last executing test programs:

59.130011197s ago: executing program 4 (id=3659):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r2=>0x0}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000022"], 0x48)
r4 = socket(0x2c, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r5, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r4}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r3, &(0x7f0000000140), &(0x7f0000000080)=@udp=r4}, 0x20)
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r8 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)

58.736040269s ago: executing program 4 (id=3661):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0x1b, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)

58.60384877s ago: executing program 4 (id=3662):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=@newlink={0x54, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x100}, @IFLA_GRE_ERSPAN_DIR={0x5}]}}}]}, 0x54}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x100}, 0x18)
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x8, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x8, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f4, &(0x7f00000001c0)={'syztnl0\x00', 0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)={0x28, 0x0, 0x10ada85e65c25359, 0xfffffffd, 0x25dfdbfc, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}}, 0x28}}, 0x0)
ioctl$EVIOCGRAB(r6, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
close(r6)
write$UHID_CREATE2(r3, &(0x7f0000002000)={0xb, {'syz0\x00', 'syz1\x00', 'syz1\x00', 0xee8, 0x100, 0xf6, 0xe, 0x6, 0x5, "9d62bb36a4a1bb6063ee7e9d308a6bf4be0bd41d5d107f9e223a6c47152289bff94cce011e8fb0f917d02a1492b5cc42384e13939e37d730c6181784dbbdfcbdb01f53b397ba1e7be0c80d3a25d6d12b8112ede8ee00eb4df2a8569d9088b761719743ff566fea1db00ab85fc1d805f4fd3a26dc00b33588dfcc8101d207e51b2860a0915136a834bee5b8d391c16e7492be348a16817a13f4dd63071d134b5bbde72b258d50b122feb41be11650f703d0289a07e80b70b457d7e6fc66ab8502f1b732a3d4e919e82aca29b2a069b7c527d4d798350845297965dd34b29968fa51ca371564fcc07b1936c882c38156e66210bf333bc1308c9decaeab61c86b585384946eb50546a75c45473f6b9a917f3019efbc84c4b75c7fef91a294a572f7e3af1015c98e8aac3a13acb33f64529d726d8042f5e729d3705ce6c96701164efa1be65228d37dcaf420b56ef12cc9d2bf2d3d74ef8660be91cabb0e96491de5896dcc9e92a34cca0f2373f42cbec9853058d7a70e2e3f6c0ff4cf66e32d72ab44c8b2934425d64fbcf1ec6a3f8126b024b5e6f50c3a77f41b4c21471f74b546d116cebdd48631c9acebcf69ed3a69e78d59977aea58e046bc07f0ed36a02179a57f519db607bc8fda34079e21e63e417a8b628a98404d52885541a71889cba553353e7df5ac4b15fc22be56646592e8f6843b8452b9e4ed9347d9ef6173ba2d054d4feccc4e4732a5942c890f75589754faad46bcef51715b14df7e3ff854e80cdbf7165a37c8685b23ae58d1d2201cfbd9dc48c6f5d8d091e08213f9e5e1fe35d624a073fb189288b6acd739acb1cf31dcbb54a588c825fddb902cab588a66347b64e115abe7c3ad0f68ec98013ddcf15d8b29ae12426f047c6b8817b67ec2d1ff59f536bf27573d3a08621bb06fabf9585b50ca1b569c68d376c8273c3ed7d078687eb02bb558bd2986461df19f3659bffebdbebfd4247102895ff1a49cdb7ed058ede9d57591517466b2c63b941fb4cc5b5250ec8f9b5b5b35daa5060166a21b1cb3c041740c374029d26986fe5d6487c054fe6fc03ff2602adc69b0c050d022aac8d404dbe2a2ae28ef3f58768b55a05437f83c039e098c90923595774a4e869e822fd5d87b3b84c680e8f6bd7cbde3732d1e9f6042ce395860f23acd72e732ee40458770f2075a63469550cb430ef4095f62a487b67f36620ea0a5040454c54b7159eb2f246a451afcc63cd8ba7f2337e8a6cd0766b33eb2fc910af8208b017354b838bf7c82b02faaed6953f13052424fdd5f9398b32303706332fe69c6e0ab842447e64bbd1d4267f5f10efd050dec580410ea472279371c903bd628a4255d91610b89e447e4f7b51ebb29cc345678671c2841858521db49df39e7d9e8675fa077263b4c8c48c6755bccb7261b881029ee38369058588849471ecdd073334594db30386c2bc1ca1717d3974eaa679d9520b54b98e9929c5e8f61d21c0aa73d0b3fb4ccddd2102ab17873d6f2d5b11136c27d2760d17d2cde0ab39c10b1fc6068d969b45d658d8fbcc68422c4f722b641fa29740439e049c4b94f7dd0915ee1d6aeaad62d4babc07183f93d59ff010c0761aa5c8b394ac359f41b24e495773992206e356389619784cfb227f4fa674a39499009515d05c42990ce6789c755f3b64af5f21c4e60fa3d1d150230468234500cec6ce3264d4aedbf7f57437969ef0204ebd498578b66cf1dcd17c7862f4f0ca4a37a8e60b36d0e6b9d7efbcc8d4bae27447f7ebf8e83f7f94fe4e03143b829bccdc3a41f0210edb19aa3879e8406c155a491f3b9de9fa63ae755278f72f00354b054aa6fb421bcbcb3af151f0355866a96469c0c4f44629a248087e866f98ef7cf4f273808eacfb87ada780df265d27837895fa1fb5096650811019872515fd89aa9a6be8f69f96c87d5f3e7a1eb8b46d50b16b361cf881d30dbd270e696d913b149dfb9db3ef507fb438cdf9e833cdd3a26980f00caac50b297e2c709a4583181b1049de1c289be9d240f26e8a78fc0ba8310abc14b59795b12767dd1b5565ad2ac7253b06e9ae2221956f691f48e3b3c11d728404910299739d767b15295cf0c5287d60a88f7da16eea2c9f98407446320fd3f905e5a78bf8eaf4d0fdc280ebadc33a2c3ffe729f8b9aac1dcc8dc71a21880c1626905dfc098a9958bdc0bd23febb46df0fb2fe1100ff94ded03520fdd949c8f666a4077e680e36b976a71aeac1bccbee798249c81fd68ee480670b4331bdb6fff7d469b6fa1f5011e1c540baec7e2b7294497b433d98534de062c8f1006d46888a681cd04d67f5a84360b40916ef4a84fbf5fe9ef4de579adf2d58ddf8e1cf0e48db768ddee193ef1d546b9049af7153cdfd45fecc349de27727ec2e5df16912d9e890ee1621b31dc2aa1b935bebcf1f48605a9f62ba3d45fa7630031fff71e1322f193207b19580398553998c74b21ec9a3e2c4e7bcf4fa14373040570dbe96d8e58aa020ae80a1332cd984eb47e0203b9ee29df48560441c5271e01d62a939c001cfc2b28ff2df62cd4c9de853ece0c4f288537041113848de1f7a7d8433fd3c019fdf8d895289cf9a7f6896cf44ffc75d6ddf6e14d71b74692b62e2bda5a41de927380622eaca772c23d78d83bde80ec2fe03ff7407908e071f99ca281c056d07e7e0a5a69f725e25adce3bb75888a4463347d1af682af0aa1a2872e7a44edb25a836a77354b723ceaa5dd06c724dab445324256fb0ba3c34d7e43633cf366d244dd71ee5cbb2f864a186b8c9da5fb260b11e3d449bd1d687077c44b721dc07ca43684c99c8a6a38ba144910b9d35d0829edd7ac5bb7dc3f75905f31d74bec98eaf0c33042d8f3fa74f4b5090dbdacf74cf5cf1130d1b2a2f3881b5f5f3f4e5c32493b55c627b99720f9cb7329db0237e33e15821e9021846810dab6ae7e181c79c0be0e6cc265195ced492fae4dc7cb9b2feb9ba18fada33d0b1686ac85ad57ed956ba52f5c4de0554c9261cd9e5a28088b2c2b230a7484e46556f99a9d4785ccf078e88ccb5614b3b1e4500f72bc86b18f8e03a756fb77f13870804adcf3cabc49b560868eed21b94ebd53ec62dc114edc81d2667e51e3f01dc0b976c6a22050b5d338581a28f8cffb46251b6637fd8778b7f6223ac25c165b1e40f4264c7cf40fe7632ecef429a902e5b9f4c1dd1f66938369424a7c40c69aa366009d61147107dbf0ea4c8d23f97a2a5747132bc1f8d7b40d0e6a4a71bd5ad4cb9b3a5c36052d58eb430dfc545c2847d75053c653052975df2925ce1d9751f9c3923dfef4cb03b92fdb222977bd01d825d79b185749c73b8d5d0e05d91d625e25191cdb1f769d3ad4a6b4c17a3c8cbf9488af3e9b80cddec1aa702175ff5622bdf56a9e772534b32b581937494dc2eb94c7a6ed700b03f589fb1158380b5a892890e232d583aa67242c434fa36d7aa565cf4651caa7b22a02d23dd47fd7e77998ae2e416f85cf3eb07f0df0142069f5fc97f6b3d2018fac13b261fa99f16b9dc7e67236b67b91d220ee471d1c38f91694c97e6aafb17129dde5ded996cb303060fde17438a3d00bb8b4b58666e5a3a06b8adb52a646b45ed6fc8e10daa13dde664aade56f9f69c510c83df1958928e6717097616747e802a1a860766dcc2074b9f510d06a8989f21169945e8931e162b296ef4528e1a2b014e7b7619f071d32af71c43403470cf77e66510879cdd36c6be2c514271545af6ba65857b50357eb1ed4d60c70e5bb22a4e96307416ecaca4c99f7a282b53ab6d2bc7a9e9f5a28799913e0c26631c912614b612ab526558a387557aece056f4608b3d9e78dae840151ea7d9e3f6013585a5e201e2acc6a49473608574afab1fa62bbf391d47977628f9adf7c80c3797839df0975ad4bd6bcad39a2f8e74509947976e9bf0e55a9796070bc4827f866d2af6bd30092e488831dc3daf3c31425a3713606987784a65d16322dfca25c1aecb6f12487dfd6e762facd82aa6ce75660e84a8b9a07f0a868da97bd1456762e4c30709d891f6fb2da687bd33036fe0df3355be5d42523d5476350f704b730bc929a6174db5b1a327579c29c852cdbfc1a06e8b1c2c5d3a29e07a63ffc19556d31f379a2acb3de4a2f3b729b2a129a5a9b4cc9b8809f93688d5d8997ec6d856f6a92f4e6f25ba0324e51352c370c2e6c577070513a4817847aa3555076246b3f43ecbc755423196d19890129191e0c3ed502ca80951e80ef273fb2d57f7c7eaedd537cf23ddf97640c2a3587508783b803744a37418108d5fe4c906c787b91ad2dc1bdc68c2c89fa0f49a7c286f0da2369a4ed4053d87a5e21314c054a789253d5227e271bb9e07aa2f40de600fd31092e9f17ebbe784b74af496c033826feba764f2f67a7d201063c3159026cc5c8a00c310f4933544f9f13d849ef0bd40709c5a8eae14cbac9c441d23ea39e4a6b8e938f29724f7c98f999c027a80c2496a00ce344da464ceeba130f9e08a64302570fd953ef1079d45204244b4305b49c8c6c04e12842b280f51b244ccfc0cd103584514a5686fa79d2e1bf1569307f1826eabec178ca081b83f05d6969788c691babea45142a587b048cee600d9afeda2fe2be65d2c204e94b3bc037555735b735819acd1a92970710fe1f0af8ee8151951a4ed675ed67d7920e73a33e3a7dead8b5e09ba5533bb18a4cfac74502e604327dc7c40c6a1f42c4a6573aa34f45298cb5911610fb9530420a3cd38966c377aa430da88d99094f0721e9ec65ea7e2f9334ed39ee76fd7c7b66adeea22a652c9a50780510dc18ddd3bdd6b23cb31ffaaa7afcaf8358d16026db74ff3b45fa65584484b3b0512664faf36643d215f47bf788576edee136f45794abccb35e1d724e887f77dd0f7f2baeba7ff77c7a04c18fc1c7eab64d6588c8586b1c5086f08aa3d0e6c625b1a02cef4ca45b9b960b7b332cd36f833e9eaaba8b969c6583cdf99a0e248cf1c708a2aa3fff898b203459757cac76e671556c77a8c55823c3dca521c77580bf7532ca5561344c42041deda9058aa011be04ec513663c41a62a6bd2ec47256f0c86ca8ca144d23e0640f25d93448485a2aeb0e6903592cb920cdf306df318353ef92fa3c6c40c42410e97b7a1f8d45e90fa2df4d53b15564e07c2b5d54f1b3c61bfff88cc50e6f75920489953f3db858e85676fe0409dbfdb44572cfcdf924ca3c384b031ae85aff39770494f75c7071299d9a13445f697bf813aef247b8bf16b1e33c3089eeae397826bd7e8098c9aa325e1f3e86046f0350810d8738aca93670172aca9a970fba9bf27e1e32fa5815a2499ac6af744c68c02dac871670adb5cf2d58bec92a9e43a98524087462139d6b9b5ba6cf8b42"}}, 0x1000)

58.576471812s ago: executing program 4 (id=3663):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@debug}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r0 = syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r2)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140), &(0x7f0000002200))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
memfd_create(&(0x7f0000000380)='kfree\x00', 0x3)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3, 0x0, 0xb}, 0x18)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r4, 0x80047210, &(0x7f00000001c0))
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@deltaction={0x3c, 0x18, 0x1, 0x70bd28, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x28, 0x1, [{0x10, 0x80, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x3c}}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f0000000001000000000000", 0x1c)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001400000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200000000df00850000008600000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

57.61152802s ago: executing program 4 (id=3671):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xfaa6cd4e055d5892, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
accept4(r0, 0x0, 0x0, 0x400000000000000)

56.98064728s ago: executing program 4 (id=3675):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="6800000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000014060000400012800b00010067656e6576650000300002801400070000000000000000000000ffff"], 0x68}, 0x9}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x74, 0x2, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xd6aa}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}]}, @CTA_SEQ_ADJ_ORIG={0x44, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x10}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x4b9}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x9d}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x8001}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x80000000}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x20040081}, 0x40)

56.943470603s ago: executing program 32 (id=3675):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="6800000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000014060000400012800b00010067656e6576650000300002801400070000000000000000000000ffff"], 0x68}, 0x9}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x74, 0x2, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0xd6aa}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}]}, @CTA_SEQ_ADJ_ORIG={0x44, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x10}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x5}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x4b9}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x9d}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x8001}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x80000000}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x20040081}, 0x40)

46.379445304s ago: executing program 5 (id=3851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffff001}, 0x18)
unshare(0x2c020400)
r2 = syz_io_uring_setup(0x7945, &(0x7f0000000100)={0x0, 0x40001452, 0x800, 0x0, 0x2d4}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)='./file0\x00', 0x84, 0x0, 0x1})
io_uring_enter(r2, 0x8ba, 0x696d, 0x20, 0x0, 0x0)

46.072206369s ago: executing program 5 (id=3857):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kfree\x00', r0, 0x0, 0x8000000000}, 0x18)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0500000000bbd10d0bc11fc00000000040000000aef028c89c34dcb05408427474e1cb5e689c593e7a16dd0af4f5be2f038bc9faf7"], 0x80}}, 0x0)

46.025739923s ago: executing program 5 (id=3859):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="2e0000001000818807b62aa73f72cc9f0ba1f8483a0000005e120602000300000e000a0010000000028000001294", 0x2e}], 0x1}, 0x20008800)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
connect$inet(r4, &(0x7f00000003c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
ioctl$USBDEVFS_RESET(0xffffffffffffffff, 0x5514)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000780)={0x15, 0x65, 0xffff, 0x6, 0x8, '9P2000.u'}, 0x15)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000001, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xf, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x1d, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0x4}, 0x18)
r6 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r6, r6, 0x21)
wait4(r6, 0x0, 0x40000000, 0x0)

45.919895481s ago: executing program 5 (id=3862):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@debug}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r0 = syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r2)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140), &(0x7f0000002200))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
memfd_create(&(0x7f0000000380)='kfree\x00', 0x3)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3, 0x0, 0xb}, 0x18)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r4, 0x80047210, &(0x7f00000001c0))
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@deltaction={0x3c, 0x18, 0x1, 0x70bd28, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x28, 0x1, [{0x10, 0x80, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x3c}}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f0000000001000000000000", 0x1c)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)

45.06392878s ago: executing program 5 (id=3880):
socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, 0x0, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000002480)={0xffffffffffffffff, 0xffffffffffffffff, 0x22, 0x0, @void}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000500000000000000", @ANYRES32, @ANYBLOB="0000000000e400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae58e99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472ad529cefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc979ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa09acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b183940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

44.563591621s ago: executing program 5 (id=3889):
shmdt(0x0)

44.56336996s ago: executing program 33 (id=3889):
shmdt(0x0)

33.365643242s ago: executing program 3 (id=4069):
unshare(0x2c060000)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f0000000540), &(0x7f0000000600)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
unshare(0x2c020400)

33.311484027s ago: executing program 3 (id=4070):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0x2f, 0x9, 0x8, 0x2, 0x0, @mcast1, @mcast2, 0x8, 0x7, 0x9, 0x2}})
statx(0xffffffffffffffff, 0x0, 0x4000, 0x40, &(0x7f0000000280))
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
timerfd_create(0x0, 0x800)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000004000000450000008814"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
sync()
r4 = syz_open_procfs(0x0, &(0x7f0000000300)='net/mcfilter6\x00')
pread64(r4, &(0x7f0000000280)=""/86, 0x56, 0x4000000000000f3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
io_setup(0x2, &(0x7f0000002400)=<r5=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
splice(r0, 0x0, r1, 0x0, 0xfffffffffffffffe, 0x4)
syz_open_procfs(0xffffffffffffffff, 0x0)
io_destroy(r5)

32.618561373s ago: executing program 3 (id=4080):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1e2)
r0 = open$dir(&(0x7f0000000100)='.\x00', 0x410000, 0x0)
fcntl$notify(r0, 0x402, 0x80000023)
setxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x1)
setxattr$security_evm(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
fcntl$addseals(r2, 0x409, 0x5dcca597ab2aaf0d)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r1, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x33}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1e00000003000000ce0300000600000000080000", @ANYRES32=r1, @ANYBLOB="0700000000000000000000000000005e4a5340942b7331463516b2d676ac83add1dd5f7eb3d34cd4fb28579022815473bd85c62359098d277be12ea977b788bb46d83fdf5bbffbb668fca6286113ea228d1ba1b010904af7d49f8ebe98a603068a25d9c2ae75d9bcca11015b1536eb1d012a84e139f8fb1da4e593df6797cea10d5376aa1173095937f92047eacf521f174e20b06b3edfda7aad36c074fb2572d5041e46e86a89ceaa71d7e4a8009706c08e848d68f26bb09642d4b122649ad824a2fbeb8bb13632f1dbebc1bb1ae34dc7eebec01733fe9fa90194eb4e96f04cb59c94", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x1, r4, 0x18}, 0x38)
dup(r3)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000680)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=r1, @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r6 = socket$kcm(0xa, 0x5, 0x0)
r7 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r7, &(0x7f00000004c0)={&(0x7f0000000180)={0x2, 0x2, @dev}, 0x10, &(0x7f0000000300)=[{&(0x7f0000001800)='@', 0x1}], 0x1}, 0x10004024)
setsockopt$sock_attach_bpf(r7, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r8 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x8916, &(0x7f0000000000)={r8})
ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x8936, &(0x7f0000000000)={r8})

32.584340895s ago: executing program 3 (id=4083):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@debug}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r0 = syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r2)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140), &(0x7f0000002200))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
memfd_create(&(0x7f0000000380)='kfree\x00', 0x3)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3, 0x0, 0xb}, 0x18)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)

31.677860858s ago: executing program 3 (id=4089):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@debug}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r0 = syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r2)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140), &(0x7f0000002200))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
memfd_create(&(0x7f0000000380)='kfree\x00', 0x3)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3, 0x0, 0xb}, 0x18)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)

30.712043046s ago: executing program 3 (id=4100):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffff001}, 0x18)
unshare(0x2c020400)
r2 = syz_io_uring_setup(0x7945, &(0x7f0000000100)={0x0, 0x40001452, 0x800, 0x0, 0x2d4}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)='./file0\x00', 0x84, 0x0, 0x1})
io_uring_enter(r2, 0x8ba, 0x696d, 0x20, 0x0, 0x0)

30.675374219s ago: executing program 34 (id=4100):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffff001}, 0x18)
unshare(0x2c020400)
r2 = syz_io_uring_setup(0x7945, &(0x7f0000000100)={0x0, 0x40001452, 0x800, 0x0, 0x2d4}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)='./file0\x00', 0x84, 0x0, 0x1})
io_uring_enter(r2, 0x8ba, 0x696d, 0x20, 0x0, 0x0)

13.39773977s ago: executing program 6 (id=4429):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000009000000dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359caa1af3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae2acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da31290bce645451b851111dd98ac4d8da9317c2c082020e0b2d634086785f3fe41a3053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456391cffdef93e29f10f4a11f0cfbfc0ff976b20fef6033495b9b94777db9bb9b678ffc1130000009faa798226a080c01e47151268a02dc1a557cfdcf76305fbf6643df66b1b4d2d5e7bf698fc5a18d984ecb91e6683a5f522d536e2f3c43b89823659d1945258fc668950e5aacfffffffffffffff7f7a266c90e64efc8d8f730867202a9ee94e6a00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r5}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2c0, &(0x7f0000001a80)="$eJzs3U+LG2UYAPBnstnsrD1kES+K4IAePC1dr142ygrFnJQI6kGDbUGSUOhCoCuY7qmfwO/iR/DixW9Q8Cp4aw8rIzOTyZ8yqVGzivb3Oz08b573fWfe3SSXPPPl65PR7XtJXD55HGmaROs0TuNpEkfRitrDaAcA8P/xNM/j17wMk7yyZWW7da0bAwCuTfX5/6c++AGA/7iPP/3sw16/f/ZRlqXxavfRdJBExOTRdFCN9+7G1zGOO3EzunEVkS9U8Qe3+mfRzgpH8dZkNh0UlZMvfpzP3/sloqw/2evGUXP9SVZZqZ9NB/vxUmTRu7tfb7UbrzTXv9NQH4NOvP3myv6Poxs/fRX3Yhy3o6hd1n97kmXv5989+ebzYpmiPmnF4KB8XSn3BQkAAAAAAAAAAAAAAAAAAAAAgN06zrKkat9T9u8pUvP+O3tX5fhxVjta789T1Sf1RFV/oLzuljNL5/lb/bObWZblSZSDy/p2vNb2YAEAAAAAAAAAAAAAAAAAAAAonD94fGM4Ht+5f/7gYvS3g7obQP2z/r86z+lK5o24GA33Nk948OxQPIxonnm120Cx1+duI9rt2NFtaQ4uF5nDYj87X+IgFplPogqqgznc7XW9/F51Ry9Gw6w+grnRMPmjtdL64L5fHepsOMHtg7z8k7jK1880XWx1vaqzo7vRubHMHC6HfsvzfLt53v25OqN5JilbbGy3+v48aLzAIkiLs0gX//jF0A+bJ9z4lrG3g7cdAAAAAAAAAAAAAAAAAACgwfJHvw2Dl88tbV3bpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgH7Z8/n8dpBGxnimC1mpmNi9+5jVNQSfun//LlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAL4PcAAAD//28ZVAA=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x80881, 0x82)
write(r9, &(0x7f0000004200)='t', 0x1)
sendfile(r9, r8, 0x0, 0x3ffff)
sendmsg$NFT_BATCH(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

13.330197566s ago: executing program 6 (id=4430):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="2e0000001000818807b62aa73f72cc9f0ba1f8483a0000005e120602000300000e000a0010000000028000001294", 0x2e}], 0x1}, 0x20008800)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
connect$inet(r4, &(0x7f00000003c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
ioctl$USBDEVFS_RESET(0xffffffffffffffff, 0x5514)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000780)={0x15, 0x65, 0xffff, 0x6, 0x8, '9P2000.u'}, 0x15)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000001, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xf, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x1d, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0x4}, 0x18)
r6 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r6, r6, 0x21)
wait4(r6, 0x0, 0x40000000, 0x0)

13.219943695s ago: executing program 6 (id=4432):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)

13.175636198s ago: executing program 6 (id=4433):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@debug}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace(0x10, r1)
memfd_create(&(0x7f0000000380)='kfree\x00', 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)

12.855687874s ago: executing program 6 (id=4441):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000440), 0x101540, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_io_uring_setup(0xc5c, &(0x7f0000000080)={0x0, 0x3ed4, 0x8, 0x1, 0x2de}, &(0x7f0000000100), &(0x7f0000000280))
io_uring_register$IORING_REGISTER_FILES_UPDATE(r4, 0x6, &(0x7f0000000380)={0x4, 0x0, &(0x7f00000002c0)=[r0, r0, r3]}, 0x3)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3, 0x0, 0x5}, 0x18)
r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000000)='./file0\x00', &(0x7f00000003c0), 0x200000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r7=>r6, {0x8}}, './file0\x00'})
r8 = inotify_init1(0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES16=r9, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$msdos(&(0x7f00000003c0), &(0x7f0000000340)='.\x00', 0x126a4b5, &(0x7f0000004140)=ANY=[@ANYRES16, @ANYRES64, @ANYRES16, @ANYRES16, @ANYRESDEC, @ANYRES16, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRESHEX=0x0, @ANYRES32], 0x5, 0x0, &(0x7f0000000000))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r5, 0xd000943d, &(0x7f00000d21c0)={0x7, [], 0xfb, "31a4fe07b3dbae"})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r8, 0xc0c89425, &(0x7f0000000640)={"d594fd6f3eed39f15136a884baaaaf66", 0x0, 0x0, {0x2, 0x5}, {0x1, 0x101}, 0x80000001, [0x8, 0x5d, 0x200, 0x9, 0x7, 0x47b89d80, 0x8d90, 0xfb2, 0x9166, 0x66, 0x4, 0x0, 0x6, 0x0, 0x80000000, 0x9897]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r7, 0xc0c89425, &(0x7f00000008c0)={"4ce5166d578b9d147f5534d615943e7e", 0x0, 0x0, {0x0, 0xe9}, {0x66f, 0x1}, 0xa, [0xfa, 0x8, 0x0, 0xfffffffffffffffd, 0x80, 0x4, 0xc4b, 0x10001, 0x200, 0x3dc, 0x8000000000000001, 0x100000001, 0x75399019, 0xdc0a, 0x20000000000, 0x2]})
mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000300)='./file0\x00', &(0x7f0000001400), 0x0, &(0x7f0000000140))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
r10 = syz_pidfd_open(0x0, 0x0)
setns(r10, 0x8020000)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000500)={'gre0\x00', &(0x7f00000004c0)={'gre0\x00', 0x0, 0x40, 0x720, 0x0, 0x61, {{0x7, 0x4, 0x0, 0x8, 0x1c, 0x64, 0x0, 0x0, 0x2f, 0x0, @broadcast, @empty, {[@generic={0x86, 0x6, "38c49339"}, @end]}}}}})

11.576097447s ago: executing program 6 (id=4456):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@multicast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "0300", 0x0, 0x2c, 0x0, @remote, @local}}}}, 0x0)

11.575816547s ago: executing program 35 (id=4456):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@multicast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "0300", 0x0, 0x2c, 0x0, @remote, @local}}}}, 0x0)

4.921168263s ago: executing program 8 (id=4555):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x100000000000000)

4.607262608s ago: executing program 8 (id=4561):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') (async)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r0 = add_key(&(0x7f0000000040)='id_legacy\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)="89474aff6b", 0x5, 0xfffffffffffffffe)
keyctl$get_keyring_id(0x0, r0, 0x5) (async)
keyctl$get_keyring_id(0x0, r0, 0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x2, 0x1, 0x0) (async)
r3 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r3, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001dc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad0e0e2b45d14ee446b840edaa1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c50ce6a8e9f65de13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87915ed063f608dddb03a95b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000c3d51d9a161446b4373e06a9e07f8a000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b2844869"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r6 = socket$kcm(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2b4, &(0x7f0000000600)="$eJzs3b9rO2UYAPDn0jQJCiaCkwge6OD05duuLinSQjGTkkEdtNgWpAlCCwV/YOzk6uKmq4sguPlPuPgfCK6Cmx0KJ5e7a5KaxkSb1h+fz9K37z3P+z7vNdfSIU/eeW54cpjG8cXHP0WrlUStG924TKITtah8GjO6nwcA8G92mWXxa1ZYJS+JiNb6ygIA1mjlv//frb0kAGDNXn/jzVd3er3d19K0FXvDz877+X/2+dfi+s5xvBeDOIrH0Y6riOxaMd7LsmxUT3OdeHE4Ou/nmcO3fyjX3/klYpy/Fe3ojKdm8/d7u1tpYSp/lNfxRLl/N8/fjnY8M2f//d7u9pz86DfipRem6n8U7fjx3Xg/BnE4LqLIj1rEJ1tp+kr2xW8fvZWXl+cno/N+cxw3kW3c848GAAAAAAAAAAAAAAAAAAAAAID/sEdl75xmjPv35FNl/52Nq/ybzUgrndn+PEV+Ui10oz/QKIuvqv48j9M0zcrASX49nq1H/WFODQAAAAAAAAAAAAAAAAAAAP8sZx98eHIwGByd3smg6gZQva3/r67TnZp5PhYHNyd71crhgpVjo4pJIhaWkR9iiVKr7Yu2B6ud9Msotnj6tpq/+XbpBb/+87OXg80lYv7moHp1nRwk8+9hM6qZVvUi+X46phFL7tW45dJTZQVL1tyYe6m98tkbT44HowUxkSx6Ll7+uai7nEluPkSN8V2dm75ZDqbSZ2Nay96N4kn5g+S6W0dyN798AAAAAAAAAAAAAAAAAACAGZM3/c65eLEwtZY111YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyryef/rzAYlclLBDfi9OyBjwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wO8BAAD//3tlWs8=")
open(&(0x7f0000000240)='./file1\x00', 0x14d142, 0x4aa8ef326cea82f2) (async)
r7 = open(&(0x7f0000000240)='./file1\x00', 0x14d142, 0x4aa8ef326cea82f2)
sendfile(r7, r7, 0x0, 0x800000009) (async)
sendfile(r7, r7, 0x0, 0x800000009)
sendmsg$inet(r6, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) (async)
sendmsg$inet(r6, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000040)={r6, r5})
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000040)={r3, r5}) (async)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000040)={r3, r5})
ioctl$sock_kcm_SIOCKCMUNATTACH(r4, 0x89e1, &(0x7f0000000180)={r4})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x14, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000340)='sys_enter\x00', r9}, 0x18)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x401, &(0x7f0000000040))
syslog(0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xfecc)
creat(&(0x7f0000000080)='./file0\x00', 0xa)

4.021479346s ago: executing program 8 (id=4571):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x100000000000000)

3.753765628s ago: executing program 8 (id=4574):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@debug}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
ptrace(0x10, 0x0)
memfd_create(&(0x7f0000000380)='kfree\x00', 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)

3.181514983s ago: executing program 8 (id=4587):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xb, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2d00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x18)
socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @meta={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}}, 0x0)
r2 = syz_io_uring_setup(0x593, &(0x7f0000000400)={0x0, 0xc458, 0x80, 0x3, 0xb8}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000a40)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xff8, 0x0, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r6, 0x0, 0x200000000000006}, 0x18)
syz_io_uring_submit(r3, r4, &(0x7f0000000b00)=@IORING_OP_UNLINKAT={0x24, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200, 0x1})
io_uring_enter(r2, 0x627, 0x443, 0x43, 0x0, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x111}}, 0x20)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d2271b00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
r8 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x141d00, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r8, 0xc0189372, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r5}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r10, 0x1, 0x8, &(0x7f0000000300), 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r10)

2.243969159s ago: executing program 7 (id=4600):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', r1, 0x0, 0x2}, 0x18)
fchdir(0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000180)=ANY=[@ANYBLOB="2000000002"], 0x0) (fail_nth: 1)

1.854326421s ago: executing program 7 (id=4604):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x41, 0x0, 0x0)
close(r1)

1.850577401s ago: executing program 7 (id=4606):
unshare(0x20000400)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pread64(r0, &(0x7f0000000300)=""/211, 0xd3, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200002100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000080000000000000000000000000000100000"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x110, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x210000, 0x4000247}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_UNLINKAT={0x24, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$USBDEVFS_SUBMITURB(r9, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
close_range(r7, 0xffffffffffffffff, 0x200000000000000)
unshare(0x20000400) (async)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
pread64(r0, &(0x7f0000000300)=""/211, 0xd3, 0x6) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200002100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000080000000000000000000000000000100000"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) (async)
syz_io_uring_setup(0x110, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x210000, 0x4000247}, &(0x7f0000000240), &(0x7f0000000040)) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_UNLINKAT={0x24, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000c00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}) (async)
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r2}, 0x18) (async)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) (async)
fcntl$dupfd(r8, 0x0, r8) (async)
ioctl$USBDEVFS_SUBMITURB(r9, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) (async)
close_range(r7, 0xffffffffffffffff, 0x200000000000000) (async)

1.846157251s ago: executing program 0 (id=4608):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x1000c181}, 0x100)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002a40)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc101500000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000e4140380100000800c00018006000100d10300000c0000800800034000000002"], 0x1574}, 0x1, 0x0, 0x0, 0x4000850}, 0x840)

1.828347182s ago: executing program 0 (id=4609):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
mount$9p_fd(0x0, &(0x7f00000025c0)='./file0\x00', &(0x7f0000002340), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

1.803909404s ago: executing program 7 (id=4611):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
syz_open_dev$loop(0x0, 0x7, 0x180862)
r5 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
syz_open_dev$sg(&(0x7f0000000340), 0x8, 0x24102)
mount_setattr(r5, 0x0, 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x80000}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a2d0000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073f97a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f5"], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x20100, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r7, 0x0, 0x800000000006}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f00000000c0)={r5}, 0x8)

1.765910738s ago: executing program 0 (id=4613):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, 0x0, 0x400c044)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8040)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r2, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)

1.499967229s ago: executing program 0 (id=4615):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000019300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$getownex(r3, 0x10, &(0x7f0000000300)={0x0, <r4=>0x0})
prlimit64(r4, 0xd, &(0x7f0000000340)={0xcf44, 0xfffffffffffffff7}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'gretap0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x74, 0x24, 0xf0b, 0x0, 0x1, {0x60, 0x0, 0x0, r5, {0x2, 0xb}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_MEMORY={0x8}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3906a7ea}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6db}, @qdisc_kind_options=@q_choke={{0xa}, {0x18, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0xfffffe03, 0x4, 0x1, 0xff, 0x12, 0x6}}]}}]}, 0x74}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x54, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$IP_VS_SO_GET_VERSION(r3, 0x0, 0x480, &(0x7f0000000380), &(0x7f00000003c0)=0x40)
r6 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(r7, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYRESHEX=r7], &(0x7f0000000240)='GPL\x00', 0x2d, 0x0, 0x0, 0x0, 0x136ee82872c58bdf, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
preadv2(r8, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)

1.351625501s ago: executing program 7 (id=4620):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00'}, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x1000c181}, 0x100)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002a40)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc101500000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000e4140380100000800c00018006000100d10300000c0000800800034000000002"], 0x1574}, 0x1, 0x0, 0x0, 0x4000850}, 0x840)

1.310029954s ago: executing program 7 (id=4622):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xff}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b000000000000000000000000800000000000003cee483b7cbfe293d778c983e3522bac7c4ebbf427b65c0b8fb95123b208af002371caf8ed48ac0a4331f663013f8251cab19b3d9bba379510cad303eb322a9faa87968000ce1d8d5058f6417cb438f0f68dbfb77e59eaf64dcd887566451a3db50c0fe6844458dca3ac838647e1e070652f95937947ff2386d4b3c874c4f4a319594c832206c18dc6bf1ff09e48ed5cd8d2e3cf8df08ce7ed5e80cafbb1db2d91dc385a68f63df9fd43fcdc0e6c689670aa0206886b3122964332739696754e", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x40800300, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r4, 0x1, 0x53, &(0x7f0000000240)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000300)=0x2c)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendto(r5, &(0x7f0000000580)="2dd0f67731ce2c95ce09aeb4f838b9efbc3d294e72886422687f730d64068cb13e386018a5ac33d2ed6501d3de1e65dfec1ee021836f5f4448f46f7f195a00dd84017c5136005b404782e798eb0660b80d302f478547b64fd9cca572de2911cbc1acc4f33cd9a2d1643e6ac5cbb94775867d0c7620b08580fc545d48c774eb5721b5124539ad53f08f8b1b0aeb7e257b088666059b7c7cae83da238a0253c24d09494bb3d67e8f26509b60ec6924c266a29a52640ba2c87df5bf51204708d3ba972040098e02", 0xc6, 0x4000844, &(0x7f0000000780)=@generic={0x15, "0a7da6e68737fc5e3466c26ab6fc894804ebe5cdbac9c30e9f4e798317e0325074d94bcf231ad7214911bc14009e133bd50e69c2efbeaf54517dd4dc46bb84b19279c9507577382880b581cb5b61f037fdc9584abb3e3cadac4cc605bea74b12d6a5dfc61b5cc5f2dd26c628eea47f98f7e6199c136c2aa016a957baf322"}, 0x80)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x44}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x3, {0x0, 0x0, 0x0, r6, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYRES64=r7, @ANYRES64=r3, @ANYRES64=0x0, @ANYRES16=r0, @ANYRESHEX=r5, @ANYRES8=r3, @ANYRESHEX=r1], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000080000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000880)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x82100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r8}, 0x10)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r8, 0x8008f512, &(0x7f00000002c0))
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)={0x1f, 0x10, 0x6, 0x3, 0x0, 0x100, 0x0})
setitimer(0x2, 0x0, 0x0)
r9 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$invalidate(0x15, r9)
keyctl$read(0xb, r9, &(0x7f0000000040)=""/117, 0x75)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYRES64=r5], 0x88}, 0x1, 0x7}, 0x24008095)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[], 0x0, 0x4e}, 0x28)

1.297536675s ago: executing program 2 (id=4623):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
close(r1)

1.249978169s ago: executing program 1 (id=4624):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014003900b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000007c0)=ANY=[@ANYBLOB="02030003110000002cbd7000fcdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af05000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000007720070c0000000005000500000000000a"], 0x88}, 0x1, 0x7}, 0x0) (fail_nth: 1)

1.227549511s ago: executing program 2 (id=4625):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="2e0000001000818807b62aa73f72cc9f0ba1f8483a0000005e120602000300000e000a0010000000028000001294", 0x2e}], 0x1}, 0x20008800)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
connect$inet(r4, &(0x7f00000003c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
ioctl$USBDEVFS_RESET(0xffffffffffffffff, 0x5514)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000780)={0x15, 0x65, 0xffff, 0x6, 0x8, '9P2000.u'}, 0x15)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000001, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xf, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x1d, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0x4}, 0x18)
r6 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r6, r6, 0x21)
wait4(r6, 0x0, 0x40000000, 0x0)

892.050768ms ago: executing program 8 (id=4626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r2)

891.838388ms ago: executing program 36 (id=4626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r2)

878.152479ms ago: executing program 1 (id=4627):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee0000"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

843.583352ms ago: executing program 1 (id=4628):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r0, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0xffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x5, 0x10, &(0x7f0000000600)=ANY=[], 0x0, 0x14, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000000)=@keyring)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYBLOB="300000000204050000000000000000000a00000a0500050005000000120003006200"], 0x30}, 0x1, 0x0, 0x0, 0x4000405}, 0x810)
socket$inet_tcp(0x2, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x3, 0x60d3, 0xff})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
r6 = pidfd_getfd(r5, r5, 0x0)
setns(r6, 0x66020000)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)

627.687219ms ago: executing program 0 (id=4629):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x10000}, 0x18)
r1 = socket$inet6(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)
mount$9p_rdma(0x0, 0x0, 0x0, 0x5000, &(0x7f0000000180)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@timeout={'timeout', 0x3d, 0xd3a}}, {@timeout={'timeout', 0x3d, 0x5}}, {@rq={'rq', 0x3d, 0xfff}}, {@common=@debug={'debug', 0x3d, 0xff}}, {@common=@noxattr}, {@rq={'rq', 0x3d, 0x9}}], [{@permit_directio}]}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
readahead(0xffffffffffffffff, 0x3, 0x8)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
sendto$inet6(r1, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000500)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x7fffffff, 0xfffffffffffffffe, 0x5, 0x8, 0x0, 0x0, 0x3})

413.496246ms ago: executing program 2 (id=4630):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a80)=@bpf_ext={0x1c, 0x9, &(0x7f0000000680)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000780)={0x0, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x12542, r2, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)

328.992813ms ago: executing program 2 (id=4631):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
syz_open_dev$loop(0x0, 0x7, 0x180862)
r5 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
syz_open_dev$sg(&(0x7f0000000340), 0x8, 0x24102)
mount_setattr(r5, 0x0, 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x80000}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a2d0000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073f97a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f5"], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x20100, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r7, 0x0, 0x800000000006}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f00000000c0)={r5}, 0x8)

233.558321ms ago: executing program 0 (id=4632):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000019300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$getownex(r2, 0x10, &(0x7f0000000300))
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'gretap0\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x74, 0x24, 0xf0b, 0x0, 0x1, {0x60, 0x0, 0x0, r3, {0x2, 0xb}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_MEMORY={0x8}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3906a7ea}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6db}, @qdisc_kind_options=@q_choke={{0xa}, {0x18, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0xfffffe03, 0x4, 0x1, 0xff, 0x12, 0x6}}]}}]}, 0x74}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x54, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f0000000380), &(0x7f00000003c0)=0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(r7, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYRESHEX=r7], &(0x7f0000000240)='GPL\x00', 0x2d, 0x0, 0x0, 0x0, 0x136ee82872c58bdf, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
preadv2(r8, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x204000, 0x1000}, 0x20)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x4c0000, 0x0)

109.852151ms ago: executing program 1 (id=4633):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x40}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000019300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$getownex(r3, 0x10, &(0x7f0000000300)={0x0, <r4=>0x0})
prlimit64(r4, 0xd, &(0x7f0000000340)={0xcf44, 0xfffffffffffffff7}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'gretap0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x74, 0x24, 0xf0b, 0x0, 0x1, {0x60, 0x0, 0x0, r5, {0x2, 0xb}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_MEMORY={0x8}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3906a7ea}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6db}, @qdisc_kind_options=@q_choke={{0xa}, {0x18, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0xfffffe03, 0x4, 0x1, 0xff, 0x12, 0x6}}]}}]}, 0x74}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x54, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$IP_VS_SO_GET_VERSION(r3, 0x0, 0x480, &(0x7f0000000380), &(0x7f00000003c0)=0x40)
r6 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(r7, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYRESHEX=r7], &(0x7f0000000240)='GPL\x00', 0x2d, 0x0, 0x0, 0x0, 0x136ee82872c58bdf, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
preadv2(r8, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)

64.339175ms ago: executing program 1 (id=4634):
r0 = openat$sysfs(0xffffff9c, &(0x7f0000000500)='/sys/kernel/kexec_crash_loaded', 0x0, 0x10)
finit_module(r0, 0x0, 0x7)

63.487205ms ago: executing program 1 (id=4635):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000440), 0x101540, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_io_uring_setup(0xc5c, &(0x7f0000000080)={0x0, 0x3ed4, 0x8, 0x1, 0x2de}, &(0x7f0000000100), &(0x7f0000000280))
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000380)={0x4, 0x0, &(0x7f00000002c0)=[r0, r0, r2]}, 0x3)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x5}, 0x18)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000000)='./file0\x00', &(0x7f00000003c0), 0x200000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r6=>r5, {0x8}}, './file0\x00'})
r7 = inotify_init1(0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES16=r8, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$BTRFS_IOC_START_SYNC(r8, 0x80089418, &(0x7f00000002c0)=<r9=>0x0)
syz_mount_image$msdos(&(0x7f00000003c0), &(0x7f0000000340)='.\x00', 0x126a4b5, &(0x7f0000004140)=ANY=[@ANYRES16, @ANYRES64, @ANYRES16, @ANYRES16, @ANYRESDEC, @ANYRES16, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRESHEX=0x0, @ANYRES32], 0x5, 0x0, &(0x7f0000000000))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, &(0x7f00000d21c0)={0x7, [], 0xfb, "31a4fe07b3dbae"})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r7, 0xc0c89425, &(0x7f0000000640)={"d594fd6f3eed39f15136a884baaaaf66", 0x0, r9, {0x2, 0x5}, {0x1, 0x101}, 0x80000001, [0x8, 0x5d, 0x200, 0x9, 0x7, 0x47b89d80, 0x8d90, 0xfb2, 0x9166, 0x66, 0x4, 0x0, 0x6, 0x0, 0x80000000, 0x9897]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r6, 0xc0c89425, &(0x7f00000008c0)={"4ce5166d578b9d147f5534d615943e7e", r9, 0x0, {0x0, 0xe9}, {0x66f, 0x1}, 0xa, [0xfa, 0x8, 0x0, 0xfffffffffffffffd, 0x80, 0x4, 0xc4b, 0x10001, 0x200, 0x3dc, 0x8000000000000001, 0x100000001, 0x75399019, 0xdc0a, 0x20000000000, 0x2]})
mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000300)='./file0\x00', &(0x7f0000001400), 0x0, &(0x7f0000000140))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r10 = getpid()
r11 = syz_pidfd_open(r10, 0x0)
setns(r11, 0x8020000)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000500)={'gre0\x00', &(0x7f00000004c0)={'gre0\x00', 0x0, 0x40, 0x720, 0x0, 0x61, {{0x7, 0x4, 0x0, 0x8, 0x1c, 0x64, 0x0, 0x0, 0x2f, 0x0, @broadcast, @empty, {[@generic={0x86, 0x6, "38c49339"}, @end]}}}}})

62.861465ms ago: executing program 2 (id=4637):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a1c00a7aa00000000000000000a0006000000074000000001"], 0x44}}, 0x4000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(r1, &(0x7f0000000040)={0x10, 0x6}, 0x14)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="7400000000010104000000000000000002000005240001801400018008000100e000000108000200000000000c0002800500010000000000240002801400018008000100e000000108000200ac1e00010c00028005000100000000000800074000000000100016"], 0x74}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYRES64=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_free\x00', r4}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=4638):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

78127][T19996] total_rss 6635520
[  273.481919][T19996] total_shmem 0
[  273.485438][T19996] total_mapped_file 0
[  273.489408][T19996] total_dirty 0
[  273.492907][T19996] total_writeback 0
[  273.496727][T19996] total_workingset_refault_anon 75
[  273.501813][T19996] total_workingset_refault_file 0
[  273.506875][T19996] total_swap 450560
[  273.510670][T19996] total_swapcached 0
[  273.514550][T19996] total_pgpgin 3213
[  273.518384][T19996] total_pgpgout 1584
[  273.522310][T19996] total_pgfault 3406
[  273.526200][T19996] total_pgmajfault 46
[  273.530176][T19996] total_inactive_anon 0
[  273.534326][T19996] total_active_anon 0
[  273.538380][T19996] total_inactive_file 6647808
[  273.543119][T19996] total_active_file 24576
[  273.547460][T19996] total_unevictable 0
[  273.551414][T19996] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.3917,pid=19996,uid=0
[  273.566113][T19996] Memory cgroup out of memory: Killed process 19996 (syz.6.3917) total-vm:93896kB, anon-rss:7472kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000
[  273.699525][T20088] all: renamed from bridge_slave_0 (while UP)
[  273.713136][T20090] nfs4: Bad value for 'source'
[  273.893763][T20103] wireguard0: entered promiscuous mode
[  273.899295][T20103] wireguard0: entered allmulticast mode
[  273.958761][T20108] wireguard0: entered promiscuous mode
[  273.964362][T20108] wireguard0: entered allmulticast mode
[  273.999152][T20118] loop3: detected capacity change from 0 to 512
[  274.054991][T20118] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3944: bg 0: block 393: padding at end of block bitmap is not set
[  274.077663][T20118] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  274.092642][T20125] openvswitch: netlink: Message has 6 unknown bytes.
[  274.100010][T20118] EXT4-fs (loop3): 2 truncates cleaned up
[  274.106191][T20118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.136542][T16642] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.279371][T20139] validate_nla: 3 callbacks suppressed
[  274.279389][T20139] netlink: 'syz.3.3949': attribute type 10 has an invalid length.
[  274.285756][T20036] netlink: 7 bytes leftover after parsing attributes in process `syz.2.3924'.
[  274.321299][T20139] team0: Device ipvlan0 failed to register rx_handler
[  274.365219][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.478920][T20170] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3955'.
[  274.596046][T20198] netlink: 'syz.3.3960': attribute type 7 has an invalid length.
[  274.603941][T20198] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3960'.
[  274.675161][T20203] netlink: 'syz.0.3963': attribute type 3 has an invalid length.
[  274.739361][T20210] capability: warning: `syz.1.3966' uses 32-bit capabilities (legacy support in use)
[  274.760905][T20210] sctp: [Deprecated]: syz.1.3966 (pid 20210) Use of struct sctp_assoc_value in delayed_ack socket option.
[  274.760905][T20210] Use struct sctp_sack_info instead
[  274.828731][T20207] loop3: detected capacity change from 0 to 2048
[  274.844185][T20207] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  274.971475][T20224] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22
[  275.027871][T20229] netlink: 'syz.3.3972': attribute type 7 has an invalid length.
[  275.035782][T20229] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3972'.
[  275.194037][T20239] Illegal XDP return value 1908240308 on prog  (id 2531) dev N/A, expect packet loss!
[  275.208849][T20232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.218566][T20232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.280944][T20249] FAULT_INJECTION: forcing a failure.
[  275.280944][T20249] name failslab, interval 1, probability 0, space 0, times 0
[  275.293711][T20249] CPU: 1 UID: 0 PID: 20249 Comm: syz.2.3975 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  275.293745][T20249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  275.293758][T20249] Call Trace:
[  275.293765][T20249]  <TASK>
[  275.293773][T20249]  __dump_stack+0x1d/0x30
[  275.293793][T20249]  dump_stack_lvl+0xe8/0x140
[  275.293838][T20249]  dump_stack+0x15/0x1b
[  275.293859][T20249]  should_fail_ex+0x265/0x280
[  275.293878][T20249]  ? xdp_umem_create+0x3c/0x5c0
[  275.293906][T20249]  should_failslab+0x8c/0xb0
[  275.293962][T20249]  __kmalloc_cache_noprof+0x4c/0x320
[  275.293990][T20249]  xdp_umem_create+0x3c/0x5c0
[  275.294016][T20249]  ? should_fail_ex+0xdb/0x280
[  275.294072][T20249]  xsk_setsockopt+0x5ea/0x640
[  275.294098][T20249]  ? __pfx_xsk_setsockopt+0x10/0x10
[  275.294199][T20249]  __sys_setsockopt+0x181/0x200
[  275.294222][T20249]  __x64_sys_setsockopt+0x64/0x80
[  275.294312][T20249]  x64_sys_call+0x20ec/0x2ff0
[  275.294332][T20249]  do_syscall_64+0xd2/0x200
[  275.294356][T20249]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  275.294407][T20249]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  275.294430][T20249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.294451][T20249] RIP: 0033:0x7fdbb152ebe9
[  275.294501][T20249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.294519][T20249] RSP: 002b:00007fdbaff8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  275.294540][T20249] RAX: ffffffffffffffda RBX: 00007fdbb1755fa0 RCX: 00007fdbb152ebe9
[  275.294556][T20249] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003
[  275.294572][T20249] RBP: 00007fdbaff8f090 R08: 0000000000000020 R09: 0000000000000000
[  275.294588][T20249] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  275.294604][T20249] R13: 00007fdbb1756038 R14: 00007fdbb1755fa0 R15: 00007ffd95a51d48
[  275.294679][T20249]  </TASK>
[  275.694359][T20263] nfs4: Bad value for 'source'
[  276.020038][T20301] wireguard0: entered promiscuous mode
[  276.025673][T20301] wireguard0: entered allmulticast mode
[  276.144686][T20341] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4000'.
[  276.182982][T20344] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4001'.
[  276.192292][T20344] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  276.199820][T20344] batman_adv: batadv0: Removing interface: batadv_slave_0
[  276.210026][T20344] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  276.210417][T20306] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3997'.
[  276.217503][T20344] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.237507][T20306] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3997'.
[  276.328782][T20351] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4002'.
[  276.343553][T20351] loop6: detected capacity change from 0 to 2048
[  276.355385][T20351] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.368949][T20351] FAULT_INJECTION: forcing a failure.
[  276.368949][T20351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.382118][T20351] CPU: 1 UID: 0 PID: 20351 Comm: syz.6.4002 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  276.382190][T20351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  276.382205][T20351] Call Trace:
[  276.382213][T20351]  <TASK>
[  276.382222][T20351]  __dump_stack+0x1d/0x30
[  276.382246][T20351]  dump_stack_lvl+0xe8/0x140
[  276.382304][T20351]  dump_stack+0x15/0x1b
[  276.382324][T20351]  should_fail_ex+0x265/0x280
[  276.382371][T20351]  should_fail+0xb/0x20
[  276.382387][T20351]  should_fail_usercopy+0x1a/0x20
[  276.382408][T20351]  _copy_from_user+0x1c/0xb0
[  276.382501][T20351]  eventfd_write+0x73/0x3b0
[  276.382528][T20351]  ? __pfx_eventfd_write+0x10/0x10
[  276.382551][T20351]  vfs_write+0x266/0x960
[  276.382585][T20351]  ? __rcu_read_unlock+0x4f/0x70
[  276.382619][T20351]  ? __fget_files+0x184/0x1c0
[  276.382636][T20351]  ksys_write+0xda/0x1a0
[  276.382700][T20351]  __x64_sys_write+0x40/0x50
[  276.382714][T20351]  x64_sys_call+0x27fe/0x2ff0
[  276.382728][T20351]  do_syscall_64+0xd2/0x200
[  276.382753][T20351]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  276.382848][T20351]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  276.382920][T20351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.382935][T20351] RIP: 0033:0x7fc0e123ebe9
[  276.382947][T20351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.382960][T20351] RSP: 002b:00007fc0dfc9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  276.382975][T20351] RAX: ffffffffffffffda RBX: 00007fc0e1465fa0 RCX: 00007fc0e123ebe9
[  276.382984][T20351] RDX: 0000000000000008 RSI: 0000200000000040 RDI: 0000000000000007
[  276.382992][T20351] RBP: 00007fc0dfc9f090 R08: 0000000000000000 R09: 0000000000000000
[  276.383027][T20351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.383035][T20351] R13: 00007fc0e1466038 R14: 00007fc0e1465fa0 R15: 00007ffdb6018ec8
[  276.383122][T20351]  </TASK>
[  276.597278][T20357] FAULT_INJECTION: forcing a failure.
[  276.597278][T20357] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  276.610699][T20357] CPU: 1 UID: 0 PID: 20357 Comm: syz.3.4003 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  276.610823][T20357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  276.610834][T20357] Call Trace:
[  276.610839][T20357]  <TASK>
[  276.610846][T20357]  __dump_stack+0x1d/0x30
[  276.610865][T20357]  dump_stack_lvl+0xe8/0x140
[  276.610880][T20357]  dump_stack+0x15/0x1b
[  276.610893][T20357]  should_fail_ex+0x265/0x280
[  276.610956][T20357]  should_fail_alloc_page+0xf2/0x100
[  276.610976][T20357]  __alloc_frozen_pages_noprof+0xff/0x360
[  276.611170][T20357]  alloc_pages_mpol+0xb3/0x250
[  276.611207][T20357]  vma_alloc_folio_noprof+0x1aa/0x300
[  276.611284][T20357]  handle_mm_fault+0xec2/0x2c20
[  276.611306][T20357]  ? __rcu_read_lock+0x37/0x50
[  276.611328][T20357]  ? __pte_offset_map_lock+0x1d4/0x230
[  276.611372][T20357]  __get_user_pages+0x102e/0x1fa0
[  276.611424][T20357]  __gup_longterm_locked+0x8f4/0xe60
[  276.611528][T20357]  ? exc_page_fault+0x62/0xa0
[  276.611545][T20357]  ? should_fail_ex+0xdb/0x280
[  276.611559][T20357]  pin_user_pages_remote+0x7e/0xb0
[  276.611588][T20357]  process_vm_rw+0x484/0x960
[  276.611680][T20357]  __x64_sys_process_vm_writev+0x78/0x90
[  276.611732][T20357]  x64_sys_call+0x2a7c/0x2ff0
[  276.611747][T20357]  do_syscall_64+0xd2/0x200
[  276.611770][T20357]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  276.611785][T20357]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  276.611801][T20357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.611820][T20357] RIP: 0033:0x7ff1a6bfebe9
[  276.611850][T20357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.611859][T20357] RSP: 002b:00007ff1a5667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  276.611871][T20357] RAX: ffffffffffffffda RBX: 00007ff1a6e25fa0 RCX: 00007ff1a6bfebe9
[  276.611944][T20357] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 000000000000012a
[  276.612023][T20357] RBP: 00007ff1a5667090 R08: 000000000000023a R09: 0000000000000000
[  276.612029][T20357] R10: 0000200000121000 R11: 0000000000000246 R12: 0000000000000002
[  276.612035][T20357] R13: 00007ff1a6e26038 R14: 00007ff1a6e25fa0 R15: 00007fffb2502608
[  276.612045][T20357]  </TASK>
[  276.612482][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.869493][   T29] kauditd_printk_skb: 371 callbacks suppressed
[  276.869508][   T29] audit: type=1326 audit(2000000177.807:25677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  276.899374][   T29] audit: type=1326 audit(2000000177.807:25678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  276.922979][   T29] audit: type=1326 audit(2000000177.807:25679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  276.996936][T20394] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4007'.
[  277.007080][   T29] audit: type=1326 audit(2000000177.887:25680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  277.030937][   T29] audit: type=1326 audit(2000000177.887:25681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  277.054755][   T29] audit: type=1326 audit(2000000177.887:25682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  277.078413][   T29] audit: type=1326 audit(2000000177.887:25683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  277.102032][   T29] audit: type=1326 audit(2000000177.887:25684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  277.125751][   T29] audit: type=1326 audit(2000000177.887:25685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  277.149440][   T29] audit: type=1326 audit(2000000177.887:25686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20386 comm="syz.6.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  277.328754][T20419] netlink: 'syz.6.4014': attribute type 4 has an invalid length.
[  277.338175][T20417] netlink: 'syz.0.4013': attribute type 4 has an invalid length.
[  277.351499][T20419] netlink: 'syz.6.4014': attribute type 4 has an invalid length.
[  277.365191][T20417] netlink: 'syz.0.4013': attribute type 4 has an invalid length.
[  277.972486][T20453] netlink: 'syz.3.4029': attribute type 21 has an invalid length.
[  278.025478][T20457] FAULT_INJECTION: forcing a failure.
[  278.025478][T20457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.038662][T20457] CPU: 0 UID: 0 PID: 20457 Comm: syz.3.4031 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  278.038692][T20457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  278.038706][T20457] Call Trace:
[  278.038713][T20457]  <TASK>
[  278.038722][T20457]  __dump_stack+0x1d/0x30
[  278.038747][T20457]  dump_stack_lvl+0xe8/0x140
[  278.038768][T20457]  dump_stack+0x15/0x1b
[  278.038835][T20457]  should_fail_ex+0x265/0x280
[  278.038859][T20457]  should_fail+0xb/0x20
[  278.038878][T20457]  should_fail_usercopy+0x1a/0x20
[  278.038903][T20457]  _copy_from_user+0x1c/0xb0
[  278.039010][T20457]  perf_copy_attr+0x145/0x610
[  278.039099][T20457]  __se_sys_perf_event_open+0x67/0x11c0
[  278.039128][T20457]  ? vfs_write+0x7e8/0x960
[  278.039152][T20457]  ? __rcu_read_unlock+0x4f/0x70
[  278.039182][T20457]  __x64_sys_perf_event_open+0x67/0x80
[  278.039212][T20457]  x64_sys_call+0x7bd/0x2ff0
[  278.039275][T20457]  do_syscall_64+0xd2/0x200
[  278.039300][T20457]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  278.039323][T20457]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  278.039347][T20457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.039414][T20457] RIP: 0033:0x7ff1a6bfebe9
[  278.039453][T20457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.039471][T20457] RSP: 002b:00007ff1a5667038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  278.039491][T20457] RAX: ffffffffffffffda RBX: 00007ff1a6e25fa0 RCX: 00007ff1a6bfebe9
[  278.039506][T20457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  278.039520][T20457] RBP: 00007ff1a5667090 R08: 0000000000000000 R09: 0000000000000000
[  278.039536][T20457] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  278.039551][T20457] R13: 00007ff1a6e26038 R14: 00007ff1a6e25fa0 R15: 00007fffb2502608
[  278.039570][T20457]  </TASK>
[  278.265890][T20461] nfs4: Bad value for 'source'
[  278.346683][T20477] loop7: detected capacity change from 0 to 7
[  278.468325][T20484] @: renamed from vlan0 (while UP)
[  278.475145][T20486] netlink: 'syz.1.4038': attribute type 10 has an invalid length.
[  278.476536][T20486] team0: Device ipvlan0 failed to register rx_handler
[  278.561281][T20492] FAULT_INJECTION: forcing a failure.
[  278.561281][T20492] name failslab, interval 1, probability 0, space 0, times 0
[  278.561337][T20492] CPU: 0 UID: 0 PID: 20492 Comm: syz.2.4040 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  278.561368][T20492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  278.561381][T20492] Call Trace:
[  278.561389][T20492]  <TASK>
[  278.561397][T20492]  __dump_stack+0x1d/0x30
[  278.561450][T20492]  dump_stack_lvl+0xe8/0x140
[  278.561468][T20492]  dump_stack+0x15/0x1b
[  278.561507][T20492]  should_fail_ex+0x265/0x280
[  278.561573][T20492]  should_failslab+0x8c/0xb0
[  278.561601][T20492]  kmem_cache_alloc_noprof+0x50/0x310
[  278.561629][T20492]  ? getname_flags+0x80/0x3b0
[  278.561738][T20492]  getname_flags+0x80/0x3b0
[  278.561838][T20492]  user_path_at+0x28/0x130
[  278.561872][T20492]  __se_sys_chroot+0x45/0x230
[  278.561943][T20492]  __x64_sys_chroot+0x1f/0x30
[  278.561971][T20492]  x64_sys_call+0x214f/0x2ff0
[  278.562029][T20492]  do_syscall_64+0xd2/0x200
[  278.562067][T20492]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  278.562113][T20492]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  278.562170][T20492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.562194][T20492] RIP: 0033:0x7fdbb152ebe9
[  278.562232][T20492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.562254][T20492] RSP: 002b:00007fdbaff8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a1
[  278.562276][T20492] RAX: ffffffffffffffda RBX: 00007fdbb1755fa0 RCX: 00007fdbb152ebe9
[  278.562291][T20492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  278.562364][T20492] RBP: 00007fdbaff8f090 R08: 0000000000000000 R09: 0000000000000000
[  278.562377][T20492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.562390][T20492] R13: 00007fdbb1756038 R14: 00007fdbb1755fa0 R15: 00007ffd95a51d48
[  278.562407][T20492]  </TASK>
[  278.740621][T20493] team0 (unregistering): Port device team_slave_0 removed
[  278.751075][T20493] team0 (unregistering): Port device team_slave_1 removed
[  278.904547][T20560] wireguard0: entered promiscuous mode
[  278.910774][T20560] wireguard0: entered allmulticast mode
[  279.667509][T20610] __nla_validate_parse: 5 callbacks suppressed
[  279.667525][T20610] netlink: 240 bytes leftover after parsing attributes in process `syz.2.4048'.
[  279.790732][T20617] netlink: 240 bytes leftover after parsing attributes in process `syz.3.4051'.
[  279.902631][T20622] nfs4: Bad value for 'source'
[  280.068384][T20638] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  280.685020][T20679] nfs4: Bad value for 'source'
[  280.756720][T20672] loop6: detected capacity change from 0 to 512
[  280.766417][T20672] EXT4-fs: Ignoring removed nobh option
[  280.808062][T20672] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #3: comm syz.6.4067: corrupted inode contents
[  280.830287][T20672] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #3: comm syz.6.4067: mark_inode_dirty error
[  280.864438][T20672] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #3: comm syz.6.4067: corrupted inode contents
[  280.888770][T20672] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #3: comm syz.6.4067: mark_inode_dirty error
[  280.916200][T20672] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.4067: Failed to acquire dquot type 0
[  280.938157][T20672] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4067: corrupted inode contents
[  280.959064][T20672] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #16: comm syz.6.4067: mark_inode_dirty error
[  280.973035][T20672] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4067: corrupted inode contents
[  280.999722][T20672] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.4067: mark_inode_dirty error
[  281.043603][T20672] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4067: corrupted inode contents
[  281.077829][T20672] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  281.091230][T20672] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4067: corrupted inode contents
[  281.126873][T20672] EXT4-fs error (device loop6): ext4_truncate:4666: inode #16: comm syz.6.4067: mark_inode_dirty error
[  281.144431][T20672] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  281.154078][T20672] EXT4-fs (loop6): 1 truncate cleaned up
[  281.179145][T20672] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.193072][T20672] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  281.334606][T20710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4075'.
[  281.374168][T20710] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4075'.
[  281.510314][T20737] loop3: detected capacity change from 0 to 512
[  281.518245][T20737] EXT4-fs: Ignoring removed mblk_io_submit option
[  281.526136][T20737] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  281.537622][T20737] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  281.546111][T20737] System zones: 1-12
[  281.551270][T20737] EXT4-fs (loop3): 1 truncate cleaned up
[  281.560768][T20737] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.788180][T20667] syz.6.4067 (20667) used greatest stack depth: 6144 bytes left
[  281.798563][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.835630][T20771] loop6: detected capacity change from 0 to 512
[  281.846300][T20771] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.858959][T20771] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.869938][T20771] netlink: 180 bytes leftover after parsing attributes in process `syz.6.4084'.
[  281.880022][T20771] netlink: 180 bytes leftover after parsing attributes in process `syz.6.4084'.
[  281.895530][T20771] 
: renamed from bond0 (while UP)
[  281.895611][   T29] kauditd_printk_skb: 266 callbacks suppressed
[  281.895626][   T29] audit: type=1400 audit(2000000182.837:25951): avc:  denied  { ioctl } for  pid=20770 comm="syz.6.4084" path="socket:[47067]" dev="sockfs" ino=47067 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  281.942875][T20771] netlink: 'syz.6.4084': attribute type 4 has an invalid length.
[  281.966552][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.009139][   T29] audit: type=1400 audit(2000000182.957:25952): avc:  denied  { sqpoll } for  pid=20778 comm="syz.6.4085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  282.355893][   T29] audit: type=1400 audit(2000000183.297:25953): avc:  denied  { name_bind } for  pid=20783 comm="syz.1.4087" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  282.407113][T16642] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /135/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  282.452119][   T29] audit: type=1400 audit(2000000183.387:25954): avc:  denied  { remove_name } for  pid=16642 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  282.475602][   T29] audit: type=1400 audit(2000000183.387:25955): avc:  denied  { rmdir } for  pid=16642 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  282.498827][T16642] EXT4-fs error (device loop3): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  282.521164][T16642] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /135/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  282.553186][T16642] EXT4-fs error (device loop3): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  282.593715][T16642] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /135/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  282.647993][T16642] EXT4-fs error (device loop3): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  282.688332][T16642] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /135/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  282.743532][T16642] EXT4-fs error (device loop3): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  282.784405][T16642] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /135/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  282.832930][T16642] EXT4-fs error (device loop3): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  282.921180][T20814] nfs4: Bad value for 'source'
[  283.012491][   T29] audit: type=1326 audit(2000000183.947:25956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz.2.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  283.065026][   T29] audit: type=1326 audit(2000000183.947:25957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz.2.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  283.069963][T20832] tipc: Started in network mode
[  283.088765][   T29] audit: type=1326 audit(2000000183.947:25958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz.2.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  283.093609][T20832] tipc: Node identity 0a36a2a26d3f, cluster identity 4711
[  283.117236][   T29] audit: type=1326 audit(2000000183.947:25959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz.2.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  283.124401][T20832] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  283.147910][   T29] audit: type=1326 audit(2000000183.947:25960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz.2.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  283.287415][ T3573] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.298528][T20766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.312110][T20831] tipc: Resetting bearer <eth:syzkaller0>
[  283.331488][T20831] tipc: Disabling bearer <eth:syzkaller0>
[  283.347119][ T3573] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.426807][ T3573] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.505391][ T3573] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.528429][T20853] loop6: detected capacity change from 0 to 2048
[  283.552526][T20853] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.652988][ T3573] bridge_slave_1: left allmulticast mode
[  283.658857][ T3573] bridge_slave_1: left promiscuous mode
[  283.664693][ T3573] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.695660][ T3573] bridge_slave_0: left allmulticast mode
[  283.701439][ T3573] bridge_slave_0: left promiscuous mode
[  283.707156][ T3573] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.877408][ T3573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  283.895913][ T3573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.919696][ T3573] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  283.939171][T20899] netlink: 'syz.0.4106': attribute type 10 has an invalid length.
[  283.939437][ T3573] bond0 (unregistering): Released all slaves
[  283.996133][T20904] 9pnet_fd: Insufficient options for proto=fd
[  284.035973][ T3573] hsr_slave_0: left promiscuous mode
[  284.047126][ T3573] hsr_slave_1: left promiscuous mode
[  284.055994][ T3573] veth1_macvtap: left promiscuous mode
[  284.061555][ T3573] veth0_macvtap: left promiscuous mode
[  284.067281][ T3573] veth1_vlan: left promiscuous mode
[  284.074589][ T3573] veth0_vlan: left promiscuous mode
[  284.189355][ T3573] team0 (unregistering): Port device team_slave_1 removed
[  284.209668][ T3573] team0 (unregistering): Port device team_slave_0 removed
[  284.324472][T20943] FAULT_INJECTION: forcing a failure.
[  284.324472][T20943] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  284.337589][T20943] CPU: 1 UID: 0 PID: 20943 Comm: syz.0.4117 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  284.337655][T20943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  284.337691][T20943] Call Trace:
[  284.337699][T20943]  <TASK>
[  284.337709][T20943]  __dump_stack+0x1d/0x30
[  284.337732][T20943]  dump_stack_lvl+0xe8/0x140
[  284.337751][T20943]  dump_stack+0x15/0x1b
[  284.337767][T20943]  should_fail_ex+0x265/0x280
[  284.337787][T20943]  should_fail+0xb/0x20
[  284.337855][T20943]  should_fail_usercopy+0x1a/0x20
[  284.337880][T20943]  _copy_from_user+0x1c/0xb0
[  284.337994][T20943]  ___sys_sendmsg+0xc1/0x1d0
[  284.338026][T20943]  __x64_sys_sendmsg+0xd4/0x160
[  284.338050][T20943]  x64_sys_call+0x191e/0x2ff0
[  284.338099][T20943]  do_syscall_64+0xd2/0x200
[  284.338130][T20943]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  284.338158][T20943]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  284.338186][T20943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.338245][T20943] RIP: 0033:0x7f724c02ebe9
[  284.338262][T20943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.338288][T20943] RSP: 002b:00007f724aa97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  284.338363][T20943] RAX: ffffffffffffffda RBX: 00007f724c255fa0 RCX: 00007f724c02ebe9
[  284.338378][T20943] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  284.338390][T20943] RBP: 00007f724aa97090 R08: 0000000000000000 R09: 0000000000000000
[  284.338468][T20943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  284.338483][T20943] R13: 00007f724c256038 R14: 00007f724c255fa0 R15: 00007ffc43baeb18
[  284.338504][T20943]  </TASK>
[  284.567973][T20850] chnl_net:caif_netlink_parms(): no params data found
[  284.612002][T21037] nfs4: Bad value for 'source'
[  284.621508][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.663100][ T3573] IPVS: stop unused estimator thread 0...
[  284.765999][T21085] 9pnet_fd: Insufficient options for proto=fd
[  284.778746][T20850] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.785875][T20850] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.807790][T20850] bridge_slave_0: entered allmulticast mode
[  284.815921][T20850] bridge_slave_0: entered promiscuous mode
[  284.835905][T20850] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.842998][T20850] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.851057][T20850] bridge_slave_1: entered allmulticast mode
[  284.851428][T21105] netlink: 'syz.1.4124': attribute type 10 has an invalid length.
[  284.890649][T20850] bridge_slave_1: entered promiscuous mode
[  284.935893][T21112] FAULT_INJECTION: forcing a failure.
[  284.935893][T21112] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  284.949233][T21112] CPU: 0 UID: 0 PID: 21112 Comm: syz.2.4128 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  284.949266][T21112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  284.949278][T21112] Call Trace:
[  284.949286][T21112]  <TASK>
[  284.949294][T21112]  __dump_stack+0x1d/0x30
[  284.949351][T21112]  dump_stack_lvl+0xe8/0x140
[  284.949375][T21112]  dump_stack+0x15/0x1b
[  284.949396][T21112]  should_fail_ex+0x265/0x280
[  284.949417][T21112]  should_fail_alloc_page+0xf2/0x100
[  284.949444][T21112]  __alloc_frozen_pages_noprof+0xff/0x360
[  284.949589][T21112]  alloc_pages_mpol+0xb3/0x250
[  284.949647][T21112]  vma_alloc_folio_noprof+0x1aa/0x300
[  284.949687][T21112]  handle_mm_fault+0xec2/0x2c20
[  284.949711][T21112]  ? __rcu_read_lock+0x37/0x50
[  284.949731][T21112]  ? __pte_offset_map_lock+0x1d4/0x230
[  284.949877][T21112]  __get_user_pages+0x102e/0x1fa0
[  284.949906][T21112]  __gup_longterm_locked+0x8f4/0xe60
[  284.949967][T21112]  ? security_ptrace_access_check+0x69/0x80
[  284.949990][T21112]  ? __ptrace_may_access+0x2c3/0x340
[  284.950018][T21112]  pin_user_pages_remote+0x7e/0xb0
[  284.950120][T21112]  process_vm_rw+0x484/0x960
[  284.950170][T21112]  __x64_sys_process_vm_writev+0x78/0x90
[  284.950206][T21112]  x64_sys_call+0x2a7c/0x2ff0
[  284.950290][T21112]  do_syscall_64+0xd2/0x200
[  284.950392][T21112]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  284.950415][T21112]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  284.950454][T21112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.950480][T21112] RIP: 0033:0x7fdbb152ebe9
[  284.950497][T21112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.950557][T21112] RSP: 002b:00007fdbaff8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  284.950579][T21112] RAX: ffffffffffffffda RBX: 00007fdbb1755fa0 RCX: 00007fdbb152ebe9
[  284.950596][T21112] RDX: 0000000000000001 RSI: 0000200000001c80 RDI: 00000000000001d9
[  284.950612][T21112] RBP: 00007fdbaff8f090 R08: 0000000000000001 R09: 0000000000000000
[  284.950628][T21112] R10: 0000200000001d80 R11: 0000000000000246 R12: 0000000000000002
[  284.950643][T21112] R13: 00007fdbb1756038 R14: 00007fdbb1755fa0 R15: 00007ffd95a51d48
[  284.950664][T21112]  </TASK>
[  284.973973][T21093] FAULT_INJECTION: forcing a failure.
[  284.973973][T21093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.191038][T21093] CPU: 1 UID: 0 PID: 21093 Comm: syz.1.4124 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  285.191138][T21093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  285.191153][T21093] Call Trace:
[  285.191161][T21093]  <TASK>
[  285.191170][T21093]  __dump_stack+0x1d/0x30
[  285.191196][T21093]  dump_stack_lvl+0xe8/0x140
[  285.191222][T21093]  dump_stack+0x15/0x1b
[  285.191284][T21093]  should_fail_ex+0x265/0x280
[  285.191305][T21093]  should_fail+0xb/0x20
[  285.191326][T21093]  should_fail_usercopy+0x1a/0x20
[  285.191399][T21093]  strncpy_from_user+0x25/0x230
[  285.191430][T21093]  ? kmem_cache_alloc_noprof+0x186/0x310
[  285.191456][T21093]  ? getname_flags+0x80/0x3b0
[  285.191489][T21093]  getname_flags+0xae/0x3b0
[  285.191585][T21093]  user_path_at+0x28/0x130
[  285.191615][T21093]  do_fchownat+0xb0/0x210
[  285.191704][T21093]  __x64_sys_lchown+0x4a/0x60
[  285.191730][T21093]  x64_sys_call+0x2861/0x2ff0
[  285.191750][T21093]  do_syscall_64+0xd2/0x200
[  285.191797][T21093]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  285.191821][T21093]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  285.191843][T21093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.191863][T21093] RIP: 0033:0x7f0b86d0ebe9
[  285.191882][T21093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.191908][T21093] RSP: 002b:00007f0b8576f038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  285.191927][T21093] RAX: ffffffffffffffda RBX: 00007f0b86f35fa0 RCX: 00007f0b86d0ebe9
[  285.191941][T21093] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 00002000000006c0
[  285.192003][T21093] RBP: 00007f0b8576f090 R08: 0000000000000000 R09: 0000000000000000
[  285.192018][T21093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.192032][T21093] R13: 00007f0b86f36038 R14: 00007f0b86f35fa0 R15: 00007ffc18a70178
[  285.192059][T21093]  </TASK>
[  285.388550][T20850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  285.422469][T20850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  285.486202][T20850] team0: Port device team_slave_0 added
[  285.492937][T20850] team0: Port device team_slave_1 added
[  285.575265][T20850] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.582243][T20850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.608222][T20850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.717461][T20850] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.724493][T20850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.750981][T20850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.888402][T20850] hsr_slave_0: entered promiscuous mode
[  285.908452][T20850] hsr_slave_1: entered promiscuous mode
[  285.930388][T21208] SELinux: failed to load policy
[  285.930599][T20850] debugfs: 'hsr0' already exists in 'hsr'
[  285.941399][T20850] Cannot create hsr debugfs directory
[  286.006923][T21208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4136'.
[  286.015944][T21208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4136'.
[  286.169415][T21307] nfs4: Bad value for 'source'
[  286.188668][T20850] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  286.221386][T20850] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  286.231390][T20850] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  286.243379][T20850] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  286.296537][T21330] FAULT_INJECTION: forcing a failure.
[  286.296537][T21330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.309770][T21330] CPU: 1 UID: 0 PID: 21330 Comm: syz.0.4144 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  286.309906][T21330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  286.309918][T21330] Call Trace:
[  286.309923][T21330]  <TASK>
[  286.309930][T21330]  __dump_stack+0x1d/0x30
[  286.309955][T21330]  dump_stack_lvl+0xe8/0x140
[  286.310052][T21330]  dump_stack+0x15/0x1b
[  286.310070][T21330]  should_fail_ex+0x265/0x280
[  286.310090][T21330]  should_fail+0xb/0x20
[  286.310107][T21330]  should_fail_usercopy+0x1a/0x20
[  286.310128][T21330]  _copy_from_iter+0xcf/0xe40
[  286.310214][T21330]  ? __build_skb_around+0x1a0/0x200
[  286.310252][T21330]  ? __alloc_skb+0x223/0x320
[  286.310288][T21330]  netlink_sendmsg+0x471/0x6b0
[  286.310310][T21330]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.310368][T21330]  __sock_sendmsg+0x142/0x180
[  286.310407][T21330]  ____sys_sendmsg+0x31e/0x4e0
[  286.310435][T21330]  ___sys_sendmsg+0x17b/0x1d0
[  286.310467][T21330]  __x64_sys_sendmsg+0xd4/0x160
[  286.310490][T21330]  x64_sys_call+0x191e/0x2ff0
[  286.310510][T21330]  do_syscall_64+0xd2/0x200
[  286.310673][T21330]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  286.310747][T21330]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  286.310843][T21330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.310866][T21330] RIP: 0033:0x7f724c02ebe9
[  286.310886][T21330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.310949][T21330] RSP: 002b:00007f724aa97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  286.310972][T21330] RAX: ffffffffffffffda RBX: 00007f724c255fa0 RCX: 00007f724c02ebe9
[  286.310987][T21330] RDX: 0000000020008000 RSI: 0000200000000500 RDI: 0000000000000003
[  286.311003][T21330] RBP: 00007f724aa97090 R08: 0000000000000000 R09: 0000000000000000
[  286.311017][T21330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.311111][T21330] R13: 00007f724c256038 R14: 00007f724c255fa0 R15: 00007ffc43baeb18
[  286.311129][T21330]  </TASK>
[  286.542203][T20850] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.568528][T20850] 8021q: adding VLAN 0 to HW filter on device team0
[  286.653903][T21331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4141'.
[  286.654405][T20850] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  286.663448][T21331] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4141'.
[  286.673207][T20850] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  286.725284][ T3562] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.732453][ T3562] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.765045][ T3562] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.772206][ T3562] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.830184][T21344] FAULT_INJECTION: forcing a failure.
[  286.830184][T21344] name failslab, interval 1, probability 0, space 0, times 0
[  286.842904][T21344] CPU: 1 UID: 0 PID: 21344 Comm: syz.0.4150 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  286.843089][T21344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  286.843103][T21344] Call Trace:
[  286.843111][T21344]  <TASK>
[  286.843119][T21344]  __dump_stack+0x1d/0x30
[  286.843140][T21344]  dump_stack_lvl+0xe8/0x140
[  286.843159][T21344]  dump_stack+0x15/0x1b
[  286.843240][T21344]  should_fail_ex+0x265/0x280
[  286.843259][T21344]  ? __snd_timer_user_ioctl+0xe82/0x2470
[  286.843288][T21344]  should_failslab+0x8c/0xb0
[  286.843334][T21344]  __kmalloc_cache_noprof+0x4c/0x320
[  286.843368][T21344]  __snd_timer_user_ioctl+0xe82/0x2470
[  286.843409][T21344]  ? __pfx_snd_timer_user_ioctl+0x10/0x10
[  286.843451][T21344]  snd_timer_user_ioctl+0x45/0x90
[  286.843478][T21344]  __se_sys_ioctl+0xcb/0x140
[  286.843508][T21344]  __x64_sys_ioctl+0x43/0x50
[  286.843583][T21344]  x64_sys_call+0x1816/0x2ff0
[  286.843603][T21344]  do_syscall_64+0xd2/0x200
[  286.843654][T21344]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  286.843808][T21344]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  286.843902][T21344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.843925][T21344] RIP: 0033:0x7f724c02ebe9
[  286.843994][T21344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.844041][T21344] RSP: 002b:00007f724aa97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  286.844127][T21344] RAX: ffffffffffffffda RBX: 00007f724c255fa0 RCX: 00007f724c02ebe9
[  286.844142][T21344] RDX: 0000200000000000 RSI: 0000000040345410 RDI: 0000000000000003
[  286.844156][T21344] RBP: 00007f724aa97090 R08: 0000000000000000 R09: 0000000000000000
[  286.844168][T21344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.844181][T21344] R13: 00007f724c256038 R14: 00007f724c255fa0 R15: 00007ffc43baeb18
[  286.844201][T21344]  </TASK>
[  287.053261][T21347] nfs4: Bad value for 'source'
[  287.067531][   T29] kauditd_printk_skb: 375 callbacks suppressed
[  287.067548][   T29] audit: type=1400 audit(2000000188.007:26336): avc:  denied  { sys_module } for  pid=20850 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  287.139650][   T29] audit: type=1326 audit(2000000188.077:26337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.163339][   T29] audit: type=1326 audit(2000000188.077:26338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.164747][T20850] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.279281][   T29] audit: type=1326 audit(2000000188.137:26339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.302956][   T29] audit: type=1326 audit(2000000188.137:26340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.326672][   T29] audit: type=1326 audit(2000000188.137:26341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.350555][   T29] audit: type=1326 audit(2000000188.147:26342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.374249][   T29] audit: type=1326 audit(2000000188.147:26343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.397949][   T29] audit: type=1326 audit(2000000188.147:26344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.421555][   T29] audit: type=1326 audit(2000000188.147:26345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21352 comm="syz.2.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  287.502938][T21363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4155'.
[  287.521197][T20850] veth0_vlan: entered promiscuous mode
[  287.536209][T21363] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4155'.
[  287.548603][T20850] veth1_vlan: entered promiscuous mode
[  287.574353][T20850] veth0_macvtap: entered promiscuous mode
[  287.586103][T20850] veth1_macvtap: entered promiscuous mode
[  287.594948][T21385] 9pnet_fd: Insufficient options for proto=fd
[  287.631860][T20850] batman_adv: batadv0: Interface activated: batadv_slave_0
[  287.646346][T20850] batman_adv: batadv0: Interface activated: batadv_slave_1
[  287.671220][ T3562] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  287.698878][ T3562] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  287.724816][T21389] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4162'.
[  287.733920][ T3596] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  287.764330][ T3596] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  287.819260][T21398] loop6: detected capacity change from 0 to 512
[  287.848375][T21401] netlink: 'syz.7.4166': attribute type 10 has an invalid length.
[  287.857932][T21398] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.872064][T21401] ipvlan0: entered allmulticast mode
[  287.877432][T21401] veth0_vlan: entered allmulticast mode
[  287.883820][T21398] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  287.896356][T21401] team0: Device ipvlan0 failed to register rx_handler
[  287.943528][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.297502][T21474] 9pnet_fd: Insufficient options for proto=fd
[  288.534594][T21484] loop6: detected capacity change from 0 to 512
[  288.579245][T21484] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.4189: Failed to acquire dquot type 1
[  288.592830][T21493] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4188'.
[  288.603319][T21484] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4189: corrupted inode contents
[  288.619429][T21481] bond_slave_0: entered promiscuous mode
[  288.625177][T21481] bond_slave_1: entered promiscuous mode
[  288.631967][T21484] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #16: comm syz.6.4189: mark_inode_dirty error
[  288.645273][T21481] macvlan2: entered allmulticast mode
[  288.650682][T21481] bond0: entered allmulticast mode
[  288.655838][T21481] bond_slave_0: entered allmulticast mode
[  288.661578][T21481] bond_slave_1: entered allmulticast mode
[  288.668924][T21485] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4188'.
[  288.677928][T21485] netlink: 'syz.2.4188': attribute type 7 has an invalid length.
[  288.685774][T21485] netlink: 'syz.2.4188': attribute type 8 has an invalid length.
[  288.693500][T21485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4188'.
[  288.703544][T21484] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4189: corrupted inode contents
[  288.704690][T21481] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  288.716656][T21484] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.4189: mark_inode_dirty error
[  288.731327][T21481] bridge0: port 3(macvlan2) entered blocking state
[  288.740185][T21481] bridge0: port 3(macvlan2) entered disabled state
[  288.740381][T21484] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4189: corrupted inode contents
[  288.761090][T21484] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  288.768113][T21481] macvlan2: entered promiscuous mode
[  288.769845][T21484] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4189: corrupted inode contents
[  288.774990][T21481] bond0: entered promiscuous mode
[  288.789024][T21484] EXT4-fs error (device loop6): ext4_truncate:4666: inode #16: comm syz.6.4189: mark_inode_dirty error
[  288.803124][T21484] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  288.813601][T21484] EXT4-fs (loop6): 1 truncate cleaned up
[  288.823154][T21484] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.824524][T21481] bridge0: port 3(macvlan2) entered blocking state
[  288.837671][T21484] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.842242][T21481] bridge0: port 3(macvlan2) entered forwarding state
[  288.870765][T21485] bridge0: entered promiscuous mode
[  288.880564][T21485] batadv_slave_1: entered promiscuous mode
[  288.896013][T21485] erspan0: entered promiscuous mode
[  288.915722][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.062170][T21515] FAULT_INJECTION: forcing a failure.
[  289.062170][T21515] name failslab, interval 1, probability 0, space 0, times 0
[  289.075126][T21515] CPU: 0 UID: 0 PID: 21515 Comm: syz.7.4196 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  289.075173][T21515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  289.075182][T21515] Call Trace:
[  289.075187][T21515]  <TASK>
[  289.075270][T21515]  __dump_stack+0x1d/0x30
[  289.075287][T21515]  dump_stack_lvl+0xe8/0x140
[  289.075308][T21515]  dump_stack+0x15/0x1b
[  289.075321][T21515]  should_fail_ex+0x265/0x280
[  289.075337][T21515]  should_failslab+0x8c/0xb0
[  289.075374][T21515]  __kvmalloc_node_noprof+0x123/0x4e0
[  289.075436][T21515]  ? traverse+0x9d/0x3a0
[  289.075544][T21515]  traverse+0x9d/0x3a0
[  289.075569][T21515]  ? path_openat+0x1bf8/0x2170
[  289.075653][T21515]  seq_read_iter+0x853/0x940
[  289.075691][T21515]  ? _parse_integer+0x27/0x40
[  289.075760][T21515]  seq_read+0x270/0x2b0
[  289.075846][T21515]  ? __pfx_seq_read+0x10/0x10
[  289.075872][T21515]  vfs_readv+0x3f8/0x690
[  289.075965][T21515]  __x64_sys_preadv+0xfd/0x1c0
[  289.075988][T21515]  x64_sys_call+0x282a/0x2ff0
[  289.076075][T21515]  do_syscall_64+0xd2/0x200
[  289.076125][T21515]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.076150][T21515]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  289.076173][T21515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.076193][T21515] RIP: 0033:0x7feb4402ebe9
[  289.076287][T21515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.076305][T21515] RSP: 002b:00007feb42a8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  289.076325][T21515] RAX: ffffffffffffffda RBX: 00007feb44255fa0 RCX: 00007feb4402ebe9
[  289.076337][T21515] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  289.076349][T21515] RBP: 00007feb42a8f090 R08: 0000000000000000 R09: 0000000000000000
[  289.076361][T21515] R10: 000000000000012e R11: 0000000000000246 R12: 0000000000000001
[  289.076372][T21515] R13: 00007feb44256038 R14: 00007feb44255fa0 R15: 00007ffc57ebd878
[  289.076389][T21515]  </TASK>
[  289.317482][T21517] netlink: 'syz.1.4197': attribute type 10 has an invalid length.
[  289.328453][T21531] wireguard0: entered promiscuous mode
[  289.334101][T21531] wireguard0: entered allmulticast mode
[  289.344191][   T10] IPVS: starting estimator thread 0...
[  289.367102][T21517] : (slave dummy0): Enslaving as an active interface with an up link
[  289.443971][T21536] IPVS: using max 3648 ests per chain, 182400 per kthread
[  289.500461][T21559] loop6: detected capacity change from 0 to 256
[  289.519775][T21562] nfs4: Bad value for 'source'
[  289.560324][T21570] wireguard0: entered promiscuous mode
[  289.565940][T21570] wireguard0: entered allmulticast mode
[  289.612813][T21580] loop6: detected capacity change from 0 to 512
[  289.622028][T21580] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4209: bg 0: block 393: padding at end of block bitmap is not set
[  289.636813][T21580] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  289.646269][T21580] EXT4-fs (loop6): 2 truncates cleaned up
[  289.652492][T21580] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.738749][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.837838][T21620] netlink: 'syz.0.4219': attribute type 1 has an invalid length.
[  289.947082][T21642] netlink: 'syz.6.4225': attribute type 10 has an invalid length.
[  289.955140][T21642] ipvlan0: entered allmulticast mode
[  289.960606][T21642] veth0_vlan: entered allmulticast mode
[  289.969590][T21642] team0: Device ipvlan0 failed to register rx_handler
[  289.993052][T21644] wireguard0: entered promiscuous mode
[  289.998637][T21644] wireguard0: entered allmulticast mode
[  290.442037][T21759] wireguard0: entered promiscuous mode
[  290.447617][T21759] wireguard0: entered allmulticast mode
[  290.989706][T21791] loop6: detected capacity change from 0 to 128
[  291.639866][T21855] wireguard0: entered promiscuous mode
[  291.645472][T21855] wireguard0: entered allmulticast mode
[  291.760744][T21838] loop6: detected capacity change from 0 to 512
[  291.774893][T21864] nfs4: Bad value for 'source'
[  291.876265][T21871] FAULT_INJECTION: forcing a failure.
[  291.876265][T21871] name failslab, interval 1, probability 0, space 0, times 0
[  291.889004][T21871] CPU: 1 UID: 0 PID: 21871 Comm: syz.2.4273 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  291.889034][T21871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  291.889090][T21871] Call Trace:
[  291.889099][T21871]  <TASK>
[  291.889109][T21871]  __dump_stack+0x1d/0x30
[  291.889143][T21871]  dump_stack_lvl+0xe8/0x140
[  291.889170][T21871]  dump_stack+0x15/0x1b
[  291.889185][T21871]  should_fail_ex+0x265/0x280
[  291.889210][T21871]  should_failslab+0x8c/0xb0
[  291.889240][T21871]  kmem_cache_alloc_node_noprof+0x57/0x320
[  291.889277][T21871]  ? __alloc_skb+0x101/0x320
[  291.889327][T21871]  __alloc_skb+0x101/0x320
[  291.889361][T21871]  tipc_msg_build+0xbe/0x840
[  291.889402][T21871]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  291.889456][T21871]  ? __rcu_read_unlock+0x4f/0x70
[  291.889486][T21871]  __tipc_sendmsg+0x140f/0x1b00
[  291.889526][T21871]  ? __pfx_woken_wake_function+0x10/0x10
[  291.889565][T21871]  ? lock_sock_nested+0x112/0x140
[  291.889595][T21871]  ? __cond_resched+0x4e/0x90
[  291.889620][T21871]  tipc_connect+0x372/0x420
[  291.889669][T21871]  ? __pfx_tipc_connect+0x10/0x10
[  291.889701][T21871]  __sys_connect+0x1f2/0x2b0
[  291.889740][T21871]  __x64_sys_connect+0x3f/0x50
[  291.889849][T21871]  x64_sys_call+0x2c08/0x2ff0
[  291.889913][T21871]  do_syscall_64+0xd2/0x200
[  291.889942][T21871]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  291.889976][T21871]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  291.890005][T21871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.890098][T21871] RIP: 0033:0x7fdbb152ebe9
[  291.890125][T21871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.890142][T21871] RSP: 002b:00007fdbaff6e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  291.890162][T21871] RAX: ffffffffffffffda RBX: 00007fdbb1756090 RCX: 00007fdbb152ebe9
[  291.890175][T21871] RDX: 0000000000000010 RSI: 0000200000000600 RDI: 0000000000000003
[  291.890209][T21871] RBP: 00007fdbaff6e090 R08: 0000000000000000 R09: 0000000000000000
[  291.890224][T21871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.890239][T21871] R13: 00007fdbb1756128 R14: 00007fdbb1756090 R15: 00007ffd95a51d48
[  291.890260][T21871]  </TASK>
[  292.150967][T21873] FAULT_INJECTION: forcing a failure.
[  292.150967][T21873] name failslab, interval 1, probability 0, space 0, times 0
[  292.163690][T21873] CPU: 0 UID: 0 PID: 21873 Comm: syz.7.4274 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  292.163752][T21873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  292.163767][T21873] Call Trace:
[  292.163775][T21873]  <TASK>
[  292.163785][T21873]  __dump_stack+0x1d/0x30
[  292.163812][T21873]  dump_stack_lvl+0xe8/0x140
[  292.163875][T21873]  dump_stack+0x15/0x1b
[  292.163895][T21873]  should_fail_ex+0x265/0x280
[  292.163920][T21873]  ? __pfx_cond_bools_destroy+0x10/0x10
[  292.164027][T21873]  should_failslab+0x8c/0xb0
[  292.164054][T21873]  kmem_cache_alloc_noprof+0x50/0x310
[  292.164141][T21873]  ? hashtab_duplicate+0xfe/0x360
[  292.164233][T21873]  ? __pfx_cond_bools_destroy+0x10/0x10
[  292.164300][T21873]  hashtab_duplicate+0xfe/0x360
[  292.164329][T21873]  ? __pfx_cond_bools_copy+0x10/0x10
[  292.164408][T21873]  cond_policydb_dup+0xd2/0x4e0
[  292.164436][T21873]  security_set_bools+0xa0/0x340
[  292.164465][T21873]  sel_commit_bools_write+0x1ea/0x270
[  292.164498][T21873]  vfs_writev+0x403/0x8b0
[  292.164558][T21873]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  292.164595][T21873]  ? mutex_lock+0xd/0x30
[  292.164652][T21873]  do_writev+0xe7/0x210
[  292.164690][T21873]  __x64_sys_writev+0x45/0x50
[  292.164777][T21873]  x64_sys_call+0x1e9a/0x2ff0
[  292.164799][T21873]  do_syscall_64+0xd2/0x200
[  292.164829][T21873]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  292.164891][T21873]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  292.164920][T21873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.164947][T21873] RIP: 0033:0x7feb4402ebe9
[  292.164966][T21873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.164985][T21873] RSP: 002b:00007feb42a8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  292.165117][T21873] RAX: ffffffffffffffda RBX: 00007feb44255fa0 RCX: 00007feb4402ebe9
[  292.165149][T21873] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000006
[  292.165161][T21873] RBP: 00007feb42a8f090 R08: 0000000000000000 R09: 0000000000000000
[  292.165173][T21873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  292.165234][T21873] R13: 00007feb44256038 R14: 00007feb44255fa0 R15: 00007ffc57ebd878
[  292.165251][T21873]  </TASK>
[  292.593724][   T29] kauditd_printk_skb: 791 callbacks suppressed
[  292.593743][   T29] audit: type=1326 audit(2000000193.527:27135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.653775][   T29] audit: type=1326 audit(2000000193.527:27136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.677624][   T29] audit: type=1326 audit(2000000193.537:27137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.701302][   T29] audit: type=1326 audit(2000000193.537:27138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.725046][   T29] audit: type=1326 audit(2000000193.537:27139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.749229][   T29] audit: type=1326 audit(2000000193.537:27140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.772854][   T29] audit: type=1326 audit(2000000193.537:27141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.796908][   T29] audit: type=1326 audit(2000000193.567:27142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.820510][   T29] audit: type=1326 audit(2000000193.567:27143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.844208][   T29] audit: type=1326 audit(2000000193.567:27144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21888 comm="syz.6.4281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fc0e123ebe9 code=0x7ffc0000
[  292.848299][T21893] netlink: 'syz.2.4283': attribute type 10 has an invalid length.
[  292.878030][T21895] nfs4: Bad value for 'source'
[  292.903269][T21893] team0: Device ipvlan0 failed to register rx_handler
[  293.228765][T21933] netlink: 'syz.1.4302': attribute type 10 has an invalid length.
[  293.246279][T21933] team0: Device ipvlan0 failed to register rx_handler
[  293.478285][T21966] FAULT_INJECTION: forcing a failure.
[  293.478285][T21966] name failslab, interval 1, probability 0, space 0, times 0
[  293.491032][T21966] CPU: 0 UID: 0 PID: 21966 Comm: syz.0.4312 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  293.491068][T21966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  293.491080][T21966] Call Trace:
[  293.491086][T21966]  <TASK>
[  293.491095][T21966]  __dump_stack+0x1d/0x30
[  293.491174][T21966]  dump_stack_lvl+0xe8/0x140
[  293.491193][T21966]  dump_stack+0x15/0x1b
[  293.491214][T21966]  should_fail_ex+0x265/0x280
[  293.491234][T21966]  should_failslab+0x8c/0xb0
[  293.491261][T21966]  __kmalloc_noprof+0xa5/0x3e0
[  293.491370][T21966]  ? nft_set_elem_expr_alloc+0xcf/0x330
[  293.491400][T21966]  nft_set_elem_expr_alloc+0xcf/0x330
[  293.491430][T21966]  nft_set_expr_alloc+0x27a/0x440
[  293.491482][T21966]  nf_tables_newset+0x128d/0x14e0
[  293.491509][T21966]  nfnetlink_rcv+0xb96/0x1690
[  293.491583][T21966]  netlink_unicast+0x5bd/0x690
[  293.491622][T21966]  netlink_sendmsg+0x58b/0x6b0
[  293.491647][T21966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  293.491733][T21966]  __sock_sendmsg+0x142/0x180
[  293.491825][T21966]  ____sys_sendmsg+0x31e/0x4e0
[  293.491859][T21966]  ___sys_sendmsg+0x17b/0x1d0
[  293.491888][T21966]  __x64_sys_sendmsg+0xd4/0x160
[  293.491911][T21966]  x64_sys_call+0x191e/0x2ff0
[  293.491934][T21966]  do_syscall_64+0xd2/0x200
[  293.492004][T21966]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  293.492032][T21966]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  293.492060][T21966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.492082][T21966] RIP: 0033:0x7f724c02ebe9
[  293.492165][T21966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.492221][T21966] RSP: 002b:00007f724aa97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  293.492247][T21966] RAX: ffffffffffffffda RBX: 00007f724c255fa0 RCX: 00007f724c02ebe9
[  293.492264][T21966] RDX: 0000000020050890 RSI: 00002000000000c0 RDI: 0000000000000005
[  293.492280][T21966] RBP: 00007f724aa97090 R08: 0000000000000000 R09: 0000000000000000
[  293.492295][T21966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  293.492384][T21966] R13: 00007f724c256038 R14: 00007f724c255fa0 R15: 00007ffc43baeb18
[  293.492404][T21966]  </TASK>
[  293.519159][T21944] __nla_validate_parse: 8 callbacks suppressed
[  293.519174][T21944] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4306'.
[  293.593845][T21955] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4306'.
[  293.678965][T21969] nfs4: Bad value for 'source'
[  294.125533][T21991] loop7: detected capacity change from 0 to 512
[  294.134036][T21991] EXT4-fs: Ignoring removed bh option
[  294.140007][T21991] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  294.149178][T21991] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  294.165011][T21991] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended
[  294.204858][T21991] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  294.216323][T21991] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.247873][T20850] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.524897][T22008] loop6: detected capacity change from 0 to 512
[  294.531499][T22008] EXT4-fs: Ignoring removed nobh option
[  294.570204][T22008] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #3: comm syz.6.4322: corrupted inode contents
[  294.602652][T22008] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #3: comm syz.6.4322: mark_inode_dirty error
[  294.633067][T22008] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #3: comm syz.6.4322: corrupted inode contents
[  294.684144][T22008] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #3: comm syz.6.4322: mark_inode_dirty error
[  294.712478][T22008] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.4322: Failed to acquire dquot type 0
[  294.729296][T22008] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4322: corrupted inode contents
[  294.741533][T22008] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #16: comm syz.6.4322: mark_inode_dirty error
[  294.762266][T22008] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4322: corrupted inode contents
[  294.776194][T22008] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.4322: mark_inode_dirty error
[  294.787763][T22008] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4322: corrupted inode contents
[  294.800805][T22008] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem
[  294.809457][T22008] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.4322: corrupted inode contents
[  294.822866][T22008] EXT4-fs error (device loop6): ext4_truncate:4666: inode #16: comm syz.6.4322: mark_inode_dirty error
[  294.835400][T22008] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem
[  294.844969][T22008] EXT4-fs (loop6): 1 truncate cleaned up
[  294.851145][T22008] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.865075][T22008] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.114761][T19500] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.266843][T22097] netlink: 'syz.6.4336': attribute type 10 has an invalid length.
[  295.276559][T22097] team0: Device ipvlan0 failed to register rx_handler
[  295.552239][T22138] netlink: 'syz.7.4351': attribute type 10 has an invalid length.
[  295.575737][T22138] team0: Device ipvlan0 failed to register rx_handler
[  295.696262][T22151] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.761260][T22151] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.867267][T22151] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.966809][T22151] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.987868][T22162] loop7: detected capacity change from 0 to 512
[  296.002553][T22162] EXT4-fs: Ignoring removed nobh option
[  296.012024][T22175] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4362'.
[  296.022553][T22175] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4362'.
[  296.039794][ T3601] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  296.064622][ T3596] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  296.073579][ T3596] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.082314][ T3596] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.090862][T22162] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.4357: corrupted inode contents
[  296.103150][T22162] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #3: comm syz.7.4357: mark_inode_dirty error
[  296.128485][T22162] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.4357: corrupted inode contents
[  296.150711][T22162] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #3: comm syz.7.4357: mark_inode_dirty error
[  296.175101][T22162] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4357: Failed to acquire dquot type 0
[  296.213954][T22162] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4357: corrupted inode contents
[  296.226447][T22162] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #16: comm syz.7.4357: mark_inode_dirty error
[  296.245340][T22209] nfs4: Bad value for 'source'
[  296.246374][T22162] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4357: corrupted inode contents
[  296.282808][T22162] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #16: comm syz.7.4357: mark_inode_dirty error
[  296.294496][T22162] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4357: corrupted inode contents
[  296.307112][T22162] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[  296.308093][T22212] wireguard0: entered promiscuous mode
[  296.317299][T22162] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4357: corrupted inode contents
[  296.321216][T22212] wireguard0: entered allmulticast mode
[  296.333239][T22162] EXT4-fs error (device loop7): ext4_truncate:4666: inode #16: comm syz.7.4357: mark_inode_dirty error
[  296.350139][T22162] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[  296.359692][T22162] EXT4-fs (loop7): 1 truncate cleaned up
[  296.365835][T22162] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.378691][T22162] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.711751][T20850] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.728854][T22234] nfs4: Bad value for 'source'
[  296.780610][T22242] veth1_macvtap: left promiscuous mode
[  296.786264][T22242] macsec0: entered allmulticast mode
[  296.846366][T22249] nfs4: Bad value for 'source'
[  296.916882][T22232] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4373'.
[  297.601976][   T29] kauditd_printk_skb: 682 callbacks suppressed
[  297.601987][   T29] audit: type=1400 audit(2000000198.537:27823): avc:  denied  { create } for  pid=22293 comm="syz.1.4385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  297.630316][   T29] audit: type=1400 audit(2000000198.557:27824): avc:  denied  { create } for  pid=22295 comm="syz.0.4386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  297.651233][   T29] audit: type=1400 audit(2000000198.557:27825): avc:  denied  { write } for  pid=22295 comm="syz.0.4386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  297.672170][   T29] audit: type=1400 audit(2000000198.557:27826): avc:  denied  { read } for  pid=22295 comm="syz.0.4386" dev="nsfs" ino=4026533485 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  297.693539][   T29] audit: type=1400 audit(2000000198.557:27827): avc:  denied  { open } for  pid=22295 comm="syz.0.4386" path="net:[4026533485]" dev="nsfs" ino=4026533485 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  297.717051][   T29] audit: type=1400 audit(2000000198.557:27828): avc:  denied  { execmem } for  pid=22295 comm="syz.0.4386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  297.774482][   T29] audit: type=1400 audit(2000000198.697:27829): avc:  denied  { create } for  pid=22297 comm="syz.6.4387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  297.794226][   T29] audit: type=1400 audit(2000000198.707:27830): avc:  denied  { bind } for  pid=22297 comm="syz.6.4387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  297.813933][   T29] audit: type=1400 audit(2000000198.707:27831): avc:  denied  { listen } for  pid=22297 comm="syz.6.4387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  297.833723][   T29] audit: type=1400 audit(2000000198.707:27832): avc:  denied  { write } for  pid=22297 comm="syz.6.4387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  298.005492][T22305] 9pnet_fd: Insufficient options for proto=fd
[  298.536604][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.544332][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.551921][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.559382][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.566835][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.574255][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.581667][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.589102][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.596551][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.604000][ T3411] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  298.748463][T22385] loop7: detected capacity change from 0 to 512
[  298.772377][ T3411] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  298.804454][T22378] FAULT_INJECTION: forcing a failure.
[  298.804454][T22378] name failslab, interval 1, probability 0, space 0, times 0
[  298.817245][T22378] CPU: 1 UID: 0 PID: 22378 Comm: syz.0.4399 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  298.817302][T22378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  298.817361][T22378] Call Trace:
[  298.817368][T22378]  <TASK>
[  298.817378][T22378]  __dump_stack+0x1d/0x30
[  298.817404][T22378]  dump_stack_lvl+0xe8/0x140
[  298.817427][T22378]  dump_stack+0x15/0x1b
[  298.817442][T22378]  should_fail_ex+0x265/0x280
[  298.817462][T22378]  ? call_usermodehelper_setup+0x72/0x190
[  298.817528][T22378]  should_failslab+0x8c/0xb0
[  298.817557][T22378]  ? __pfx_cleanup_uevent_env+0x10/0x10
[  298.817583][T22378]  __kmalloc_cache_noprof+0x4c/0x320
[  298.817668][T22378]  ? __pfx_cleanup_uevent_env+0x10/0x10
[  298.817693][T22378]  call_usermodehelper_setup+0x72/0x190
[  298.817774][T22378]  kobject_uevent_env+0x537/0x570
[  298.817860][T22378]  ? device_pm_check_callbacks+0x683/0x6a0
[  298.817921][T22378]  kobject_uevent+0x1d/0x30
[  298.817945][T22378]  device_del+0x710/0x790
[  298.817974][T22378]  device_destroy+0x66/0xa0
[  298.818003][T22378]  drop_ref+0xbf/0x1a0
[  298.818108][T22378]  hidraw_disconnect+0x39/0x50
[  298.818132][T22378]  hid_device_remove+0x158/0x210
[  298.818164][T22378]  ? __pfx_hid_device_remove+0x10/0x10
[  298.818199][T22378]  device_release_driver_internal+0x2be/0x4e0
[  298.818270][T22378]  device_release_driver+0x19/0x20
[  298.818294][T22378]  bus_remove_device+0x26d/0x290
[  298.818324][T22378]  device_del+0x36a/0x790
[  298.818351][T22378]  hid_destroy_device+0x54/0x120
[  298.818426][T22378]  uhid_dev_destroy+0x6a/0xb0
[  298.818448][T22378]  uhid_char_write+0x3aa/0x650
[  298.818470][T22378]  ? __pfx_uhid_char_write+0x10/0x10
[  298.818492][T22378]  vfs_write+0x266/0x960
[  298.818552][T22378]  ? __rcu_read_unlock+0x4f/0x70
[  298.818578][T22378]  ? __fget_files+0x184/0x1c0
[  298.818608][T22378]  ksys_write+0xda/0x1a0
[  298.818629][T22378]  __x64_sys_write+0x40/0x50
[  298.818649][T22378]  x64_sys_call+0x27fe/0x2ff0
[  298.818741][T22378]  do_syscall_64+0xd2/0x200
[  298.818770][T22378]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  298.818799][T22378]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  298.818896][T22378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.818916][T22378] RIP: 0033:0x7f724c02ebe9
[  298.818932][T22378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.818949][T22378] RSP: 002b:00007f724aa76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  298.818969][T22378] RAX: ffffffffffffffda RBX: 00007f724c256090 RCX: 00007f724c02ebe9
[  298.819058][T22378] RDX: 0000000000000004 RSI: 0000200000000340 RDI: 0000000000000003
[  298.819071][T22378] RBP: 00007f724aa76090 R08: 0000000000000000 R09: 0000000000000000
[  298.819083][T22378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.819095][T22378] R13: 00007f724c256128 R14: 00007f724c256090 R15: 00007ffc43baeb18
[  298.819113][T22378]  </TASK>
[  298.820883][T22385] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.182894][T22385] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  299.373902][T20850] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.797666][T22434] nfs4: Bad value for 'source'
[  299.937522][T22442] wireguard0: entered promiscuous mode
[  299.943048][T22442] wireguard0: entered allmulticast mode
[  300.094941][T22456] loop7: detected capacity change from 0 to 512
[  300.121722][T22456] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4412: bg 0: block 393: padding at end of block bitmap is not set
[  300.159266][T22456] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  300.168606][T22456] EXT4-fs (loop7): 2 truncates cleaned up
[  300.184553][T22456] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.311330][T22467] netlink: 'syz.0.4423': attribute type 10 has an invalid length.
[  300.713879][T22496] loop6: detected capacity change from 0 to 256
[  300.765545][T22501] netlink: 'syz.6.4430': attribute type 10 has an invalid length.
[  300.774298][T20850] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.775123][T22501] team0: Device ipvlan0 failed to register rx_handler
[  300.823515][T22505] loop7: detected capacity change from 0 to 512
[  300.838469][T22505] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  300.878000][T22505] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.927850][T22513] loop6: detected capacity change from 0 to 512
[  300.939378][T20850] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.948984][T22513] EXT4-fs: Ignoring removed mblk_io_submit option
[  300.957335][T22513] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  300.986329][T22513] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  301.013709][T22513] System zones: 1-12
[  301.024545][T22513] EXT4-fs (loop6): 1 truncate cleaned up
[  301.036566][T22513] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.230228][T19500] EXT4-fs error (device loop6): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /110/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  301.268402][T19500] EXT4-fs error (device loop6): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  301.294452][T22528] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4438'.
[  301.306334][T19500] EXT4-fs error (device loop6): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /110/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  301.330818][T22528] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4438'.
[  301.365322][T19500] EXT4-fs error (device loop6): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  301.409598][T19500] EXT4-fs error (device loop6): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /110/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  301.482274][T19500] EXT4-fs error (device loop6): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  301.602153][T19500] EXT4-fs error (device loop6): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /110/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  302.030670][T19500] EXT4-fs error (device loop6): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  302.068497][T22575] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4446'.
[  302.082965][T19500] EXT4-fs error (device loop6): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /110/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  302.134557][T19500] EXT4-fs error (device loop6): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  302.386355][T22594] nfs4: Bad value for 'source'
[  302.437367][T22551] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.449942][ T3601] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.522464][ T3601] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.591049][T22598] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4455'.
[  302.609883][T22598] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4455'.
[  302.610694][ T3601] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.631992][   T29] kauditd_printk_skb: 251 callbacks suppressed
[  302.632007][   T29] audit: type=1400 audit(2000000203.577:28084): avc:  denied  { sys_module } for  pid=22602 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  302.663414][   T29] audit: type=1400 audit(2000000203.597:28085): avc:  denied  { read } for  pid=22597 comm="syz.2.4455" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  302.686693][   T29] audit: type=1400 audit(2000000203.597:28086): avc:  denied  { open } for  pid=22597 comm="syz.2.4455" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  302.751608][ T3601] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.878198][ T3601] bridge_slave_1: left allmulticast mode
[  302.883897][ T3601] bridge_slave_1: left promiscuous mode
[  302.889582][ T3601] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.898555][ T3601] bridge_slave_0: left allmulticast mode
[  302.904379][ T3601] bridge_slave_0: left promiscuous mode
[  302.910058][ T3601] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.993829][   T29] audit: type=1326 audit(2000000203.927:28087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22641 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  303.017747][   T29] audit: type=1326 audit(2000000203.927:28088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22641 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  303.041724][   T29] audit: type=1326 audit(2000000203.927:28089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22641 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  303.065738][   T29] audit: type=1326 audit(2000000203.927:28090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22641 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  303.089536][   T29] audit: type=1326 audit(2000000203.927:28091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22641 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  303.149865][ T3601] 
 (unregistering): (slave bond_slave_0): Releasing backup interface
[  303.160516][   T29] audit: type=1326 audit(2000000204.057:28092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22641 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  303.184191][   T29] audit: type=1326 audit(2000000204.057:28093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22641 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  303.209766][ T3601] 
 (unregistering): (slave bond_slave_1): Releasing backup interface
[  303.232931][ T3601] 
 (unregistering): Released all slaves
[  303.277915][T22662] nfs4: Bad value for 'source'
[  303.296180][ T3601] tipc: Left network mode
[  303.330437][ T3601] hsr_slave_0: left promiscuous mode
[  303.337145][ T3601] hsr_slave_1: left promiscuous mode
[  303.343316][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  303.350759][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_0
[  303.358798][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  303.366362][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_1
[  303.377676][ T3601] veth1_macvtap: left promiscuous mode
[  303.383232][ T3601] veth0_macvtap: left promiscuous mode
[  303.388910][ T3601] veth1_vlan: left promiscuous mode
[  303.394375][ T3601] veth0_vlan: left promiscuous mode
[  303.415683][T22713] netlink: 'syz.0.4469': attribute type 10 has an invalid length.
[  303.468510][T22700] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4468'.
[  303.480359][T22700] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4468'.
[  303.491474][ T3601] team0 (unregistering): Port device team_slave_1 removed
[  303.502188][ T3601] team0 (unregistering): Port device team_slave_0 removed
[  303.556008][T22602] chnl_net:caif_netlink_parms(): no params data found
[  303.605891][T22602] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.613038][T22602] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.621659][T22602] bridge_slave_0: entered allmulticast mode
[  303.628561][T22602] bridge_slave_0: entered promiscuous mode
[  303.636002][T22602] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.643108][T22602] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.665200][T22602] bridge_slave_1: entered allmulticast mode
[  303.671813][T22602] bridge_slave_1: entered promiscuous mode
[  303.766340][T22602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.781949][T22602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.806934][T22602] team0: Port device team_slave_0 added
[  303.813654][T22602] team0: Port device team_slave_1 added
[  303.838425][T22602] batman_adv: batadv0: Adding interface: batadv_slave_0
[  303.845444][T22602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.871440][T22602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  304.452607][T22602] batman_adv: batadv0: Adding interface: batadv_slave_1
[  304.459667][T22602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.485709][T22602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.614014][T22602] hsr_slave_0: entered promiscuous mode
[  304.620660][T22602] hsr_slave_1: entered promiscuous mode
[  304.628217][T22602] debugfs: 'hsr0' already exists in 'hsr'
[  304.633961][T22602] Cannot create hsr debugfs directory
[  304.682141][T22936] nfs4: Bad value for 'source'
[  304.834790][T22602] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  304.845593][T22602] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  304.863186][T22602] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  304.886199][T22602] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  304.939175][T23039] nfs4: Bad value for 'source'
[  304.957317][T22602] 8021q: adding VLAN 0 to HW filter on device bond0
[  304.990541][T22602] 8021q: adding VLAN 0 to HW filter on device team0
[  304.996496][   T10] hid_parser_main: 22 callbacks suppressed
[  304.996514][   T10] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x4
[  305.001107][ T3601] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.002985][   T10] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x2
[  305.010669][ T3601] bridge0: port 1(bridge_slave_0) entered forwarding state
[  305.036777][   T10] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x3
[  305.043502][T22602] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  305.054988][T22602] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  305.066245][   T10] hid-generic 0000:3000000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  305.092441][ T3601] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.099569][ T3601] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.192870][T22602] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.418146][T22602] veth0_vlan: entered promiscuous mode
[  305.431125][T22602] veth1_vlan: entered promiscuous mode
[  305.453278][T22602] veth0_macvtap: entered promiscuous mode
[  305.461112][T22602] veth1_macvtap: entered promiscuous mode
[  305.479241][T22602] batman_adv: batadv0: Interface activated: batadv_slave_0
[  305.491435][T22602] batman_adv: batadv0: Interface activated: batadv_slave_1
[  305.502626][ T3605] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  305.517231][ T3605] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  305.533034][ T3605] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  305.556331][ T3601] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  306.346721][T23172] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4515'.
[  306.355783][T23172] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4515'.
[  306.984684][T23272] netlink: 'syz.2.4531': attribute type 10 has an invalid length.
[  307.027146][T23272] team0: Device ipvlan0 failed to register rx_handler
[  307.127629][T23275] loop7: detected capacity change from 0 to 512
[  307.168440][T23275] EXT4-fs: Ignoring removed nobh option
[  307.177128][T23269] loop8: detected capacity change from 0 to 512
[  307.196742][T23269] EXT4-fs: Ignoring removed nobh option
[  307.246131][T23269] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #3: comm syz.8.4530: corrupted inode contents
[  307.289575][T23275] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.4523: corrupted inode contents
[  307.304798][T23269] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #3: comm syz.8.4530: mark_inode_dirty error
[  307.325528][T23275] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #3: comm syz.7.4523: mark_inode_dirty error
[  307.369787][T23275] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.4523: corrupted inode contents
[  307.375141][T23269] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #3: comm syz.8.4530: corrupted inode contents
[  307.395439][T23275] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #3: comm syz.7.4523: mark_inode_dirty error
[  307.448183][T23275] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4523: Failed to acquire dquot type 0
[  307.457613][T23269] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.4530: mark_inode_dirty error
[  307.500822][T23275] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4523: corrupted inode contents
[  307.556477][T23269] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.4530: Failed to acquire dquot type 0
[  307.596695][T23275] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #16: comm syz.7.4523: mark_inode_dirty error
[  307.647205][T23269] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.4530: corrupted inode contents
[  307.659474][T23275] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4523: corrupted inode contents
[  307.692075][T23269] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #16: comm syz.8.4530: mark_inode_dirty error
[  307.697666][T23275] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #16: comm syz.7.4523: mark_inode_dirty error
[  307.738683][T23269] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.4530: corrupted inode contents
[  307.751169][T23275] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4523: corrupted inode contents
[  307.776188][T23275] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[  307.791434][T23269] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.4530: mark_inode_dirty error
[  307.802888][T23275] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4523: corrupted inode contents
[  307.827408][   T29] kauditd_printk_skb: 277 callbacks suppressed
[  307.827426][   T29] audit: type=1400 audit(2000000208.767:28367): avc:  denied  { map } for  pid=23303 comm="syz.0.4536" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=51989 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  307.858235][   T29] audit: type=1400 audit(2000000208.767:28368): avc:  denied  { read write } for  pid=23303 comm="syz.0.4536" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=51989 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  307.895931][T23269] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.4530: corrupted inode contents
[  307.904644][T23304] nfs4: Bad value for 'source'
[  307.917953][T23269] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[  307.927228][T23275] EXT4-fs error (device loop7): ext4_truncate:4666: inode #16: comm syz.7.4523: mark_inode_dirty error
[  307.957483][T23269] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.4530: corrupted inode contents
[  307.973613][   T29] audit: type=1400 audit(2000000208.847:28369): avc:  denied  { mounton } for  pid=23303 comm="syz.0.4536" path="/277/file0" dev="tmpfs" ino=1461 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  307.996726][   T29] audit: type=1400 audit(2000000208.867:28370): avc:  denied  { remount } for  pid=23303 comm="syz.0.4536" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  308.019834][T23275] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[  308.030574][T23269] EXT4-fs error (device loop8): ext4_truncate:4666: inode #16: comm syz.8.4530: mark_inode_dirty error
[  308.064233][   T29] audit: type=1400 audit(2000000208.967:28371): avc:  denied  { read } for  pid=23306 comm="syz.0.4537" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  308.087638][   T29] audit: type=1400 audit(2000000208.967:28372): avc:  denied  { open } for  pid=23306 comm="syz.0.4537" path="/dev/input/event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  308.112051][   T29] audit: type=1400 audit(2000000208.967:28373): avc:  denied  { ioctl } for  pid=23306 comm="syz.0.4537" path="/dev/input/event2" dev="devtmpfs" ino=245 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  308.115928][T23275] EXT4-fs (loop7): 1 truncate cleaned up
[  308.174129][T23269] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[  308.185711][T23275] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.211536][T23269] EXT4-fs (loop8): 1 truncate cleaned up
[  308.224743][T23269] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.261887][T23275] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.267930][T23269] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.325544][T23338] netlink: 'syz.2.4540': attribute type 10 has an invalid length.
[  308.355674][T23338] team0: Device ipvlan0 failed to register rx_handler
[  308.362825][   T29] audit: type=1400 audit(2000000209.197:28374): avc:  denied  { mount } for  pid=23211 comm="syz.7.4523" name="/" dev="loop7" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  308.384815][   T29] audit: type=1400 audit(2000000209.267:28375): avc:  denied  { write } for  pid=23337 comm="syz.0.4541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  308.404344][   T29] audit: type=1400 audit(2000000209.287:28376): avc:  denied  { sqpoll } for  pid=23342 comm="syz.0.4543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  308.535279][T22602] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.548683][T23355] FAULT_INJECTION: forcing a failure.
[  308.548683][T23355] name failslab, interval 1, probability 0, space 0, times 0
[  308.561446][T23355] CPU: 0 UID: 0 PID: 23355 Comm: syz.2.4545 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  308.561505][T23355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  308.561519][T23355] Call Trace:
[  308.561527][T23355]  <TASK>
[  308.561535][T23355]  __dump_stack+0x1d/0x30
[  308.561560][T23355]  dump_stack_lvl+0xe8/0x140
[  308.561581][T23355]  dump_stack+0x15/0x1b
[  308.561600][T23355]  should_fail_ex+0x265/0x280
[  308.561654][T23355]  should_failslab+0x8c/0xb0
[  308.561681][T23355]  __kmalloc_noprof+0xa5/0x3e0
[  308.561710][T23355]  ? copy_splice_read+0xc2/0x660
[  308.561747][T23355]  copy_splice_read+0xc2/0x660
[  308.561805][T23355]  ? __pfx_copy_splice_read+0x10/0x10
[  308.561845][T23355]  splice_direct_to_actor+0x26c/0x680
[  308.561868][T23355]  ? __pfx_direct_splice_actor+0x10/0x10
[  308.561919][T23355]  do_splice_direct+0xda/0x150
[  308.562058][T23355]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  308.562142][T23355]  do_sendfile+0x380/0x650
[  308.562231][T23355]  __x64_sys_sendfile64+0x105/0x150
[  308.562264][T23355]  x64_sys_call+0x2bb0/0x2ff0
[  308.562290][T23355]  do_syscall_64+0xd2/0x200
[  308.562383][T23355]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  308.562431][T23355]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  308.562469][T23355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.562493][T23355] RIP: 0033:0x7fdbb152ebe9
[  308.562560][T23355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.562652][T23355] RSP: 002b:00007fdbaff8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  308.562675][T23355] RAX: ffffffffffffffda RBX: 00007fdbb1755fa0 RCX: 00007fdbb152ebe9
[  308.562720][T23355] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000003
[  308.562734][T23355] RBP: 00007fdbaff8f090 R08: 0000000000000000 R09: 0000000000000000
[  308.562748][T23355] R10: 000000000000003b R11: 0000000000000246 R12: 0000000000000001
[  308.562763][T23355] R13: 00007fdbb1756038 R14: 00007fdbb1755fa0 R15: 00007ffd95a51d48
[  308.562783][T23355]  </TASK>
[  308.961669][T23374] nfs4: Bad value for 'source'
[  309.104737][T20850] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.181510][T23415] loop8: detected capacity change from 0 to 512
[  309.192655][T23417] netlink: 40 bytes leftover after parsing attributes in process `syz.7.4556'.
[  309.229437][T23415] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.274229][T23415] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  309.286401][T23423] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4553'.
[  309.456146][T23417] loop7: detected capacity change from 0 to 512
[  309.462907][T23417] EXT4-fs: Ignoring removed nobh option
[  309.486428][T22602] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.526837][T23417] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.4556: corrupted inode contents
[  309.600099][T23487] loop8: detected capacity change from 0 to 256
[  309.615621][T23417] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #3: comm syz.7.4556: mark_inode_dirty error
[  309.632301][T23493] nfs4: Bad value for 'source'
[  309.663080][T23494] serio: Serial port ptm0
[  309.672423][T23490] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  309.682648][T23490] FAT-fs (loop8): Filesystem has been set read-only
[  309.689731][T23491] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  309.714392][T23417] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.4556: corrupted inode contents
[  309.752064][T23417] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #3: comm syz.7.4556: mark_inode_dirty error
[  309.793820][T23417] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4556: Failed to acquire dquot type 0
[  309.848454][T23417] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4556: corrupted inode contents
[  309.895553][T23417] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #16: comm syz.7.4556: mark_inode_dirty error
[  309.922120][T23417] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4556: corrupted inode contents
[  309.955557][T23417] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #16: comm syz.7.4556: mark_inode_dirty error
[  309.972327][T23417] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4556: corrupted inode contents
[  310.026490][T23417] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[  310.050132][T23417] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.4556: corrupted inode contents
[  310.085442][T23417] EXT4-fs error (device loop7): ext4_truncate:4666: inode #16: comm syz.7.4556: mark_inode_dirty error
[  310.108215][T23518] loop8: detected capacity change from 0 to 512
[  310.114259][T23417] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[  310.134437][T23417] EXT4-fs (loop7): 1 truncate cleaned up
[  310.148271][T23417] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.154157][T23518] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.186835][T23417] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.256270][T23518] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  310.275214][T20850] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.332634][T22602] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.381112][T23535] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4576'.
[  310.393299][T23537] loop8: detected capacity change from 0 to 512
[  310.399718][T23535] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  310.409083][T23537] EXT4-fs: Ignoring removed mblk_io_submit option
[  310.434394][T23537] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  310.462260][T23537] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  310.491812][T23543] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4578'.
[  310.510060][T23537] System zones: 1-12
[  310.521142][T23537] EXT4-fs (loop8): 1 truncate cleaned up
[  310.529347][T23543] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  310.550816][T23537] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.664920][T23558] netlink: 'syz.1.4583': attribute type 10 has an invalid length.
[  310.666139][T23546] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4579'.
[  310.683996][T23558] team0: Device ipvlan0 failed to register rx_handler
[  310.717126][T23549] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4579'.
[  310.895824][T23589] netlink: 'syz.1.4586': attribute type 10 has an invalid length.
[  310.905478][T22602] EXT4-fs error (device loop8): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  310.915136][T23589] team0: Device ipvlan0 failed to register rx_handler
[  311.240076][T22602] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  311.422047][T22602] EXT4-fs error (device loop8): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  311.469293][T22602] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  311.506432][T23627] nfs4: Bad value for 'source'
[  311.508793][T22602] EXT4-fs error (device loop8): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  311.534276][T22602] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  311.590644][T22602] EXT4-fs error (device loop8): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  311.615536][T22602] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  311.636821][T22602] EXT4-fs error (device loop8): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /14/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  311.688106][T23634] nfs4: Bad value for 'source'
[  311.769260][T22602] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  311.802031][T23646] FAULT_INJECTION: forcing a failure.
[  311.802031][T23646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.815263][T23646] CPU: 0 UID: 0 PID: 23646 Comm: syz.1.4599 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  311.815294][T23646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.815307][T23646] Call Trace:
[  311.815314][T23646]  <TASK>
[  311.815376][T23646]  __dump_stack+0x1d/0x30
[  311.815434][T23646]  dump_stack_lvl+0xe8/0x140
[  311.815455][T23646]  dump_stack+0x15/0x1b
[  311.815523][T23646]  should_fail_ex+0x265/0x280
[  311.815548][T23646]  should_fail+0xb/0x20
[  311.815569][T23646]  should_fail_usercopy+0x1a/0x20
[  311.815593][T23646]  _copy_from_user+0x1c/0xb0
[  311.815706][T23646]  ___sys_sendmsg+0xc1/0x1d0
[  311.815737][T23646]  __x64_sys_sendmsg+0xd4/0x160
[  311.815762][T23646]  x64_sys_call+0x191e/0x2ff0
[  311.815785][T23646]  do_syscall_64+0xd2/0x200
[  311.815877][T23646]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  311.815962][T23646]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  311.815984][T23646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.816004][T23646] RIP: 0033:0x7f0b86d0ebe9
[  311.816061][T23646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.816128][T23647] FAULT_INJECTION: forcing a failure.
[  311.816128][T23647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.816152][T23646] RSP: 002b:00007f0b8576f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.816174][T23646] RAX: ffffffffffffffda RBX: 00007f0b86f35fa0 RCX: 00007f0b86d0ebe9
[  311.816187][T23646] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000006
[  311.816201][T23646] RBP: 00007f0b8576f090 R08: 0000000000000000 R09: 0000000000000000
[  311.816214][T23646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.816227][T23646] R13: 00007f0b86f36038 R14: 00007f0b86f35fa0 R15: 00007ffc18a70178
[  311.816282][T23646]  </TASK>
[  312.002997][T23647] CPU: 1 UID: 0 PID: 23647 Comm: syz.7.4600 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  312.003014][T23647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  312.003101][T23647] Call Trace:
[  312.003105][T23647]  <TASK>
[  312.003110][T23647]  __dump_stack+0x1d/0x30
[  312.003123][T23647]  dump_stack_lvl+0xe8/0x140
[  312.003182][T23647]  dump_stack+0x15/0x1b
[  312.003191][T23647]  should_fail_ex+0x265/0x280
[  312.003202][T23647]  should_fail+0xb/0x20
[  312.003211][T23647]  should_fail_usercopy+0x1a/0x20
[  312.003247][T23647]  _copy_from_user+0x1c/0xb0
[  312.003270][T23647]  do_handle_open+0x6d/0x6b0
[  312.003292][T23647]  __x64_sys_open_by_handle_at+0x44/0x50
[  312.003315][T23647]  x64_sys_call+0x279b/0x2ff0
[  312.003373][T23647]  do_syscall_64+0xd2/0x200
[  312.003386][T23647]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  312.003399][T23647]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  312.003411][T23647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.003426][T23647] RIP: 0033:0x7feb4402ebe9
[  312.003435][T23647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.003445][T23647] RSP: 002b:00007feb42a8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  312.003462][T23647] RAX: ffffffffffffffda RBX: 00007feb44255fa0 RCX: 00007feb4402ebe9
[  312.003474][T23647] RDX: 0000000000000000 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  312.003486][T23647] RBP: 00007feb42a8f090 R08: 0000000000000000 R09: 0000000000000000
[  312.003496][T23647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.003515][T23647] R13: 00007feb44256038 R14: 00007feb44255fa0 R15: 00007ffc57ebd878
[  312.003524][T23647]  </TASK>
[  312.217575][T23679] nfs4: Bad value for 'source'
[  312.395364][ T3601] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.482175][ T3601] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.525816][T23703] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4611'.
[  312.554313][T23703] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4611'.
[  312.588167][ T3601] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.661672][ T3601] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.764580][T23747] nfs4: Bad value for 'source'
[  312.798975][ T3601] bridge_slave_1: left allmulticast mode
[  312.804725][ T3601] bridge_slave_1: left promiscuous mode
[  312.810649][ T3601] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.844386][T23769] FAULT_INJECTION: forcing a failure.
[  312.844386][T23769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.857577][T23769] CPU: 1 UID: 0 PID: 23769 Comm: syz.1.4624 Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
[  312.857610][T23769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  312.857625][T23769] Call Trace:
[  312.857674][T23769]  <TASK>
[  312.857683][T23769]  __dump_stack+0x1d/0x30
[  312.857720][T23769]  dump_stack_lvl+0xe8/0x140
[  312.857739][T23769]  dump_stack+0x15/0x1b
[  312.857813][T23769]  should_fail_ex+0x265/0x280
[  312.857863][T23769]  should_fail+0xb/0x20
[  312.857884][T23769]  should_fail_usercopy+0x1a/0x20
[  312.857909][T23769]  _copy_from_user+0x1c/0xb0
[  312.858004][T23769]  ___sys_sendmsg+0xc1/0x1d0
[  312.858039][T23769]  __x64_sys_sendmsg+0xd4/0x160
[  312.858067][T23769]  x64_sys_call+0x191e/0x2ff0
[  312.858171][T23769]  do_syscall_64+0xd2/0x200
[  312.858203][T23769]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  312.858229][T23769]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  312.858256][T23769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.858280][T23769] RIP: 0033:0x7f0b86d0ebe9
[  312.858333][T23769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.858353][T23769] RSP: 002b:00007f0b8576f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.858445][T23769] RAX: ffffffffffffffda RBX: 00007f0b86f35fa0 RCX: 00007f0b86d0ebe9
[  312.858457][T23769] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  312.858470][T23769] RBP: 00007f0b8576f090 R08: 0000000000000000 R09: 0000000000000000
[  312.858482][T23769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.858495][T23769] R13: 00007f0b86f36038 R14: 00007f0b86f35fa0 R15: 00007ffc18a70178
[  312.858515][T23769]  </TASK>
[  312.859926][T22602] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.875118][   T29] kauditd_printk_skb: 245 callbacks suppressed
[  312.875134][   T29] audit: type=1400 audit(2000000213.817:28620): avc:  denied  { create } for  pid=23761 comm="syz.7.4622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  312.884455][ T3601] bridge_slave_0: left allmulticast mode
[  312.889758][T23771] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4622'.
[  312.893435][ T3601] bridge_slave_0: left promiscuous mode
[  312.899677][   T29] audit: type=1400 audit(2000000213.837:28621): avc:  denied  { write } for  pid=23761 comm="syz.7.4622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  312.902384][ T3601] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.907038][   T29] audit: type=1400 audit(2000000213.837:28622): avc:  denied  { ioctl } for  pid=23761 comm="syz.7.4622" path="socket:[54542]" dev="sockfs" ino=54542 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  312.965530][T23773] netlink: 'syz.2.4625': attribute type 10 has an invalid length.
[  313.151027][   T29] audit: type=1400 audit(2000000214.087:28623): avc:  denied  { create } for  pid=23770 comm="syz.2.4625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  313.253525][   T29] audit: type=1400 audit(2000000214.187:28624): avc:  denied  { read } for  pid=23782 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  313.275230][   T29] audit: type=1400 audit(2000000214.187:28625): avc:  denied  { open } for  pid=23782 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  313.303104][   T29] audit: type=1400 audit(2000000214.247:28626): avc:  denied  { mounton } for  pid=23782 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  313.325142][   T29] audit: type=1400 audit(2000000214.247:28627): avc:  denied  { module_request } for  pid=23782 comm="syz-executor" kmod="netdev-nr9" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  313.361027][   T29] audit: type=1400 audit(2000000214.297:28628): avc:  denied  { sys_module } for  pid=23782 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  313.383554][ T3601] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  313.402363][ T3601] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  313.413739][ T3601] bond0 (unregistering): Released all slaves
[  313.427246][T23771] bridge_slave_1: left allmulticast mode
[  313.432940][T23771] bridge_slave_1: left promiscuous mode
[  313.438713][T23771] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.466990][T23771] bridge_slave_0: left allmulticast mode
[  313.472682][T23771] bridge_slave_0: left promiscuous mode
[  313.478502][T23771] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.558265][T23773] team0: Device ipvlan0 failed to register rx_handler
[  313.615569][ T3601] hsr_slave_0: left promiscuous mode
[  313.622168][ T3601] hsr_slave_1: left promiscuous mode
[  313.645571][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  313.653178][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.670790][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.678255][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.693505][ T3601] veth1_macvtap: left promiscuous mode
[  313.699205][ T3601] veth0_macvtap: left promiscuous mode
[  313.705000][ T3601] veth1_vlan: left promiscuous mode
[  313.710310][ T3601] veth0_vlan: left promiscuous mode
[  313.768852][   T29] audit: type=1326 audit(2000000214.707:28629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23810 comm="syz.2.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbb152ebe9 code=0x7ffc0000
[  313.839399][ T3601] team0 (unregistering): Port device team_slave_1 removed
[  313.853189][ T3601] team0 (unregistering): Port device team_slave_0 removed
[  313.897535][T23811] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4631'.
[  313.909387][T23811] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4631'.
[  314.049411][T23894] nfs4: Bad value for 'source'
[  314.053364][T23782] chnl_net:caif_netlink_parms(): no params data found
[  314.078582][    T2] ==================================================================
[  314.086701][    T2] BUG: KCSAN: data-race in memcpy_and_pad / release_task
[  314.093763][    T2] 
[  314.096102][    T2] write to 0xffff888100211638 of 8 bytes by task 23978 on cpu 1:
[  314.103830][    T2]  release_task+0x779/0xb60
[  314.108361][    T2]  do_exit+0xd81/0x15c0
[  314.112542][    T2]  call_usermodehelper_exec_async+0x247/0x250
[  314.118721][    T2]  ret_from_fork+0xda/0x150
[  314.123237][    T2]  ret_from_fork_asm+0x1a/0x30
[  314.128015][    T2] 
[  314.130345][    T2] read to 0xffff888100211080 of 3264 bytes by task 2 on cpu 0:
[  314.137891][    T2]  memcpy_and_pad+0x48/0x80
[  314.142398][    T2]  arch_dup_task_struct+0x2c/0x40
[  314.147425][    T2]  dup_task_struct+0x83/0x6a0
[  314.152109][    T2]  copy_process+0x399/0x2000
[  314.156707][    T2]  kernel_clone+0x16c/0x5c0
[  314.161217][    T2]  kernel_thread+0xac/0xe0
[  314.165645][    T2]  kthreadd+0x28d/0x360
[  314.169800][    T2]  ret_from_fork+0xda/0x150
[  314.174306][    T2]  ret_from_fork_asm+0x1a/0x30
[  314.179111][    T2] 
[  314.181432][    T2] Reported by Kernel Concurrency Sanitizer on:
[  314.187578][    T2] CPU: 0 UID: 0 PID: 2 Comm: kthreadd Not tainted 6.17.0-rc1-syzkaller-00211-g90d970cade8e #0 PREEMPT(voluntary) 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  314.199562][    T2] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  314.209623][    T2] ==================================================================
[  314.313066][T23782] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg1": -EINTR
[  314.640387][ T3601] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.746245][ T3601] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.815435][ T3601] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.875237][ T3601] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.927413][ T3601] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.965558][ T3601] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.015425][ T3601] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.085524][ T3601] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.157276][ T3601] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.215378][ T3601] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.266629][ T3601] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.325117][ T3601] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.386034][ T3601] bridge_slave_1: left allmulticast mode
[  315.391816][ T3601] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.399437][ T3601] bridge_slave_0: left allmulticast mode
[  315.405177][ T3601] bridge_slave_0: left promiscuous mode
[  315.410815][ T3601] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.418777][ T3601] macvlan2: left promiscuous mode
[  315.423790][ T3601] bond0: left promiscuous mode
[  315.428852][ T3601] bridge0: port 3(macvlan2) entered disabled state
[  315.436047][ T3601] bridge_slave_1: left allmulticast mode
[  315.441661][ T3601] bridge_slave_1: left promiscuous mode
[  315.447279][ T3601] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.455353][ T3601] bridge_slave_0: left allmulticast mode
[  315.460995][ T3601] bridge_slave_0: left promiscuous mode
[  315.466704][ T3601] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.475103][ T3601] bridge_slave_1: left allmulticast mode
[  315.480851][ T3601] bridge_slave_1: left promiscuous mode
[  315.486521][ T3601] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.493949][ T3601] bridge_slave_0: left allmulticast mode
[  315.499592][ T3601] bridge_slave_0: left promiscuous mode
[  315.505257][ T3601] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.515977][ T3601] bond_slave_0: left promiscuous mode
[  315.521361][ T3601] bond_slave_1: left promiscuous mode
[  315.636723][ T3601]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.646115][ T3601]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.655401][ T3601]  (unregistering): (slave dummy0): Releasing backup interface
[  315.663829][ T3601]  (unregistering): Released all slaves
[  315.679851][ T3601] erspan0 (unregistering): left promiscuous mode
[  315.692199][ T3601] bridge0 (unregistering): left promiscuous mode
[  315.735217][ T3601] bond0 (unregistering): left allmulticast mode
[  315.741487][ T3601] bond_slave_0: left allmulticast mode
[  315.747044][ T3601] bond_slave_1: left allmulticast mode
[  315.755338][ T3601] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.764989][ T3601] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.774100][ T3601] bond0 (unregistering): Released all slaves
[  315.826928][ T3601] bond0 (unregistering): Released all slaves
[  315.855675][ T3601] dvmrp0 (unregistering): left allmulticast mode
[  315.896326][ T3601] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.906177][ T3601] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.915562][ T3601] bond0 (unregistering): Released all slaves
[  316.015651][ T3601] hsr_slave_0: left promiscuous mode
[  316.021261][ T3601] hsr_slave_1: left promiscuous mode
[  316.026951][ T3601] batadv_slave_1: left promiscuous mode
[  316.034006][ T3601] hsr_slave_0: left promiscuous mode
[  316.039608][ T3601] hsr_slave_1: left promiscuous mode
[  316.046043][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  316.053492][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_0
[  316.060998][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  316.068394][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_1
[  316.077222][ T3601] hsr_slave_0: left promiscuous mode
[  316.082875][ T3601] hsr_slave_1: left promiscuous mode
[  316.088438][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  316.096003][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_0
[  316.103382][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  316.110762][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_1
[  316.123285][ T3601] veth0_macvtap: left promiscuous mode
[  316.129019][ T3601] veth1_vlan: left promiscuous mode
[  316.134244][ T3601] veth0_vlan: left promiscuous mode
[  316.139918][ T3601] veth1_macvtap: left promiscuous mode
[  316.145502][ T3601] veth0_macvtap: left promiscuous mode
[  316.150990][ T3601] veth1_vlan: left promiscuous mode
[  316.156466][ T3601] veth0_vlan: left promiscuous mode
[  316.162078][ T3601] veth1_macvtap: left promiscuous mode
[  316.167564][ T3601] veth0_macvtap: left promiscuous mode
[  316.173096][ T3601] veth1_vlan: left promiscuous mode
[  316.178311][ T3601] veth0_vlan: left promiscuous mode
[  316.279330][ T3601] team0 (unregistering): Port device team_slave_1 removed
[  316.289032][ T3601] team0 (unregistering): Port device team_slave_0 removed
[  316.331721][ T3601] team0 (unregistering): Port device team_slave_1 removed
[  316.340995][ T3601] team0 (unregistering): Port device team_slave_0 removed
[  317.147165][ T3601] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.206610][ T3601] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.266645][ T3601] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.316238][ T3601] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.402726][ T3601] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  317.412416][ T3601] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  317.421840][ T3601] bond0 (unregistering): Released all slaves
[  317.467524][ T3601] hsr_slave_0: left promiscuous mode
[  317.473080][ T3601] hsr_slave_1: left promiscuous mode
[  317.478623][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.486024][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_0
[  317.493380][ T3601] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.500889][ T3601] batman_adv: batadv0: Removing interface: batadv_slave_1
[  317.510408][ T3601] veth0_macvtap: left promiscuous mode
[  317.515960][ T3601] veth1_vlan: left promiscuous mode
[  317.521144][ T3601] veth0_vlan: left promiscuous mode
[  317.569517][ T3601] team0 (unregistering): Port device team_slave_1 removed
[  317.578505][ T3601] team0 (unregistering): Port device team_slave_0 removed
[  317.845578][ T3601] IPVS: stop unused estimator thread 0...