last executing test programs:

4m36.428208847s ago: executing program 1 (id=4095):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$lock(r3, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x200, 0x2})
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")

4m35.323795142s ago: executing program 1 (id=4102):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018ed8, &(0x7f0000000180)={[{@sysvgroups}, {@noload}, {@nobh}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@norecovery}, {@errors_continue}, {@quota}]}, 0x1, 0x644, &(0x7f00000006c0)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEPCgoiHgt0ov/gHfp3ZsI6s2zUEUqFrR0ZWZnm81mN7ttsrtJ5vOBzT7zzLN5nm9mn8wzM/vsBFBas9mPNOJUxNubScR007qpqK+cLcq9+teTW9kjiVrtu/9MIinyGuWT4vlEsTAeEX+8EvHpyu561x89vrNYrdU9jTi3cffBufVHj8+u3l28vXx7+d7C+a9duDj/9YULC00N/XAniuer177z+V/85IdfXflT9WwSl+LG6I+XoiWOgzIbs/G2CLE5fyQiLmaJNn+Xo+YYhFBqleL9OBoRn43pqORLddOx+vOhNg7oq1olora3pFsB4KjSvaGsGuOAxrF9b8fBN/o8Khmcl5frB0C74x8pTjmM58dGk6+SpiOj+rmNkwdQf1bHmyfjz948mXkWO85DvH63dUYOoJ5ONrci4nPt4k/ytp3MI83iT3cc6ycRMR8RY0X7vrWPNiRN6X6ch9lLj/FXsvibt0MaEZeK5yz/ygfW33paa9DxA1BOLy4XO/LNbGl7/5eNPRrjn9ge/zxtvG5q/5dkcsPe/3Ue/zX29+P5uCdtGYdlY5br7X/laGvG33529Ved6q+P/2aeNR5Z/Y2x4CC83IqYaYn/p1mwxfgniz9pM/7Nity81Fsd3/7zP652Wjfs+GvPI063Pf7ZHpVmqT2uT55bWa0uz9d/tq3j93/4wW871d8+/o/6EGl72faf7BB/0/ZPW1+X/U0etP+VW60Zv7v+/G6n+qe6bv/072NJ/XhzrMj50dbGxtpCxFhyrShS5C9ubKyd3zveepnXtfx5oR7/mS+17/873v8tUU00/mX24MH37rzqtO5D3v9NF5Pf1npsQydZ/Evdt/+u/p/l/bLHOv7z/Ydf6LSuffzJvmICAAAAAACAskrza7BJOvcunaZzc/X5sp+JybR6f33jyyv3H95bijiTfx5yNI00yT8yMl1fTlZWq8sLxedhG8vnW5a/EhGfRMSvKxP58tyt+9WlYQcPAAAAAAAAAAAAAAAAAAAAh8SJYv5/4z7V/67U5/8DJdH9BnO77v8AHBP9vMEkcLjl/X+vXfzHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9MkXX/w1iYjNb0zkj8xYsc6kXzjeRt+rdKVv7QAGT4+G8np36d9gH0qnp/H/f4svB+x/c4AhSNpl5oOD2t6d/0XbV27b2n/bAAAAAAAAAAAAAIC606c6z/9/v7nBwFFj2h+U1z7m//vqADjifPU/lJdjfKDLLP4Y77Si2/x/AAAAAAAAAAAAAODATOWPJJ0r5gJPRZrOzUV8KiJOxmiyslpdno+IjyPiL5XRj7LlhWE3GgAAAAAAAAAAAAAAAAAAAI6Z9UeP7yxWq8trzYn/7co53onGXVC7F671UGbPxDfjPV8VyeD/LBMRMfSN0rfESFNOErGZbflD0bC19TgczcgTQ/7HBAAAAAAAAAAAAAAAAAAAJdQ097i9md8MuEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHjb9//vkliarL+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//6AzO/k=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000002540)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000140)={0x0, 0x2, 0xa, 0x7ec, 0x2000000000, 0x2000000000002, 0x3, 0x0, 0x7ffc})
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, &(0x7f0000000140)={0x0, 0xa, 0x0, 0x0, 0x2, 0x4, 0x28ab, 0x0, 0x4})

4m34.877248347s ago: executing program 1 (id=4105):
iopl(0x3)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)
syz_read_part_table(0x5f8, &(0x7f0000000bc0)="$eJzs0zGIU3ccB/Bf0jNXBRE7uTVchliXEzJer2BDfBwBcwSLDiK62SGLTh1iAoaKg2eHiOByDpbCGSq0TiKCIOLFQcgkinZREYciuFjFpuTu3XItB4UctPD5wHuP/+//+70vfx4v+F/Lxu/D4TATEcPJDdqGrdE9t778zVJl/1x+fl/9YEQmjkTE9+//+GG0k1kbTN86la6fpevSrYnG+aXk7EJ3+64b+Q8PsrEa0I5YuV72Lx8d5znZHLtP7bmTaQ923qzGlU9jeWZb4/CJXvGLbO/h+9H2n+nn3rJuLD+u/Ouz93ac6ZxMvsxFPEqaz5NX2bdvkgOXFqdzF1r14uu9ad+xcQWu0/h4KHft6t1y58XW0v1qrdb9+cnFQrNyu3N60C88fnfueNr3dKO/CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/4zdp/bc+Twz2HmzGleWv1qe2dY4fKJXLLd6D+d//frH/E9TkVnpm96k/Ouz93ac6ZxMFr6b/fZR0nyevMq+fZMcuLQ4nbvQqhdf7037jv3DbG4M+Y2Ph3LXrt4td15sLd2v1mrdLXGx0Kzc7pwe9AuP3507Hp/9Uq5GPJ0cxWXHkAgAAAAAAAAAAAAAAAAAAAB/V9k/l5/fVz8YkYkjETGzOPdkVB9Ormx/stY3lT6frdajdGuicX4pObvQ3b7rRv7Dg9/Sejsb0Y6Il/3LRzdOnticA/Gv/BUAAP//FI2HuA==")
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe4059d1ed18e2292, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaef3, 0x0, 0x2, 0x1a6}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
iopl(0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r1, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="660a0000000000006111690000000000850000000200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4m34.460317113s ago: executing program 1 (id=4107):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000001040)='./file0/../file0\x00', 0x0, 0x891018, 0x0)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x8c08, &(0x7f0000000cc0)=ANY=[], 0x1, 0x5c2, &(0x7f0000000e00)="$eJzs3M1u3MYdAPChLMULpXULBI0dx0AYJwf3YGV3VcsQ0oO3FCUx2V0uSCqQT0VQy6lQKS3qFmh88yVt0BY99Vzk2ifoG/Rp8gwquB+2vteKY29b/H6ANMPlf2b+QxEciFgyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhStaazVYUull/azs+W7JW5L1z9k/6+1f43r+HxUkLh36HKISo/gmNRrg2+ujaG89if1T/uhmujrauhkZdNMLj19/84YdvzM/VDReiKJyT0Cvx6IvHv/p0b2/nt7NO5DtwEF28zUbaz8o863U20jgr83h1ZaX5weZ6Ga9n3bS8X1ZpL06KtFPlRXwruRdCWF2O06X7+VZ/Y63TTeNbyY/j1urq3dvtZnMl/mhpkHaKMu9/8NFSmWxm3e4P5kKoY+rdt9vvhLv1ifhxVsVV2unF8cPdvZ3laUnWQa3nCWpPC2o32+1Wq91urdxZvXO32WyMz9anH8w3jwnHm8zP/qTllXstNP5cnyjDjck17rXv+loOF3WQ/G3WKQAAAAAvWTS8xx4N78tfG9bWs27aPBJzEJ3WsvGqUgQAAABe0PBf+6vjGwAhXAvRyf//AQAAgP9tfzr3GbsQRaEcXI4mj6oMtt+P9jt1rbN/afTRpeM9VuvXoyvjTobFyvx4K0lvRG+Ngt6aRH8zLh5OyyMqioXoyXMnMB9COJFA+Eu4Poq5/mBUPpjsGY2yuJ5106Uk737YCp3Olbkq3a5+//nuH0IoioNLX/V7V6LwcHdvZ+kXv957MMzlSd3Lk/3xNyROfFHi6MG4HA7l8runzz2OZ3zv6IwXhjdi6ll/1e8tjsZtHp7/3LD1wYk/6dl/gPBleHsU8/biqFw8Ov9GPWZr6ZTZH86iNdh+//J4sPHMFy6WxY1RzI1b79XFe7fGexYOZdGelkX78PEfHYswd4Ests7K4vCxWD4ni4Owu7ez/IJZAMzKw+Or0GjdDc/W/xPr7re4yk1Z3eslfOrq/supo3wZ3h3FvHt9/tlafOyK3py2rjSfc10P4fQs/hlu/uPvIWyFm5Pgs9bYety/HllVo/2v6wZfnxh38mXLstuO6o1Ll/d/E9589MXj27v7n36289nO5+328krzJ83mnXZYGE5jXFh7ADhFWnwTLVZ/jIoiG/y8tbra6lSbaVzkycdxka1tpHHWr9Ii2ez0N9J4UORVnuTduvJJtpaWcbk1GORFFa/nRTzIy2x7+OaXePzqlzLtdfpVlpSDbtop0zjJ+1UnqeK1rEziwdbPulm5mRbDxuUgTbL1LOlUWd6Py3yrSNKlOC7T9FBgtpb2q2w9q6v9eFBkvU5xP/4k72710ngtLZMiG1T5qMPJWFl/PS96w26XZn2wAeC/xKMwfoPd01fZXbgSGlNiThv3xN0DAOCVOb5KX551QgAAAAAAAAAAAAAAwAmHH9f76fihvBd+IvDcSiO8rJ7HlXuvn7brnZc76EUrIYT5lzrE5MVJM5/p/0elUVfmwqzTmLxn8dv2E4UQpgd/v46Z1RUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM72nwAAAP//TqmPYw==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000200)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfffffff7fffffffd)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
mount$bind(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0xc0000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000001000)='./file0/file0/file0\x00', 0x0, 0x0, 0x12f451, 0x0)
r5 = getpid()
chdir(&(0x7f0000000480)='./cgroup\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r6, &(0x7f0000000000)=ANY=[@ANYBLOB="08000000020001009a"], 0x0)
r7 = syz_pidfd_open(r5, 0x0)
setns(r7, 0x24020000)

4m34.058945298s ago: executing program 1 (id=4112):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0xf0ffffff, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100001400a0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r1=>0xffffffffffffffff})
setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000000)=0x7ffffffd, 0x4)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f00000000c0)=ANY=[@ANYBLOB="5300000007000046009d40", @ANYBLOB="fe4cecb210bc091b104f801f21ddeb"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})
write$binfmt_script(r1, 0x0, 0x6f4000)

4m33.812330572s ago: executing program 1 (id=4114):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="000000000000000008001a80100003800c0005800800000000000000100003803000018005000c000000000014000500714abbd25404007cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f696c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e8e0000c8008002500000000000500060000000000140019"], 0x270}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4m33.793933882s ago: executing program 32 (id=4114):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="000000000000000008001a80100003800c0005800800000000000000100003803000018005000c000000000014000500714abbd25404007cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f696c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e8e0000c8008002500000000000500060000000000140019"], 0x270}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3m53.198935983s ago: executing program 4 (id=4461):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x78, 0x30, 0x1, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @empty}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xbabd, 0x81, 0x10000000, 0x1, 0xfff}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x0) (fail_nth: 6)

3m52.876363327s ago: executing program 4 (id=4462):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r4, 0x0, 0x8000000000000}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x38}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0xfffffffe, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8464}]}}]}, 0x78}}, 0x4000080) (async, rerun: 32)
listen(r0, 0xdb0e) (rerun: 32)

3m52.875806097s ago: executing program 4 (id=4463):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
dup3(r2, r1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

3m50.762879495s ago: executing program 4 (id=4481):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_io_uring_setup(0x6f01, &(0x7f0000000140)={0x0, 0xfad6, 0x8, 0x0, 0x3}, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

3m50.264281182s ago: executing program 4 (id=4482):
r0 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x51c, &(0x7f0000002400)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY7dRpK0g+qqg1vdrTCYhZJIJmUndhKIpfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7tP/nEvmzH043BvAlfVSRLwdEWMR8WpETBfT0yLFXiflyz1+9P5inpLIsnf/lkRSTNvfVl4ej4gbxWqTEfH1r0R8Kzket7mzu7ZQr9e2inK1tb5Zbe7s3lldX1iprdQ25uZm786/Mf/6/ExWOFc7yxHx5pf+9KPv/+zLb/7qM9/+/b2/3P5OXq0vfKxT74hYPFeAHjrbLrX3xb58H21dRLAhydtTGht2LQAA6Ed+jP/hiPhk+/h/OsbaR3MAAADAKMnemop/JREZAAAAMLLSiJiKJK0UYwGmIk0rlc4Y3o/G9bTeaLY+vdzY3ljK50WUo5Qur9ZrM8VY4XKUkrw8W4yx3S+/dqQ8FxHPRcQPp6+1y5XFRn1p2Bc/AAAA4Iq48eLh8/9/TqftPAAAADBiyj0LAAAAwKhwyg8AAACjz/k/AAAAjLSvvvNOnrL993gvvbezvdZ4785SrblWWd9erCw2tjYrK43GSvuZfeunba/eaGx+Nja271dbtWar2tzZvbfe2N5o3Vs99ApsAAAA4BI99+KD3yURsff5a+0UxXMAAQ7547ArAAzS2LArAAzN+LArAAxN6dQl9BAw6pJT5h8fvNO5Vhi/vpj6AAAAg3fr48fv/08U806/NgD8PzPWBwCuHnf34OoqnXUE4M1B1wQYlg91Pp7pNb/nwzv6uP/fucaQZWeqGAAAMDBT7ZSkleI4fSrStFKJeLb9WoBSsrxar80U5we/nS49k5dn22smp44ZBgAAAAAAAAAAAAAAAAAAAAAAAAA6siyJDAAAABhpEemfk/bT/CNuTb8ydfjqwJG3fv303R/fX2i1tmYjJpK/T+eTJiKi9ZNi+muZVwIAAADAU6Bznl58zg67NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMmseP3l/cT5cZ969fjIhyt/jjMdn+nIxSRFz/RxLjB9ZLImJsAPH3PoiIm93iJ/Eky7JyUYtu8a9dcPxye9d0j59GxI0BxIer7EHe/7zd7fuXxkvtz+7fv/EinVfv/i/9b/831qP/efZIuZfnH/6i2jP+BxHPj3fvf/bjJ534h0LkhZf7bOM3v7G723XGgU12i38wVrW1vllt7uzeWV1fWKmt1Dbm5mbvzr8x//r8THV5tV4r/nYN84NP/PLJSe2/3iN++XD7j+3/V/pqfRb/fnj/0Uc6hVK3+Ldf7v77e7NH/LT47ftUkc/n39rP73XyB73w89+8cFL7l3q0f/KU9t/uq/3xuVe/9r0/dJ1zbG8AAJehubO7tlCv17ZOyEz2scwlZ956OqoxwEyctEySPAU1vNBM9t3O/+P5tnPO1Y9lsvOsPh4DqMbEse/pWJx1g0nEXr6tPv8hC3cnhtMzAQAAg/a/g/6T7iABAAAAAAAAAAAAAAAAAAAAF+mMjyWbjIi+Fz4ac284TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONF/AgAA//9BS9DT")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, 0x0, 0x0)
close(r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000a8850000000040000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sysinfo(&(0x7f0000000000)=""/52)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3, 0x0, 0x40000000fb0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b0000000800eb000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYRES32=r2], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r7=>0xffffffffffffffff})
sendmsg$unix(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1c0000000000000001000000020000", @ANYRES32=r6, @ANYRES32=0x0, @ANYRESOCT=r4, @ANYBLOB="000000001c000000000000000001000000", @ANYRES32=r5, @ANYRES32=r7, @ANYRES32=r5, @ANYRES8=r0, @ANYRESDEC=r2, @ANYRES8=r0, @ANYRES16, @ANYRES16=r4], 0x60}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x488c0)
r9 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r9, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
creat(&(0x7f0000000ac0)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r10=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r10, 0xee01)

3m50.149414573s ago: executing program 4 (id=4483):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000500)="2f966daced53", 0x6}], 0x1, 0x1, 0x4)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000440)={'syztnl2\x00', &(0x7f00000009c0)={'syztnl1\x00', <r1=>0x0, 0x4, 0x6, 0x1, 0x46, 0x26, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8000, 0x67675d567f6418a8, 0x3, 0x4}})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000a40)=0xffffffffffffffff, 0x4)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000ac0)='/sys/power/disk', 0x400402, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x6, 0x9, &(0x7f0000000940)=@raw=[@map_fd={0x18, 0x8, 0x1, 0x0, r0}, @alu={0x7, 0x0, 0x7, 0xa, 0x3, 0xfffffffffffffff4, 0x10}, @ldst={0x0, 0x3, 0x1, 0x5, 0x4, 0xfffffffffffffff4, 0xffffffffffffffff}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @jmp={0x5, 0x1, 0x1, 0x0, 0xb, 0xffffffffffffff9e, 0xff442ef693adb978}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}], &(0x7f0000000040)='syzkaller\x00', 0x800, 0x36, &(0x7f00000001c0)=""/54, 0x40f00, 0x40, '\x00', r1, 0x25, r5, 0x8, &(0x7f0000000a80)={0x0, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000b00)=[r6], &(0x7f0000000b40)=[{0x3, 0x1, 0xc, 0x9}, {0x1, 0x2, 0x7, 0xa}, {0x4, 0x4, 0x3, 0x2}, {0x4, 0x4, 0xd, 0x3}, {0x3, 0x4, 0x2, 0x9}, {0x1, 0x1, 0x7, 0x3}], 0x10, 0x4, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x50, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r7}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x4e4e971d01869b78, 0x88)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r8, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @c}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c"], 0x124}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x98, 0x9, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x7c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0x18, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @empty}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x6, 0x1a, ',\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0xa, 0x1a, '://\'$\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x11}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x24004000}, 0x40)
r10 = semget$private(0x0, 0x1, 0x100)
semop(r10, &(0x7f00000000c0)=[{0x0, 0xffff}, {0x2, 0x3ff}, {0x3, 0x4, 0x1000}, {0x2, 0xfff, 0x1000}, {0x3, 0x8}], 0x5)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

3m35.096521154s ago: executing program 33 (id=4483):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000500)="2f966daced53", 0x6}], 0x1, 0x1, 0x4)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000440)={'syztnl2\x00', &(0x7f00000009c0)={'syztnl1\x00', <r1=>0x0, 0x4, 0x6, 0x1, 0x46, 0x26, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8000, 0x67675d567f6418a8, 0x3, 0x4}})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000a40)=0xffffffffffffffff, 0x4)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000ac0)='/sys/power/disk', 0x400402, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x6, 0x9, &(0x7f0000000940)=@raw=[@map_fd={0x18, 0x8, 0x1, 0x0, r0}, @alu={0x7, 0x0, 0x7, 0xa, 0x3, 0xfffffffffffffff4, 0x10}, @ldst={0x0, 0x3, 0x1, 0x5, 0x4, 0xfffffffffffffff4, 0xffffffffffffffff}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @jmp={0x5, 0x1, 0x1, 0x0, 0xb, 0xffffffffffffff9e, 0xff442ef693adb978}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}], &(0x7f0000000040)='syzkaller\x00', 0x800, 0x36, &(0x7f00000001c0)=""/54, 0x40f00, 0x40, '\x00', r1, 0x25, r5, 0x8, &(0x7f0000000a80)={0x0, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000b00)=[r6], &(0x7f0000000b40)=[{0x3, 0x1, 0xc, 0x9}, {0x1, 0x2, 0x7, 0xa}, {0x4, 0x4, 0x3, 0x2}, {0x4, 0x4, 0xd, 0x3}, {0x3, 0x4, 0x2, 0x9}, {0x1, 0x1, 0x7, 0x3}], 0x10, 0x4, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x50, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r7}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x4e4e971d01869b78, 0x88)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r8, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @c}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c"], 0x124}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x98, 0x9, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x7c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0x18, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @empty}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x6, 0x1a, ',\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0xa, 0x1a, '://\'$\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x11}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x24004000}, 0x40)
r10 = semget$private(0x0, 0x1, 0x100)
semop(r10, &(0x7f00000000c0)=[{0x0, 0xffff}, {0x2, 0x3ff}, {0x3, 0x4, 0x1000}, {0x2, 0xfff, 0x1000}, {0x3, 0x8}], 0x5)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

1m59.441696539s ago: executing program 3 (id=5865):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001804", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)=@generic={0x0, r0}, 0x18)

1m59.438620719s ago: executing program 3 (id=5866):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='mm_page_free\x00', r0, 0x0, 0x1000}, 0x18)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000640)='/proc/cgroups\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20000023896)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r5)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r1, @ANYRES32=r4, @ANYRESOCT, @ANYRESDEC=r2], 0x50)
shutdown(r6, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'bond0\x00', <r10=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r11=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="21000000000000001800128008000100687372000c00028008000100", @ANYRES32=r10, @ANYBLOB="08000a00efd29cd05aef9a38bec3a1c877e162abe981397b2170bbf5d4d7421d0d8cf1715cbddef039a2e8cce5877a939eaeddd005efb7b185f0aaac0667fadd82db279ebd02794ad89eae7ab20574f2bc53993d863d5498f16e926fabd7c80e737b991d6f41000000000000", @ANYRES32=r11, @ANYBLOB], 0x40}}, 0x0)

1m59.182192923s ago: executing program 3 (id=5871):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
io_setup(0xacf, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, 0x0, &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="380100001000020080ffffff00000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000000d95d000000e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000202000000000000000048000200656362286369706865725f6e756c6c2900"/240], 0x138}, 0x1, 0xe}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000780)={[{@bsdgroups}, {@nodiscard}, {@oldalloc}, {@grpjquota}, {@nobarrier}, {@noquota}, {@abort}, {@nodiscard}, {@nodiscard}]}, 0x64, 0x50d, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZj06Y3ueqDXvB69V5Ji3Y3aWwbfKgVRJ8Kan2vMdmEkE02ZDdtE4qm+AEEERV80hdfBD+AIAVffBShoM+KiiLa6oMP2rns7iRN091k226zafb3g8mcc2Zm/+dsmNk5M4eZAAbWOxFxLSIep2l6PiLGsvJcNsV2a2qs9+jh3bnGlESa3vhnEklWtvNZSTY/k212KiK+9uWIbybPxq1tbi3PVirl9Sxfqq+slWqbWxeWVmYXy4vl1enpqcszV2YuzUz2pJ1nI+LqF//6g+/+7EtXf/WZ23+6+fdz32pUazRbvrcdzyl/0MJW0wvN72LvBusvGOw4yjdbmBlpt8bQMyX3XnGdAABor3GO/8GI+GREnI+xGDr4dBYAAAB4DaWfH43/JRFpe8MdygEAAIDXSK45BjbJFbOxAKORyxWLrTG8H47TuUq1Vv/0QnVjdb41VnY8CrmFpUp5MhsrPB6FpJGfaqaf5C/uy09HxJsR8f2xkWa+OFetzPf74gcAAAAMiDP7+v//GWv1/wEAAIATZrzfFQAAAABeOf1/AAAAOPn0/wEAAOBE+8r1640p3Xn/9fytzY3l6q0L8+XacnFlY644V11fKy5Wq4vNZ/atHPZ5lWp17bOxunGnVC/X6qXa5tbNlerGav3m0lOvwAYAAACO0Jsfv/+HJCK2PzfSnBqGu9u0y9WA4yq/m0qyeZvd+o9vtOZ/OaJKAUdiqN8VAPom3+8KAH1T6HcFgL5LDlnecfDOb7P5J3pbHwAAoPcmPtr5/n/uwC23D14MHHt2Yhhc7v/D4Gre/+92JK+TBThRCs4AYOC99P3/Q6Xpc1UIAADoudHmlOSK2eW90cjlisWIs83XAhSShaVKeTIi3oiI348VPtDITzW3TA7tMwAAAAAAAAAAAAAAAAAAAAAAAAAALWmaRAoAAACcaBG5vyW/bj3Lf2LsvdH91weGk/+ORfaK0Ns/vvHDO7P1+vpUo/xfu+X1H2XlF/txBQMAAAAGwnO9wH+nn77TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXnr08O7cznSUcf/xhYgYbxc/H6ea81NRiIjT/04iv2e7JCKGehB/pPHnI+3iJ41q7YZsF3+kB/G37x0YP8azb2F//OGIONOD+DDI7jeOP9fa7X+5eKc5b7//5SOeyr+ozse/2D3+DXU4/pztMsZbD35R6hj/XsRb+fbHn534SYf473YZ/xtf39rqtCz9ScRE29+f5KlYpfrKWqm2uXVhaWV2sbxYXp2enro8c2Xm0sxkaWGpUs7+to3xvY/98vFB7T/dIf74Ie1/r8v2///BnYcfaiUL7eKfe7dN/N/8NFvj2fi57LfvU1m6sXxiJ73dSu/19s9/9/ZB7Z/v0P7D/v/numz/+a9+589drgoAHIHa5tbybKVSXj+xiUYv/RhUQ+IYJr7d0w9M0zRt7FMv8TlJHIevpZno95EJAADotScn/f2uCQAAAAAAAAAAAAAAAAAAAAyuo3ic2P6Y27uppBeP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6In3AwAA///d8Nla")
unshare(0x42000000)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000880)=ANY=[@ANYBLOB="3e000b888f1bf8dbf320bb8f20c18e030000", @ANYRES16, @ANYBLOB="02000000000002000000020000000900010073797a30000000000500040002000000140002006d616373656330000000000000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20048000}, 0xc800)

1m57.216297438s ago: executing program 3 (id=5881):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000100)={[{@noquota}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x536, &(0x7f0000000680)="$eJzs3c9rJFkdAPBv9XRn50dmO6sedMF1dVdmFp3uycbdDR7WEURPC+J6H2PSE8J00iHd2Z2EgJm/QBBR0ZNevAj+AYIMePEowoCeFVYU0YweBHVKqrqSyWa6k56xtzs/Ph+oqVevqvr7Xg2vUq/qURXAmfViRNyIiIdpmr4SEdUiv1RMsd2dsu0e7GzNZ1MSafr235JIirzd30qK+aVit/MR8bWvRHwzeTxue2Pz9lyz2Vgrluud5dV6e2Pz2tLy3GJjsbEyMzP9+uwbs6/NXh9KPS9HxJtf+tP3vv3TL7/5y8+++8ebf7maVTsmi/X76/EEskNUPmyDbtUr+bHYle2w9hTBjqtyXsPChV5bpGmaPkyr+3LujqRkAAAclF3AfigiPhURr0Q1zh1+OQsAAACcQOkXJuM/SfcJTQ8TffIBAACAE6SUj4FNSrViLMBklEq1WncM70fiYqnZanc+c6u1vrJw/4eTETEVldKtpWbjejFWeCoqSbY8nacfLb96YHkmIp6LiO9WL+TLtflWc2HcNz8AAADgjLh0oP//z2q3/w8AAACcMlOPZ5XGUQ4AAADgg9Oj/w8AAACcMvr/AAAAcKp99a23sind/f71wjsb67db71xbaLRv15bX52vzrbXV2mKrtZi/s2/5qN9rtlqrn4uV9Tv1TqPdqbc3Nm8ut9ZXOjeX3vcJbAAAAGCEnvvEvd8nEbH9+Qv5lJkYd6GAkSjvpZJi3qP1/+HZ7vy9ERUKGIlzA2zz3jMjKAgwcuVxFwAYm8q4CwCMXXLE+r6Dd35TzD853PIAAADDd+Vj/Z//H/4NgG2fCIATTiOGs+vA8/+0Oq6CACOXP/8fdMCviwU4VSoDjQAETrP/+/n/kdL0iQoEAAAM3WQ+JaVacXtvMkqlWi3icv5ZgEpya6nZuB4Rz0bE76qVZ7Ll6XzP5Mg+AwAAAAAAAAAAAAAAAAAAAAAAAADQlaZJpIe5cehaAAAA4ASIKP05+VX3Xf5Xqi9PHrw/MJH8K/8k8EREvPujt79/Z67TWZvO8v++l9/5QZH/6jjuYAAAAAAH7fbTd/vxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBMD3a25h/sbKX/3tmaH2Xcv34xIqb24udTd005zufz81GJiIv/SKK8b78kIs4NIf723Yj4aK/4SVasvZC94l/44OPHVHEUesW/NIT4cJbdy84/N3q1v1K8mM97t79yxPuWn1b/81/snf/O9Wn/lweM8fz9n9f7xr8b8Xy59/lnN37SJ/5LURoo/je+vrnZb13644gr0Tv+/lj1zvJqvb2xeW1peW6xsdhYmZmZfn32jdnXZq/Xby01G8W/PWN85+O/eHhY/S/2iT91RP1fHqj2Ef+9f2fnw91kpVf8qy/1iP/rnxRbPB6/VPzt+3SRztZf2U1vd9P7vfCz375wWP0XHtW/8iT//1cHrP9QGgoAMDTtjc3bc81mY+0kJCpPs1fWSz8OhZc4folvDfUH0zRNszbVY9W9iBjkd5I4DoclT4z7zAQAAAzbo4v+cZcEAAAAAAAAAAAAAAAAAAAAzq4hvjNsot9r9g7G3N5LJd4MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcG/8LAAD//3uY3uY=")
r0 = fspick(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000140), 0x181084a, &(0x7f0000000440)={[{@mpol={'mpol', 0x3d, {'local', '', @void}}}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$getownex(r2, 0x10, &(0x7f0000000000)={0x0, <r6=>0x0})
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x5, 0x9, 0x83, 0x0, 0x0, 0x4, 0x40, 0x4, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x15f58, 0xffff}, 0x0, 0x293fa6ec, 0xa, 0x0, 0xffffffffffffefdb, 0x80000000, 0x8, 0x0, 0x10, 0x0, 0x2}, r6, 0x9, r4, 0xb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r5}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

1m56.742171295s ago: executing program 3 (id=5888):
preadv(0xffffffffffffffff, 0x0, 0x0, 0x1a, 0x0)
r0 = socket$kcm(0x10, 0xe, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x220, [0x0, 0x2, 0x0, 0x0, 0x4, 0x20000500], 0x7, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000011000000000000000000a22a30456b880000145b41fe69e3ffff78616d3000000000000000000000000079616d3000000000000000000000000076657468315f742f5f626f6e640000000180c20000000000000000000180c20000000800000000000000b100000067010000900100007374617469737469630000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000646e61740000060000000000ff0300000000000000000000000000000000000010000000000000000180c20000000000bb8e66505c1aa6d062c3b52cffffffff000000006e666c6f670000000000000000000000000000000000000050000000121b6eb244c4f0fffbf04a000000007e4b000022569e338e2c551c2fc4a19597ba4c501c8b1f16fb7809c40aeea768e825383d2afb577ed2bb6dd99fd43741089cca6edb0041555449540000000000000000000000000626967e000000000000000000000008000000000000200000000000000000840200"/544]}, 0x298)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)="d8000000180081084e81f782db44b904021d080006007c06e8fe55a10a0015400600142603600e120800060000000201a80016000800014003e01100036010fab94dcf5c0461c1d67f6f9400e08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef409001b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed1bffec62070000cbee5de6ccd44a677575a62cef352a92954b43370e9701ee1b6ec75a526c5d5b5701cf8773", 0xd8}], 0x1}, 0x400c0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1008002, &(0x7f0000000080)=ANY=[], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket(0x10, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r7}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYRESHEX=r6], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r7, &(0x7f00000002c0)="c180d405829eb5eb6d5911dd0058622b1a35479d1e989adab7ce49cfb1ab3dcbaf65776f18eb985a28e5c073", &(0x7f0000000a40)=""/99}, 0x20)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x6, 0x2, "9f2b"}, @TCA_NETEM_LOSS={0xfffffffffffffe4d}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9)
r11 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r11, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2}}, 0x2, 0x0, 0x0, 0x2}}, 0x2e)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000d9eb9e3a184a52122c661da52d7b7a097f7ace9b5fa2e2b673921bad82262c834611505e59dafc09fe1d4a1bf26e604d9159aa9977a7936e86fc45e3e27777", @ANYRES8=r11, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r12}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="796100000000000000007e000000330003006764c0b98823c5339b"], 0x1c}}, 0x4000054)

1m56.237526101s ago: executing program 3 (id=5892):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1m55.838099747s ago: executing program 34 (id=5892):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1m53.193751392s ago: executing program 6 (id=5905):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41101, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="3183000000010000000019"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886) (fail_nth: 1)

1m53.085470463s ago: executing program 6 (id=5907):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000004700000d00000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0)

1m53.025176085s ago: executing program 6 (id=5908):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x80000001}, 0x18)
write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f00000003c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @in6={0xa, 0x4e23, 0x6220, @private0, 0xfff}}}, 0x90)

1m52.915880866s ago: executing program 6 (id=5910):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000180)='./file1\x00', 0x804800, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYBLOB="6092034e5823f645654f6e8edfc3b8e1a948efb0d4b9a9d4c30f5dacb3c1a7ea2587d59165777f070017c2921e793ec5a1384e143b57bb832f14bb43afdef6cb4ed4960b6c732be46a927cdd8c57f93ee6c15401df91ebcbe4f9989843313ea9f243d4dc3d276b966b898100a620b69b543033b9b7bcd9069b9248fbdff46c4a49f094a61938776ce1a1d0f0c84cb7a84bf0b1e2ce5f38f95e11d5b1977ead80625337f66dc391089ab8573d008a4bd03f6f9f01406db632558ed25be4beecd844ac00e52f95c5dc96a1e4a25c80d56aebf6cb33914d6bc72a40bf2fc94efed2f941cf3e"], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000001400), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
preadv2(r3, 0x0, 0x0, 0x401, 0xffff, 0x8)
setxattr$trusted_overlay_opaque(&(0x7f0000000300)='./file2\x00', &(0x7f0000000400), &(0x7f0000000440), 0x2, 0x2)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000080)={'syztnl2\x00', <r5=>0x0, 0x29, 0x9, 0x3, 0x9, 0x20, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0x7, 0x700, 0x5, 0x5}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000140)={'erspan0\x00', <r6=>0x0, 0x7800, 0x8, 0xffffffff, 0x81, {{0x19, 0x4, 0x3, 0x6, 0x64, 0x67, 0x0, 0x4, 0x2f, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x20, 0x76, 0x0, 0x5, [0x6c, 0x0, 0x0, 0x8000, 0x8, 0x7fffffff, 0x4c4b5852]}, @rr={0x7, 0x13, 0xd9, [@broadcast, @broadcast, @loopback, @broadcast]}, @timestamp_prespec={0x44, 0x14, 0xff, 0x3, 0x9, [{@dev={0xac, 0x14, 0x14, 0x2d}, 0x1000}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7}]}, @timestamp={0x44, 0x8, 0xf4, 0x0, 0x5, [0x9]}]}}}}})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r9], 0x50}, 0x1, 0xba01}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000003c0)={'syztnl2\x00', &(0x7f00000004c0)={'ip_vti0\x00', r9, 0x8000, 0x40, 0xffffff7f, 0xffffb16d, {{0xe, 0x4, 0x1, 0x7, 0x38, 0x68, 0x0, 0xf7, 0x4, 0x0, @private=0xa010102, @broadcast, {[@ssrr={0x89, 0xf, 0xf4, [@remote, @local, @multicast1]}, @timestamp_prespec={0x44, 0xc, 0x7, 0x3, 0x9, [{@local, 0x3b7b}]}, @generic={0x83, 0x8, "667e2089f4be"}, @end]}}}}})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r3, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000000008000fedbdf25130000000900018008000100", @ANYRES32=r5, @ANYBLOB="08000300000000002000018008000100", @ANYRES32=r6, @ANYBLOB="14000200626f6e643000"/20], 0x48}, 0x1, 0x0, 0x0, 0x880}, 0x20048041)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x800, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_RX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000801}, 0x4040000)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)={0x54, r2, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}, {0xfffffee6, 0x8f, 0x1000000}, {0xc}}]}, 0x54}}, 0x0)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r10}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r12 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r12)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xfdef}], 0x1, 0x0, 0x0)

1m52.108867267s ago: executing program 6 (id=5915):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newnexthop={0x34, 0x68, 0x1, 0x0, 0x25dfdbfe, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@loopback}, @NHA_OIF={0x8, 0x5, r1}]}, 0x18}}, 0x0)

1m48.289249808s ago: executing program 6 (id=5956):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00m\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r5}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtaction={0x9c, 0x30, 0x48b, 0x0, 0x0, {}, [{0x88, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x1, 0x20}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xfffffffb}, @multicast2, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20008000}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000001000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmsg$unix(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000002c0)=""/14, 0xe}, {&(0x7f0000000740)=""/232, 0xe8}, {&(0x7f0000000400)=""/131, 0x83}, {&(0x7f0000000900)=""/136, 0x88}, {&(0x7f0000000640)=""/117, 0x75}, {&(0x7f0000000a40)=""/60, 0x3c}, {&(0x7f0000000a80)=""/45, 0x2d}, {&(0x7f0000000bc0)=""/203, 0xcb}], 0x8, &(0x7f0000000d80)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x80}, 0x892b4618e8d4452e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
readahead(0xffffffffffffffff, 0xfffffffffffffff8, 0x9)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="000004002daae558b17974f696", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xf, &(0x7f0000000e00)=ANY=[@ANYBLOB="0d00000000000000000000800000000018110000a45a57ddd9f7b7356d3576ce128f1bf8eba6bf60e02d7c2774ebcef8fd64ae40679dae0259621a3cd8bed97f85ac44e6d22ba62deffef03248386986", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r10}, 0x10)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80400, 0x0)
mkdirat(r11, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x408)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
syz_usb_connect$cdc_ecm(0x4, 0xf2, &(0x7f0000000ec0)=ANY=[@ANYBLOB="12011003020000202505a1a44000010203010902e00001010108030904000203020600090b240600001d1686b3d25405240000000d240f0109000000ff010900701524120600a317a88b045e4f01a607c0ffcb7e392a0524010103042402026c241301ec5ca9117cd0d0801889fa365556cb3b8f0f6b0fe1786d60266c7eed1bbcc429ca556102cfd229e59f39b69abae4455995ce9a9cc72964558fa57e88ae21843b097ecbe413497a3688355dd6ce290c8d9e6b4ac9de15c9e1b912c425122f3669a3443255b2fc3b4f052415080007240afd16060209058103400080010a09058202ff030709090905030220000008036d7adb77277ff172814f7a3afc8105ecc897edf861dcc9c27a0267b07776abeabd4738b06d0841518eb5f6f02274a4fce83ac3ba97f04096d41aa838b873b04d0823bdc9fa55dcba6c18e4a00e92"], &(0x7f0000000300)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0xe, 0x9, 0x0, 0xff, 0x3}, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="0d0f050000"]})
modify_ldt$write(0x1, 0x0, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

1m48.157674299s ago: executing program 35 (id=5956):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00m\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r5}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtaction={0x9c, 0x30, 0x48b, 0x0, 0x0, {}, [{0x88, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x1, 0x20}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xfffffffb}, @multicast2, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20008000}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000001000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmsg$unix(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000002c0)=""/14, 0xe}, {&(0x7f0000000740)=""/232, 0xe8}, {&(0x7f0000000400)=""/131, 0x83}, {&(0x7f0000000900)=""/136, 0x88}, {&(0x7f0000000640)=""/117, 0x75}, {&(0x7f0000000a40)=""/60, 0x3c}, {&(0x7f0000000a80)=""/45, 0x2d}, {&(0x7f0000000bc0)=""/203, 0xcb}], 0x8, &(0x7f0000000d80)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x80}, 0x892b4618e8d4452e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
readahead(0xffffffffffffffff, 0xfffffffffffffff8, 0x9)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="000004002daae558b17974f696", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xf, &(0x7f0000000e00)=ANY=[@ANYBLOB="0d00000000000000000000800000000018110000a45a57ddd9f7b7356d3576ce128f1bf8eba6bf60e02d7c2774ebcef8fd64ae40679dae0259621a3cd8bed97f85ac44e6d22ba62deffef03248386986", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r10}, 0x10)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80400, 0x0)
mkdirat(r11, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x408)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
syz_usb_connect$cdc_ecm(0x4, 0xf2, &(0x7f0000000ec0)=ANY=[@ANYBLOB="12011003020000202505a1a44000010203010902e00001010108030904000203020600090b240600001d1686b3d25405240000000d240f0109000000ff010900701524120600a317a88b045e4f01a607c0ffcb7e392a0524010103042402026c241301ec5ca9117cd0d0801889fa365556cb3b8f0f6b0fe1786d60266c7eed1bbcc429ca556102cfd229e59f39b69abae4455995ce9a9cc72964558fa57e88ae21843b097ecbe413497a3688355dd6ce290c8d9e6b4ac9de15c9e1b912c425122f3669a3443255b2fc3b4f052415080007240afd16060209058103400080010a09058202ff030709090905030220000008036d7adb77277ff172814f7a3afc8105ecc897edf861dcc9c27a0267b07776abeabd4738b06d0841518eb5f6f02274a4fce83ac3ba97f04096d41aa838b873b04d0823bdc9fa55dcba6c18e4a00e92"], &(0x7f0000000300)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0xe, 0x9, 0x0, 0xff, 0x3}, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="0d0f050000"]})
modify_ldt$write(0x1, 0x0, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

3.064924239s ago: executing program 7 (id=7854):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x51c, &(0x7f0000002400)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY7dRpK0g+qqg1vdrTCYhZJIJmUndhKIpfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7tP/nEvmzH043BvAlfVSRLwdEWMR8WpETBfT0yLFXiflyz1+9P5inpLIsnf/lkRSTNvfVl4ej4gbxWqTEfH1r0R8Kzket7mzu7ZQr9e2inK1tb5Zbe7s3lldX1iprdQ25uZm786/Mf/6/ExWOFc7yxHx5pf+9KPv/+zLb/7qM9/+/b2/3P5OXq0vfKxT74hYPFeAHjrbLrX3xb58H21dRLAhydtTGht2LQAA6Ed+jP/hiPhk+/h/OsbaR3MAAADAKMnemop/JREZAAAAMLLSiJiKJK0UYwGmIk0rlc4Y3o/G9bTeaLY+vdzY3ljK50WUo5Qur9ZrM8VY4XKUkrw8W4yx3S+/dqQ8FxHPRcQPp6+1y5XFRn1p2Bc/AAAA4Iq48eLh8/9/TqftPAAAADBiyj0LAAAAwKhwyg8AAACjz/k/AAAAjLSvvvNOnrL993gvvbezvdZ4785SrblWWd9erCw2tjYrK43GSvuZfeunba/eaGx+Nja271dbtWar2tzZvbfe2N5o3Vs99ApsAAAA4BI99+KD3yURsff5a+0UxXMAAQ7547ArAAzS2LArAAzN+LArAAxN6dQl9BAw6pJT5h8fvNO5Vhi/vpj6AAAAg3fr48fv/08U806/NgD8PzPWBwCuHnf34OoqnXUE4M1B1wQYlg91Pp7pNb/nwzv6uP/fucaQZWeqGAAAMDBT7ZSkleI4fSrStFKJeLb9WoBSsrxar80U5we/nS49k5dn22smp44ZBgAAAAAAAAAAAAAAAAAAAAAAAAA6siyJDAAAABhpEemfk/bT/CNuTb8ydfjqwJG3fv303R/fX2i1tmYjJpK/T+eTJiKi9ZNi+muZVwIAAADAU6Bznl58zg67NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMmseP3l/cT5cZ969fjIhyt/jjMdn+nIxSRFz/RxLjB9ZLImJsAPH3PoiIm93iJ/Eky7JyUYtu8a9dcPxye9d0j59GxI0BxIer7EHe/7zd7fuXxkvtz+7fv/EinVfv/i/9b/831qP/efZIuZfnH/6i2jP+BxHPj3fvf/bjJ534h0LkhZf7bOM3v7G723XGgU12i38wVrW1vllt7uzeWV1fWKmt1Dbm5mbvzr8x//r8THV5tV4r/nYN84NP/PLJSe2/3iN++XD7j+3/V/pqfRb/fnj/0Uc6hVK3+Ldf7v77e7NH/LT47ftUkc/n39rP73XyB73w89+8cFL7l3q0f/KU9t/uq/3xuVe/9r0/dJ1zbG8AAJehubO7tlCv17ZOyEz2scwlZ956OqoxwEyctEySPAU1vNBM9t3O/+P5tnPO1Y9lsvOsPh4DqMbEse/pWJx1g0nEXr6tPv8hC3cnhtMzAQAAg/a/g/6T7iABAAAAAAAAAAAAAAAAAAAAF+mMjyWbjIi+Fz4ac284TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONF/AgAA//9BS9DT")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, 0x0, 0x0)
close(r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000a8850000000040000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sysinfo(&(0x7f0000000000)=""/52)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0x40000000fb0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b0000000800eb000c"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYRES32=r1], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
sendmsg$unix(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700), 0x0, 0x0, 0x60}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x488c0)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
creat(&(0x7f0000000ac0)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r7, 0xee01)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000840)='system.posix_acl_access\x00', 0x0, 0x0, 0x2)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2226021, 0x0)

2.9769447s ago: executing program 8 (id=7856):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
r1 = pidfd_getfd(r0, r0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000780)=<r2=>0x0)
sendmmsg(r0, &(0x7f0000000fc0)=[{{&(0x7f00000000c0)=@isdn={0x22, 0x7f, 0x3, 0xf7, 0xc2}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)="04a64df746ad4e57113129c6", 0xc}, {&(0x7f0000000180)="7601b7ce7b5b96a6582f7c29aa110eaa313cd05186983d5238b3731c23aba5a54db5f9636c07bb721e2e3065d2c062c575cf6f119ee13fb50bc303ec4d10c1ee3f713fb19d3401398b4ae601f3f77797e28c0657a2e4b06e5253530fbc26c2ba575d4a1c7c40d778a7b2e0e372606a43d718f3ebed4a614e807d7dbc7ca21c1373eede93f24e8dfa971a113b729a4923c3390b7a058848ce2e10d5dc4bf986b0dc158bff9a11e7228e23e9", 0xab}, {&(0x7f0000000240)}], 0x3}}, {{&(0x7f00000002c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x3, 0x3, 0x4, 0x2, {0xa, 0x4e21, 0x80000000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x4}}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000440)="52e8680328122798f1e4a96b978f49c0c809263f203bd410b5c8542f9ab14e06798c0ef75bf9729acd022919d8670c5b922d16445ab87539bad43bd826d987c09732b6a43acdb3a80c7d7aa20a22820ea0625ba7d47a92e44c1f22c2514613a9fd10539576df5bff9cd45c563bd9637cfd4a8d646d5264737571683c5c4f8d6a712506c214dd856ea66fc05d9b07cd68692b5b1df5611fe053e4f70dbcc14c2b2d9d27dd1e598f81040228bef6da35d003f6", 0xb2}], 0x1, &(0x7f0000000500)=[{0x10, 0x11a, 0x1}, {0x30, 0x88, 0x8, "e72d472c539e09b071515f920943d9ec792348e5d69c0efe6f1c32"}, {0x100, 0x10b, 0xfab1, "8f9b6d9aef87ab4780c047d78d1e7943a1aef353be2c8398c165d96ede6ca9292f72a7b6d2db77f6b3040175b12c54bcabd4ab4437e999d9d90629d0c1e9912fce66aa68df4f5dd8a66a4cf429e01325fe5dcbbd724841a8ac189f607446188221ef01692f5df8748cd19aed938fc220da90cca1a950553fcfbe21f06aaace102da8c271a0cf35fe008091fd0919c326629fc95749dc8f533627e79ee7331b3f306e3ae80c1e74ef5f0a4272e1cf935537bf5af64e65b8e80ede11510618e68e2f1599bfe53e564abfe3ef19d76201813abae73f997c6d1ba6e90de1971193c964a79e68cfe5879864eac4ce6fb17c"}, {0xe8, 0x196, 0x4, "387a96377435381c5dc7311726692a77837b8f357f811216ce307f184706be7b7c4038b329fefbc8c4abd1e57d153c10eac971aa7b0e9f452a827c9ec60c608e8484f5633e9ca51c57c2f36ffa2e9487e6bf2955ea3059def93a08abf8c982f8474966047e0f5ab044d1bf40385258f0841ab139c23139843794c8a5aba25be4f2ba8cdfd31a365f4d9ac931bcbe6dd3e8e994b41e03cde57959b8f6cab7de549b4d3b2789ee7b93348e03db8faa65aebe4a52f049896e791cc3d99c27be00f256a77dd304f35fb94e5eed3910eddb753c"}, {0x28, 0x10f, 0x2, "47638f48cb3ede8a4852b1be822f30846e"}], 0x250}}, {{&(0x7f00000007c0)=@nfc={0x27, r2, 0x1, 0x4}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000840)="8422e88f2e54cb08772ca3f090b946c0d18d1a15ef79513945ebd81b69b2ade503b730362d5fa64a2f19e2f60bd7248487c5ae614a5b7bed55fa", 0x3a}], 0x1, &(0x7f00000008c0)}}], 0x3, 0x4)
fallocate(r0, 0x10, 0x3, 0x5)

2.797321623s ago: executing program 8 (id=7857):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000005c0)={[{@discard}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
unshare(0x42000000)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
getgroups(0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x40000000000000}, 0x18)
ioctl$EVIOCGRAB(r2, 0x40044590, &(0x7f0000000200)=0x7ffc)
sendfile(r1, r0, 0x0, 0x7ffff000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)

2.672161835s ago: executing program 7 (id=7858):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000005c0)={[{@discard}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
unshare(0x42000000)
syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
getgroups(0x0, 0x0)
syz_open_procfs$userns(0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r3, 0x0, 0x40000000000000}, 0x18)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0)
sendfile(r1, r0, 0x0, 0x7ffff000)

2.29376846s ago: executing program 2 (id=7863):
r0 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x100000000000600d, 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

2.201838961s ago: executing program 2 (id=7864):
r0 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

2.043894813s ago: executing program 2 (id=7867):
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x3810744, &(0x7f0000000100)={[{@noauto_da_alloc}, {@dioread_lock}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {}, {@nodiscard}, {@sysvgroups}, {@nojournal_checksum}, {@noauto_da_alloc}, {@minixdf}]}, 0x1, 0x479, &(0x7f0000000480)="$eJzs3M9vFFUcAPDvTLdAEGlF/AGiVtHY+IPSgsrBi0YTD5qY6AGPtS0EKdTQmgghshqDR0PinRhP/guePBnjycSrXo0hIUpM+HFxzezMwO52t9KyZdvu55Ms+97Oe/Pmy5u3+2YeQwB9ayT7I4nYFhG/RcRQnm0uMJK/Xbtydur6lbNTSdRq7/6V1MtdvXJ2qixa1runyIymEekXSdFIs/nTZ45Pzs7OnCryYwsnPhqbP33mhWMnJo/OHJ05OXHo0MED4y+/NPFiV+LMjunq7k/n9ux68/0Lb08dvvDBlqbtjXF0y0gW+N+1utZtT3e7sR77t3YrzqTS66Phdg1ERNZdg/XxPxQDcavzhuKNz3t6cMCqyr6z/2j9cPBmqloDNrAkVlQtVlYNWDvKH/rs+rd83cXpR89dfjW/AMrivla88i2VSIu/oMFVbH8kIg5Xb1zMXtFyH6LW5r4BAMCd+iGb/zy/eP6XRMSDDeWSYm1oOCLui4gdEXF/ROyMiAeKsg9FxMPLbL91aWjx/DO9tMLQbks2/3ulWNtqnv+lZZHhgSJ3bz3+weTIsdmZ/RGxPSJGY3Bzlh9vt/NyF6//+lWn9hvnf4er+XGUc8FiJ5cqmxsqnPs2f+/SpPTyZxG7K+3iT+orAUnUalnf74qI3cvb9fYycezZ7/Z0KtQc/42Li+NfQhfWmWrfRDyT9381WuIvJUuvT45tidmZ/WPlWbHYz7+cf6dT+3cUfxdk/b+1+fxvKTH0T9K4Xju//DbO//5lx2vKyv/G33L+R8T05MLkpuS9+pr1puKzTyYXFk6NR2xK3qrnmz6fuFW3zJfls/hH97Yf/zuKOln8j0REdhI/GhGPRcTjRd89ERFPRsTeJeL/6bWnPuy0bS30/3Tb77+b5/9wc/8vPzFw/MfvO7W/ZPz1b5Cs/w/Ws6NFnaz/89SWjnF1PpyyzkrPZgAAAFh/0ojYFkm672Y6Tffty/+9/M7Yms7OzS88d2Tu45PT+TMCwzGYlne6hhruh44n1WKPeX6iuFdcbj9Q3Df+urytMDU3O93DuIF8nLcb/5k/B3p9dMCq87wW9K/W8Z/26DiAu+92f/9dD8DGs9L5v3kCrH+u/6F/tRv/51ry5v6wMfn9h/5l/EP/Wjz+k+vN/z0QsFH5/Ye+dCfP9a9WorLE0/sSayUR6ao1UV0TAa7jRKULo7vHX0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd8l8AAAD//9z/+G0=")
r0 = open(&(0x7f0000001b80)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x20000008)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940))
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/unix\x00')
lseek(r1, 0x38, 0x0)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = dup(r2)
connect$phonet_pipe(r2, &(0x7f0000000100)={0x23, 0x8, 0x4}, 0x10)
connect$netlink(r3, &(0x7f00000006c0)=@kern={0x10, 0x0, 0x0, 0x10000000}, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)

2.043290253s ago: executing program 0 (id=7868):
r0 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x51c, &(0x7f0000002400)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY7dRpK0g+qqg1vdrTCYhZJIJmUndhKIpfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7tP/nEvmzH043BvAlfVSRLwdEWMR8WpETBfT0yLFXiflyz1+9P5inpLIsnf/lkRSTNvfVl4ej4gbxWqTEfH1r0R8Kzket7mzu7ZQr9e2inK1tb5Zbe7s3lldX1iprdQ25uZm786/Mf/6/ExWOFc7yxHx5pf+9KPv/+zLb/7qM9/+/b2/3P5OXq0vfKxT74hYPFeAHjrbLrX3xb58H21dRLAhydtTGht2LQAA6Ed+jP/hiPhk+/h/OsbaR3MAAADAKMnemop/JREZAAAAMLLSiJiKJK0UYwGmIk0rlc4Y3o/G9bTeaLY+vdzY3ljK50WUo5Qur9ZrM8VY4XKUkrw8W4yx3S+/dqQ8FxHPRcQPp6+1y5XFRn1p2Bc/AAAA4Iq48eLh8/9/TqftPAAAADBiyj0LAAAAwKhwyg8AAACjz/k/AAAAjLSvvvNOnrL993gvvbezvdZ4785SrblWWd9erCw2tjYrK43GSvuZfeunba/eaGx+Nja271dbtWar2tzZvbfe2N5o3Vs99ApsAAAA4BI99+KD3yURsff5a+0UxXMAAQ7547ArAAzS2LArAAzN+LArAAxN6dQl9BAw6pJT5h8fvNO5Vhi/vpj6AAAAg3fr48fv/08U806/NgD8PzPWBwCuHnf34OoqnXUE4M1B1wQYlg91Pp7pNb/nwzv6uP/fucaQZWeqGAAAMDBT7ZSkleI4fSrStFKJeLb9WoBSsrxar80U5we/nS49k5dn22smp44ZBgAAAAAAAAAAAAAAAAAAAAAAAAA6siyJDAAAABhpEemfk/bT/CNuTb8ydfjqwJG3fv303R/fX2i1tmYjJpK/T+eTJiKi9ZNi+muZVwIAAADAU6Bznl58zg67NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMmseP3l/cT5cZ969fjIhyt/jjMdn+nIxSRFz/RxLjB9ZLImJsAPH3PoiIm93iJ/Eky7JyUYtu8a9dcPxye9d0j59GxI0BxIer7EHe/7zd7fuXxkvtz+7fv/EinVfv/i/9b/831qP/efZIuZfnH/6i2jP+BxHPj3fvf/bjJ534h0LkhZf7bOM3v7G723XGgU12i38wVrW1vllt7uzeWV1fWKmt1Dbm5mbvzr8x//r8THV5tV4r/nYN84NP/PLJSe2/3iN++XD7j+3/V/pqfRb/fnj/0Uc6hVK3+Ldf7v77e7NH/LT47ftUkc/n39rP73XyB73w89+8cFL7l3q0f/KU9t/uq/3xuVe/9r0/dJ1zbG8AAJehubO7tlCv17ZOyEz2scwlZ956OqoxwEyctEySPAU1vNBM9t3O/+P5tnPO1Y9lsvOsPh4DqMbEse/pWJx1g0nEXr6tPv8hC3cnhtMzAQAAg/a/g/6T7iABAAAAAAAAAAAAAAAAAAAAF+mMjyWbjIi+Fz4ac284TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONF/AgAA//9BS9DT")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, 0x0, 0x0)
close(r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000a8850000000040000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sysinfo(&(0x7f0000000000)=""/52)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3, 0x0, 0x40000000fb0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b0000000800eb"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYRES32=r2], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r6=>0xffffffffffffffff})
sendmsg$unix(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1c0000000000000001000000020000", @ANYRES32, @ANYRES32=0x0, @ANYRESOCT=r4, @ANYBLOB="000000001c000000000000000001000000", @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r5, @ANYRES8=r0, @ANYRESDEC=r2, @ANYRES8=r0, @ANYRES16, @ANYRES16=r4], 0x60}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x488c0)
r7 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r7, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
creat(&(0x7f0000000ac0)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r8, 0xee01)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000840)='system.posix_acl_access\x00', 0x0, 0x0, 0x2)
setsockopt$inet_msfilter(r7, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2226021, 0x0)

1.859561705s ago: executing program 2 (id=7870):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7040000010000008500000078"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x22020600)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")

1.856615485s ago: executing program 8 (id=7871):
r0 = semget$private(0x0, 0x6, 0x3b1)
semtimedop(r0, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
semctl$IPC_RMID(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x0, 0x42, 0x0, 0x0, 0x8000, 0x0, @void, @value}, 0x28)

1.825089126s ago: executing program 0 (id=7872):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6185, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
io_setup(0x8, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
connect$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e24, @remote}, 0x10)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={0x5c, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x28}]}]}, 0x5c}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000800)='net/ip_vs_stats\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3}}, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000001000010003000000000000000000000a4a65e9705978993ed6d7347c1833b4f4279e2e4b83dec96f32d692526a87046ad2011b4d25ee7db9e5"], 0x28}}, 0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)

1.704836347s ago: executing program 0 (id=7873):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
sendmsg$inet(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x2000c051)
recvmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x2000)

1.627500758s ago: executing program 7 (id=7874):
r0 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x100000000000600d, 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

1.603710889s ago: executing program 2 (id=7875):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000005c0)={[{@discard}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
unshare(0x42000000)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
getgroups(0x0, 0x0)
syz_open_procfs$userns(0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendfile(r1, r0, 0x0, 0x7ffff000)

1.51620669s ago: executing program 7 (id=7876):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
openat$autofs(0xffffffffffffff9c, 0x0, 0x640940, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000e40)='\b', 0x1}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff00000040000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00_\a\x00\x00\x00\x00'], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0xfc, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_bp={0x0, 0xe}, 0x1100, 0x5dd8, 0x3, 0x2, 0x0, 0x8, 0xff7b, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r0, 0x8)
io_setup(0x206, &(0x7f0000000200))
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000980)={0x6}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000005a00010000000000040000000a00000008000100ac1414"], 0x1c}}, 0x8000)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)

1.286119473s ago: executing program 7 (id=7877):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f00000008c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="2c000000000000000000000007000000441c05eb"], 0x30}, 0x40880)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, @perf_bp={0x0}, 0x0, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_bp={0x0, 0x1}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000080)={[{@i_version}, {@mblk_io_submit}, {@init_itable_val={'init_itable', 0x3d, 0xba}}, {@nombcache}, {@discard}, {@data_err_abort}], [{@seclabel}]}, 0x1, 0x43d, &(0x7f0000000900)="$eJzs281vG0UbAPBn7SR9+/FSU5WPpgUCBRHxkTRpKT1wAYHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFrgYrTZ3cR27LQOTlzw7ydtMrM7zszj3bFnZ7IB9K2R9EcSsS8ifomI/Vm2scBI9uvmytL0HytL00nUaq//nqyWu7GyNF0ULV63t8gMRJQ+TuJwi3oXLl0+N1Wtzl7M8+OL598ZX7h0+em581NnZ8/OXpg8derE8YlnT04+05U407huDL8/f+TQy29efXX69NW3fvgqKeJviqNLRjY7+Fit1uXqeuv/delkoIcNoSPlrJvG4Gr/3x/lWD95++Olj3raOGBb1Wq12r3tDy/XgP+wJHrdAqA3ii/69P632HZo6HFHuP58dgOUxn0z37IjA1HKyww23d9200hEnF7+8/N0i+2ZhwAAaPBNOv55Kh//NSz8lKJ+XuiufA2lEhF3R8SBiDgZEQcj4p6I1bL3RcT9HdbfvEiycfxTutbhn+xIOv57Ll/bahz/FaO/qJQj/iqGy5UYTM7MVWeP5e/JaAzuSvMTm9Tx7Ys/f9ruWP34L93S+ouxYN6OawO7Gl8zM7U49U9irnf9w4jhgVbxJ2srAellcSgihrdYx9wTXx5pd+zW8Tcaqs90YZ2p9kXE49n5X46m+AvJ5uuT4/+L6uyx8eKq2OjHn6681q7+TuPvtvT872l5/a/FX0nq12sXOq/jyq+ftL2n2er1P5S80bDvvanFxYsTEUPJK1mj6/dPNpWbXC+fxj96tHX/PxDr78ThiEgv4gci4sGIeChv+8MR8UhEHN0k/u9fePTtxj1JB/FvrzT+mY7O/3piKJr3tE6Uz333dUOllegg/vT8n1hNjeZ7bufz73batbWrGQAAAP59ShGxL5LS2Fq6VBoby/6H/2DsKVXnFxafPDP/7oWZ7BmBSgyWipmubD44mw+dyG/ri/xkU/54Pm/8WXn3an5ser460+vgoc/tbdP/U7+Ve906YNt5Xgv6l/4P/Uv/h/6l/0P/atH/d/eiHcDOa/X9/0EP2gHsvKb+b9kP+oj7f+hf+j/0L/0f+tLC7rj1Q/ISEhsSUbojmiGxTYlefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0x98BAAD///1B6is=")
lchown(&(0x7f00000006c0)='./file0\x00', 0x0, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0)
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
syz_open_pts(r2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0900000004000000563c000001"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x89901)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, &(0x7f0000000380)={0x40, {{0x2, 0x4e23, @empty}}}, 0x88)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800aa24fdf00000000000000006000000000000850000006d000000", @ANYRES8=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7, 0x0, 0x2}, 0x18)
syz_emit_ethernet(0x146, &(0x7f0000001000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004c0001380066000002019078ac14140fac1414bb441430b3dd2ab6074a96b839ac1e0001000000077f00000100000006891b50ac1414bb000000000a010102ac1414bbe000000143000000010705d977dc060e837f074d88ef3c7bb3fffda70508d9f3b5f6e63d0712995f742b76772fc2e14e884b82598f9e05020708bc114766eb94000660dd535800861900000002050474ce010fd9d70a5b3162a7937b30791e78442cae0000000061000000810000000900000003000000040000000000000005000001c20000000900000ffd444c89817f00000100001000ac14141000000aafe0000002000003f36401010000000008ac1e000100000003ac1414bb000000ffac1e000100000005ac1414aa00000000e0000002000000040144148ba1ac1414bb526fea75ffffffff0000000000000011009078000000050000000000a16b1ac7460911d6b8e834c7a4fcc031c85beb4e0e22ed3b471af7b43563f801f96237efbbd85835cd52397183a8c2339ad6f61b28f35f7dba1761bfe6bc30419c174f41dfd1ed7f10dd6a7edef65cb3cabed1741b66cf828420358e96dcc9d64735620c18fdbe6796fce6706279ff51f1401e593a3c72633b13ce9ebf44e24e1fc346df9e7e8f64dfa9e2623c344ac911b95972db90a8715fc7456f3057f21ca1761d0bd85c33e78912dd56fead3ae7e94f3d569e4e1c88f2"], 0x0)

1.113007106s ago: executing program 5 (id=7878):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6185, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
io_setup(0x8, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
connect$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e24, @remote}, 0x10)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={0x54, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x28}]}]}, 0x54}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000800)='net/ip_vs_stats\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3}}, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000001000010003000000000000000000000a4a65e9705978993ed6d7347c1833b4f4279e2e4b83dec96f32d692526a87046ad2011b4d25ee7db9e5"], 0x28}}, 0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)

1.071888266s ago: executing program 5 (id=7879):
r0 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8, 0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

988.190777ms ago: executing program 5 (id=7880):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00m\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r5}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtaction={0x9c, 0x30, 0x48b, 0x0, 0x0, {}, [{0x88, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x1, 0x20}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xfffffffb}, @multicast2, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20008000}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000001000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmsg$unix(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000002c0)=""/14, 0xe}, {&(0x7f0000000740)=""/232, 0xe8}, {&(0x7f0000000400)=""/131, 0x83}, {&(0x7f0000000840)=""/145, 0x91}, {&(0x7f0000000900)=""/136, 0x88}, {&(0x7f0000000640)=""/117, 0x75}, {&(0x7f0000000a40)=""/60, 0x3c}, {&(0x7f0000000a80)=""/45, 0x2d}, {&(0x7f0000000bc0)=""/203, 0xcb}], 0x9, &(0x7f0000000d80)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x80}, 0x892b4618e8d4452e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
readahead(0xffffffffffffffff, 0xfffffffffffffff8, 0x9)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="000004002daae558b17974f696", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xf, &(0x7f0000000e00)=ANY=[@ANYBLOB="0d00000000000000000000800000000018110000a45a57ddd9f7b7356d3576ce128f1bf8eba6bf60e02d7c2774ebcef8fd64ae40679dae0259621a3cd8bed97f85ac44e6d22ba62deffef03248386986", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r10}, 0x10)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80400, 0x0)
mkdirat(r11, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x408)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1)
syz_usb_connect$cdc_ecm(0x4, 0xf2, &(0x7f0000000ec0)=ANY=[@ANYBLOB="12011003020000202505a1a44000010203010902e00001010108030904000203020600090b240600001d1686b3d25405240000000d240f0109000000ff010900701524120600a317a88b045e4f01a607c0ffcb7e392a0524010103042402026c241301ec5ca9117cd0d0801889fa365556cb3b8f0f6b0fe1786d60266c7eed1bbcc429ca556102cfd229e59f39b69abae4455995ce9a9cc72964558fa57e88ae21843b097ecbe413497a3688355dd6ce290c8d9e6b4ac9de15c9e1b912c425122f3669a3443255b2fc3b4f052415080007240afd16060209058103400080010a09058202ff030709090905030220000008036d7adb77277ff172814f7a3afc8105ecc897edf861dcc9c27a0267b07776abeabd4738b06d0841518eb5f6f02274a4fce83ac3ba97f04096d41aa838b873b04d0823bdc9fa55dcba6c18e4a00e92"], &(0x7f0000000300)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0xe, 0x9, 0x0, 0xff, 0x3}, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="0d0f050000"]})
modify_ldt$write(0x1, 0x0, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

884.400759ms ago: executing program 8 (id=7881):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0) (fail_nth: 1)

662.421621ms ago: executing program 2 (id=7882):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000005c0)={[{@discard}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
unshare(0x42000000)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_open_procfs$userns(0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x40000000000000}, 0x18)
ioctl$EVIOCGRAB(r2, 0x40044590, &(0x7f0000000200)=0x7ffc)
sendfile(r1, r0, 0x0, 0x7ffff000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)

662.132961ms ago: executing program 8 (id=7883):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
r1 = pidfd_getfd(r0, r0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000780)=<r2=>0x0)
sendmmsg(r0, &(0x7f0000000fc0)=[{{&(0x7f00000000c0)=@isdn={0x22, 0x7f, 0x3, 0xf7, 0xc2}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)="04a64df746ad4e57113129c6", 0xc}, {&(0x7f0000000180)="7601b7ce7b5b96a6582f7c29aa110eaa313cd05186983d5238b3731c23aba5a54db5f9636c07bb721e2e3065d2c062c575cf6f119ee13fb50bc303ec4d10c1ee3f713fb19d3401398b4ae601f3f77797e28c0657a2e4b06e5253530fbc26c2ba575d4a1c7c40d778a7b2e0e372606a43d718f3ebed4a614e807d7dbc7ca21c1373eede93f24e8dfa971a113b729a4923c3390b7a058848ce2e10d5dc4bf986b0dc158bff9a11e7228e23e9", 0xab}, {&(0x7f0000000240)}], 0x3}}, {{&(0x7f00000002c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x3, 0x3, 0x4, 0x2, {0xa, 0x4e21, 0x80000000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x4}}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000440)="52e8680328122798f1e4a96b978f49c0c809263f203bd410b5c8542f9ab14e06798c0ef75bf9729acd022919d8670c5b922d16445ab87539bad43bd826d987c09732b6a43acdb3a80c7d7aa20a22820ea0625ba7d47a92e44c1f22c2514613a9fd10539576df5bff9cd45c563bd9637cfd4a8d646d5264737571683c5c4f8d6a712506c214dd856ea66fc05d9b07cd68692b5b1df5611fe053e4f70dbcc14c2b2d9d27dd1e598f81040228bef6da35d003f6", 0xb2}], 0x1, &(0x7f0000000500)=[{0x10, 0x11a, 0x1}, {0x30, 0x88, 0x8, "e72d472c539e09b071515f920943d9ec792348e5d69c0efe6f1c32"}, {0x100, 0x10b, 0xfab1, "8f9b6d9aef87ab4780c047d78d1e7943a1aef353be2c8398c165d96ede6ca9292f72a7b6d2db77f6b3040175b12c54bcabd4ab4437e999d9d90629d0c1e9912fce66aa68df4f5dd8a66a4cf429e01325fe5dcbbd724841a8ac189f607446188221ef01692f5df8748cd19aed938fc220da90cca1a950553fcfbe21f06aaace102da8c271a0cf35fe008091fd0919c326629fc95749dc8f533627e79ee7331b3f306e3ae80c1e74ef5f0a4272e1cf935537bf5af64e65b8e80ede11510618e68e2f1599bfe53e564abfe3ef19d76201813abae73f997c6d1ba6e90de1971193c964a79e68cfe5879864eac4ce6fb17c"}, {0xe8, 0x196, 0x4, "387a96377435381c5dc7311726692a77837b8f357f811216ce307f184706be7b7c4038b329fefbc8c4abd1e57d153c10eac971aa7b0e9f452a827c9ec60c608e8484f5633e9ca51c57c2f36ffa2e9487e6bf2955ea3059def93a08abf8c982f8474966047e0f5ab044d1bf40385258f0841ab139c23139843794c8a5aba25be4f2ba8cdfd31a365f4d9ac931bcbe6dd3e8e994b41e03cde57959b8f6cab7de549b4d3b2789ee7b93348e03db8faa65aebe4a52f049896e791cc3d99c27be00f256a77dd304f35fb94e5eed3910eddb753c"}, {0x28, 0x10f, 0x2, "47638f48cb3ede8a4852b1be822f30846e"}], 0x250}}, {{&(0x7f00000007c0)=@nfc={0x27, r2, 0x1, 0x4}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000840)="8422e88f2e54cb08772ca3f090b946c0d18d1a15ef79513945ebd81b69b2ade503b730362d5fa64a2f19e2f60bd7248487c5ae614a5b7bed55fa", 0x3a}], 0x1, &(0x7f00000008c0)=[{0x10, 0xff, 0x62}], 0x10}}], 0x3, 0x4)
fallocate(r0, 0x10, 0x3, 0x5)

654.923102ms ago: executing program 0 (id=7884):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a51220c41b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41bcde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f392a38052f859ab5600000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x18)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, 0x0, 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_tos={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
pipe2(&(0x7f0000001cc0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

604.462762ms ago: executing program 8 (id=7885):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, 0x0, 0x10001)
sendmsg$inet(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x2000c051)
recvmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x2000)

526.897763ms ago: executing program 0 (id=7886):
r0 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x514db, 0x1000, 0x2, 0x1a7}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x29c780})
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_uring_enter(r0, 0x4c8d, 0xaddd, 0x0, 0x0, 0x0)

487.764294ms ago: executing program 0 (id=7887):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000005c0)={[{@discard}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
unshare(0x42000000)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x0)
getgroups(0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2, 0x0, 0x40000000000000}, 0x18)
sendfile(r1, r0, 0x0, 0x7ffff000)

422.314605ms ago: executing program 7 (id=7888):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000005c0)={[{@discard}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
unshare(0x42000000)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x0)
getgroups(0x0, 0x0)
syz_open_procfs$userns(0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendfile(r1, r0, 0x0, 0x7ffff000)

202.206988ms ago: executing program 5 (id=7889):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6185, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
io_setup(0x8, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
connect$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e24, @remote}, 0x10)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={0x54, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x28}]}]}, 0x54}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000800)='net/ip_vs_stats\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3}}, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000001000010003000000000000000000000a4a65e9705978993ed6d7347c1833b4f4279e2e4b83dec96f32d692526a87046ad2011b4d25ee7db9e5"], 0x28}}, 0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)

121.305409ms ago: executing program 5 (id=7890):
r0 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x514db, 0x1000, 0x2, 0x1a7}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_uring_enter(r0, 0x4c8d, 0xaddd, 0x0, 0x0, 0x0)

0s ago: executing program 5 (id=7891):
r0 = semget$private(0x0, 0x6, 0x3b1)
semtimedop(r0, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
semctl$IPC_RMID(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x0, 0x42, 0x0, 0x0, 0x8000, 0x0, @void, @value}, 0x28)

kernel console output (not intermixed with test programs):

UOTA feature is enabled
[  501.454303][T22775] vhci_hcd: invalid port number 23
[  501.693297][   T29] kauditd_printk_skb: 281 callbacks suppressed
[  501.693318][   T29] audit: type=1326 audit(1749051795.677:11686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.723240][   T29] audit: type=1326 audit(1749051795.677:11687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.747059][   T29] audit: type=1326 audit(1749051795.687:11688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.770658][   T29] audit: type=1326 audit(1749051795.687:11689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.794359][   T29] audit: type=1326 audit(1749051795.687:11690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.817971][   T29] audit: type=1326 audit(1749051795.687:11691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.841687][   T29] audit: type=1326 audit(1749051795.687:11692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.865354][   T29] audit: type=1326 audit(1749051795.687:11693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.888978][   T29] audit: type=1326 audit(1749051795.687:11694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  501.912809][   T29] audit: type=1326 audit(1749051795.687:11695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22778 comm="syz.0.7235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf307ce929 code=0x7ffc0000
[  502.086673][T22768] EXT4-fs (loop5): orphan cleanup on readonly fs
[  502.093779][T22768] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.7227: Failed to acquire dquot type 1
[  502.105727][T22768] EXT4-fs (loop5): 1 truncate cleaned up
[  502.112808][T22768] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  502.142845][T22768] lo speed is unknown, defaulting to 1000
[  502.222736][T22788] netlink: 'syz.2.7239': attribute type 27 has an invalid length.
[  502.399420][T22795] loop7: detected capacity change from 0 to 1024
[  502.406658][T22796] __nla_validate_parse: 19 callbacks suppressed
[  502.406715][T22796] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7241'.
[  502.423771][T22795] EXT4-fs: Ignoring removed nomblk_io_submit option
[  502.437437][T22795] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  502.458392][T22795] netlink: 'syz.7.7242': attribute type 10 has an invalid length.
[  502.503922][T19218] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.519447][T22800] loop0: detected capacity change from 0 to 128
[  502.527369][T22800] vfat: Unknown parameter 'kfree'
[  502.534105][T22800] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7243'.
[  502.546531][T22800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7243'.
[  502.594408][T22802] vhci_hcd: invalid port number 23
[  502.709362][T22808] loop0: detected capacity change from 0 to 512
[  502.728010][T22808] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  502.740783][T22808] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  502.844066][T22815] loop7: detected capacity change from 0 to 512
[  502.858272][T22815] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  502.869030][T22814] lo speed is unknown, defaulting to 1000
[  502.901064][T22822] loop7: detected capacity change from 0 to 512
[  502.918628][T22822] ext4 filesystem being mounted at /318/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  502.942439][T22826] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.7252'.
[  502.968015][T22829] loop7: detected capacity change from 0 to 512
[  502.976584][T22829] EXT4-fs (loop7): failed to initialize system zone (-117)
[  502.984084][T22829] EXT4-fs (loop7): mount failed
[  502.997868][T22829] tipc: Started in network mode
[  503.002888][T22829] tipc: Node identity ac14140f, cluster identity 4711
[  503.009927][T22829] tipc: New replicast peer: 255.255.255.255
[  503.011481][T22831] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7252'.
[  503.016201][T22829] tipc: Enabled bearer <udp:syz2>, priority 10
[  503.024825][T22831] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7252'.
[  503.024909][T22831] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7252'.
[  503.057921][T22817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  503.069638][T22817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  503.159550][T22840] infiniband syz2: set down
[  503.164147][T22840] infiniband syz2: added veth0_to_bond
[  503.175169][T22840] RDS/IB: syz2: added
[  503.180356][T22840] smc: adding ib device syz2 with port count 1
[  503.186733][T22840] smc:    ib device syz2 port 1 has pnetid 
[  503.343962][T22849] loop8: detected capacity change from 0 to 512
[  503.350766][T22849] EXT4-fs: Ignoring removed oldalloc option
[  503.426879][T22849] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  503.437611][T22849] EXT4-fs (loop8): orphan cleanup on readonly fs
[  503.445013][T22849] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.7260: Failed to acquire dquot type 1
[  503.458047][T22849] EXT4-fs (loop8): 1 truncate cleaned up
[  503.486520][T22849] lo speed is unknown, defaulting to 1000
[  503.605237][T22843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  503.616961][T22843] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  503.820974][T22853] netlink: 'syz.5.7261': attribute type 21 has an invalid length.
[  503.851134][T22853] netlink: 'syz.5.7261': attribute type 1 has an invalid length.
[  503.859018][T22853] netlink: 144 bytes leftover after parsing attributes in process `syz.5.7261'.
[  504.038630][   T10] tipc: Node number set to 2886997007
[  504.163527][T22860] loop5: detected capacity change from 0 to 512
[  504.214757][T22860] EXT4-fs (loop5): 1 orphan inode deleted
[  504.224019][T22862] netlink: 20 bytes leftover after parsing attributes in process `syz.7.7265'.
[  504.234482][T22857] lo speed is unknown, defaulting to 1000
[  504.241671][T22864] loop2: detected capacity change from 0 to 1024
[  504.248506][   T31] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  504.261881][T22860] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  504.276413][T22864] EXT4-fs: Ignoring removed nobh option
[  504.282127][T22864] EXT4-fs: Ignoring removed bh option
[  504.300904][T22860] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7264: iget: bad i_size value: 360287970189639690
[  504.344741][T22860] netlink: 'syz.5.7264': attribute type 4 has an invalid length.
[  504.362012][ T1096] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  504.396553][T22860] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7264: iget: bad i_size value: 360287970189639690
[  504.446990][T22860] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  504.483506][T22870] loop2: detected capacity change from 0 to 1024
[  504.514470][T22870] EXT4-fs: Ignoring removed bh option
[  504.520083][T22870] EXT4-fs: Ignoring removed nomblk_io_submit option
[  504.540558][T22873] loop5: detected capacity change from 0 to 128
[  504.580679][T22873] vfat: Unknown parameter 'kfree'
[  504.591323][T22876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  504.605910][T22873] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7268'.
[  504.622602][T22876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  504.692993][T22876] loop0: detected capacity change from 0 to 1024
[  504.701842][T22877] lo speed is unknown, defaulting to 1000
[  504.728766][T22876] EXT4-fs: Ignoring removed nobh option
[  504.734414][T22876] EXT4-fs: Ignoring removed bh option
[  504.906659][T22886] bridge: RTM_NEWNEIGH with invalid ether address
[  505.022190][T22893] netlink: 'syz.7.7275': attribute type 27 has an invalid length.
[  505.045449][T22895] FAULT_INJECTION: forcing a failure.
[  505.045449][T22895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  505.058681][T22895] CPU: 0 UID: 0 PID: 22895 Comm: syz.8.7276 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  505.058724][T22895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  505.058741][T22895] Call Trace:
[  505.058749][T22895]  <TASK>
[  505.058760][T22895]  __dump_stack+0x1d/0x30
[  505.058799][T22895]  dump_stack_lvl+0xe8/0x140
[  505.058823][T22895]  dump_stack+0x15/0x1b
[  505.058843][T22895]  should_fail_ex+0x265/0x280
[  505.058933][T22895]  should_fail+0xb/0x20
[  505.058954][T22895]  should_fail_usercopy+0x1a/0x20
[  505.058987][T22895]  strncpy_from_user+0x25/0x230
[  505.059025][T22895]  path_setxattrat+0xeb/0x310
[  505.059097][T22895]  __x64_sys_fsetxattr+0x6b/0x80
[  505.059126][T22895]  x64_sys_call+0x2f7c/0x2fb0
[  505.059182][T22895]  do_syscall_64+0xd2/0x200
[  505.059227][T22895]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  505.059277][T22895]  ? clear_bhb_loop+0x40/0x90
[  505.059303][T22895]  ? clear_bhb_loop+0x40/0x90
[  505.059403][T22895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.059429][T22895] RIP: 0033:0x7fe2db88e929
[  505.059444][T22895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.059461][T22895] RSP: 002b:00007fe2d9ef7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  505.059562][T22895] RAX: ffffffffffffffda RBX: 00007fe2dbab5fa0 RCX: 00007fe2db88e929
[  505.059615][T22895] RDX: 00002000000004c0 RSI: 0000200000000480 RDI: 0000000000000006
[  505.059688][T22895] RBP: 00007fe2d9ef7090 R08: 0000000000000000 R09: 0000000000000000
[  505.059701][T22895] R10: 000000000000001a R11: 0000000000000246 R12: 0000000000000001
[  505.059781][T22895] R13: 0000000000000000 R14: 00007fe2dbab5fa0 R15: 00007ffe51349138
[  505.059802][T22895]  </TASK>
[  505.343906][T22901] vhci_hcd: default hub control req: 0015 v000b i0003 l0
[  505.410254][T22910] loop5: detected capacity change from 0 to 512
[  505.417701][T22905] random: crng reseeded on system resumption
[  505.436623][T22910] EXT4-fs (loop5): 1 orphan inode deleted
[  505.442723][T19142] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  505.443101][T22910] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.490207][T22914] loop7: detected capacity change from 0 to 1024
[  505.498513][T22916] bridge: RTM_NEWNEIGH with invalid ether address
[  505.498950][T22914] EXT4-fs: Ignoring removed nomblk_io_submit option
[  505.549609][T22914] netlink: 'syz.7.7285': attribute type 10 has an invalid length.
[  505.575595][T22926] loop2: detected capacity change from 0 to 1024
[  505.582484][T22926] EXT4-fs: Ignoring removed nobh option
[  505.588159][T22926] EXT4-fs: Ignoring removed bh option
[  505.601278][T22928] netlink: 'syz.0.7290': attribute type 27 has an invalid length.
[  505.641180][T22936] loop0: detected capacity change from 0 to 1024
[  505.648713][T22936] EXT4-fs: Ignoring removed bh option
[  505.654405][T22936] EXT4-fs: Ignoring removed nomblk_io_submit option
[  505.714224][T22935] vhci_hcd: default hub control req: 0015 v000b i0003 l0
[  505.736849][T22946] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  505.755723][T22946] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  505.776547][T22946] loop0: detected capacity change from 0 to 1024
[  505.784139][T22952] loop7: detected capacity change from 0 to 1024
[  505.788260][T22946] EXT4-fs: Ignoring removed nobh option
[  505.791166][T22952] EXT4-fs: Ignoring removed bh option
[  505.796171][T22946] EXT4-fs: Ignoring removed bh option
[  505.807655][T22952] EXT4-fs: Ignoring removed nomblk_io_submit option
[  505.837312][T22959] loop2: detected capacity change from 0 to 1024
[  505.844307][T22959] EXT4-fs: Ignoring removed nomblk_io_submit option
[  505.868575][T22959] netlink: 'syz.2.7302': attribute type 10 has an invalid length.
[  505.895128][T22963] lo speed is unknown, defaulting to 1000
[  505.918504][T22965] loop2: detected capacity change from 0 to 512
[  505.953212][T22965] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  506.005837][T22970] netlink: 'syz.8.7304': attribute type 27 has an invalid length.
[  506.015952][T22973] loop5: detected capacity change from 0 to 1024
[  506.035160][T22973] EXT4-fs: Ignoring removed bh option
[  506.040697][T22973] EXT4-fs: Ignoring removed nomblk_io_submit option
[  506.083142][T22980] loop2: detected capacity change from 0 to 512
[  506.103089][T22980] ext4 filesystem being mounted at /252/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  506.186229][T22992] loop8: detected capacity change from 0 to 1024
[  506.193278][T22992] EXT4-fs: Ignoring removed nomblk_io_submit option
[  506.217302][T22992] netlink: 'syz.8.7313': attribute type 10 has an invalid length.
[  506.222638][T22998] loop5: detected capacity change from 0 to 512
[  506.263966][T22998] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  506.342678][T23005] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.349957][T23005] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.404177][T23005] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  506.414780][T23005] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  506.462479][T23005] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  506.470890][T23005] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  506.479526][T23005] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  506.488086][T23005] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  506.553011][T23011] loop8: detected capacity change from 0 to 1024
[  506.580992][T23011] EXT4-fs: Ignoring removed bh option
[  506.586949][T23011] EXT4-fs: Ignoring removed nomblk_io_submit option
[  506.599952][T23017] loop5: detected capacity change from 0 to 512
[  506.655347][T23022] loop8: detected capacity change from 0 to 1024
[  506.664219][T23022] EXT4-fs: Ignoring removed nobh option
[  506.664307][T23017] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  506.669876][T23022] EXT4-fs: Ignoring removed bh option
[  506.763389][T23030] vhci_hcd: invalid port number 23
[  506.843384][T23038] loop7: detected capacity change from 0 to 512
[  506.857400][T23038] EXT4-fs: Ignoring removed nomblk_io_submit option
[  506.866865][T23038] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  506.878992][T23038] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  506.909063][T23038] EXT4-fs (loop7): 1 truncate cleaned up
[  506.916348][T23047] bridge: RTM_NEWNEIGH with invalid ether address
[  507.093383][T23060] loop0: detected capacity change from 0 to 1024
[  507.100112][T23060] EXT4-fs: Ignoring removed bh option
[  507.105655][T23060] EXT4-fs: Ignoring removed nomblk_io_submit option
[  507.119993][   T29] kauditd_printk_skb: 183 callbacks suppressed
[  507.120011][   T29] audit: type=1326 audit(1749051801.158:11872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.162119][   T29] audit: type=1326 audit(1749051801.158:11873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.185885][   T29] audit: type=1326 audit(1749051801.158:11874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.210040][   T29] audit: type=1326 audit(1749051801.158:11875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.233852][   T29] audit: type=1326 audit(1749051801.158:11876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.257663][   T29] audit: type=1326 audit(1749051801.158:11877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.281319][   T29] audit: type=1326 audit(1749051801.158:11878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.304907][   T29] audit: type=1326 audit(1749051801.158:11879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.328648][   T29] audit: type=1326 audit(1749051801.158:11880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.352410][   T29] audit: type=1326 audit(1749051801.158:11881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23062 comm="syz.5.7339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  507.393836][T23065] lo speed is unknown, defaulting to 1000
[  507.406435][T23067] loop7: detected capacity change from 0 to 128
[  507.438129][T23067] vfat: Unknown parameter 'kfree'
[  507.452863][T23072] vhci_hcd: invalid port number 23
[  507.471691][T23067] __nla_validate_parse: 4 callbacks suppressed
[  507.471711][T23067] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7340'.
[  507.490568][T23067] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7340'.
[  507.501134][T23076] bridge: RTM_NEWNEIGH with invalid ether address
[  507.548449][T23079] loop2: detected capacity change from 0 to 1024
[  507.558575][T23079] EXT4-fs: Ignoring removed bh option
[  507.564061][T23079] EXT4-fs: Ignoring removed nomblk_io_submit option
[  507.567902][T23081] loop7: detected capacity change from 0 to 512
[  507.583394][T23083] validate_nla: 1 callbacks suppressed
[  507.583413][T23083] netlink: 'syz.5.7346': attribute type 27 has an invalid length.
[  507.629670][T23081] EXT4-fs (loop7): 1 orphan inode deleted
[  507.641845][T23081] ext4 filesystem being mounted at /335/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  507.653763][ T3436] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  507.667368][T23091] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7349'.
[  507.677990][T23081] EXT4-fs error (device loop7): ext4_lookup:1787: inode #15: comm syz.7.7347: iget: bad i_size value: 360287970189639690
[  507.696288][ T3436] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  507.716807][T23081] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  507.872419][T23102] lo speed is unknown, defaulting to 1000
[  508.006245][T23108] bridge: RTM_NEWNEIGH with invalid ether address
[  508.052391][T23113] loop0: detected capacity change from 0 to 1024
[  508.059355][T23113] EXT4-fs: Ignoring removed nomblk_io_submit option
[  508.060437][T23115] lo speed is unknown, defaulting to 1000
[  508.267911][T23135] bridge: RTM_NEWNEIGH with invalid ether address
[  508.313838][T23139] loop5: detected capacity change from 0 to 1024
[  508.321169][T23139] EXT4-fs: Ignoring removed nobh option
[  508.326923][T23139] EXT4-fs: Ignoring removed bh option
[  508.423394][T23147] loop0: detected capacity change from 0 to 512
[  508.427511][T23148] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.7373'.
[  508.446072][T23147] EXT4-fs (loop0): 1 orphan inode deleted
[  508.452375][T23147] ext4 filesystem being mounted at /279/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  508.463867][ T3436] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  508.471269][T23147] netlink: 56 bytes leftover after parsing attributes in process `syz.0.7372'.
[  508.484424][T23147] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7372'.
[  508.502017][T23152] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7373'.
[  508.511018][T23152] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7373'.
[  508.520215][T23152] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7373'.
[  508.567767][T23156] netlink: 'syz.2.7375': attribute type 27 has an invalid length.
[  508.608603][T23160] loop0: detected capacity change from 0 to 1024
[  508.615707][T23160] EXT4-fs: Ignoring removed bh option
[  508.621163][T23160] EXT4-fs: Ignoring removed nomblk_io_submit option
[  508.659940][T23167] bridge: RTM_NEWNEIGH with invalid ether address
[  508.846231][T23181] netlink: 'syz.2.7387': attribute type 27 has an invalid length.
[  508.888682][T23185] loop2: detected capacity change from 0 to 1024
[  508.895943][T23185] EXT4-fs: Ignoring removed bh option
[  508.901385][T23185] EXT4-fs: Ignoring removed nomblk_io_submit option
[  508.923082][T23187] loop7: detected capacity change from 0 to 1024
[  508.929919][T23187] EXT4-fs: Ignoring removed bh option
[  508.935451][T23187] EXT4-fs: Ignoring removed nomblk_io_submit option
[  508.969169][T23193] loop8: detected capacity change from 0 to 1024
[  508.977124][T23193] EXT4-fs: Ignoring removed bh option
[  508.982587][T23193] EXT4-fs: Ignoring removed nomblk_io_submit option
[  509.014755][T23194] lo speed is unknown, defaulting to 1000
[  509.049917][T23196] lo speed is unknown, defaulting to 1000
[  509.139113][T23198] lo speed is unknown, defaulting to 1000
[  509.611776][T23208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.641261][T23208] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.924295][T23214] netlink: 'syz.8.7399': attribute type 27 has an invalid length.
[  509.962562][T23217] loop8: detected capacity change from 0 to 512
[  509.987808][T23217] ext4 filesystem being mounted at /292/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  510.052874][T23225] lo speed is unknown, defaulting to 1000
[  510.130074][T23227] vhci_hcd: default hub control req: 0015 v000b i0003 l0
[  510.164395][T23232] lo speed is unknown, defaulting to 1000
[  510.190993][T23236] bridge: RTM_NEWNEIGH with invalid ether address
[  510.238200][T23241] loop8: detected capacity change from 0 to 512
[  510.261602][T23241] EXT4-fs (loop8): 1 orphan inode deleted
[  510.270357][T23241] ext4 filesystem being mounted at /297/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  510.283168][T23241] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7408: iget: bad i_size value: 360287970189639690
[  510.285955][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  510.309091][T23241] netlink: 'syz.8.7408': attribute type 4 has an invalid length.
[  510.318694][T23241] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7408: iget: bad i_size value: 360287970189639690
[  510.332661][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  510.350431][T23241] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  510.433062][T23251] loop8: detected capacity change from 0 to 1024
[  510.440097][T23251] EXT4-fs: Ignoring removed bh option
[  510.445685][T23251] EXT4-fs: Ignoring removed nomblk_io_submit option
[  510.467167][T23254] loop5: detected capacity change from 0 to 1024
[  510.474035][T23254] EXT4-fs: Ignoring removed bh option
[  510.479477][T23254] EXT4-fs: Ignoring removed nomblk_io_submit option
[  510.520512][T23256] lo speed is unknown, defaulting to 1000
[  510.585137][T23257] lo speed is unknown, defaulting to 1000
[  510.873734][T23262] loop2: detected capacity change from 0 to 128
[  510.917556][T23262] vfat: Unknown parameter 'kfree'
[  510.948076][T23262] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7415'.
[  511.105011][T23267] bridge: RTM_NEWNEIGH with invalid ether address
[  511.213122][T23271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  511.222514][T23271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  511.246663][T23269] vhci_hcd: default hub control req: 0015 v000b i0003 l0
[  511.344133][T23274] vhci_hcd: invalid port number 23
[  511.362486][T23276] loop2: detected capacity change from 0 to 512
[  511.413787][T23276] EXT4-fs (loop2): 1 orphan inode deleted
[  511.421576][T23276] ext4 filesystem being mounted at /275/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  511.432428][ T1096] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  511.456106][T23276] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7421: iget: bad i_size value: 360287970189639690
[  511.473444][T23276] netlink: 'syz.2.7421': attribute type 4 has an invalid length.
[  511.481655][T23276] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7421: iget: bad i_size value: 360287970189639690
[  511.494773][ T1096] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  511.509877][T23280] loop8: detected capacity change from 0 to 128
[  511.517017][T23280] vfat: Unknown parameter 'kfree'
[  511.522836][T23276] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  511.600219][T23285] lo speed is unknown, defaulting to 1000
[  511.606487][T23288] loop5: detected capacity change from 0 to 1024
[  511.628084][T23288] EXT4-fs: Ignoring removed bh option
[  511.633566][T23288] EXT4-fs: Ignoring removed nomblk_io_submit option
[  511.716263][T23293] loop7: detected capacity change from 0 to 1024
[  511.716398][T23291] lo speed is unknown, defaulting to 1000
[  511.750040][T23293] EXT4-fs: Ignoring removed bh option
[  511.755662][T23293] EXT4-fs: Ignoring removed nomblk_io_submit option
[  511.867403][T23300] lo speed is unknown, defaulting to 1000
[  512.393328][T23307] loop2: detected capacity change from 0 to 1024
[  512.403263][T23307] EXT4-fs: Ignoring removed bh option
[  512.408729][T23307] EXT4-fs: Ignoring removed nomblk_io_submit option
[  512.621490][T23311] lo speed is unknown, defaulting to 1000
[  512.651305][T23313] bridge: RTM_NEWNEIGH with invalid ether address
[  512.676035][   T29] kauditd_printk_skb: 170 callbacks suppressed
[  512.676054][   T29] audit: type=1326 audit(1749051806.702:12045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.752951][   T29] audit: type=1326 audit(1749051806.702:12046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.776644][   T29] audit: type=1326 audit(1749051806.702:12047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.800265][   T29] audit: type=1326 audit(1749051806.702:12048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.824022][   T29] audit: type=1326 audit(1749051806.702:12049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.847837][   T29] audit: type=1326 audit(1749051806.702:12050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.871771][   T29] audit: type=1326 audit(1749051806.702:12051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.895470][   T29] audit: type=1326 audit(1749051806.702:12052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.919355][   T29] audit: type=1326 audit(1749051806.702:12053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  512.943207][   T29] audit: type=1326 audit(1749051806.702:12054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23315 comm="syz.5.7434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  513.026943][T23325] __nla_validate_parse: 3 callbacks suppressed
[  513.026964][T23325] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7438'.
[  513.044956][T23325] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7438'.
[  513.064062][T23323] lo speed is unknown, defaulting to 1000
[  513.169480][T23329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  513.181962][T23329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  513.195810][T23329] loop7: detected capacity change from 0 to 1024
[  513.203763][T23329] EXT4-fs: Ignoring removed nobh option
[  513.209716][T23329] EXT4-fs: Ignoring removed bh option
[  513.402204][T23337] vhci_hcd: invalid port number 23
[  513.509335][T23341] loop0: detected capacity change from 0 to 512
[  513.516267][T23341] EXT4-fs: Ignoring removed oldalloc option
[  513.524274][T23341] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  513.570420][T23341] EXT4-fs (loop0): orphan cleanup on readonly fs
[  513.578830][T23341] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.7440: Failed to acquire dquot type 1
[  514.210964][T23348] loop5: detected capacity change from 0 to 512
[  514.253758][T23348] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  514.398586][T23341] EXT4-fs (loop0): 1 truncate cleaned up
[  514.428588][T23341] lo speed is unknown, defaulting to 1000
[  514.744983][T23356] loop7: detected capacity change from 0 to 1024
[  514.773976][T23362] loop5: detected capacity change from 0 to 512
[  514.780896][T23356] EXT4-fs: Ignoring removed nobh option
[  514.786709][T23356] EXT4-fs: Ignoring removed bh option
[  514.818474][T23360] lo speed is unknown, defaulting to 1000
[  514.827690][T23364] loop8: detected capacity change from 0 to 512
[  514.855161][T23364] EXT4-fs (loop8): 1 orphan inode deleted
[  514.861761][T23362] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  514.880402][T19142] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  514.908456][T23364] ext4 filesystem being mounted at /305/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  514.961903][T23364] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7452: iget: bad i_size value: 360287970189639690
[  515.016508][T23364] netlink: 'syz.8.7452': attribute type 4 has an invalid length.
[  515.031896][T19142] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  515.036122][T23364] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7452: iget: bad i_size value: 360287970189639690
[  515.074266][T23377] vhci_hcd: default hub control req: 0015 v000b i0003 l0
[  515.083156][T23364] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  515.163561][T23382] loop5: detected capacity change from 0 to 1024
[  515.182151][T23382] EXT4-fs: Ignoring removed bh option
[  515.187643][T23382] EXT4-fs: Ignoring removed nomblk_io_submit option
[  515.300932][T23386] lo speed is unknown, defaulting to 1000
[  515.442148][T23398] loop7: detected capacity change from 0 to 1024
[  515.463625][T23400] loop8: detected capacity change from 0 to 1024
[  515.469327][T23398] EXT4-fs: Ignoring removed bh option
[  515.475682][T23398] EXT4-fs: Ignoring removed nomblk_io_submit option
[  515.494114][T23400] EXT4-fs: Ignoring removed bh option
[  515.499680][T23400] EXT4-fs: Ignoring removed nomblk_io_submit option
[  515.679582][T23403] lo speed is unknown, defaulting to 1000
[  516.167362][T23412] loop0: detected capacity change from 0 to 1024
[  516.208663][T23414] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7464'.
[  516.231724][T23412] EXT4-fs: Ignoring removed bh option
[  516.237200][T23412] EXT4-fs: Ignoring removed nomblk_io_submit option
[  516.240444][T23414] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7464'.
[  516.513304][T23424] loop8: detected capacity change from 0 to 512
[  516.560682][T23424] EXT4-fs (loop8): 1 orphan inode deleted
[  516.563366][   T57] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  516.578825][T23424] ext4 filesystem being mounted at /309/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  516.593747][T23424] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7467: iget: bad i_size value: 360287970189639690
[  516.611135][T23424] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  516.626039][T23430] loop7: detected capacity change from 0 to 1024
[  516.633267][T23430] EXT4-fs: Ignoring removed nomblk_io_submit option
[  516.714877][T23434] loop2: detected capacity change from 0 to 512
[  516.721606][T23434] EXT4-fs: Ignoring removed oldalloc option
[  516.728761][T23434] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  516.793317][T23434] EXT4-fs (loop2): orphan cleanup on readonly fs
[  516.801344][T23434] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.7469: Failed to acquire dquot type 1
[  516.814046][T23434] EXT4-fs (loop2): 1 truncate cleaned up
[  516.842979][T23434] lo speed is unknown, defaulting to 1000
[  517.630171][T23444] loop7: detected capacity change from 0 to 1024
[  517.661422][T23446] netlink: 'syz.8.7471': attribute type 27 has an invalid length.
[  517.676233][T23444] EXT4-fs: Ignoring removed bh option
[  517.681782][T23444] EXT4-fs: Ignoring removed nomblk_io_submit option
[  517.843484][T23452] lo speed is unknown, defaulting to 1000
[  517.857907][T23454] loop8: detected capacity change from 0 to 512
[  517.915301][T23454] ext4 filesystem being mounted at /312/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  518.147121][T23464] loop8: detected capacity change from 0 to 1024
[  518.171679][T23464] EXT4-fs: Ignoring removed bh option
[  518.177269][T23464] EXT4-fs: Ignoring removed nomblk_io_submit option
[  518.419622][T23467] lo speed is unknown, defaulting to 1000
[  518.426157][T23471] loop5: detected capacity change from 0 to 1024
[  518.439507][T23471] EXT4-fs: Ignoring removed bh option
[  518.444988][T23471] EXT4-fs: Ignoring removed nomblk_io_submit option
[  518.834673][T23475] lo speed is unknown, defaulting to 1000
[  518.931686][T23482] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.7486'.
[  519.071154][T23491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7486'.
[  519.080269][T23491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7486'.
[  519.110677][T23491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7486'.
[  519.150063][T23497] loop7: detected capacity change from 0 to 512
[  519.176143][T23497] EXT4-fs (loop7): 1 orphan inode deleted
[  519.191029][T23497] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  519.202597][   T57] __quota_error: 105 callbacks suppressed
[  519.202614][   T57] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  519.207395][T23497] EXT4-fs error (device loop7): ext4_lookup:1787: inode #15: comm syz.7.7491: iget: bad i_size value: 360287970189639690
[  519.208441][   T57] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  519.251940][T23497] netlink: 'syz.7.7491': attribute type 4 has an invalid length.
[  519.260729][T23497] EXT4-fs error (device loop7): ext4_lookup:1787: inode #15: comm syz.7.7491: iget: bad i_size value: 360287970189639690
[  519.273664][ T3436] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  519.283500][ T3436] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  519.316121][T23505] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  519.377662][T23507] lo speed is unknown, defaulting to 1000
[  519.473414][T23511] loop7: detected capacity change from 0 to 8192
[  519.557000][T23522] openvswitch: netlink: Message has 6 unknown bytes.
[  519.666702][T23535] loop7: detected capacity change from 0 to 512
[  519.696498][T23535] EXT4-fs (loop7): 1 orphan inode deleted
[  519.708401][T23535] ext4 filesystem being mounted at /356/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  519.721211][   T57] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  519.731171][   T57] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  519.771706][T23535] EXT4-fs error (device loop7): ext4_lookup:1787: inode #15: comm syz.7.7500: iget: bad i_size value: 360287970189639690
[  519.789798][T23535] netlink: 'syz.7.7500': attribute type 4 has an invalid length.
[  519.798382][T23535] EXT4-fs error (device loop7): ext4_lookup:1787: inode #15: comm syz.7.7500: iget: bad i_size value: 360287970189639690
[  519.812337][   T57] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  519.822237][   T57] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  519.851268][T23541] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  519.892347][T23546] loop2: detected capacity change from 0 to 1024
[  519.936574][T23546] EXT4-fs: Ignoring removed nobh option
[  519.942483][T23546] EXT4-fs: Ignoring removed bh option
[  519.956012][T23550] loop0: detected capacity change from 0 to 1024
[  519.962908][T23550] EXT4-fs: Ignoring removed nobh option
[  519.968588][T23550] EXT4-fs: Ignoring removed bh option
[  520.035276][T23557] loop7: detected capacity change from 0 to 128
[  520.042224][T23557] vfat: Unknown parameter 'kfree'
[  520.053443][T23557] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7506'.
[  520.074470][T23557] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7506'.
[  520.085232][   T29] audit: type=1400 audit(1749051814.116:12153): avc:  denied  { firmware_load } for  pid=23555 comm="syz.7.7506" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  520.162682][T23565] loop5: detected capacity change from 0 to 512
[  520.175034][T23565] loop5: detected capacity change from 0 to 512
[  520.181912][T23565] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  520.188921][T23571] loop0: detected capacity change from 0 to 1024
[  520.197271][T23571] EXT4-fs: Ignoring removed bh option
[  520.202842][T23571] EXT4-fs: Ignoring removed nomblk_io_submit option
[  520.210952][T23565] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.7511: invalid block
[  520.224634][T23565] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.7511: invalid indirect mapped block 4294967295 (level 1)
[  520.240057][T23565] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.7511: invalid indirect mapped block 4294967295 (level 1)
[  520.255565][T23565] EXT4-fs (loop5): 2 truncates cleaned up
[  520.289536][T23577] lo speed is unknown, defaulting to 1000
[  520.338036][T23565] Invalid ELF header magic: != ELF
[  520.345797][T23583] bridge: RTM_NEWNEIGH with invalid ether address
[  520.354048][   T29] audit: type=1400 audit(1749051814.366:12154): avc:  denied  { module_load } for  pid=23564 comm="syz.5.7511" path="/sys/kernel/notes" dev="sysfs" ino=212 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  520.384982][T23585] FAULT_INJECTION: forcing a failure.
[  520.384982][T23585] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  520.398561][T23585] CPU: 1 UID: 0 PID: 23585 Comm: syz.8.7517 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  520.398594][T23585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.398610][T23585] Call Trace:
[  520.398618][T23585]  <TASK>
[  520.398628][T23585]  __dump_stack+0x1d/0x30
[  520.398666][T23585]  dump_stack_lvl+0xe8/0x140
[  520.398749][T23585]  dump_stack+0x15/0x1b
[  520.398795][T23585]  should_fail_ex+0x265/0x280
[  520.398816][T23585]  should_fail_alloc_page+0xf2/0x100
[  520.398842][T23585]  __alloc_frozen_pages_noprof+0xff/0x360
[  520.398891][T23585]  alloc_pages_mpol+0xb3/0x250
[  520.398953][T23585]  vma_alloc_folio_noprof+0x1aa/0x300
[  520.399045][T23585]  handle_mm_fault+0xec2/0x2be0
[  520.399074][T23585]  ? mas_walk+0xf2/0x120
[  520.399114][T23585]  do_user_addr_fault+0x636/0x1090
[  520.399221][T23585]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  520.399319][T23585]  exc_page_fault+0x62/0xa0
[  520.399351][T23585]  asm_exc_page_fault+0x26/0x30
[  520.399375][T23585] RIP: 0033:0x7fe2db83bf4b
[  520.399391][T23585] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  520.399408][T23585] RSP: 002b:00007fe2d9ef4e10 EFLAGS: 00010246
[  520.399487][T23585] RAX: 00007fe2d9ef6f30 RBX: 00007fe2dba83620 RCX: 0000000000000000
[  520.399503][T23585] RDX: 00007fe2d9ef6f78 RSI: 00007fe2db8edbf8 RDI: 00007fe2d9ef4e30
[  520.399519][T23585] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  520.399593][T23585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.399606][T23585] R13: 0000000000000000 R14: 00007fe2dbab5fa0 R15: 00007ffe51349138
[  520.399630][T23585]  </TASK>
[  520.399642][T23585] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  520.507156][   T29] audit: type=1326 audit(1749051814.526:12155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23564 comm="syz.5.7511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  520.602504][   T29] audit: type=1326 audit(1749051814.526:12156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23564 comm="syz.5.7511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  520.626277][   T29] audit: type=1326 audit(1749051814.526:12157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23564 comm="syz.5.7511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  520.650035][   T29] audit: type=1326 audit(1749051814.526:12158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23564 comm="syz.5.7511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee612e929 code=0x7ffc0000
[  520.709035][T23592] 9pnet_fd: Insufficient options for proto=fd
[  520.739913][T23597] loop5: detected capacity change from 0 to 1024
[  520.747386][T23597] EXT4-fs: Ignoring removed nobh option
[  520.753046][T23597] EXT4-fs: Ignoring removed bh option
[  520.802895][T23603] loop8: detected capacity change from 0 to 1024
[  520.809809][T23603] EXT4-fs: Ignoring removed bh option
[  520.815596][T23603] EXT4-fs: Ignoring removed nomblk_io_submit option
[  520.815846][T23600] loop2: detected capacity change from 0 to 512
[  520.831965][T23600] EXT4-fs (loop2): failed to initialize system zone (-117)
[  520.839618][T23600] EXT4-fs (loop2): mount failed
[  520.913041][T23612] loop2: detected capacity change from 0 to 512
[  520.928006][T23608] lo speed is unknown, defaulting to 1000
[  520.928311][T23612] EXT4-fs (loop2): 1 orphan inode deleted
[  520.946431][   T57] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  520.958544][T23612] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  521.044455][T23612] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7525: iget: bad i_size value: 360287970189639690
[  521.130389][T19142] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  521.172843][T23612] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  521.202458][T23628] bridge: RTM_NEWNEIGH with invalid ether address
[  521.282921][T23635] loop5: detected capacity change from 0 to 1024
[  521.300647][T23635] EXT4-fs: Ignoring removed nobh option
[  521.306448][T23635] EXT4-fs: Ignoring removed bh option
[  521.316154][T23637] loop7: detected capacity change from 0 to 512
[  521.338077][T23640] loop2: detected capacity change from 0 to 128
[  521.354944][T23640] vfat: Unknown parameter 'kfree'
[  521.363557][T23637] EXT4-fs (loop7): failed to initialize system zone (-117)
[  521.369576][T23640] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7537'.
[  521.391443][T23640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7537'.
[  521.400609][T23637] EXT4-fs (loop7): mount failed
[  521.488075][T23655] FAULT_INJECTION: forcing a failure.
[  521.488075][T23655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  521.501241][T23655] CPU: 1 UID: 0 PID: 23655 Comm: syz.0.7542 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  521.501269][T23655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  521.501283][T23655] Call Trace:
[  521.501297][T23655]  <TASK>
[  521.501305][T23655]  __dump_stack+0x1d/0x30
[  521.501331][T23655]  dump_stack_lvl+0xe8/0x140
[  521.501417][T23655]  dump_stack+0x15/0x1b
[  521.501435][T23655]  should_fail_ex+0x265/0x280
[  521.501515][T23655]  should_fail+0xb/0x20
[  521.501536][T23655]  should_fail_usercopy+0x1a/0x20
[  521.501560][T23655]  _copy_from_user+0x1c/0xb0
[  521.501593][T23655]  do_ipt_set_ctl+0x3a0/0x820
[  521.501716][T23655]  ? _raw_spin_unlock_bh+0x36/0x40
[  521.501747][T23655]  ? tcp_release_cb+0xf1/0x370
[  521.501853][T23655]  nf_setsockopt+0x196/0x1b0
[  521.501896][T23655]  ip_setsockopt+0x102/0x110
[  521.501988][T23655]  tcp_setsockopt+0x98/0xb0
[  521.502089][T23655]  sock_common_setsockopt+0x66/0x80
[  521.502112][T23655]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  521.502135][T23655]  smc_setsockopt+0x183/0x750
[  521.502218][T23655]  ? __pfx_smc_setsockopt+0x10/0x10
[  521.502302][T23655]  __sys_setsockopt+0x184/0x200
[  521.502336][T23655]  __x64_sys_setsockopt+0x64/0x80
[  521.502373][T23655]  x64_sys_call+0x2bd5/0x2fb0
[  521.502402][T23655]  do_syscall_64+0xd2/0x200
[  521.502443][T23655]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  521.502471][T23655]  ? clear_bhb_loop+0x40/0x90
[  521.502493][T23655]  ? clear_bhb_loop+0x40/0x90
[  521.502579][T23655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.502603][T23655] RIP: 0033:0x7fbf307ce929
[  521.502618][T23655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.502635][T23655] RSP: 002b:00007fbf2ee37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  521.502658][T23655] RAX: ffffffffffffffda RBX: 00007fbf309f5fa0 RCX: 00007fbf307ce929
[  521.502777][T23655] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006
[  521.502794][T23655] RBP: 00007fbf2ee37090 R08: 0000000000000550 R09: 0000000000000000
[  521.502810][T23655] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  521.502826][T23655] R13: 0000000000000000 R14: 00007fbf309f5fa0 R15: 00007ffed0f6a4e8
[  521.502852][T23655]  </TASK>
[  521.749885][T23652] lo speed is unknown, defaulting to 1000
[  521.779990][T23661] bridge: RTM_NEWNEIGH with invalid ether address
[  521.830132][T23662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7543'.
[  521.871993][T23670] netlink: 32 bytes leftover after parsing attributes in process `syz.8.7548'.
[  521.933540][T23675] loop0: detected capacity change from 0 to 1024
[  521.949179][T23675] EXT4-fs: Ignoring removed nobh option
[  521.955004][T23675] EXT4-fs: Ignoring removed bh option
[  521.969300][T23679] loop7: detected capacity change from 0 to 1024
[  521.976307][T23679] EXT4-fs: Ignoring removed bh option
[  521.981800][T23679] EXT4-fs: Ignoring removed nomblk_io_submit option
[  522.032744][T23679] lo speed is unknown, defaulting to 1000
[  522.172846][T23694] loop5: detected capacity change from 0 to 512
[  522.187285][T23694] EXT4-fs (loop5): 1 orphan inode deleted
[  522.193601][T23694] EXT4-fs mount: 141 callbacks suppressed
[  522.193696][T23694] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.212252][T23694] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  522.212495][   T31] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  522.238321][T23694] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7556: iget: bad i_size value: 360287970189639690
[  522.261779][   T31] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  522.274637][T23694] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  522.295544][T22166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.325302][T23700] loop5: detected capacity change from 0 to 512
[  522.337585][T23700] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.350608][T23700] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  522.371461][T23700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.392013][T23704] bridge: RTM_NEWNEIGH with invalid ether address
[  522.462411][T23708] cgroup: noprefix used incorrectly
[  522.535820][T23715] loop8: detected capacity change from 0 to 512
[  522.549818][T23715] EXT4-fs (loop8): 1 orphan inode deleted
[  522.565520][T23715] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.579451][T23715] ext4 filesystem being mounted at /328/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  522.596194][T23715] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7563: iget: bad i_size value: 360287970189639690
[  522.613071][T23715] netlink: 'syz.8.7563': attribute type 4 has an invalid length.
[  522.621400][T23715] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7563: iget: bad i_size value: 360287970189639690
[  522.652969][ T3436] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  522.696335][T23715] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  522.720098][T19428] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.744400][T23729] @: renamed from vlan0
[  522.807188][T23732] bridge: RTM_NEWNEIGH with invalid ether address
[  522.838950][T19218] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.852303][T23734] loop2: detected capacity change from 0 to 512
[  522.857627][T23736] loop5: detected capacity change from 0 to 1024
[  522.865962][T23736] EXT4-fs: Ignoring removed nobh option
[  522.871591][T23736] EXT4-fs: Ignoring removed bh option
[  522.884743][T23734] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.899039][T23734] ext4 filesystem being mounted at /303/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  522.915537][T23734] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.934436][T23736] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.935558][T23740] lo speed is unknown, defaulting to 1000
[  523.017314][T22166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.074780][T23756] loop2: detected capacity change from 0 to 512
[  523.108441][T23758] lo speed is unknown, defaulting to 1000
[  523.131812][T23756] EXT4-fs (loop2): 1 orphan inode deleted
[  523.138295][T23756] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.151124][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  523.168986][T23756] ext4 filesystem being mounted at /306/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  523.176956][T23764] loop7: detected capacity change from 0 to 1024
[  523.181978][T23756] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7578: iget: bad i_size value: 360287970189639690
[  523.186678][T23764] EXT4-fs: Ignoring removed bh option
[  523.201785][T23761] FAULT_INJECTION: forcing a failure.
[  523.201785][T23761] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  523.204119][T23764] EXT4-fs: Ignoring removed nomblk_io_submit option
[  523.217267][T23761] CPU: 0 UID: 0 PID: 23761 Comm: syz.5.7580 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  523.217321][T23761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  523.217333][T23761] Call Trace:
[  523.217340][T23761]  <TASK>
[  523.217350][T23761]  __dump_stack+0x1d/0x30
[  523.217376][T23761]  dump_stack_lvl+0xe8/0x140
[  523.217404][T23761]  dump_stack+0x15/0x1b
[  523.217427][T23761]  should_fail_ex+0x265/0x280
[  523.217502][T23761]  should_fail+0xb/0x20
[  523.217525][T23761]  should_fail_usercopy+0x1a/0x20
[  523.217566][T23761]  _copy_from_user+0x1c/0xb0
[  523.217599][T23761]  __tun_chr_ioctl+0x147/0x14c0
[  523.217645][T23761]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  523.217704][T23761]  tun_chr_ioctl+0x27/0x40
[  523.217741][T23761]  __se_sys_ioctl+0xcb/0x140
[  523.217785][T23761]  __x64_sys_ioctl+0x43/0x50
[  523.217861][T23761]  x64_sys_call+0x19a8/0x2fb0
[  523.217889][T23761]  do_syscall_64+0xd2/0x200
[  523.217993][T23761]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  523.218028][T23761]  ? clear_bhb_loop+0x40/0x90
[  523.218109][T23761]  ? clear_bhb_loop+0x40/0x90
[  523.218139][T23761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.218168][T23761] RIP: 0033:0x7fbee612e929
[  523.218188][T23761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  523.218256][T23761] RSP: 002b:00007fbee4797038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  523.218281][T23761] RAX: ffffffffffffffda RBX: 00007fbee6355fa0 RCX: 00007fbee612e929
[  523.218298][T23761] RDX: 0000200000000100 RSI: 00000000400454ca RDI: 0000000000000006
[  523.218315][T23761] RBP: 00007fbee4797090 R08: 0000000000000000 R09: 0000000000000000
[  523.218332][T23761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  523.218348][T23761] R13: 0000000000000000 R14: 00007fbee6355fa0 R15: 00007fff861bf738
[  523.218397][T23761]  </TASK>
[  523.367063][ T3436] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  523.375246][T23764] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.410239][T23770] netlink: 'syz.2.7578': attribute type 4 has an invalid length.
[  523.449799][T23768] bridge: RTM_NEWNEIGH with invalid ether address
[  523.457219][T23756] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7578: iget: bad i_size value: 360287970189639690
[  523.492891][T23756] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  523.522140][T23773] lo speed is unknown, defaulting to 1000
[  523.529656][T19067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.545016][T23775] loop5: detected capacity change from 0 to 1024
[  523.552171][T23775] EXT4-fs: Ignoring removed nobh option
[  523.557890][T23775] EXT4-fs: Ignoring removed bh option
[  523.577382][T23778] netlink: 'syz.2.7584': attribute type 27 has an invalid length.
[  523.592410][T23775] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.610463][T23783] loop0: detected capacity change from 0 to 512
[  523.738564][T23788] loop8: detected capacity change from 0 to 512
[  523.766687][T23788] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.789399][T23788] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  523.814145][T22166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.825970][T23783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.848878][T23783] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  523.872435][T23783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.898557][T23788] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.974044][T23801] loop5: detected capacity change from 0 to 512
[  524.018881][T23801] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.034807][T23813] netlink: 'syz.0.7598': attribute type 27 has an invalid length.
[  524.040341][T23801] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  524.075524][T19218] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.085684][T23818] loop8: detected capacity change from 0 to 1024
[  524.088830][T23801] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.092812][T23818] EXT4-fs: Ignoring removed nobh option
[  524.106931][T23818] EXT4-fs: Ignoring removed bh option
[  524.140096][T23818] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.187514][T19428] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.203091][T23830] loop5: detected capacity change from 0 to 512
[  524.239085][T23830] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.251975][T23830] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  524.278865][T23830] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.340472][T23848] netlink: 'syz.8.7613': attribute type 27 has an invalid length.
[  524.386290][T23858] loop0: detected capacity change from 0 to 512
[  524.394476][T23856] loop5: detected capacity change from 0 to 1024
[  524.401969][T23856] EXT4-fs: Ignoring removed nobh option
[  524.407849][T23856] EXT4-fs: Ignoring removed bh option
[  524.428545][T23858] EXT4-fs (loop0): 1 orphan inode deleted
[  524.435271][T23858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.450073][   T31] __quota_error: 49 callbacks suppressed
[  524.450088][   T31] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  524.465728][   T31] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  524.466468][T23858] ext4 filesystem being mounted at /328/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  524.479272][T23856] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.496749][T23870] loop8: detected capacity change from 0 to 512
[  524.501634][T23858] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.7618: iget: bad i_size value: 360287970189639690
[  524.530835][T23870] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.550089][T23870] ext4 filesystem being mounted at /339/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  524.566604][ T3436] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  524.576558][ T3436] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  524.588780][T23870] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.589264][T22166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.608257][T23858] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  524.637251][T19890] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.652244][T23880] loop5: detected capacity change from 0 to 1024
[  524.666921][T23880] EXT4-fs: Ignoring removed nobh option
[  524.671925][   T29] audit: type=1400 audit(1749051818.694:12201): avc:  denied  { name_connect } for  pid=23883 comm="syz.7.7629" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  524.672562][T23880] EXT4-fs: Ignoring removed bh option
[  524.703278][T23886] SELinux:  policydb string SE Xinux does not match my string SE Linux
[  524.709516][T23888] netlink: 'syz.8.7630': attribute type 27 has an invalid length.
[  524.713362][T23886] SELinux: failed to load policy
[  524.725971][T23880] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.758182][   T29] audit: type=1326 audit(1749051818.784:12202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23894 comm="syz.0.7632" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbf307ce929 code=0x0
[  524.833729][T23903] loop2: detected capacity change from 0 to 1024
[  524.841442][T23903] EXT4-fs: Ignoring removed bh option
[  524.843987][T22166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.846932][T23903] EXT4-fs: Ignoring removed nomblk_io_submit option
[  524.855608][T23905] loop8: detected capacity change from 0 to 512
[  524.871733][T23903] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.902158][T23905] EXT4-fs (loop8): 1 orphan inode deleted
[  524.908578][T23905] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.921459][T23905] ext4 filesystem being mounted at /345/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  524.921579][ T3436] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  524.941900][ T3436] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  524.957662][T23905] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7638: iget: bad i_size value: 360287970189639690
[  524.969273][T23913] lo speed is unknown, defaulting to 1000
[  524.970529][   T29] audit: type=1400 audit(1749051818.984:12203): avc:  denied  { read } for  pid=23910 comm="syz.5.7637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  525.000195][   T57] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  525.010071][   T57] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  525.039693][T23905] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  525.064291][T19428] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.081895][T23914] netlink: 'syz.5.7637': attribute type 21 has an invalid length.
[  525.089950][T23914] IPv6: NLM_F_CREATE should be specified when creating new route
[  525.118546][T23919] netlink: 'syz.7.7641': attribute type 27 has an invalid length.
[  525.131152][T23921] program syz.8.7640 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  525.293046][T23934] FAULT_INJECTION: forcing a failure.
[  525.293046][T23934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  525.306392][T23934] CPU: 0 UID: 0 PID: 23934 Comm: syz.8.7647 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  525.306502][T23934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  525.306519][T23934] Call Trace:
[  525.306529][T23934]  <TASK>
[  525.306539][T23934]  __dump_stack+0x1d/0x30
[  525.306562][T23934]  dump_stack_lvl+0xe8/0x140
[  525.306589][T23934]  dump_stack+0x15/0x1b
[  525.306645][T23934]  should_fail_ex+0x265/0x280
[  525.306671][T23934]  should_fail+0xb/0x20
[  525.306697][T23934]  should_fail_usercopy+0x1a/0x20
[  525.306733][T23934]  strncpy_from_user+0x25/0x230
[  525.306763][T23934]  ? should_fail_ex+0x30/0x280
[  525.306788][T23934]  strncpy_from_user_nofault+0x68/0xf0
[  525.306817][T23934]  bpf_bprintf_prepare+0x8f3/0xd50
[  525.306928][T23934]  ? xfd_validate_state+0x45/0xf0
[  525.306947][T23934]  ? bpf_trace_run2+0xf5/0x1c0
[  525.306978][T23934]  bpf_trace_printk+0x84/0x1c0
[  525.307051][T23934]  ? bpf_trace_run2+0xf5/0x1c0
[  525.307077][T23934]  bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  525.307094][T23934]  bpf_trace_run2+0x107/0x1c0
[  525.307126][T23934]  ? free_modprobe_argv+0x33/0x50
[  525.307191][T23934]  ? schedule+0x5f/0xd0
[  525.307216][T23934]  ? free_modprobe_argv+0x33/0x50
[  525.307271][T23934]  __traceiter_kfree+0x2b/0x50
[  525.307297][T23934]  ? free_modprobe_argv+0x33/0x50
[  525.307357][T23934]  kfree+0x27b/0x320
[  525.307388][T23934]  ? wait_for_common+0x194/0x1e0
[  525.307573][T23934]  free_modprobe_argv+0x33/0x50
[  525.307602][T23934]  ? __pfx_free_modprobe_argv+0x10/0x10
[  525.307674][T23934]  call_usermodehelper_exec+0xbe/0x2c0
[  525.307725][T23934]  __request_module+0x283/0x3e0
[  525.307754][T23934]  ? capable+0x7c/0xb0
[  525.307781][T23934]  ? security_capable+0x83/0x90
[  525.307861][T23934]  dev_load+0x61/0xc0
[  525.307899][T23934]  dev_ioctl+0x777/0x960
[  525.307937][T23934]  sock_ioctl+0x593/0x610
[  525.307985][T23934]  ? __pfx_sock_ioctl+0x10/0x10
[  525.308007][T23934]  __se_sys_ioctl+0xcb/0x140
[  525.308043][T23934]  __x64_sys_ioctl+0x43/0x50
[  525.308073][T23934]  x64_sys_call+0x19a8/0x2fb0
[  525.308178][T23934]  do_syscall_64+0xd2/0x200
[  525.308232][T23934]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  525.308259][T23934]  ? clear_bhb_loop+0x40/0x90
[  525.308286][T23934]  ? clear_bhb_loop+0x40/0x90
[  525.308313][T23934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.308414][T23934] RIP: 0033:0x7fe2db88e929
[  525.308430][T23934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  525.308453][T23934] RSP: 002b:00007fe2d9ef7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  525.308477][T23934] RAX: ffffffffffffffda RBX: 00007fe2dbab5fa0 RCX: 00007fe2db88e929
[  525.308572][T23934] RDX: 0000200000000300 RSI: 00000000000089f3 RDI: 0000000000000003
[  525.308588][T23934] RBP: 00007fe2d9ef7090 R08: 0000000000000000 R09: 0000000000000000
[  525.308603][T23934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.308615][T23934] R13: 0000000000000000 R14: 00007fe2dbab5fa0 R15: 00007ffe51349138
[  525.308633][T23934]  </TASK>
[  525.663887][T23943] loop0: detected capacity change from 0 to 1024
[  525.701937][T23943] EXT4-fs: Ignoring removed nobh option
[  525.707769][T23943] EXT4-fs: Ignoring removed bh option
[  525.716128][T19067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.732826][T23947] loop8: detected capacity change from 0 to 128
[  525.741643][T23947] vfat: Unknown parameter 'kfree'
[  525.750405][T23943] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.764191][T23947] __nla_validate_parse: 5 callbacks suppressed
[  525.764209][T23947] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7652'.
[  525.765735][T23951] loop2: detected capacity change from 0 to 1024
[  525.773104][T23947] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7652'.
[  525.800507][T19890] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.818745][T23953] netlink: 'syz.7.7653': attribute type 27 has an invalid length.
[  525.830350][T23951] EXT4-fs: Ignoring removed nomblk_io_submit option
[  525.867434][T23955] 9pnet: Could not find request transport: 0xffffffffffffffff
[  525.898205][T23951] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  525.927450][   T29] audit: type=1326 audit(1749051819.943:12204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23950 comm="syz.2.7654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64badce929 code=0x7ffc0000
[  525.959696][   T29] audit: type=1326 audit(1749051819.983:12205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23950 comm="syz.2.7654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f64badce929 code=0x7ffc0000
[  525.983620][   T29] audit: type=1326 audit(1749051819.983:12206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23950 comm="syz.2.7654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64badce929 code=0x7ffc0000
[  526.054668][T19067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  526.107495][T23976] 9pnet: Could not find request transport: 0xffffffffffffffff
[  526.113316][T23972] lo speed is unknown, defaulting to 1000
[  526.130414][T23979] bridge: RTM_NEWNEIGH with invalid ether address
[  526.165767][T23982] loop0: detected capacity change from 0 to 1024
[  526.173016][T23982] EXT4-fs: Ignoring removed bh option
[  526.178564][T23982] EXT4-fs: Ignoring removed nomblk_io_submit option
[  526.189130][T23982] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  526.213697][T23985] loop7: detected capacity change from 0 to 128
[  526.220805][T23985] vfat: Unknown parameter 'kfree'
[  526.229839][T23985] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7667'.
[  526.241913][T23985] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7667'.
[  526.274086][T23986] lo speed is unknown, defaulting to 1000
[  526.497595][T23992] loop7: detected capacity change from 0 to 512
[  526.521325][T23992] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  526.534188][T23992] ext4 filesystem being mounted at /397/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  526.549211][T23992] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  526.647620][T24000] loop7: detected capacity change from 0 to 1024
[  526.654985][T24000] EXT4-fs: Ignoring removed nomblk_io_submit option
[  526.680625][T24000] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  526.719291][T19218] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  526.827529][T24010] loop8: detected capacity change from 0 to 512
[  526.852403][T24010] EXT4-fs (loop8): 1 orphan inode deleted
[  526.858974][T24012] netlink: 65039 bytes leftover after parsing attributes in process `syz.7.7677'.
[  526.870189][   T57] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  526.888808][T24010] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  526.913908][T24010] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  526.927550][T24016] loop2: detected capacity change from 0 to 512
[  526.943207][T24010] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7676: iget: bad i_size value: 360287970189639690
[  526.969804][T24016] EXT4-fs (loop2): 1 orphan inode deleted
[  526.976117][ T3436] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  526.976273][T24016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.007975][ T3436] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  527.027251][T24016] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.038440][T24020] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7677'.
[  527.047695][T24020] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7677'.
[  527.056814][T24020] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7677'.
[  527.066194][T24010] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  527.083168][T24016] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7678: iget: bad i_size value: 360287970189639690
[  527.141555][ T1096] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  527.157197][T24016] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  527.167753][T19890] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.190001][T19428] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.199906][T19067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.271061][T24028] loop2: detected capacity change from 0 to 1024
[  527.274239][T24030] loop8: detected capacity change from 0 to 512
[  527.278747][T24028] EXT4-fs: Ignoring removed bh option
[  527.289476][T24028] EXT4-fs: Ignoring removed nomblk_io_submit option
[  527.303140][T24030] EXT4-fs (loop8): 1 orphan inode deleted
[  527.305199][T24028] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.322962][T24030] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.336232][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  527.355080][T24030] ext4 filesystem being mounted at /355/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.400875][T24030] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7683: iget: bad i_size value: 360287970189639690
[  527.440473][T24035] lo speed is unknown, defaulting to 1000
[  527.505250][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  527.572668][T24030] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  527.599421][T19428] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.702360][T24048] loop0: detected capacity change from 0 to 512
[  527.730623][T24048] EXT4-fs (loop0): 1 orphan inode deleted
[  527.737127][T24048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.750233][T19142] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  527.750783][T24048] ext4 filesystem being mounted at /342/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.783570][T24048] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.7689: iget: bad i_size value: 360287970189639690
[  527.806177][T24048] netlink: 'syz.0.7689': attribute type 4 has an invalid length.
[  527.814927][T24048] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.7689: iget: bad i_size value: 360287970189639690
[  527.827999][ T1096] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  527.842363][T24048] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  527.866140][T19890] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.936848][T24052] bridge: RTM_NEWNEIGH with invalid ether address
[  528.051116][T24064] loop5: detected capacity change from 0 to 512
[  528.079208][T24064] EXT4-fs (loop5): 1 orphan inode deleted
[  528.085301][T24071] loop7: detected capacity change from 0 to 512
[  528.092366][T24064] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.107794][   T57] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  528.127595][T24064] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.155294][T24064] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7696: iget: bad i_size value: 360287970189639690
[  528.170735][T24071] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.203345][T24071] ext4 filesystem being mounted at /407/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.221296][T24074] loop0: detected capacity change from 0 to 2048
[  528.228375][T24071] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.241635][T19137] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1
[  528.254845][T24064] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  528.255115][T19067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.273282][T24074]  loop0: p1 < > p4
[  528.278264][T24074] loop0: p4 size 8388608 extends beyond EOD, truncated
[  528.302638][T22166] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.314619][T24074] netlink: 'syz.0.7699': attribute type 21 has an invalid length.
[  528.322731][T24078] loop7: detected capacity change from 0 to 1024
[  528.325576][T24079] loop2: detected capacity change from 0 to 512
[  528.329908][T24078] EXT4-fs: Ignoring removed nobh option
[  528.341218][T24078] EXT4-fs: Ignoring removed bh option
[  528.356904][T24082] loop5: detected capacity change from 0 to 1024
[  528.361292][T24079] EXT4-fs (loop2): 1 orphan inode deleted
[  528.369901][T24082] EXT4-fs: Ignoring removed nobh option
[  528.369974][T24079] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.375534][T24082] EXT4-fs: Ignoring removed bh option
[  528.392412][T24079] ext4 filesystem being mounted at /319/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.404551][ T1096] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  528.426767][T24079] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7700: iget: bad i_size value: 360287970189639690
[  528.440589][T24088] loop0: detected capacity change from 0 to 512
[  528.456277][T24079] netlink: 'syz.2.7700': attribute type 4 has an invalid length.
[  528.467685][T19137] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1
[  528.476577][T24079] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7700: iget: bad i_size value: 360287970189639690
[  528.496099][T24079] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  528.507444][T24088] ext4 filesystem being mounted at /348/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.520669][T24091] bridge: RTM_NEWNEIGH with invalid ether address
[  528.565106][T24100] loop8: detected capacity change from 0 to 1024
[  528.572242][T24100] EXT4-fs: Ignoring removed nobh option
[  528.577914][T24100] EXT4-fs: Ignoring removed bh option
[  528.617659][T24114] loop5: detected capacity change from 0 to 512
[  528.641855][T24112] loop0: detected capacity change from 0 to 512
[  528.649236][T24120] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7716'.
[  528.650440][T24114] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.658639][T24120] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7716'.
[  528.715076][T24112] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.730131][T24127] netlink: 'syz.8.7717': attribute type 27 has an invalid length.
[  528.743376][T24129] loop5: detected capacity change from 0 to 512
[  528.770379][T24129] EXT4-fs (loop5): 1 orphan inode deleted
[  528.778328][T24129] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.789054][   T57] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  528.809140][T24129] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7718: iget: bad i_size value: 360287970189639690
[  528.827326][T24129] netlink: 'syz.5.7718': attribute type 4 has an invalid length.
[  528.832496][T24138] bridge: RTM_NEWNEIGH with invalid ether address
[  528.841878][T24129] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7718: iget: bad i_size value: 360287970189639690
[  528.843104][T19137] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1
[  528.872286][T24129] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  528.883347][T24142] loop0: detected capacity change from 0 to 512
[  528.911529][T24142] EXT4-fs (loop0): 1 orphan inode deleted
[  528.919170][T24142] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.930138][ T3436] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  528.933679][T24142] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.7722: iget: bad i_size value: 360287970189639690
[  528.967912][ T3436] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  528.984111][T24142] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  528.998662][T24156] loop2: detected capacity change from 0 to 1024
[  529.007972][T24156] EXT4-fs: Ignoring removed nobh option
[  529.013642][T24156] EXT4-fs: Ignoring removed bh option
[  529.061628][T24166] netlink: 'syz.5.7730': attribute type 27 has an invalid length.
[  529.091618][T24171] loop0: detected capacity change from 0 to 512
[  529.110179][T24171] ext4 filesystem being mounted at /355/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  529.127691][T24180] bridge: RTM_NEWNEIGH with invalid ether address
[  529.200521][T24193] loop0: detected capacity change from 0 to 1024
[  529.207417][T24193] EXT4-fs: Ignoring removed nobh option
[  529.213252][T24193] EXT4-fs: Ignoring removed bh option
[  529.250630][T24197] loop8: detected capacity change from 0 to 1024
[  529.257387][T24197] EXT4-fs: Ignoring removed bh option
[  529.263008][T24197] EXT4-fs: Ignoring removed nomblk_io_submit option
[  529.275227][T24204] netlink: 'syz.7.7745': attribute type 27 has an invalid length.
[  529.333393][T24211] bridge: RTM_NEWNEIGH with invalid ether address
[  529.351672][T24214] lo speed is unknown, defaulting to 1000
[  529.375017][T24215] lo speed is unknown, defaulting to 1000
[  529.525784][T24222] loop2: detected capacity change from 0 to 512
[  529.533360][T24222] EXT4-fs: Ignoring removed oldalloc option
[  529.542276][T24222] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  529.552784][T24222] EXT4-fs (loop2): orphan cleanup on readonly fs
[  529.560337][T24222] __quota_error: 99 callbacks suppressed
[  529.560358][T24222] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5
[  529.575543][T24222] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  529.584982][T24222] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.7752: Failed to acquire dquot type 1
[  529.597753][T24222] EXT4-fs (loop2): 1 truncate cleaned up
[  529.637619][T24222] lo speed is unknown, defaulting to 1000
[  530.037104][T24226] loop7: detected capacity change from 0 to 512
[  530.097651][T24226] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  530.219410][T24226] EXT4-fs (loop7): 1 truncate cleaned up
[  530.493998][T24235] loop5: detected capacity change from 0 to 512
[  530.584630][T24235] EXT4-fs (loop5): 1 orphan inode deleted
[  530.598495][T19137] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  530.608510][T19137] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1
[  530.658709][T24235] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  530.672587][T24241] loop0: detected capacity change from 0 to 1024
[  530.714247][T24241] EXT4-fs: Ignoring removed bh option
[  530.720133][T24241] EXT4-fs: Ignoring removed nomblk_io_submit option
[  530.730965][T24235] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7756: iget: bad i_size value: 360287970189639690
[  530.811465][T24235] netlink: 'syz.5.7756': attribute type 4 has an invalid length.
[  530.820162][T19137] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  530.829990][T19137] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1
[  530.855553][T24243] lo speed is unknown, defaulting to 1000
[  530.863934][T24235] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7756: iget: bad i_size value: 360287970189639690
[  531.043006][T24245] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  531.315231][T24251] netlink: 'syz.5.7760': attribute type 27 has an invalid length.
[  531.363682][T24255] bridge: RTM_NEWNEIGH with invalid ether address
[  531.400631][T24259] loop8: detected capacity change from 0 to 512
[  531.412269][T24262] loop7: detected capacity change from 0 to 1024
[  531.420778][T24262] EXT4-fs: Ignoring removed bh option
[  531.426235][T24262] EXT4-fs: Ignoring removed nomblk_io_submit option
[  531.440281][T24259] ext4 filesystem being mounted at /373/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  531.513069][T24272] lo speed is unknown, defaulting to 1000
[  531.535116][T24275] loop5: detected capacity change from 0 to 1024
[  531.549421][T24275] EXT4-fs: Ignoring removed nobh option
[  531.555085][T24275] EXT4-fs: Ignoring removed bh option
[  531.576633][T24274] lo speed is unknown, defaulting to 1000
[  531.595114][T24279] loop0: detected capacity change from 0 to 1024
[  531.620359][T24279] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  531.755334][T24291] loop2: detected capacity change from 0 to 1024
[  531.781164][T24291] EXT4-fs: Ignoring removed bh option
[  531.786664][T24291] EXT4-fs: Ignoring removed nomblk_io_submit option
[  531.795822][T24289] lo speed is unknown, defaulting to 1000
[  531.935423][T24297] loop8: detected capacity change from 0 to 1024
[  531.942439][T24297] EXT4-fs: Ignoring removed nobh option
[  531.948169][T24297] EXT4-fs: Ignoring removed bh option
[  531.978003][T24298] lo speed is unknown, defaulting to 1000
[  532.036145][T24300] bridge: RTM_NEWNEIGH with invalid ether address
[  532.440437][T24327] FAULT_INJECTION: forcing a failure.
[  532.440437][T24327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  532.453704][T24327] CPU: 0 UID: 0 PID: 24327 Comm: syz.0.7788 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  532.453738][T24327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  532.453754][T24327] Call Trace:
[  532.453788][T24327]  <TASK>
[  532.453797][T24327]  __dump_stack+0x1d/0x30
[  532.453821][T24327]  dump_stack_lvl+0xe8/0x140
[  532.453845][T24327]  dump_stack+0x15/0x1b
[  532.453923][T24327]  should_fail_ex+0x265/0x280
[  532.454004][T24327]  should_fail+0xb/0x20
[  532.454078][T24327]  should_fail_usercopy+0x1a/0x20
[  532.454105][T24327]  _copy_from_user+0x1c/0xb0
[  532.454140][T24327]  ___sys_sendmsg+0xc1/0x1d0
[  532.454233][T24327]  __x64_sys_sendmsg+0xd4/0x160
[  532.454274][T24327]  x64_sys_call+0x2999/0x2fb0
[  532.454296][T24327]  do_syscall_64+0xd2/0x200
[  532.454344][T24327]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  532.454390][T24327]  ? clear_bhb_loop+0x40/0x90
[  532.454440][T24327]  ? clear_bhb_loop+0x40/0x90
[  532.454466][T24327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.454546][T24327] RIP: 0033:0x7fbf307ce929
[  532.454583][T24327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.454603][T24327] RSP: 002b:00007fbf2ee37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  532.454622][T24327] RAX: ffffffffffffffda RBX: 00007fbf309f5fa0 RCX: 00007fbf307ce929
[  532.454635][T24327] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000003
[  532.454648][T24327] RBP: 00007fbf2ee37090 R08: 0000000000000000 R09: 0000000000000000
[  532.454660][T24327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  532.454697][T24327] R13: 0000000000000000 R14: 00007fbf309f5fa0 R15: 00007ffed0f6a4e8
[  532.454720][T24327]  </TASK>
[  532.458092][T24328] bridge: RTM_NEWNEIGH with invalid ether address
[  532.677922][T24326] loop7: detected capacity change from 0 to 2048
[  532.701109][T24326]  loop7: p1 < > p4
[  532.707765][T24326] loop7: p4 size 8388608 extends beyond EOD, truncated
[  532.722303][T24326] netlink: 'syz.7.7789': attribute type 21 has an invalid length.
[  532.735671][T24331] lo speed is unknown, defaulting to 1000
[  532.748261][   T29] audit: type=1326 audit(1749051826.761:12290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24332 comm="syz.8.7793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2db88e929 code=0x7ffc0000
[  532.782889][   T29] audit: type=1326 audit(1749051826.801:12291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24332 comm="syz.8.7793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe2db88e929 code=0x7ffc0000
[  532.806808][   T29] audit: type=1326 audit(1749051826.801:12292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24332 comm="syz.8.7793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2db88e929 code=0x7ffc0000
[  532.830684][   T29] audit: type=1326 audit(1749051826.801:12293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24332 comm="syz.8.7793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2db88e929 code=0x7ffc0000
[  532.879674][T24343] FAULT_INJECTION: forcing a failure.
[  532.879674][T24343] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  532.880908][T24341] loop2: detected capacity change from 0 to 512
[  532.893071][T24343] CPU: 0 UID: 0 PID: 24343 Comm: syz.7.7796 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  532.893112][T24343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  532.893151][T24343] Call Trace:
[  532.893162][T24343]  <TASK>
[  532.893173][T24343]  __dump_stack+0x1d/0x30
[  532.893203][T24343]  dump_stack_lvl+0xe8/0x140
[  532.893229][T24343]  dump_stack+0x15/0x1b
[  532.893245][T24343]  should_fail_ex+0x265/0x280
[  532.893267][T24343]  should_fail+0xb/0x20
[  532.893289][T24343]  should_fail_usercopy+0x1a/0x20
[  532.893387][T24343]  _copy_from_user+0x1c/0xb0
[  532.893420][T24343]  copy_from_bpfptr+0x5c/0x90
[  532.893465][T24343]  bpf_prog_load+0x74a/0x1070
[  532.893608][T24343]  ? security_bpf+0x2b/0x90
[  532.893640][T24343]  __sys_bpf+0x51d/0x790
[  532.893690][T24343]  __x64_sys_bpf+0x41/0x50
[  532.893806][T24343]  x64_sys_call+0x2478/0x2fb0
[  532.893834][T24343]  do_syscall_64+0xd2/0x200
[  532.893880][T24343]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  532.893961][T24343]  ? clear_bhb_loop+0x40/0x90
[  532.893991][T24343]  ? clear_bhb_loop+0x40/0x90
[  532.894020][T24343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.894048][T24343] RIP: 0033:0x7f170aa4e929
[  532.894069][T24343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.894168][T24343] RSP: 002b:00007f17090b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  532.894193][T24343] RAX: ffffffffffffffda RBX: 00007f170ac75fa0 RCX: 00007f170aa4e929
[  532.894210][T24343] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  532.894289][T24343] RBP: 00007f17090b7090 R08: 0000000000000000 R09: 0000000000000000
[  532.894305][T24343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  532.894322][T24343] R13: 0000000000000000 R14: 00007f170ac75fa0 R15: 00007ffd745042e8
[  532.894347][T24343]  </TASK>
[  532.901395][T24345] loop8: detected capacity change from 0 to 512
[  532.933966][T24343] loop7: detected capacity change from 0 to 1024
[  532.944730][T24341] ext4 filesystem being mounted at /338/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.011785][T24345] EXT4-fs (loop8): 1 orphan inode deleted
[  533.049674][   T57] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  533.057023][T24345] ext4 filesystem being mounted at /383/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.063054][   T57] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  533.135742][T24345] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7797: iget: bad i_size value: 360287970189639690
[  533.174905][   T57] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  533.184788][   T57] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  533.205518][T24345] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  533.253454][T24361] FAULT_INJECTION: forcing a failure.
[  533.253454][T24361] name failslab, interval 1, probability 0, space 0, times 0
[  533.266338][T24361] CPU: 1 UID: 0 PID: 24361 Comm: syz.7.7799 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  533.266376][T24361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  533.266407][T24361] Call Trace:
[  533.266416][T24361]  <TASK>
[  533.266425][T24361]  __dump_stack+0x1d/0x30
[  533.266452][T24361]  dump_stack_lvl+0xe8/0x140
[  533.266478][T24361]  dump_stack+0x15/0x1b
[  533.266499][T24361]  should_fail_ex+0x265/0x280
[  533.266525][T24361]  ? dev_ethtool+0x96/0x1650
[  533.266608][T24361]  should_failslab+0x8c/0xb0
[  533.266640][T24361]  __kmalloc_cache_noprof+0x4c/0x320
[  533.266681][T24361]  dev_ethtool+0x96/0x1650
[  533.266703][T24361]  ? full_name_hash+0x92/0xe0
[  533.266748][T24361]  ? strcmp+0x22/0x50
[  533.266789][T24361]  dev_ioctl+0x2e0/0x960
[  533.266859][T24361]  sock_do_ioctl+0x197/0x220
[  533.266887][T24361]  sock_ioctl+0x41b/0x610
[  533.266911][T24361]  ? __pfx_sock_ioctl+0x10/0x10
[  533.266932][T24361]  __se_sys_ioctl+0xcb/0x140
[  533.266992][T24361]  __x64_sys_ioctl+0x43/0x50
[  533.267049][T24361]  x64_sys_call+0x19a8/0x2fb0
[  533.267077][T24361]  do_syscall_64+0xd2/0x200
[  533.267120][T24361]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  533.267235][T24361]  ? clear_bhb_loop+0x40/0x90
[  533.267325][T24361]  ? clear_bhb_loop+0x40/0x90
[  533.267430][T24361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.267456][T24361] RIP: 0033:0x7f170aa4e929
[  533.267475][T24361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  533.267499][T24361] RSP: 002b:00007f17090b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  533.267523][T24361] RAX: ffffffffffffffda RBX: 00007f170ac75fa0 RCX: 00007f170aa4e929
[  533.267540][T24361] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000003a
[  533.267583][T24361] RBP: 00007f17090b7090 R08: 0000000000000000 R09: 0000000000000000
[  533.267599][T24361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  533.267709][T24361] R13: 0000000000000000 R14: 00007f170ac75fa0 R15: 00007ffd745042e8
[  533.267734][T24361]  </TASK>
[  533.483273][T24364] loop5: detected capacity change from 0 to 1024
[  533.490281][T24364] EXT4-fs: Ignoring removed bh option
[  533.495703][T24364] EXT4-fs: Ignoring removed nomblk_io_submit option
[  533.602613][T24372] loop7: detected capacity change from 0 to 512
[  533.618137][T24378] loop8: detected capacity change from 0 to 512
[  533.620261][T24380] lo speed is unknown, defaulting to 1000
[  533.652679][T24378] ext4 filesystem being mounted at /387/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.727526][T24388] loop0: detected capacity change from 0 to 512
[  533.741980][T24388] ext4 filesystem being mounted at /367/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.763059][T24392] loop8: detected capacity change from 0 to 512
[  533.792671][T24392] EXT4-fs (loop8): 1 orphan inode deleted
[  533.810176][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  533.835784][T24392] ext4 filesystem being mounted at /388/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.848852][T24392] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.7812: iget: bad i_size value: 360287970189639690
[  533.865926][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  533.878905][T24392] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  533.951497][T24400] loop0: detected capacity change from 0 to 512
[  533.958661][T24400] EXT4-fs: Ignoring removed oldalloc option
[  533.975796][T24400] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  534.031889][T24400] EXT4-fs (loop0): orphan cleanup on readonly fs
[  534.040631][T24400] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.7814: Failed to acquire dquot type 1
[  534.053610][T24400] EXT4-fs (loop0): 1 truncate cleaned up
[  534.083128][T24400] lo speed is unknown, defaulting to 1000
[  534.645808][T24406] __nla_validate_parse: 4 callbacks suppressed
[  534.645828][T24406] netlink: 164 bytes leftover after parsing attributes in process `syz.2.7817'.
[  534.766610][T24406] FAULT_INJECTION: forcing a failure.
[  534.766610][T24406] name failslab, interval 1, probability 0, space 0, times 0
[  534.779361][T24406] CPU: 0 UID: 0 PID: 24406 Comm: syz.2.7817 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  534.779395][T24406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  534.779412][T24406] Call Trace:
[  534.779434][T24406]  <TASK>
[  534.779445][T24406]  __dump_stack+0x1d/0x30
[  534.779471][T24406]  dump_stack_lvl+0xe8/0x140
[  534.779491][T24406]  dump_stack+0x15/0x1b
[  534.779507][T24406]  should_fail_ex+0x265/0x280
[  534.779581][T24406]  should_failslab+0x8c/0xb0
[  534.779607][T24406]  __kmalloc_node_noprof+0xa9/0x410
[  534.779634][T24406]  ? __vmalloc_node_range_noprof+0x3f9/0xe00
[  534.779675][T24406]  __vmalloc_node_range_noprof+0x3f9/0xe00
[  534.779759][T24406]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  534.779786][T24406]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  534.779825][T24406]  __vmalloc_noprof+0x83/0xc0
[  534.779905][T24406]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  534.779984][T24406]  bpf_prog_alloc_no_stats+0x47/0x390
[  534.780016][T24406]  ? bpf_prog_alloc+0x2a/0x150
[  534.780099][T24406]  bpf_prog_alloc+0x3c/0x150
[  534.780134][T24406]  bpf_prog_create+0x73/0x130
[  534.780161][T24406]  tcf_bpf_init_from_ops+0x114/0x1c0
[  534.780250][T24406]  tcf_bpf_init+0x3ae/0x610
[  534.780277][T24406]  tcf_action_init_1+0x36a/0x4a0
[  534.780304][T24406]  tcf_action_init+0x267/0x6d0
[  534.780327][T24406]  ? bsearch+0x95/0xc0
[  534.780385][T24406]  tc_ctl_action+0x291/0x830
[  534.780455][T24406]  ? __pfx_tc_ctl_action+0x10/0x10
[  534.780483][T24406]  rtnetlink_rcv_msg+0x657/0x6d0
[  534.780521][T24406]  ? avc_has_perm_noaudit+0x1b1/0x200
[  534.780582][T24406]  netlink_rcv_skb+0x123/0x220
[  534.780617][T24406]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  534.780742][T24406]  rtnetlink_rcv+0x1c/0x30
[  534.780837][T24406]  netlink_unicast+0x59e/0x670
[  534.780865][T24406]  netlink_sendmsg+0x58b/0x6b0
[  534.780955][T24406]  ? __pfx_netlink_sendmsg+0x10/0x10
[  534.781031][T24406]  __sock_sendmsg+0x145/0x180
[  534.781108][T24406]  ____sys_sendmsg+0x31e/0x4e0
[  534.781143][T24406]  ___sys_sendmsg+0x17b/0x1d0
[  534.781191][T24406]  __x64_sys_sendmsg+0xd4/0x160
[  534.781277][T24406]  x64_sys_call+0x2999/0x2fb0
[  534.781300][T24406]  do_syscall_64+0xd2/0x200
[  534.781328][T24406]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  534.781364][T24406]  ? clear_bhb_loop+0x40/0x90
[  534.781393][T24406]  ? clear_bhb_loop+0x40/0x90
[  534.781436][T24406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.781463][T24406] RIP: 0033:0x7f64badce929
[  534.781478][T24406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.781497][T24406] RSP: 002b:00007f64b9437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  534.781520][T24406] RAX: ffffffffffffffda RBX: 00007f64baff5fa0 RCX: 00007f64badce929
[  534.781537][T24406] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  534.781590][T24406] RBP: 00007f64b9437090 R08: 0000000000000000 R09: 0000000000000000
[  534.781606][T24406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  534.781622][T24406] R13: 0000000000000000 R14: 00007f64baff5fa0 R15: 00007ffffd5fa5a8
[  534.781684][T24406]  </TASK>
[  535.089712][T24406] syz.2.7817: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  535.108106][T24406] CPU: 0 UID: 0 PID: 24406 Comm: syz.2.7817 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  535.108134][T24406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  535.108148][T24406] Call Trace:
[  535.108157][T24406]  <TASK>
[  535.108167][T24406]  __dump_stack+0x1d/0x30
[  535.108226][T24406]  dump_stack_lvl+0xe8/0x140
[  535.108246][T24406]  dump_stack+0x15/0x1b
[  535.108261][T24406]  warn_alloc+0x12b/0x1a0
[  535.108300][T24406]  ? should_failslab+0x8c/0xb0
[  535.108374][T24406]  __vmalloc_node_range_noprof+0x497/0xe00
[  535.108408][T24406]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  535.108500][T24406]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  535.108543][T24406]  __vmalloc_noprof+0x83/0xc0
[  535.108578][T24406]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  535.108611][T24406]  bpf_prog_alloc_no_stats+0x47/0x390
[  535.108653][T24406]  ? bpf_prog_alloc+0x2a/0x150
[  535.108736][T24406]  bpf_prog_alloc+0x3c/0x150
[  535.108766][T24406]  bpf_prog_create+0x73/0x130
[  535.108797][T24406]  tcf_bpf_init_from_ops+0x114/0x1c0
[  535.108831][T24406]  tcf_bpf_init+0x3ae/0x610
[  535.108864][T24406]  tcf_action_init_1+0x36a/0x4a0
[  535.108939][T24406]  tcf_action_init+0x267/0x6d0
[  535.108994][T24406]  ? bsearch+0x95/0xc0
[  535.109039][T24406]  tc_ctl_action+0x291/0x830
[  535.109085][T24406]  ? __pfx_tc_ctl_action+0x10/0x10
[  535.109106][T24406]  rtnetlink_rcv_msg+0x657/0x6d0
[  535.109208][T24406]  ? avc_has_perm_noaudit+0x1b1/0x200
[  535.109251][T24406]  netlink_rcv_skb+0x123/0x220
[  535.109286][T24406]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  535.109357][T24406]  rtnetlink_rcv+0x1c/0x30
[  535.109489][T24406]  netlink_unicast+0x59e/0x670
[  535.109526][T24406]  netlink_sendmsg+0x58b/0x6b0
[  535.109609][T24406]  ? __pfx_netlink_sendmsg+0x10/0x10
[  535.109692][T24406]  __sock_sendmsg+0x145/0x180
[  535.109727][T24406]  ____sys_sendmsg+0x31e/0x4e0
[  535.109764][T24406]  ___sys_sendmsg+0x17b/0x1d0
[  535.109816][T24406]  __x64_sys_sendmsg+0xd4/0x160
[  535.109912][T24406]  x64_sys_call+0x2999/0x2fb0
[  535.109941][T24406]  do_syscall_64+0xd2/0x200
[  535.109980][T24406]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  535.110014][T24406]  ? clear_bhb_loop+0x40/0x90
[  535.110054][T24406]  ? clear_bhb_loop+0x40/0x90
[  535.110078][T24406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.110172][T24406] RIP: 0033:0x7f64badce929
[  535.110187][T24406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.110211][T24406] RSP: 002b:00007f64b9437038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  535.110235][T24406] RAX: ffffffffffffffda RBX: 00007f64baff5fa0 RCX: 00007f64badce929
[  535.110251][T24406] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  535.110267][T24406] RBP: 00007f64b9437090 R08: 0000000000000000 R09: 0000000000000000
[  535.110357][T24406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  535.110372][T24406] R13: 0000000000000000 R14: 00007f64baff5fa0 R15: 00007ffffd5fa5a8
[  535.110395][T24406]  </TASK>
[  535.407506][T24406] Mem-Info:
[  535.410803][T24406] active_anon:8369 inactive_anon:31 isolated_anon:0
[  535.410803][T24406]  active_file:6575 inactive_file:12035 isolated_file:0
[  535.410803][T24406]  unevictable:0 dirty:153 writeback:0
[  535.410803][T24406]  slab_reclaimable:3337 slab_unreclaimable:18295
[  535.410803][T24406]  mapped:30633 shmem:1674 pagetables:1158
[  535.410803][T24406]  sec_pagetables:0 bounce:0
[  535.410803][T24406]  kernel_misc_reclaimable:0
[  535.410803][T24406]  free:1869131 free_pcp:3406 free_cma:0
[  535.456075][T24406] Node 0 active_anon:33940kB inactive_anon:124kB active_file:26300kB inactive_file:48140kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:122532kB dirty:612kB writeback:0kB shmem:6696kB writeback_tmp:0kB kernel_stack:2960kB pagetables:4632kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  535.485221][T24406] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  535.513953][T24406] lowmem_reserve[]: 0 2882 7860 7860
[  535.519401][T24406] Node 0 DMA32 free:2947872kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951400kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[  535.550178][T24406] lowmem_reserve[]: 0 0 4978 4978
[  535.555265][T24406] Node 0 Normal free:4505172kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:35100kB inactive_anon:124kB active_file:26300kB inactive_file:48140kB unevictable:0kB writepending:612kB present:5242880kB managed:5098232kB mlocked:0kB bounce:0kB free_pcp:16468kB local_pcp:5592kB free_cma:0kB
[  535.587412][T24406] lowmem_reserve[]: 0 0 0 0
[  535.591975][T24406] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  535.604755][T24406] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 2*16kB (M) 3*32kB (M) 4*64kB (M) 3*128kB (M) 4*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947872kB
[  535.621055][T24406] Node 0 Normal: 377*4kB (U) 936*8kB (UME) 335*16kB (UME) 533*32kB (UME) 240*64kB (UME) 109*128kB (UME) 39*256kB (UM) 95*512kB (UME) 55*1024kB (UE) 24*2048kB (U) 1045*4096kB (UM) = 4505140kB
[  535.640241][T24406] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  535.649550][T24406] 20251 total pagecache pages
[  535.654329][T24406] 33 pages in swap cache
[  535.658588][T24406] Free swap  = 124696kB
[  535.662800][T24406] Total swap = 124996kB
[  535.667083][T24406] 2097051 pages RAM
[  535.670952][T24406] 0 pages HighMem/MovableOnly
[  535.675641][T24406] 80803 pages reserved
[  535.690553][T24410] loop7: detected capacity change from 0 to 128
[  535.697455][T24410] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  535.739697][T24410] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  535.862007][T24416] lo speed is unknown, defaulting to 1000
[  535.896869][T24419] loop5: detected capacity change from 0 to 512
[  535.909016][T24421] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  535.911142][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  535.911172][   T29] audit: type=1400 audit(1749051829.920:12302): avc:  denied  { mounton } for  pid=24409 comm="syz.7.7819" path="/425/file0/file1" dev="loop7" ino=156 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  536.014790][T24424] lo speed is unknown, defaulting to 1000
[  536.230919][   T31] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  536.291798][T24419] EXT4-fs (loop5): 1 orphan inode deleted
[  536.298964][T24419] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  536.354286][T24431] loop0: detected capacity change from 0 to 1024
[  536.355257][   T57] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  536.361258][T24431] EXT4-fs: Ignoring removed nobh option
[  536.370516][   T57] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  536.387717][T24431] EXT4-fs: Ignoring removed bh option
[  536.394861][T24419] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7820: iget: bad i_size value: 360287970189639690
[  536.414467][T24433] lo speed is unknown, defaulting to 1000
[  536.415145][T24419] netlink: 'syz.5.7820': attribute type 4 has an invalid length.
[  536.433731][   T57] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  536.435684][T24419] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.7820: iget: bad i_size value: 360287970189639690
[  536.443593][   T57] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  536.498483][T24419] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  536.633365][T24447] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7831'.
[  536.692234][T24451] loop0: detected capacity change from 0 to 2048
[  536.699141][T24451] EXT4-fs: Ignoring removed bh option
[  536.715830][T24455] loop5: detected capacity change from 0 to 1024
[  536.727829][T24455] EXT4-fs: Ignoring removed bh option
[  536.733363][T24455] EXT4-fs: Ignoring removed nomblk_io_submit option
[  536.790150][T24461] bridge: RTM_NEWNEIGH with invalid ether address
[  536.842554][T24467] lo speed is unknown, defaulting to 1000
[  536.855032][T24468] loop2: detected capacity change from 0 to 512
[  536.888791][T24471] loop7: detected capacity change from 0 to 1024
[  536.954212][T24468] EXT4-fs (loop2): 1 orphan inode deleted
[  536.962942][T24468] ext4 filesystem being mounted at /346/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  536.974828][   T31] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  536.984854][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  537.004903][T24471] EXT4-fs: Ignoring removed bh option
[  537.010574][T24471] EXT4-fs: Ignoring removed nomblk_io_submit option
[  537.022512][T24468] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7839: iget: bad i_size value: 360287970189639690
[  537.053038][T24468] netlink: 'syz.2.7839': attribute type 4 has an invalid length.
[  537.072410][   T51] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  537.082308][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  537.100208][T24468] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.7839: iget: bad i_size value: 360287970189639690
[  537.113218][   T29] audit: type=1400 audit(1749051831.120:12303): avc:  denied  { lock } for  pid=24450 comm="syz.0.7833" path="/374/file1/cpuset.effective_cpus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  537.150633][T24468] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  537.154984][T24480] lo speed is unknown, defaulting to 1000
[  537.197569][T24483] loop8: detected capacity change from 0 to 128
[  537.210236][T24483] vfat: Unknown parameter 'kfree'
[  537.229286][T24483] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7842'.
[  537.240259][T24483] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7842'.
[  537.294174][T24485] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7843'.
[  537.355998][   T29] audit: type=1326 audit(1749051831.370:12304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24486 comm="syz.8.7844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2db88e929 code=0x7ffc0000
[  537.385920][T24487] loop8: detected capacity change from 0 to 256
[  537.400350][T24487] FAT-fs (loop8): bogus number of FAT sectors
[  537.406595][T24487] FAT-fs (loop8): Can't find a valid FAT filesystem
[  537.449164][   T29] audit: type=1326 audit(1749051831.370:12305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24486 comm="syz.8.7844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2db88e929 code=0x7ffc0000
[  537.472937][   T29] audit: type=1326 audit(1749051831.370:12306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24486 comm="syz.8.7844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2db88e929 code=0x7ffc0000
[  537.496585][   T29] audit: type=1326 audit(1749051831.370:12307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24486 comm="syz.8.7844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fe2db88e929 code=0x7ffc0000
[  537.593948][T24492] lo speed is unknown, defaulting to 1000
[  537.605906][T24493] loop2: detected capacity change from 0 to 512
[  537.612623][T24493] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  537.879950][T24504] lo speed is unknown, defaulting to 1000
[  537.948069][T24514] loop5: detected capacity change from 0 to 1024
[  537.965603][T24514] EXT4-fs: Ignoring removed bh option
[  537.971194][T24514] EXT4-fs: Ignoring removed nomblk_io_submit option
[  537.982560][ T1096] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  538.000476][T24517] loop7: detected capacity change from 0 to 512
[  538.012751][ T1096] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  538.025168][ T1096] EXT4-fs (loop0): This should not happen!! Data will be lost
[  538.025168][ T1096] 
[  538.034866][ T1096] EXT4-fs (loop0): Total free blocks count 0
[  538.040896][ T1096] EXT4-fs (loop0): Free/Dirty block details
[  538.046872][ T1096] EXT4-fs (loop0): free_blocks=2415919104
[  538.052670][ T1096] EXT4-fs (loop0): dirty_blocks=8224
[  538.057981][ T1096] EXT4-fs (loop0): Block reservation details
[  538.064030][ T1096] EXT4-fs (loop0): i_reserved_data_blocks=514
[  538.085235][   T51] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  538.097955][   T51] EXT4-fs (loop0): This should not happen!! Data will be lost
[  538.097955][   T51] 
[  538.103588][T24523] lo speed is unknown, defaulting to 1000
[  538.122130][T24517] EXT4-fs (loop7): 1 orphan inode deleted
[  538.139580][T24525] loop8: detected capacity change from 0 to 1024
[  538.146423][ T1096] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  538.196337][T24517] ext4 filesystem being mounted at /432/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  538.207794][T24525] EXT4-fs: Ignoring removed nobh option
[  538.213537][T24525] EXT4-fs: Ignoring removed bh option
[  538.222907][T24517] EXT4-fs error (device loop7): ext4_lookup:1787: inode #15: comm syz.7.7854: iget: bad i_size value: 360287970189639690
[  538.272128][T24517] netlink: 'syz.7.7854': attribute type 4 has an invalid length.
[  538.280752][T24517] EXT4-fs error (device loop7): ext4_lookup:1787: inode #15: comm syz.7.7854: iget: bad i_size value: 360287970189639690
[  538.294238][ T1096] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  538.305961][T24530] loop8: detected capacity change from 0 to 1024
[  538.312940][T24530] EXT4-fs: Ignoring removed bh option
[  538.318388][T24530] EXT4-fs: Ignoring removed nomblk_io_submit option
[  538.335779][T24532] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  538.424005][T24537] lo speed is unknown, defaulting to 1000
[  538.441633][T24539] netlink: 'syz.0.7860': attribute type 27 has an invalid length.
[  538.476662][T24541] loop7: detected capacity change from 0 to 1024
[  538.527481][T24541] EXT4-fs: Ignoring removed bh option
[  538.533144][T24541] EXT4-fs: Ignoring removed nomblk_io_submit option
[  538.534693][T24544] loop0: detected capacity change from 0 to 2048
[  538.600672][T24544]  loop0: p1 < > p4
[  538.605957][T24544] loop0: p4 size 8388608 extends beyond EOD, truncated
[  538.646181][T24547] lo speed is unknown, defaulting to 1000
[  538.666789][T24549] loop0: detected capacity change from 0 to 128
[  538.677306][T24549] vfat: Unknown parameter 'kfree'
[  538.689517][T24549] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7862'.
[  538.702507][T24549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7862'.
[  538.929887][T24558] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7865'.
[  539.007395][T24561] loop0: detected capacity change from 0 to 512
[  539.017339][T24563] loop2: detected capacity change from 0 to 512
[  539.026833][T24563] EXT4-fs error (device loop2): __ext4_iget:5379: inode #11: block 1: comm syz.2.7867: invalid block
[  539.052360][T24563] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.7867: couldn't read orphan inode 11 (err -117)
[  539.090128][T24563] EXT4-fs error (device loop2): ext4_add_entry:2417: inode #2: comm syz.2.7867: Directory hole found for htree leaf block 0
[  539.124407][T24561] EXT4-fs (loop0): 1 orphan inode deleted
[  539.131609][T24561] ext4 filesystem being mounted at /381/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  539.143592][   T51] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  539.157611][T24561] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.7868: iget: bad i_size value: 360287970189639690
[  539.175873][   T57] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[  539.192965][T24561] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  539.296636][T24575] loop2: detected capacity change from 0 to 512
[  539.312472][T24574] netlink: 'syz.0.7872': attribute type 27 has an invalid length.
[  539.315353][T24575] ext4 filesystem being mounted at /354/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  539.456687][T24584] loop2: detected capacity change from 0 to 1024
[  539.463727][T24584] EXT4-fs: Ignoring removed bh option
[  539.469209][T24584] EXT4-fs: Ignoring removed nomblk_io_submit option
[  539.512737][T24587] lo speed is unknown, defaulting to 1000
[  539.791939][T24594] loop7: detected capacity change from 0 to 512
[  539.801570][T24588] lo speed is unknown, defaulting to 1000
[  539.811060][T24594] EXT4-fs: Ignoring removed i_version option
[  539.817128][T24594] EXT4-fs: Ignoring removed mblk_io_submit option
[  539.846853][T24594] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  539.857015][T24594] EXT4-fs (loop7): can't mount with data_err=abort, fs mounted w/o journal
[  539.882501][T24594] loop7: detected capacity change from 0 to 1024
[  539.950986][T24598] netlink: 'syz.5.7878': attribute type 27 has an invalid length.
[  540.022598][T24603] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7880'.
[  540.032572][T24603] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7880'.
[  540.171391][T24606] FAULT_INJECTION: forcing a failure.
[  540.171391][T24606] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  540.184898][T24606] CPU: 1 UID: 0 PID: 24606 Comm: syz.8.7881 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  540.184988][T24606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  540.185004][T24606] Call Trace:
[  540.185013][T24606]  <TASK>
[  540.185024][T24606]  __dump_stack+0x1d/0x30
[  540.185048][T24606]  dump_stack_lvl+0xe8/0x140
[  540.185074][T24606]  dump_stack+0x15/0x1b
[  540.185136][T24606]  should_fail_ex+0x265/0x280
[  540.185233][T24606]  should_fail+0xb/0x20
[  540.185257][T24606]  should_fail_usercopy+0x1a/0x20
[  540.185284][T24606]  _copy_from_user+0x1c/0xb0
[  540.185326][T24606]  ___sys_sendmsg+0xc1/0x1d0
[  540.185445][T24606]  __x64_sys_sendmsg+0xd4/0x160
[  540.185484][T24606]  x64_sys_call+0x2999/0x2fb0
[  540.185527][T24606]  do_syscall_64+0xd2/0x200
[  540.185564][T24606]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  540.185616][T24606]  ? clear_bhb_loop+0x40/0x90
[  540.185639][T24606]  ? clear_bhb_loop+0x40/0x90
[  540.185693][T24606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.185722][T24606] RIP: 0033:0x7fe2db88e929
[  540.185742][T24606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.185766][T24606] RSP: 002b:00007fe2d9ef7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  540.185791][T24606] RAX: ffffffffffffffda RBX: 00007fe2dbab5fa0 RCX: 00007fe2db88e929
[  540.185861][T24606] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000004
[  540.185878][T24606] RBP: 00007fe2d9ef7090 R08: 0000000000000000 R09: 0000000000000000
[  540.185894][T24606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.185911][T24606] R13: 0000000000000000 R14: 00007fe2dbab5fa0 R15: 00007ffe51349138
[  540.185936][T24606]  </TASK>
[  540.394729][T24608] loop8: detected capacity change from 0 to 1024
[  540.402834][T24608] EXT4-fs: Ignoring removed nobh option
[  540.408491][T24608] EXT4-fs: Ignoring removed bh option
[  540.423041][T24612] loop2: detected capacity change from 0 to 1024
[  540.429953][T24612] EXT4-fs: Ignoring removed bh option
[  540.435538][T24612] EXT4-fs: Ignoring removed nomblk_io_submit option
[  540.547209][T24619] lo speed is unknown, defaulting to 1000
[  540.582025][T24623] loop0: detected capacity change from 0 to 1024
[  540.588776][T24623] EXT4-fs: Ignoring removed bh option
[  540.594356][T24623] EXT4-fs: Ignoring removed nomblk_io_submit option
[  540.662168][T24628] loop7: detected capacity change from 0 to 1024
[  540.675161][T24629] lo speed is unknown, defaulting to 1000
[  540.732535][T24628] EXT4-fs: Ignoring removed bh option
[  540.738018][T24628] EXT4-fs: Ignoring removed nomblk_io_submit option
[  540.882124][T24632] netlink: 'syz.5.7889': attribute type 27 has an invalid length.
[  541.036755][T24635] lo speed is unknown, defaulting to 1000
[  541.075909][T24637] ==================================================================
[  541.084072][T24637] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  541.092367][T24637] 
[  541.094709][T24637] write to 0xffff88810b5e4a50 of 4 bytes by task 24628 on cpu 0:
[  541.102450][T24637]  writeback_single_inode+0x14a/0x3e0
[  541.107864][T24637]  sync_inode_metadata+0x5b/0x90
[  541.112840][T24637]  generic_buffers_fsync_noflush+0xd9/0x120
[  541.118796][T24637]  ext4_sync_file+0x1ab/0x690
[  541.123519][T24637]  vfs_fsync_range+0x10d/0x130
[  541.128323][T24637]  ext4_buffered_write_iter+0x34f/0x3c0
[  541.133906][T24637]  ext4_file_write_iter+0x383/0xf00
[  541.139138][T24637]  iter_file_splice_write+0x5f2/0x970
[  541.144578][T24637]  direct_splice_actor+0x153/0x2a0
[  541.149742][T24637]  splice_direct_to_actor+0x30f/0x680
[  541.155153][T24637]  do_splice_direct+0xda/0x150
[  541.159970][T24637]  do_sendfile+0x380/0x650
[  541.164431][T24637]  __x64_sys_sendfile64+0x105/0x150
[  541.169665][T24637]  x64_sys_call+0xb39/0x2fb0
[  541.174292][T24637]  do_syscall_64+0xd2/0x200
[  541.178929][T24637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.184871][T24637] 
[  541.187216][T24637] read to 0xffff88810b5e4a50 of 4 bytes by task 24637 on cpu 1:
[  541.194875][T24637]  __mark_inode_dirty+0x18e/0x760
[  541.199931][T24637]  ext4_write_inline_data_end+0x3e5/0x5f0
[  541.205706][T24637]  ext4_write_end+0x4cd/0x730
[  541.210518][T24637]  generic_perform_write+0x30f/0x490
[  541.215844][T24637]  ext4_buffered_write_iter+0x1ee/0x3c0
[  541.221432][T24637]  ext4_file_write_iter+0x383/0xf00
[  541.226675][T24637]  iter_file_splice_write+0x5f2/0x970
[  541.232112][T24637]  direct_splice_actor+0x153/0x2a0
[  541.237275][T24637]  splice_direct_to_actor+0x30f/0x680
[  541.242702][T24637]  do_splice_direct+0xda/0x150
[  541.247517][T24637]  do_sendfile+0x380/0x650
[  541.251976][T24637]  __x64_sys_sendfile64+0x105/0x150
[  541.257222][T24637]  x64_sys_call+0xb39/0x2fb0
[  541.261865][T24637]  do_syscall_64+0xd2/0x200
[  541.266423][T24637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.272364][T24637] 
[  541.274719][T24637] value changed: 0x00000038 -> 0x00000002
[  541.280548][T24637] 
[  541.282893][T24637] Reported by Kernel Concurrency Sanitizer on:
[  541.289071][T24637] CPU: 1 UID: 0 PID: 24637 Comm: syz.7.7888 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(voluntary) 
[  541.301248][T24637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  541.311336][T24637] ==================================================================