T22509]  __alloc_skb+0x101/0x320
[  508.751362][T22509]  netlink_alloc_large_skb+0xba/0xf0
[  508.751559][T22509]  netlink_sendmsg+0x3cf/0x6b0
[  508.751672][T22509]  ? __pfx_netlink_sendmsg+0x10/0x10
[  508.751711][T22509]  __sock_sendmsg+0x142/0x180
[  508.751838][T22509]  ____sys_sendmsg+0x31e/0x4e0
[  508.751897][T22509]  ___sys_sendmsg+0x17b/0x1d0
[  508.752029][T22509]  __x64_sys_sendmsg+0xd4/0x160
[  508.752110][T22509]  x64_sys_call+0x2999/0x2fb0
[  508.752255][T22509]  do_syscall_64+0xd2/0x200
[  508.752294][T22509]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  508.752332][T22509]  ? clear_bhb_loop+0x40/0x90
[  508.752408][T22509]  ? clear_bhb_loop+0x40/0x90
[  508.752439][T22509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.752498][T22509] RIP: 0033:0x7fd9b8a7e969
[  508.752518][T22509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.752611][T22509] RSP: 002b:00007fd9b70e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  508.752631][T22509] RAX: ffffffffffffffda RBX: 00007fd9b8ca5fa0 RCX: 00007fd9b8a7e969
[  508.752648][T22509] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  508.752663][T22509] RBP: 00007fd9b70e7090 R08: 0000000000000000 R09: 0000000000000000
[  508.752679][T22509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.752720][T22509] R13: 0000000000000000 R14: 00007fd9b8ca5fa0 R15: 00007ffe694b4458
[  508.752745][T22509]  </TASK>
[  508.968074][T22410] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  509.003285][T22513] loop8: detected capacity change from 0 to 512
[  509.013705][T22513] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  509.045399][T22513] EXT4-fs error (device loop8): ext4_orphan_get:1419: comm syz.8.6248: bad orphan inode 15
[  509.062634][T22410] 8021q: adding VLAN 0 to HW filter on device bond0
[  509.070421][T22513] ext4_test_bit(bit=14, block=18) = 1
[  509.076759][T22513] is_bad_inode(inode)=0
[  509.081037][T22513] NEXT_ORPHAN(inode)=1023
[  509.085387][T22513] max_ino=32
[  509.088852][T22513] i_nlink=0
[  509.099698][T22513] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  509.118353][T22410] 8021q: adding VLAN 0 to HW filter on device team0
[  509.130726][T22513] ext2 filesystem being mounted at /174/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  509.143179][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.150388][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  509.160568][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.167775][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  509.201993][T22410] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  509.212550][T22410] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  509.357284][T22410] 8021q: adding VLAN 0 to HW filter on device batadv0
[  509.480040][T22530] lo speed is unknown, defaulting to 1000
[  509.599941][T22410] veth0_vlan: entered promiscuous mode
[  509.616125][T22410] veth1_vlan: entered promiscuous mode
[  509.631917][T22542] FAULT_INJECTION: forcing a failure.
[  509.631917][T22542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  509.641644][T22410] veth0_macvtap: entered promiscuous mode
[  509.645310][T22542] CPU: 1 UID: 0 PID: 22542 Comm: syz.0.6252 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  509.645350][T22542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  509.645369][T22542] Call Trace:
[  509.645378][T22542]  <TASK>
[  509.645389][T22542]  __dump_stack+0x1d/0x30
[  509.645419][T22542]  dump_stack_lvl+0xe8/0x140
[  509.645448][T22542]  dump_stack+0x15/0x1b
[  509.645516][T22542]  should_fail_ex+0x265/0x280
[  509.645547][T22542]  should_fail+0xb/0x20
[  509.645572][T22542]  should_fail_usercopy+0x1a/0x20
[  509.645614][T22542]  _copy_to_user+0x20/0xa0
[  509.645651][T22542]  __x64_sys_clock_adjtime+0x167/0x1d0
[  509.645743][T22542]  x64_sys_call+0x2839/0x2fb0
[  509.645774][T22542]  do_syscall_64+0xd2/0x200
[  509.645857][T22542]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  509.645896][T22542]  ? clear_bhb_loop+0x40/0x90
[  509.645926][T22542]  ? clear_bhb_loop+0x40/0x90
[  509.645958][T22542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.646034][T22542] RIP: 0033:0x7fcac8abe969
[  509.646056][T22542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.646082][T22542] RSP: 002b:00007fcac7127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[  509.646109][T22542] RAX: ffffffffffffffda RBX: 00007fcac8ce5fa0 RCX: 00007fcac8abe969
[  509.646126][T22542] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000000
[  509.646144][T22542] RBP: 00007fcac7127090 R08: 0000000000000000 R09: 0000000000000000
[  509.646162][T22542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.646179][T22542] R13: 0000000000000000 R14: 00007fcac8ce5fa0 R15: 00007fff357afb18
[  509.646275][T22542]  </TASK>
[  509.826082][T22410] veth1_macvtap: entered promiscuous mode
[  509.840467][T22410] batman_adv: batadv0: Interface activated: batadv_slave_0
[  509.850441][T22410] batman_adv: batadv0: Interface activated: batadv_slave_1
[  509.858857][T22410] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  509.867950][T22410] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  509.876834][T22410] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  509.885641][T22410] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  509.957917][T22552] netlink: 'syz.9.6256': attribute type 4 has an invalid length.
[  509.994039][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  510.022539][T22552] netlink: 'syz.9.6256': attribute type 4 has an invalid length.
[  510.040392][T22558] loop8: detected capacity change from 0 to 128
[  510.165800][T22558] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  510.165906][T22558] EXT4-fs: failed to create workqueue
[  510.180976][T22558] EXT4-fs (loop8): mount failed
[  510.227948][T22572] usb usb8: selecting invalid altsetting 7
[  510.310345][T22578] lo speed is unknown, defaulting to 1000
[  510.720422][T22580] lo speed is unknown, defaulting to 1000
[  510.772519][T22594] FAULT_INJECTION: forcing a failure.
[  510.772519][T22594] name failslab, interval 1, probability 0, space 0, times 0
[  510.785277][T22594] CPU: 1 UID: 0 PID: 22594 Comm: syz.6.6269 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  510.785360][T22594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  510.785373][T22594] Call Trace:
[  510.785378][T22594]  <TASK>
[  510.785388][T22594]  __dump_stack+0x1d/0x30
[  510.785415][T22594]  dump_stack_lvl+0xe8/0x140
[  510.785447][T22594]  dump_stack+0x15/0x1b
[  510.785477][T22594]  should_fail_ex+0x265/0x280
[  510.785500][T22594]  should_failslab+0x8c/0xb0
[  510.785606][T22594]  kmem_cache_alloc_noprof+0x50/0x310
[  510.785646][T22594]  ? security_inode_alloc+0x37/0x100
[  510.785675][T22594]  security_inode_alloc+0x37/0x100
[  510.785754][T22594]  inode_init_always_gfp+0x4b7/0x500
[  510.785780][T22594]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  510.785830][T22594]  alloc_inode+0x58/0x170
[  510.785861][T22594]  new_inode+0x1d/0xe0
[  510.785893][T22594]  shmem_get_inode+0x244/0x750
[  510.785919][T22594]  __shmem_file_setup+0x113/0x210
[  510.785981][T22594]  shmem_file_setup+0x3b/0x50
[  510.786102][T22594]  __se_sys_memfd_create+0x2c3/0x590
[  510.786133][T22594]  __x64_sys_memfd_create+0x31/0x40
[  510.786161][T22594]  x64_sys_call+0x122f/0x2fb0
[  510.786233][T22594]  do_syscall_64+0xd2/0x200
[  510.786267][T22594]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  510.786303][T22594]  ? clear_bhb_loop+0x40/0x90
[  510.786339][T22594]  ? clear_bhb_loop+0x40/0x90
[  510.786375][T22594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.786398][T22594] RIP: 0033:0x7f99fdf8e969
[  510.786415][T22594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.786477][T22594] RSP: 002b:00007f99fc5f6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  510.786497][T22594] RAX: ffffffffffffffda RBX: 00000000000001c1 RCX: 00007f99fdf8e969
[  510.786511][T22594] RDX: 00007f99fc5f6ef0 RSI: 0000000000000000 RDI: 00007f99fe011444
[  510.786581][T22594] RBP: 0000200000000a80 R08: 00007f99fc5f6bb7 R09: 00007f99fc5f6e40
[  510.786594][T22594] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[  510.786608][T22594] R13: 00007f99fc5f6ef0 R14: 00007f99fc5f6eb0 R15: 0000200000000d40
[  510.786629][T22594]  </TASK>
[  511.055882][T22601] FAULT_INJECTION: forcing a failure.
[  511.055882][T22601] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  511.069130][T22601] CPU: 1 UID: 0 PID: 22601 Comm: syz.6.6270 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  511.069159][T22601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  511.069172][T22601] Call Trace:
[  511.069180][T22601]  <TASK>
[  511.069190][T22601]  __dump_stack+0x1d/0x30
[  511.069250][T22601]  dump_stack_lvl+0xe8/0x140
[  511.069272][T22601]  dump_stack+0x15/0x1b
[  511.069288][T22601]  should_fail_ex+0x265/0x280
[  511.069338][T22601]  should_fail+0xb/0x20
[  511.069390][T22601]  should_fail_usercopy+0x1a/0x20
[  511.069420][T22601]  _copy_to_user+0x20/0xa0
[  511.069452][T22601]  __x64_sys_clock_adjtime+0x167/0x1d0
[  511.069551][T22601]  x64_sys_call+0x2839/0x2fb0
[  511.069642][T22601]  do_syscall_64+0xd2/0x200
[  511.069682][T22601]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  511.069776][T22601]  ? clear_bhb_loop+0x40/0x90
[  511.069802][T22601]  ? clear_bhb_loop+0x40/0x90
[  511.069832][T22601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.069860][T22601] RIP: 0033:0x7f99fdf8e969
[  511.069878][T22601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.069930][T22601] RSP: 002b:00007f99fc5f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[  511.069955][T22601] RAX: ffffffffffffffda RBX: 00007f99fe1b5fa0 RCX: 00007f99fdf8e969
[  511.069970][T22601] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000000
[  511.069982][T22601] RBP: 00007f99fc5f7090 R08: 0000000000000000 R09: 0000000000000000
[  511.069995][T22601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.070028][T22601] R13: 0000000000000000 R14: 00007f99fe1b5fa0 R15: 00007ffc21386d88
[  511.070055][T22601]  </TASK>
[  511.306366][T22605] lo speed is unknown, defaulting to 1000
[  511.366706][T22608] FAULT_INJECTION: forcing a failure.
[  511.366706][T22608] name failslab, interval 1, probability 0, space 0, times 0
[  511.379566][T22608] CPU: 1 UID: 0 PID: 22608 Comm: syz.6.6273 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  511.379632][T22608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  511.379690][T22608] Call Trace:
[  511.379698][T22608]  <TASK>
[  511.379706][T22608]  __dump_stack+0x1d/0x30
[  511.379741][T22608]  dump_stack_lvl+0xe8/0x140
[  511.379762][T22608]  dump_stack+0x15/0x1b
[  511.379779][T22608]  should_fail_ex+0x265/0x280
[  511.379801][T22608]  should_failslab+0x8c/0xb0
[  511.379866][T22608]  kmem_cache_alloc_noprof+0x50/0x310
[  511.379905][T22608]  ? mpol_shared_policy_init+0x16f/0x4c0
[  511.379934][T22608]  mpol_shared_policy_init+0x16f/0x4c0
[  511.379959][T22608]  shmem_get_inode+0x66b/0x750
[  511.380025][T22608]  shmem_mknod+0x46/0x180
[  511.380071][T22608]  shmem_create+0x34/0x50
[  511.380134][T22608]  vfs_create+0x197/0x2b0
[  511.380178][T22608]  do_mknodat+0x2af/0x610
[  511.380210][T22608]  __x64_sys_mknodat+0x5e/0x70
[  511.380240][T22608]  x64_sys_call+0x2355/0x2fb0
[  511.380270][T22608]  do_syscall_64+0xd2/0x200
[  511.380389][T22608]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  511.380426][T22608]  ? clear_bhb_loop+0x40/0x90
[  511.380455][T22608]  ? clear_bhb_loop+0x40/0x90
[  511.380486][T22608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.380508][T22608] RIP: 0033:0x7f99fdf8e969
[  511.380527][T22608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.380619][T22608] RSP: 002b:00007f99fc5f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  511.380645][T22608] RAX: ffffffffffffffda RBX: 00007f99fe1b5fa0 RCX: 00007f99fdf8e969
[  511.380742][T22608] RDX: 0000000000000002 RSI: 00002000000000c0 RDI: 0000000000000006
[  511.380759][T22608] RBP: 00007f99fc5f7090 R08: 0000000000000000 R09: 0000000000000000
[  511.380776][T22608] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001
[  511.380793][T22608] R13: 0000000000000000 R14: 00007f99fe1b5fa0 R15: 00007ffc21386d88
[  511.380819][T22608]  </TASK>
[  511.638166][T22617] FAULT_INJECTION: forcing a failure.
[  511.638166][T22617] name failslab, interval 1, probability 0, space 0, times 0
[  511.651036][T22617] CPU: 0 UID: 0 PID: 22617 Comm: syz.8.6275 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  511.651071][T22617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  511.651088][T22617] Call Trace:
[  511.651096][T22617]  <TASK>
[  511.651107][T22617]  __dump_stack+0x1d/0x30
[  511.651213][T22617]  dump_stack_lvl+0xe8/0x140
[  511.651239][T22617]  dump_stack+0x15/0x1b
[  511.651298][T22617]  should_fail_ex+0x265/0x280
[  511.651328][T22617]  should_failslab+0x8c/0xb0
[  511.651413][T22617]  kmem_cache_alloc_noprof+0x50/0x310
[  511.651535][T22617]  ? skb_clone+0x151/0x1f0
[  511.651569][T22617]  skb_clone+0x151/0x1f0
[  511.651603][T22617]  __netlink_deliver_tap+0x2c9/0x500
[  511.651652][T22617]  netlink_unicast+0x64c/0x670
[  511.651720][T22617]  netlink_sendmsg+0x58b/0x6b0
[  511.651811][T22617]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.651844][T22617]  __sock_sendmsg+0x142/0x180
[  511.651880][T22617]  ____sys_sendmsg+0x31e/0x4e0
[  511.651995][T22617]  ___sys_sendmsg+0x17b/0x1d0
[  511.652094][T22617]  __x64_sys_sendmsg+0xd4/0x160
[  511.652142][T22617]  x64_sys_call+0x2999/0x2fb0
[  511.652172][T22617]  do_syscall_64+0xd2/0x200
[  511.652209][T22617]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  511.652242][T22617]  ? clear_bhb_loop+0x40/0x90
[  511.652264][T22617]  ? clear_bhb_loop+0x40/0x90
[  511.652320][T22617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.652348][T22617] RIP: 0033:0x7fd9b8a7e969
[  511.652369][T22617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.652394][T22617] RSP: 002b:00007fd9b70e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  511.652436][T22617] RAX: ffffffffffffffda RBX: 00007fd9b8ca5fa0 RCX: 00007fd9b8a7e969
[  511.652460][T22617] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[  511.652472][T22617] RBP: 00007fd9b70e7090 R08: 0000000000000000 R09: 0000000000000000
[  511.652485][T22617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.652497][T22617] R13: 0000000000000000 R14: 00007fd9b8ca5fa0 R15: 00007ffe694b4458
[  511.652517][T22617]  </TASK>
[  511.872628][T22617] netlink: 'syz.8.6275': attribute type 5 has an invalid length.
[  511.880535][T22617] netlink: 152 bytes leftover after parsing attributes in process `syz.8.6275'.
[  511.907122][T22617] : renamed from bond0 (while UP)
[  512.053078][T22606] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6261'.
[  512.093481][T22623] bond1: entered promiscuous mode
[  512.098591][T22623] bond1: entered allmulticast mode
[  512.106083][T22623] 8021q: adding VLAN 0 to HW filter on device bond1
[  512.292463][T22640] lo speed is unknown, defaulting to 1000
[  512.460121][T22646] lo speed is unknown, defaulting to 1000
[  512.815339][   T29] kauditd_printk_skb: 118 callbacks suppressed
[  512.815367][   T29] audit: type=1400 audit(1748986608.539:20319): avc:  denied  { create } for  pid=22649 comm="syz.6.6285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  512.878791][T22653] FAULT_INJECTION: forcing a failure.
[  512.878791][T22653] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  512.892045][T22653] CPU: 0 UID: 0 PID: 22653 Comm: syz.9.6286 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  512.892114][T22653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  512.892127][T22653] Call Trace:
[  512.892133][T22653]  <TASK>
[  512.892141][T22653]  __dump_stack+0x1d/0x30
[  512.892163][T22653]  dump_stack_lvl+0xe8/0x140
[  512.892186][T22653]  dump_stack+0x15/0x1b
[  512.892281][T22653]  should_fail_ex+0x265/0x280
[  512.892310][T22653]  should_fail+0xb/0x20
[  512.892379][T22653]  should_fail_usercopy+0x1a/0x20
[  512.892403][T22653]  _copy_to_user+0x20/0xa0
[  512.892438][T22653]  simple_read_from_buffer+0xb5/0x130
[  512.892463][T22653]  proc_fail_nth_read+0x100/0x140
[  512.892488][T22653]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  512.892597][T22653]  vfs_read+0x1a0/0x6f0
[  512.892622][T22653]  ? __rcu_read_unlock+0x4f/0x70
[  512.892654][T22653]  ? __fget_files+0x184/0x1c0
[  512.892725][T22653]  ? finish_task_switch+0xad/0x2b0
[  512.892751][T22653]  ksys_read+0xda/0x1a0
[  512.892776][T22653]  __x64_sys_read+0x40/0x50
[  512.892798][T22653]  x64_sys_call+0x2d77/0x2fb0
[  512.892844][T22653]  do_syscall_64+0xd2/0x200
[  512.892883][T22653]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  512.892910][T22653]  ? clear_bhb_loop+0x40/0x90
[  512.892932][T22653]  ? clear_bhb_loop+0x40/0x90
[  512.893010][T22653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.893038][T22653] RIP: 0033:0x7f0bb947d37c
[  512.893124][T22653] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  512.893219][T22653] RSP: 002b:00007f0bb7ae7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  512.893242][T22653] RAX: ffffffffffffffda RBX: 00007f0bb96a5fa0 RCX: 00007f0bb947d37c
[  512.893255][T22653] RDX: 000000000000000f RSI: 00007f0bb7ae70a0 RDI: 0000000000000004
[  512.893267][T22653] RBP: 00007f0bb7ae7090 R08: 0000000000000000 R09: 0000000000000000
[  512.893280][T22653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  512.893327][T22653] R13: 0000000000000000 R14: 00007f0bb96a5fa0 R15: 00007ffecd848368
[  512.893353][T22653]  </TASK>
[  513.107820][   T29] audit: type=1400 audit(1748986608.590:20320): avc:  denied  { write } for  pid=22649 comm="syz.6.6285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  513.127762][   T29] audit: type=1326 audit(1748986608.600:20321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.6.6285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  513.151365][   T29] audit: type=1326 audit(1748986608.600:20322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.6.6285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  513.175155][   T29] audit: type=1326 audit(1748986608.600:20323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.6.6285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  513.199078][   T29] audit: type=1326 audit(1748986608.600:20324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.6.6285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  513.222898][   T29] audit: type=1326 audit(1748986608.600:20325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.6.6285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  513.226392][T22656] loop8: detected capacity change from 0 to 512
[  513.246523][   T29] audit: type=1326 audit(1748986608.600:20326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.6.6285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  513.246601][   T29] audit: type=1326 audit(1748986608.600:20327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.6.6285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  513.300352][   T29] audit: type=1326 audit(1748986608.600:20328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.6.6285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  513.307134][T22659] netlink: 'syz.0.6289': attribute type 5 has an invalid length.
[  513.332191][T22659] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6289'.
[  513.348560][T22656] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  513.348710][T22659] : renamed from bond0 (while UP)
[  513.426846][T22656] EXT4-fs error (device loop8): ext4_orphan_get:1419: comm syz.8.6287: bad orphan inode 15
[  513.481693][T22656] ext4_test_bit(bit=14, block=18) = 1
[  513.487211][T22656] is_bad_inode(inode)=0
[  513.491485][T22656] NEXT_ORPHAN(inode)=1023
[  513.495830][T22656] max_ino=32
[  513.499048][T22656] i_nlink=0
[  513.502793][T22656] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  513.519398][T22656] ext2 filesystem being mounted at /183/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  513.577966][T22673] lo speed is unknown, defaulting to 1000
[  513.580073][T22677] FAULT_INJECTION: forcing a failure.
[  513.580073][T22677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  513.596899][T22677] CPU: 1 UID: 0 PID: 22677 Comm: syz.0.6295 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  513.596937][T22677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  513.596955][T22677] Call Trace:
[  513.596963][T22677]  <TASK>
[  513.596972][T22677]  __dump_stack+0x1d/0x30
[  513.597067][T22677]  dump_stack_lvl+0xe8/0x140
[  513.597148][T22677]  dump_stack+0x15/0x1b
[  513.597167][T22677]  should_fail_ex+0x265/0x280
[  513.597189][T22677]  should_fail+0xb/0x20
[  513.597214][T22677]  should_fail_usercopy+0x1a/0x20
[  513.597260][T22677]  _copy_from_user+0x1c/0xb0
[  513.597296][T22677]  ___sys_sendmsg+0xc1/0x1d0
[  513.597360][T22677]  __x64_sys_sendmsg+0xd4/0x160
[  513.597408][T22677]  x64_sys_call+0x2999/0x2fb0
[  513.597438][T22677]  do_syscall_64+0xd2/0x200
[  513.597528][T22677]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  513.597565][T22677]  ? clear_bhb_loop+0x40/0x90
[  513.597590][T22677]  ? clear_bhb_loop+0x40/0x90
[  513.597650][T22677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.597672][T22677] RIP: 0033:0x7fcac8abe969
[  513.597688][T22677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.597748][T22677] RSP: 002b:00007fcac7127038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  513.597772][T22677] RAX: ffffffffffffffda RBX: 00007fcac8ce5fa0 RCX: 00007fcac8abe969
[  513.597786][T22677] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000009
[  513.597798][T22677] RBP: 00007fcac7127090 R08: 0000000000000000 R09: 0000000000000000
[  513.597872][T22677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  513.597885][T22677] R13: 0000000000000000 R14: 00007fcac8ce5fa0 R15: 00007fff357afb18
[  513.597907][T22677]  </TASK>
[  513.807642][T22683] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6296'.
[  514.047427][T22697] lo speed is unknown, defaulting to 1000
[  514.091760][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  514.360693][T22726] lo speed is unknown, defaulting to 1000
[  514.459049][T22729] geneve2: entered promiscuous mode
[  514.464354][T22729] geneve2: entered allmulticast mode
[  514.530522][T22729] loop1: detected capacity change from 0 to 512
[  514.537552][T22729] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  514.546686][T22729] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  514.558801][T22729] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  514.569717][T22729] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  514.578291][T22729] System zones: 0-2, 18-18, 34-34
[  514.585732][T22729] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.6311: iget: bad i_size value: 360287970189639680
[  514.586555][T22734] FAULT_INJECTION: forcing a failure.
[  514.586555][T22734] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  514.599151][T22729] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.6311: couldn't read orphan inode 15 (err -117)
[  514.611919][T22734] CPU: 0 UID: 0 PID: 22734 Comm: syz.9.6312 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  514.611958][T22734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  514.611976][T22734] Call Trace:
[  514.611988][T22734]  <TASK>
[  514.612000][T22734]  __dump_stack+0x1d/0x30
[  514.612033][T22734]  dump_stack_lvl+0xe8/0x140
[  514.612062][T22734]  dump_stack+0x15/0x1b
[  514.612088][T22734]  should_fail_ex+0x265/0x280
[  514.612119][T22734]  should_fail+0xb/0x20
[  514.612144][T22734]  should_fail_usercopy+0x1a/0x20
[  514.612177][T22734]  _copy_from_iter+0xcf/0xe40
[  514.612228][T22734]  ? __build_skb_around+0x1a0/0x200
[  514.612331][T22734]  ? __alloc_skb+0x223/0x320
[  514.612372][T22734]  netlink_sendmsg+0x471/0x6b0
[  514.612435][T22734]  ? __pfx_netlink_sendmsg+0x10/0x10
[  514.612480][T22734]  __sock_sendmsg+0x142/0x180
[  514.612556][T22734]  ____sys_sendmsg+0x31e/0x4e0
[  514.612613][T22734]  ___sys_sendmsg+0x17b/0x1d0
[  514.612701][T22734]  __x64_sys_sendmsg+0xd4/0x160
[  514.612751][T22734]  x64_sys_call+0x2999/0x2fb0
[  514.612782][T22734]  do_syscall_64+0xd2/0x200
[  514.612824][T22734]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  514.612933][T22734]  ? clear_bhb_loop+0x40/0x90
[  514.612963][T22734]  ? clear_bhb_loop+0x40/0x90
[  514.613066][T22734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.613092][T22734] RIP: 0033:0x7f0bb947e969
[  514.613113][T22734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.613137][T22734] RSP: 002b:00007f0bb7ae7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  514.613226][T22734] RAX: ffffffffffffffda RBX: 00007f0bb96a5fa0 RCX: 00007f0bb947e969
[  514.613244][T22734] RDX: 0000000000000040 RSI: 0000200000000180 RDI: 0000000000000003
[  514.613262][T22734] RBP: 00007f0bb7ae7090 R08: 0000000000000000 R09: 0000000000000000
[  514.613280][T22734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  514.613297][T22734] R13: 0000000000000000 R14: 00007f0bb96a5fa0 R15: 00007ffecd848368
[  514.613325][T22734]  </TASK>
[  514.666709][T22736] loop9: detected capacity change from 0 to 512
[  514.668117][T22729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  514.676561][T22736] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  514.686857][T22729] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.6311: iget: bad i_size value: 360287970189639680
[  514.719154][T22736] EXT4-fs error (device loop9): ext4_orphan_get:1419: comm syz.9.6313: bad orphan inode 15
[  514.728914][T22739] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6314'.
[  514.732923][T22736] ext4_test_bit(bit=14, block=18) = 1
[  514.754453][T22729] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.6311: iget: bad i_size value: 360287970189639680
[  514.756001][T22736] is_bad_inode(inode)=0
[  514.756013][T22736] NEXT_ORPHAN(inode)=1023
[  514.761488][T22729] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.6311: iget: bad i_size value: 360287970189639680
[  514.780255][T22736] max_ino=32
[  514.780270][T22736] i_nlink=0
[  514.792600][T22736] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  514.948646][T22736] ext2 filesystem being mounted at /99/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  515.014644][T22410] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  515.246561][T22760] loop8: detected capacity change from 0 to 128
[  515.267337][T22760] bio_check_eod: 30 callbacks suppressed
[  515.267422][T22760] syz.8.6320: attempt to access beyond end of device
[  515.267422][T22760] loop8: rw=1, sector=145, nr_sectors = 77 limit=128
[  515.289653][T22763] netlink: 'syz.6.6322': attribute type 13 has an invalid length.
[  515.326699][T22763] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  515.347339][T22764] lo speed is unknown, defaulting to 1000
[  515.520450][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  515.543812][T22779] loop9: detected capacity change from 0 to 1024
[  515.551275][T22779] EXT4-fs: Ignoring removed oldalloc option
[  515.557590][T22779] EXT4-fs: Ignoring removed orlov option
[  515.563801][T22779] EXT4-fs (loop9): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  515.586897][T22779] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  515.604384][T22779] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  515.639806][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  515.709344][T22795] hub 1-0:1.0: USB hub found
[  515.714340][T22795] hub 1-0:1.0: 8 ports detected
[  516.163907][T22801] openvswitch: netlink: Message has 6 unknown bytes.
[  516.178379][T22802] loop1: detected capacity change from 0 to 2048
[  516.230529][T22808] FAULT_INJECTION: forcing a failure.
[  516.230529][T22808] name failslab, interval 1, probability 0, space 0, times 0
[  516.243429][T22808] CPU: 1 UID: 0 PID: 22808 Comm: syz.1.6335 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  516.243468][T22808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.243485][T22808] Call Trace:
[  516.243541][T22808]  <TASK>
[  516.243552][T22808]  __dump_stack+0x1d/0x30
[  516.243640][T22808]  dump_stack_lvl+0xe8/0x140
[  516.243667][T22808]  dump_stack+0x15/0x1b
[  516.243690][T22808]  should_fail_ex+0x265/0x280
[  516.243718][T22808]  should_failslab+0x8c/0xb0
[  516.243752][T22808]  kmem_cache_alloc_noprof+0x50/0x310
[  516.243865][T22808]  ? audit_log_start+0x365/0x6c0
[  516.243918][T22808]  audit_log_start+0x365/0x6c0
[  516.244005][T22808]  audit_seccomp+0x48/0x100
[  516.244035][T22808]  ? __seccomp_filter+0x68c/0x10d0
[  516.244068][T22808]  __seccomp_filter+0x69d/0x10d0
[  516.244104][T22808]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  516.244208][T22808]  ? vfs_write+0x75e/0x8e0
[  516.244237][T22808]  ? __rcu_read_unlock+0x4f/0x70
[  516.244265][T22808]  ? __fget_files+0x184/0x1c0
[  516.244363][T22808]  __secure_computing+0x82/0x150
[  516.244394][T22808]  syscall_trace_enter+0xcf/0x1e0
[  516.244522][T22808]  do_syscall_64+0xac/0x200
[  516.244652][T22808]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  516.244768][T22808]  ? clear_bhb_loop+0x40/0x90
[  516.244851][T22808]  ? clear_bhb_loop+0x40/0x90
[  516.244916][T22808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.244944][T22808] RIP: 0033:0x7f165546e969
[  516.244974][T22808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.244998][T22808] RSP: 002b:00007f1653ad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  516.245023][T22808] RAX: ffffffffffffffda RBX: 00007f1655695fa0 RCX: 00007f165546e969
[  516.245119][T22808] RDX: 0000200000000200 RSI: 00000000c0105512 RDI: 0000000000000006
[  516.245133][T22808] RBP: 00007f1653ad7090 R08: 0000000000000000 R09: 0000000000000000
[  516.245147][T22808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  516.245192][T22808] R13: 0000000000000000 R14: 00007f1655695fa0 R15: 00007ffda253a8d8
[  516.245214][T22808]  </TASK>
[  516.252250][T22808] hub 1-0:1.0: USB hub found
[  516.471667][T22816] Cannot find del_set index 1 as target
[  516.477883][T22808] hub 1-0:1.0: 8 ports detected
[  516.490446][T22816] pim6reg1: entered promiscuous mode
[  516.495904][T22816] pim6reg1: entered allmulticast mode
[  516.505022][T22816] netlink: 196 bytes leftover after parsing attributes in process `syz.6.6337'.
[  516.514540][T22816] netlink: 'syz.6.6337': attribute type 27 has an invalid length.
[  516.536223][T22810] hub 1-0:1.0: USB hub found
[  516.554052][T22810] hub 1-0:1.0: 8 ports detected
[  516.555800][T22816] vlan2: left allmulticast mode
[  516.567962][T22816] vxlan0: left promiscuous mode
[  516.584763][T22816] pim6reg1: left promiscuous mode
[  516.589843][T22816] pim6reg1: left allmulticast mode
[  516.655891][T22819] lo speed is unknown, defaulting to 1000
[  516.668613][T22822] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  516.704876][T22822] netlink: 'syz.0.6339': attribute type 13 has an invalid length.
[  516.735294][T22822] 8021q: adding VLAN 0 to HW filter on device 
[  516.748445][T22822] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  516.843224][T22827] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6341'.
[  516.858909][T22827] : (slave bond_slave_0): Releasing backup interface
[  517.146696][T22829] loop9: detected capacity change from 0 to 512
[  517.207069][T22829] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -13
[  517.231455][T22829] EXT4-fs error (device loop9): ext4_orphan_get:1393: inode #13: comm syz.9.6342: iget: bad i_size value: 12154757448730
[  517.280764][T22829] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.6342: couldn't read orphan inode 13 (err -117)
[  517.333551][T22829] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  517.397164][T22843] bridge0: entered promiscuous mode
[  517.402785][T22843] macvlan2: entered promiscuous mode
[  517.407818][T22829] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  517.413190][T22843] bridge0: port 3(macvlan2) entered blocking state
[  517.430314][T22843] bridge0: port 3(macvlan2) entered disabled state
[  517.437571][T22843] macvlan2: entered allmulticast mode
[  517.442989][T22843] bridge0: entered allmulticast mode
[  517.449712][T22843] macvlan2: left allmulticast mode
[  517.455069][T22843] bridge0: left allmulticast mode
[  517.460824][T22843] bridge0: left promiscuous mode
[  517.468083][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  517.479787][T22830] can0: slcan on ptm0.
[  517.574316][T22852] netlink: 128 bytes leftover after parsing attributes in process `syz.8.6348'.
[  517.584100][T22852] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6348'.
[  517.630072][T22855] loop8: detected capacity change from 0 to 2048
[  517.641205][T22855] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  517.689006][T22826] can0 (unregistered): slcan off ptm0.
[  517.819489][T22860] netlink: 132 bytes leftover after parsing attributes in process `syz.9.6346'.
[  517.868981][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  517.961245][T19358] hid-generic 0009:0002:000C.002F: unknown main item tag 0x0
[  517.968876][T19358] hid-generic 0009:0002:000C.002F: unknown main item tag 0x0
[  517.976382][T19358] hid-generic 0009:0002:000C.002F: unknown main item tag 0x0
[  517.986850][   T29] kauditd_printk_skb: 554 callbacks suppressed
[  517.986870][   T29] audit: type=1400 audit(1748986613.797:20881): avc:  denied  { mount } for  pid=22861 comm="syz.0.6351" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  518.045570][T19358] hid-generic 0009:0002:000C.002F: hidraw0: <UNKNOWN> HID v0.80 Device [syz1] on syz1
[  518.064391][   T29] audit: type=1400 audit(1748986613.848:20882): avc:  denied  { getopt } for  pid=22869 comm="syz.8.6353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  518.084664][   T29] audit: type=1400 audit(1748986613.848:20883): avc:  denied  { setopt } for  pid=22869 comm="syz.8.6353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  518.104468][   T29] audit: type=1400 audit(1748986613.848:20884): avc:  denied  { ioctl } for  pid=22869 comm="syz.8.6353" path="socket:[70478]" dev="sockfs" ino=70478 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  518.129574][   T29] audit: type=1400 audit(1748986613.848:20885): avc:  denied  { ioctl } for  pid=22869 comm="syz.8.6353" path="socket:[69578]" dev="sockfs" ino=69578 ioctlcmd=0x6720 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  518.487832][T22880] lo speed is unknown, defaulting to 1000
[  518.519422][T22882] loop9: detected capacity change from 0 to 256
[  518.625171][   T29] audit: type=1326 audit(1748986614.490:20886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22894 comm="syz.1.6362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  518.657953][   T29] audit: type=1326 audit(1748986614.490:20887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22894 comm="syz.1.6362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  518.681729][   T29] audit: type=1326 audit(1748986614.490:20888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22894 comm="syz.1.6362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  518.705607][   T29] audit: type=1326 audit(1748986614.490:20889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22894 comm="syz.1.6362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  518.729331][   T29] audit: type=1326 audit(1748986614.490:20890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22897 comm="syz.1.6362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f16554a1225 code=0x7ffc0000
[  519.201076][T22916] binfmt_misc: register: failed to install interpreter file ./file2
[  519.460312][T22935] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6367'.
[  519.585134][T22937] loop9: detected capacity change from 0 to 512
[  519.789247][T22937] EXT4-fs (loop9): 1 orphan inode deleted
[  519.795541][T22937] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  519.820473][ T3416] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  519.844413][T22937] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  519.976265][T22954] netlink: 'syz.8.6379': attribute type 29 has an invalid length.
[  519.989912][T22954] loop8: detected capacity change from 0 to 1024
[  519.997553][T22954] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  520.007925][T22954] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  520.034370][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  520.046509][T22954] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  520.055135][T22954] EXT4-fs (loop8): orphan cleanup on readonly fs
[  520.063640][T22954] EXT4-fs error (device loop8): __ext4_get_inode_loc:4792: comm syz.8.6379: Invalid inode table block 0 in block_group 0
[  520.077328][T22954] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  520.092929][T22954] EXT4-fs error (device loop8): ext4_quota_write:7322: inode #3: comm syz.8.6379: mark_inode_dirty error
[  520.104636][T22954] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.6379: Failed to acquire dquot type 0
[  520.108710][T22959] FAULT_INJECTION: forcing a failure.
[  520.108710][T22959] name failslab, interval 1, probability 0, space 0, times 0
[  520.116196][T22954] EXT4-fs error (device loop8): __ext4_get_inode_loc:4792: comm syz.8.6379: Invalid inode table block 0 in block_group 0
[  520.128732][T22959] CPU: 1 UID: 0 PID: 22959 Comm: syz.9.6380 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  520.128770][T22959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.128786][T22959] Call Trace:
[  520.128793][T22959]  <TASK>
[  520.128805][T22959]  __dump_stack+0x1d/0x30
[  520.128836][T22959]  dump_stack_lvl+0xe8/0x140
[  520.128866][T22959]  dump_stack+0x15/0x1b
[  520.128937][T22959]  should_fail_ex+0x265/0x280
[  520.128967][T22959]  ? audit_log_d_path+0x8d/0x150
[  520.129014][T22959]  should_failslab+0x8c/0xb0
[  520.129050][T22959]  __kmalloc_cache_noprof+0x4c/0x320
[  520.129096][T22959]  audit_log_d_path+0x8d/0x150
[  520.129164][T22959]  audit_log_d_path_exe+0x42/0x70
[  520.129191][T22959]  audit_log_task+0x1e9/0x250
[  520.129237][T22959]  audit_seccomp+0x61/0x100
[  520.129301][T22959]  ? __seccomp_filter+0x68c/0x10d0
[  520.129404][T22959]  __seccomp_filter+0x69d/0x10d0
[  520.129440][T22959]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  520.129474][T22959]  ? vfs_write+0x75e/0x8e0
[  520.129504][T22959]  ? __rcu_read_unlock+0x4f/0x70
[  520.129542][T22959]  ? __fget_files+0x184/0x1c0
[  520.129581][T22959]  __secure_computing+0x82/0x150
[  520.129677][T22959]  syscall_trace_enter+0xcf/0x1e0
[  520.129703][T22959]  do_syscall_64+0xac/0x200
[  520.129763][T22959]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  520.129818][T22959]  ? clear_bhb_loop+0x40/0x90
[  520.129847][T22959]  ? clear_bhb_loop+0x40/0x90
[  520.129878][T22959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.129908][T22959] RIP: 0033:0x7f0bb947e969
[  520.129993][T22959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.130018][T22959] RSP: 002b:00007f0bb7ae7038 EFLAGS: 00000246 ORIG_RAX: 000000000000000c
[  520.130044][T22959] RAX: ffffffffffffffda RBX: 00007f0bb96a5fa0 RCX: 00007f0bb947e969
[  520.130139][T22959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000ffc020
[  520.130158][T22959] RBP: 00007f0bb7ae7090 R08: 0000000000000000 R09: 0000000000000000
[  520.130175][T22959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.130196][T22959] R13: 0000000000000000 R14: 00007f0bb96a5fa0 R15: 00007ffecd848368
[  520.130226][T22959]  </TASK>
[  520.246974][T22962] loop9: detected capacity change from 0 to 512
[  520.249692][T22954] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  520.270323][T22962] EXT4-fs (loop9): 1 orphan inode deleted
[  520.398721][T22954] EXT4-fs error (device loop8): ext4_ext_truncate:4475: inode #15: comm syz.8.6379: mark_inode_dirty error
[  520.411962][T22954] EXT4-fs error (device loop8): __ext4_get_inode_loc:4792: comm syz.8.6379: Invalid inode table block 0 in block_group 0
[  520.425786][T22954] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  520.438822][T22954] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[  520.449384][T22962] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  520.463736][T22954] EXT4-fs error (device loop8): __ext4_get_inode_loc:4792: comm syz.8.6379: Invalid inode table block 0 in block_group 0
[  520.478895][T22962] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  520.490489][T22954] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  520.507231][T22954] EXT4-fs error (device loop8): ext4_truncate:4597: inode #15: comm syz.8.6379: mark_inode_dirty error
[  520.523869][T22954] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[  520.580400][T22954] EXT4-fs (loop8): 1 truncate cleaned up
[  520.626825][T22068] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:31: Failed to release dquot type 1
[  520.639088][T22954] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  520.652138][T22954] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  520.711988][T22976] tap0: tun_chr_ioctl cmd 1074025677
[  520.717433][T22976] tap0: linktype set to 804
[  521.054584][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.213917][T22998] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6388'.
[  521.464034][T23007] loop9: detected capacity change from 0 to 512
[  521.472581][T23007] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  521.482670][T23007] EXT4-fs error (device loop9): ext4_orphan_get:1419: comm syz.9.6394: bad orphan inode 15
[  521.494124][T23007] ext4_test_bit(bit=14, block=18) = 1
[  521.499650][T23007] is_bad_inode(inode)=0
[  521.503954][T23007] NEXT_ORPHAN(inode)=1023
[  521.508365][T23007] max_ino=32
[  521.511573][T23007] i_nlink=0
[  521.517090][T23007] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  521.536749][T23007] ext2 filesystem being mounted at /117/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  521.903046][T23034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6404'.
[  521.914690][T23034] IPVS: Error joining to the multicast group
[  521.957014][T23037] 9pnet_fd: Insufficient options for proto=fd
[  522.321036][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  522.383790][T23053] dummy0: entered promiscuous mode
[  522.393098][T23053] loop9: detected capacity change from 0 to 512
[  522.401349][T23053] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  522.426288][T23053] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.439185][T23053] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  522.451571][T23053] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6411'.
[  522.473371][T23053] dummy0 (unregistering): left promiscuous mode
[  522.527456][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.553031][T23062] loop9: detected capacity change from 0 to 256
[  522.581113][T23064] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6415'.
[  522.590095][T23064] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6415'.
[  522.680340][T23067] lo speed is unknown, defaulting to 1000
[  522.742480][T23064] netlink: 36 bytes leftover after parsing attributes in process `syz.9.6415'.
[  522.933146][T23072] FAULT_INJECTION: forcing a failure.
[  522.933146][T23072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  522.946393][T23072] CPU: 0 UID: 0 PID: 23072 Comm: syz.1.6417 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  522.946457][T23072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  522.946474][T23072] Call Trace:
[  522.946483][T23072]  <TASK>
[  522.946494][T23072]  __dump_stack+0x1d/0x30
[  522.946587][T23072]  dump_stack_lvl+0xe8/0x140
[  522.946610][T23072]  dump_stack+0x15/0x1b
[  522.946630][T23072]  should_fail_ex+0x265/0x280
[  522.946665][T23072]  should_fail+0xb/0x20
[  522.946747][T23072]  should_fail_usercopy+0x1a/0x20
[  522.946806][T23072]  _copy_from_user+0x1c/0xb0
[  522.946834][T23072]  bpf_test_init+0xdf/0x160
[  522.946876][T23072]  bpf_prog_test_run_xdp+0x274/0x910
[  522.946911][T23072]  ? __rcu_read_unlock+0x4f/0x70
[  522.946940][T23072]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  522.947004][T23072]  bpf_prog_test_run+0x22a/0x390
[  522.947035][T23072]  __sys_bpf+0x3dc/0x790
[  522.947068][T23072]  __x64_sys_bpf+0x41/0x50
[  522.947099][T23072]  x64_sys_call+0x2478/0x2fb0
[  522.947129][T23072]  do_syscall_64+0xd2/0x200
[  522.947240][T23072]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  522.947269][T23072]  ? clear_bhb_loop+0x40/0x90
[  522.947298][T23072]  ? clear_bhb_loop+0x40/0x90
[  522.947329][T23072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.947368][T23072] RIP: 0033:0x7f165546e969
[  522.947384][T23072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.947409][T23072] RSP: 002b:00007f1653ad7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  522.947434][T23072] RAX: ffffffffffffffda RBX: 00007f1655695fa0 RCX: 00007f165546e969
[  522.947451][T23072] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  522.947465][T23072] RBP: 00007f1653ad7090 R08: 0000000000000000 R09: 0000000000000000
[  522.947497][T23072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.947509][T23072] R13: 0000000000000000 R14: 00007f1655695fa0 R15: 00007ffda253a8d8
[  522.947533][T23072]  </TASK>
[  523.361426][   T29] kauditd_printk_skb: 370 callbacks suppressed
[  523.361446][   T29] audit: type=1326 audit(1748986619.312:21255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.430099][   T29] audit: type=1326 audit(1748986619.343:21256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.441927][T23093] loop1: detected capacity change from 0 to 512
[  523.453882][   T29] audit: type=1326 audit(1748986619.343:21257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.483708][   T29] audit: type=1326 audit(1748986619.343:21258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.507599][   T29] audit: type=1326 audit(1748986619.343:21259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.510714][T23093] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  523.531718][   T29] audit: type=1326 audit(1748986619.343:21260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.545665][T23093] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.6422: bad orphan inode 15
[  523.563469][   T29] audit: type=1326 audit(1748986619.343:21261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.575822][T23093] ext4_test_bit(bit=14, block=18) = 1
[  523.597185][   T29] audit: type=1326 audit(1748986619.343:21262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.602505][T23093] is_bad_inode(inode)=0
[  523.626148][   T29] audit: type=1326 audit(1748986619.343:21263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.630300][T23093] NEXT_ORPHAN(inode)=1023
[  523.630311][T23093] max_ino=32
[  523.653876][   T29] audit: type=1326 audit(1748986619.343:21264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23084 comm="syz.6.6419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99fdf8e969 code=0x7ffc0000
[  523.658181][T23093] i_nlink=0
[  523.659056][T23093] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  523.705856][T23093] ext2 filesystem being mounted at /34/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  523.748007][T23099] lo speed is unknown, defaulting to 1000
[  524.299029][T22410] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  524.401542][T23131] loop1: detected capacity change from 0 to 512
[  524.430627][T23131] EXT4-fs (loop1): 1 orphan inode deleted
[  524.436964][T23131] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.449680][T22058] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:22: Failed to release dquot type 1
[  524.449812][T23131] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  524.543676][T23135] lo speed is unknown, defaulting to 1000
[  524.897959][T23138] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6434'.
[  524.953906][T23138] IPVS: Error joining to the multicast group
[  525.208230][T22410] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.266397][T23158] loop1: detected capacity change from 0 to 256
[  525.268631][T23150] lo speed is unknown, defaulting to 1000
[  525.339185][T23162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  525.356408][T23162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  525.369322][T23162] loop1: detected capacity change from 0 to 512
[  525.400999][T23162] EXT4-fs: Ignoring removed bh option
[  525.409979][T23162] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  525.427943][T23162] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843e11c, mo2=0002]
[  525.439367][T23162] System zones: 1-12
[  525.443605][T23162] EXT4-fs (loop1): orphan cleanup on readonly fs
[  525.448713][T23168] loop9: detected capacity change from 0 to 512
[  525.456707][T23162] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.6442: attempt to clear invalid blocks 1024 len 1
[  525.471245][T23162] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6442: bg 0: block 361: padding at end of block bitmap is not set
[  525.472654][T23168] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  525.529920][T23162] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  525.538469][T23168] EXT4-fs error (device loop9): ext4_orphan_get:1419: comm syz.9.6443: bad orphan inode 15
[  525.551257][T23162] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.6442: invalid indirect mapped block 1811939328 (level 0)
[  525.582813][T23168] ext4_test_bit(bit=14, block=18) = 1
[  525.588322][T23168] is_bad_inode(inode)=0
[  525.592608][T23168] NEXT_ORPHAN(inode)=1023
[  525.597031][T23168] max_ino=32
[  525.600240][T23168] i_nlink=0
[  525.605844][T23168] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  525.644860][T23162] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.6442: invalid indirect mapped block 2 (level 2)
[  525.673379][T23168] ext2 filesystem being mounted at /128/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  525.703315][T23162] EXT4-fs (loop1): 1 truncate cleaned up
[  525.719577][T23172] netlink: 156 bytes leftover after parsing attributes in process `syz.0.6444'.
[  525.738405][T23162] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  525.794029][T23175] lo speed is unknown, defaulting to 1000
[  525.839993][T23162] 9pnet_fd: Insufficient options for proto=fd
[  526.129265][T23192] loop8: detected capacity change from 0 to 512
[  526.152474][T23192] EXT4-fs (loop8): 1 orphan inode deleted
[  526.158797][T23192] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  526.173233][T21779] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  526.191269][T23192] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  526.378663][T21227] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  526.399110][T22410] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  526.472846][T23201] lo speed is unknown, defaulting to 1000
[  526.857072][T23207] hub 1-0:1.0: USB hub found
[  526.861875][T23207] hub 1-0:1.0: 8 ports detected
[  526.907111][T23209] lo speed is unknown, defaulting to 1000
[  526.915395][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.027975][T23215] loop8: detected capacity change from 0 to 512
[  527.043639][T23215] EXT4-fs (loop8): 1 orphan inode deleted
[  527.050466][T23215] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.065259][ T2003] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[  527.077545][T23215] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.948592][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.976004][T23239] loop8: detected capacity change from 0 to 512
[  527.985038][T23239] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  528.038508][T23239] EXT4-fs error (device loop8): ext4_orphan_get:1419: comm syz.8.6463: bad orphan inode 15
[  528.052112][T23239] ext4_test_bit(bit=14, block=18) = 1
[  528.057547][T23239] is_bad_inode(inode)=0
[  528.061920][T23239] NEXT_ORPHAN(inode)=1023
[  528.066276][T23239] max_ino=32
[  528.069585][T23239] i_nlink=0
[  528.075193][T23239] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  528.139261][T23239] ext2 filesystem being mounted at /213/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  528.257915][T23250] loop1: detected capacity change from 0 to 512
[  528.307035][T23250] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.329904][T23250] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  528.497509][T23247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  528.523390][T23247] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  528.601217][   T29] kauditd_printk_skb: 354 callbacks suppressed
[  528.601232][   T29] audit: type=1326 audit(1748986624.607:21616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23246 comm="syz.1.6466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  528.632413][   T29] audit: type=1326 audit(1748986624.638:21617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23246 comm="syz.1.6466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  528.656174][   T29] audit: type=1326 audit(1748986624.638:21618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23246 comm="syz.1.6466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  528.680035][   T29] audit: type=1326 audit(1748986624.648:21619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23246 comm="syz.1.6466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  528.703557][   T29] audit: type=1326 audit(1748986624.648:21620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23246 comm="syz.1.6466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  528.727353][   T29] audit: type=1326 audit(1748986624.648:21621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23246 comm="syz.1.6466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f165546e969 code=0x7ffc0000
[  528.836474][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  528.858708][T23273] loop8: detected capacity change from 0 to 256
[  528.883691][T23275] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6474'.
[  528.896474][T23275] IPVS: Error joining to the multicast group
[  529.397604][T23314] loop9: detected capacity change from 0 to 256
[  529.435107][T23316] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6489'.
[  529.444444][T23316] IPVS: Error joining to the multicast group
[  529.539638][T23322] loop9: detected capacity change from 0 to 2048
[  530.678434][T23351] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6501'.
[  530.687508][T23351] IPVS: Error joining to the multicast group
[  531.144294][T22410] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.216985][   T29] audit: type=1326 audit(1748986627.233:21622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23375 comm="syz.0.6520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8abe969 code=0x7ffc0000
[  531.240756][   T29] audit: type=1326 audit(1748986627.243:21623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23375 comm="syz.0.6520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8abe969 code=0x7ffc0000
[  531.264396][   T29] audit: type=1326 audit(1748986627.243:21624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23375 comm="syz.0.6520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcac8abe969 code=0x7ffc0000
[  531.288199][   T29] audit: type=1326 audit(1748986627.243:21625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23375 comm="syz.0.6520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8abe969 code=0x7ffc0000
[  531.616736][T23387] loop9: detected capacity change from 0 to 512
[  531.637291][T23387] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  531.649902][T23387] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  531.680418][T23392] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6514'.
[  531.689593][T23392] IPVS: Error joining to the multicast group
[  531.695748][T23387] loop9: detected capacity change from 512 to 64
[  531.703447][T23387] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Out of memory
[  531.723352][T23387] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Out of memory
[  531.735607][T23387] EXT4-fs error (device loop9): ext4_evict_inode:254: inode #19: comm syz.9.6513: mark_inode_dirty error
[  531.747284][T23387] EXT4-fs warning (device loop9): ext4_evict_inode:257: couldn't mark inode dirty (err -12)
[  531.784677][T21227] EXT4-fs error (device loop9): ext4_lookup:1784: inode #2: comm syz-executor: 'ÿ.' linked to parent dir
[  531.796424][T21227] EXT4-fs error (device loop9): ext4_lookup:1784: inode #2: comm syz-executor: 'ÿ.' linked to parent dir
[  531.867760][T22899] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.124989][T23416] lo speed is unknown, defaulting to 1000
[  532.216255][T23418] lo speed is unknown, defaulting to 1000
[  532.278686][T23418] chnl_net:caif_netlink_parms(): no params data found
[  532.334011][T23418] bridge0: port 1(bridge_slave_0) entered blocking state
[  532.340084][T23434] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6525'.
[  532.341204][T23418] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.357332][T23418] bridge_slave_0: entered allmulticast mode
[  532.364003][T23418] bridge_slave_0: entered promiscuous mode
[  532.371040][T23434] IPVS: Error joining to the multicast group
[  532.377461][T23418] bridge0: port 2(bridge_slave_1) entered blocking state
[  532.384542][T23418] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.391993][T23418] bridge_slave_1: entered allmulticast mode
[  532.398678][T23418] bridge_slave_1: entered promiscuous mode
[  532.428419][T23418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  532.442026][T23418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  532.467798][T23418] team0: Port device team_slave_0 added
[  532.474848][T23418] team0: Port device team_slave_1 added
[  532.507276][T23418] batman_adv: batadv0: Adding interface: batadv_slave_0
[  532.507464][T23443] loop1: detected capacity change from 0 to 1024
[  532.514308][T23418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.523649][T23443] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  532.546769][T23418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  532.568051][T23443] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  532.579399][T23418] batman_adv: batadv0: Adding interface: batadv_slave_1
[  532.586507][T23418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.612579][T23418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  532.621365][T23443] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  532.650529][T22410] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.672117][T23418] hsr_slave_0: entered promiscuous mode
[  532.695552][T23418] hsr_slave_1: entered promiscuous mode
[  532.707665][T23418] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  532.720627][T23418] Cannot create hsr debugfs directory
[  532.730147][   T51] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.798175][   T51] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.860728][   T51] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.907112][   T51] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.929490][T23465] loop8: detected capacity change from 0 to 512
[  532.958807][T23465] EXT4-fs (loop8): 1 orphan inode deleted
[  532.965729][T23465] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.978643][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  532.979778][   T51] bridge_slave_1: left allmulticast mode
[  532.990590][T23465] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  532.996082][   T51] bridge_slave_1: left promiscuous mode
[  532.996414][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  533.021256][   T51] bridge_slave_0: left allmulticast mode
[  533.027085][   T51] bridge_slave_0: left promiscuous mode
[  533.032816][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.114093][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  533.125381][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  533.135361][   T51] bond0 (unregistering): Released all slaves
[  533.144668][   T51] bond1 (unregistering): Released all slaves
[  533.207766][   T51] hsr_slave_0: left promiscuous mode
[  533.214648][   T51] hsr_slave_1: left promiscuous mode
[  533.220529][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  533.228044][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  533.235993][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  533.243505][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  533.254270][   T51] veth1_macvtap: left promiscuous mode
[  533.260197][   T51] veth0_macvtap: left promiscuous mode
[  533.265835][   T51] veth1_vlan: left promiscuous mode
[  533.273219][   T51] veth0_vlan: left promiscuous mode
[  533.349811][   T51] team0 (unregistering): Port device team_slave_1 removed
[  533.359816][   T51] team0 (unregistering): Port device team_slave_0 removed
[  533.406971][T23418] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  533.416576][T23418] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  533.425708][T23418] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  533.435106][T23418] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  533.470563][T23418] 8021q: adding VLAN 0 to HW filter on device bond0
[  533.482993][T23418] 8021q: adding VLAN 0 to HW filter on device team0
[  533.492810][ T2003] bridge0: port 1(bridge_slave_0) entered blocking state
[  533.499971][ T2003] bridge0: port 1(bridge_slave_0) entered forwarding state
[  533.511010][T21779] bridge0: port 2(bridge_slave_1) entered blocking state
[  533.518151][T21779] bridge0: port 2(bridge_slave_1) entered forwarding state
[  533.584533][T23418] 8021q: adding VLAN 0 to HW filter on device batadv0
[  533.701607][T23418] veth0_vlan: entered promiscuous mode
[  533.712031][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.723443][T23418] veth1_vlan: entered promiscuous mode
[  533.759034][T23496] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6541'.
[  533.768550][T23496] IPVS: Error joining to the multicast group
[  533.786751][T23418] veth0_macvtap: entered promiscuous mode
[  533.807367][T23418] veth1_macvtap: entered promiscuous mode
[  533.840791][T23418] batman_adv: batadv0: Interface activated: batadv_slave_0
[  533.850144][T23418] batman_adv: batadv0: Interface activated: batadv_slave_1
[  533.873136][T23418] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  533.882453][T23418] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  533.884679][T23510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6549'.
[  533.891338][T23418] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  533.909161][T23418] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  533.934945][T23510] IPVS: Error joining to the multicast group
[  533.961594][   T29] kauditd_printk_skb: 115 callbacks suppressed
[  533.961612][   T29] audit: type=1326 audit(1748986630.015:21740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  533.991787][   T29] audit: type=1326 audit(1748986630.015:21741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.019966][   T29] audit: type=1326 audit(1748986630.015:21742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.043913][   T29] audit: type=1326 audit(1748986630.015:21743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.067620][   T29] audit: type=1326 audit(1748986630.015:21744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.093700][   T29] audit: type=1326 audit(1748986630.106:21745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.117519][   T29] audit: type=1326 audit(1748986630.106:21746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.141533][   T29] audit: type=1326 audit(1748986630.106:21747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.165195][   T29] audit: type=1326 audit(1748986630.106:21748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.189561][   T29] audit: type=1326 audit(1748986630.106:21749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23516 comm="syz.8.6551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9b8a7e969 code=0x7ffc0000
[  534.225730][T23522] loop8: detected capacity change from 0 to 512
[  534.273671][T23522] EXT4-fs (loop8): 1 orphan inode deleted
[  534.282691][T23522] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  534.292635][   T51] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  534.298281][T23522] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  534.396977][T23550] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6563'.
[  534.406236][T23550] IPVS: Error joining to the multicast group
[  534.810308][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.958702][T23578] loop4: detected capacity change from 0 to 512
[  534.981447][T23578] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  534.997522][T23578] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  535.042733][T23587] loop8: detected capacity change from 0 to 512
[  535.047740][T23578] loop4: detected capacity change from 512 to 64
[  535.065937][T23578] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Out of memory
[  535.086554][T23587] EXT4-fs (loop8): 1 orphan inode deleted
[  535.094248][T23590] tipc: Enabling of bearer <ugp:syz0> rejected, media not registered
[  535.107028][T23587] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  535.119722][T21779] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  535.132109][T23587] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  535.143150][T23578] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Out of memory
[  535.155906][T23578] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #19: comm syz.4.6575: mark_inode_dirty error
[  535.168425][T23578] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -12)
[  535.192832][T23418] EXT4-fs error (device loop4): ext4_lookup:1784: inode #2: comm syz-executor: 'ÿ.' linked to parent dir
[  535.208098][T23418] EXT4-fs error (device loop4): ext4_lookup:1784: inode #2: comm syz-executor: 'ÿ.' linked to parent dir
[  535.330655][T23608] loop1: detected capacity change from 0 to 1024
[  535.341389][T23608] EXT4-fs: Ignoring removed nobh option
[  535.347034][T23608] EXT4-fs: Ignoring removed bh option
[  535.359080][T23608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  535.545231][T23618] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  535.554310][T23618] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  535.832781][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.178249][T22410] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.211519][T23630] FAULT_INJECTION: forcing a failure.
[  536.211519][T23630] name failslab, interval 1, probability 0, space 0, times 0
[  536.224284][T23630] CPU: 0 UID: 0 PID: 23630 Comm: syz.6.6592 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  536.224316][T23630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  536.224333][T23630] Call Trace:
[  536.224340][T23630]  <TASK>
[  536.224408][T23630]  __dump_stack+0x1d/0x30
[  536.224437][T23630]  dump_stack_lvl+0xe8/0x140
[  536.224459][T23630]  dump_stack+0x15/0x1b
[  536.224476][T23630]  should_fail_ex+0x265/0x280
[  536.224567][T23630]  should_failslab+0x8c/0xb0
[  536.224602][T23630]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  536.224704][T23630]  ? sidtab_sid2str_get+0xa0/0x130
[  536.224746][T23630]  kmemdup_noprof+0x2b/0x70
[  536.224780][T23630]  sidtab_sid2str_get+0xa0/0x130
[  536.224900][T23630]  security_sid_to_context_core+0x1eb/0x2e0
[  536.224940][T23630]  security_sid_to_context+0x27/0x40
[  536.224977][T23630]  selinux_lsmprop_to_secctx+0x67/0xf0
[  536.225016][T23630]  security_lsmprop_to_secctx+0x43/0x80
[  536.225082][T23630]  audit_log_task_context+0x77/0x190
[  536.225108][T23630]  audit_log_task+0xf4/0x250
[  536.225151][T23630]  audit_seccomp+0x61/0x100
[  536.225296][T23630]  ? __seccomp_filter+0x68c/0x10d0
[  536.225325][T23630]  __seccomp_filter+0x69d/0x10d0
[  536.225351][T23630]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  536.225376][T23630]  ? vfs_write+0x75e/0x8e0
[  536.225414][T23630]  __secure_computing+0x82/0x150
[  536.225446][T23630]  syscall_trace_enter+0xcf/0x1e0
[  536.225481][T23630]  do_syscall_64+0xac/0x200
[  536.225531][T23630]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  536.225638][T23630]  ? clear_bhb_loop+0x40/0x90
[  536.225667][T23630]  ? clear_bhb_loop+0x40/0x90
[  536.225695][T23630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.225723][T23630] RIP: 0033:0x7f99fdf8e969
[  536.225743][T23630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  536.225818][T23630] RSP: 002b:00007f99fc5f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[  536.225838][T23630] RAX: ffffffffffffffda RBX: 00007f99fe1b5fa0 RCX: 00007f99fdf8e969
[  536.225851][T23630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  536.225866][T23630] RBP: 00007f99fc5f7090 R08: 0000000000000000 R09: 0000000000000000
[  536.225922][T23630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.225966][T23630] R13: 0000000000000000 R14: 00007f99fe1b5fa0 R15: 00007ffc21386d88
[  536.226062][T23630]  </TASK>
[  536.537859][T23649] netlink: 'syz.0.6600': attribute type 1 has an invalid length.
[  536.569928][T23651] lo speed is unknown, defaulting to 1000
[  536.747326][T23672] FAULT_INJECTION: forcing a failure.
[  536.747326][T23672] name failslab, interval 1, probability 0, space 0, times 0
[  536.762356][T23672] CPU: 0 UID: 0 PID: 23672 Comm: syz.1.6610 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  536.762386][T23672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  536.762407][T23672] Call Trace:
[  536.762415][T23672]  <TASK>
[  536.762425][T23672]  __dump_stack+0x1d/0x30
[  536.762472][T23672]  dump_stack_lvl+0xe8/0x140
[  536.762499][T23672]  dump_stack+0x15/0x1b
[  536.762521][T23672]  should_fail_ex+0x265/0x280
[  536.762549][T23672]  ? sctp_association_new+0x71/0x1200
[  536.762610][T23672]  should_failslab+0x8c/0xb0
[  536.762639][T23672]  __kmalloc_cache_noprof+0x4c/0x320
[  536.762683][T23672]  sctp_association_new+0x71/0x1200
[  536.762718][T23672]  ? __ipv6_addr_type+0x1ed/0x210
[  536.762770][T23672]  sctp_connect_new_asoc+0x1a8/0x3a0
[  536.762808][T23672]  sctp_sendmsg+0xf10/0x18d0
[  536.762848][T23672]  ? selinux_socket_sendmsg+0x81/0x1b0
[  536.762880][T23672]  ? __pfx_sctp_sendmsg+0x10/0x10
[  536.763076][T23672]  inet_sendmsg+0xc5/0xd0
[  536.763113][T23672]  __sock_sendmsg+0x102/0x180
[  536.763136][T23672]  __sys_sendto+0x268/0x330
[  536.763180][T23672]  __x64_sys_sendto+0x76/0x90
[  536.763217][T23672]  x64_sys_call+0x2eb6/0x2fb0
[  536.763259][T23672]  do_syscall_64+0xd2/0x200
[  536.763298][T23672]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  536.763333][T23672]  ? clear_bhb_loop+0x40/0x90
[  536.763354][T23672]  ? clear_bhb_loop+0x40/0x90
[  536.763449][T23672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.763484][T23672] RIP: 0033:0x7f165546e969
[  536.763500][T23672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  536.763521][T23672] RSP: 002b:00007f1653ad7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  536.763604][T23672] RAX: ffffffffffffffda RBX: 00007f1655695fa0 RCX: 00007f165546e969
[  536.763621][T23672] RDX: 0000000000034000 RSI: 0000200000000500 RDI: 0000000000000004
[  536.763714][T23672] RBP: 00007f1653ad7090 R08: 0000200000000140 R09: 000000000000001c
[  536.763730][T23672] R10: 000000002000c851 R11: 0000000000000246 R12: 0000000000000001
[  536.763746][T23672] R13: 0000000000000000 R14: 00007f1655695fa0 R15: 00007ffda253a8d8
[  536.763772][T23672]  </TASK>
[  537.171311][T23677] loop1: detected capacity change from 0 to 512
[  537.197625][T23677] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  537.210650][T23677] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  537.282471][T23677] loop1: detected capacity change from 512 to 64
[  537.290384][T23677] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Out of memory
[  537.320318][T23677] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Out of memory
[  537.333089][T23677] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #19: comm syz.1.6612: mark_inode_dirty error
[  537.347310][T23677] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -12)
[  537.360845][T23682] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6613'.
[  537.369884][T23682] IPVS: Error joining to the multicast group
[  537.410949][T22410] EXT4-fs error (device loop1): ext4_lookup:1784: inode #2: comm syz-executor: 'ÿ.' linked to parent dir
[  537.426522][T22410] EXT4-fs error (device loop1): ext4_lookup:1784: inode #2: comm syz-executor: 'ÿ.' linked to parent dir
[  537.478233][T22897] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.631980][T23700] loop8: detected capacity change from 0 to 1024
[  537.639081][T23700] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869)
[  537.652558][T22410] ==================================================================
[  537.660699][T22410] BUG: KCSAN: data-race in free_pid / zap_pid_ns_processes
[  537.667927][T22410] 
[  537.670264][T22410] read-write to 0xffff888115e1e6e8 of 4 bytes by task 22897 on cpu 0:
[  537.678431][T22410]  free_pid+0x77/0x180
[  537.682552][T22410]  free_pids+0x7a/0xb0
[  537.686639][T22410]  release_task+0x9a9/0xb60
[  537.691172][T22410]  do_exit+0xd85/0x1590
[  537.695354][T22410]  do_group_exit+0xff/0x140
[  537.699883][T22410]  get_signal+0xe59/0xf70
[  537.704240][T22410]  arch_do_signal_or_restart+0x96/0x480
[  537.709817][T22410]  exit_to_user_mode_loop+0x7a/0x100
[  537.715121][T22410]  do_syscall_64+0x1d6/0x200
[  537.719735][T22410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.725643][T22410] 
[  537.727981][T22410] read to 0xffff888115e1e6e8 of 4 bytes by task 22410 on cpu 1:
[  537.735629][T22410]  zap_pid_ns_processes+0x1ff/0x2d0
[  537.740857][T22410]  do_exit+0x13e0/0x1590
[  537.745121][T22410]  do_group_exit+0x139/0x140
[  537.749818][T22410]  __x64_sys_exit_group+0x1f/0x20
[  537.754866][T22410]  x64_sys_call+0x2fa4/0x2fb0
[  537.759555][T22410]  do_syscall_64+0xd2/0x200
[  537.764082][T22410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.769988][T22410] 
[  537.772317][T22410] value changed: 0x00000002 -> 0x00000001
[  537.778037][T22410] 
[  537.780391][T22410] Reported by Kernel Concurrency Sanitizer on:
[  537.786561][T22410] CPU: 1 UID: 0 PID: 22410 Comm: syz-executor Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(voluntary) 
[  537.798912][T22410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  537.808981][T22410] ==================================================================
[  537.822867][T23700] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002]
[  537.829624][T23418] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.831041][T23700] System zones: 0-1, 3-36
[  537.870209][T23700] EXT4-fs (loop8): orphan cleanup on readonly fs
[  537.886536][ T2003] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  537.908425][T23700] EXT4-fs (loop8): 1 orphan inode deleted
[  537.916602][T23700] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  537.918381][T23702] lo speed is unknown, defaulting to 1000
[  537.972028][ T2003] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  538.021923][ T2003] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  538.037618][T23709] netlink: 'syz.8.6621': attribute type 10 has an invalid length.
[  538.052602][T23709] team0 (unregistering): Port device team_slave_0 removed
[  538.062163][T23709] team0 (unregistering): Port device team_slave_1 removed
[  538.076780][ T2003] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  538.192973][T19470] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.215137][ T2003] bridge_slave_1: left allmulticast mode
[  538.220875][ T2003] bridge_slave_1: left promiscuous mode
[  538.226646][ T2003] bridge0: port 2(bridge_slave_1) entered disabled state
[  538.236792][ T2003] bridge_slave_0: left allmulticast mode
[  538.242470][ T2003] bridge_slave_0: left promiscuous mode
[  538.248267][ T2003] bridge0: port 1(bridge_slave_0) entered disabled state
[  538.349541][ T2003] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  538.361263][ T2003] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  538.371077][ T2003] bond0 (unregistering): Released all slaves
[  538.430510][ T2003] hsr_slave_0: left promiscuous mode
[  538.437517][ T2003] hsr_slave_1: left promiscuous mode
[  538.443292][ T2003] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  538.450779][ T2003] batman_adv: batadv0: Removing interface: batadv_slave_0
[  538.460535][ T2003] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  538.468065][ T2003] batman_adv: batadv0: Removing interface: batadv_slave_1
[  538.479247][ T2003] veth1_macvtap: left promiscuous mode
[  538.484806][ T2003] veth0_macvtap: left promiscuous mode
[  538.490946][ T2003] veth1_vlan: left promiscuous mode
[  538.496904][ T2003] veth0_vlan: left promiscuous mode
[  538.572687][ T2003] team0 (unregistering): Port device team_slave_1 removed
[  538.582635][ T2003] team0 (unregistering): Port device team_slave_0 removed
[  538.867892][ T2003] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  538.935467][ T2003] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.006286][ T2003] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.065939][ T2003] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.141489][ T2003] bridge_slave_1: left allmulticast mode
[  539.147241][ T2003] bridge_slave_1: left promiscuous mode
[  539.152932][ T2003] bridge0: port 2(bridge_slave_1) entered disabled state
[  539.163102][ T2003] bridge_slave_0: left allmulticast mode
[  539.168768][ T2003] bridge_slave_0: left promiscuous mode
[  539.174603][ T2003] bridge0: port 1(bridge_slave_0) entered disabled state
[  539.294515][ T2003] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  539.306513][ T2003] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  539.316420][ T2003] bond0 (unregistering): Released all slaves
[  539.376408][ T2003] hsr_slave_0: left promiscuous mode
[  539.384399][ T2003] hsr_slave_1: left promiscuous mode
[  539.390103][ T2003] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  539.397559][ T2003] batman_adv: batadv0: Removing interface: batadv_slave_0
[  539.406971][ T2003] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  539.414472][ T2003] batman_adv: batadv0: Removing interface: batadv_slave_1
[  539.427607][ T2003] veth1_macvtap: left promiscuous mode
[  539.433584][ T2003] veth0_macvtap: left promiscuous mode
[  539.439104][ T2003] veth1_vlan: left promiscuous mode
[  539.446163][ T2003] veth0_vlan: left promiscuous mode
[  539.528780][ T2003] team0 (unregistering): Port device team_slave_1 removed
[  539.540894][ T2003] team0 (unregistering): Port device team_slave_0 removed