last executing test programs:

2m34.412861371s ago: executing program 3 (id=75):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000180), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
write$cgroup_devices(r7, 0x0, 0xffdd)
fsmount(r0, 0x1, 0x0)
open(&(0x7f0000000300)='.\x02\x00', 0x14927e, 0x44)

2m26.162253168s ago: executing program 3 (id=88):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c5"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r7, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
connect$802154_dgram(r7, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

2m22.813100566s ago: executing program 3 (id=91):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c5000000050000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r7, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
bind$802154_dgram(r7, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r7, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

2m12.657518631s ago: executing program 3 (id=106):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
socket$inet_smc(0x2b, 0x1, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x3e)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
rt_sigprocmask(0x2, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x48)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYRES8], 0x40}}, 0xc800)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000008d07e488c07741bb800425bac14a307ba86e785c3d41ced24dad93d2cb74c6328b66202b3b23e67c5fec6d13911fa5ce37801be8b4cfe0f734f1c06e5673f440c2365cbe04b8505201", @ANYRES16=r3, @ANYBLOB="270e000000000000000004070200"], 0x14}, 0x1, 0x40030000000000, 0x0, 0x20008044}, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYRESDEC=r2, @ANYRES16=r3, @ANYBLOB="000826bd7000fcdbdf250200000014000200776c616e3000"/34, @ANYBLOB="0b54cb03c2110e6f8aafbb6c4587e7cadc3ad4dc815a1967a3c6555c41e91b335efe5779b35b9b721e837901dc494c3eac3c618d41a22ab2f88d1ecd85b1e40e239bccdfad36d092816c9fb19b7dacf42c8c484a7f61a4a409122d7997873b88da607d0de2e4236402a22b5406b6f0c1"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)

2m7.80873853s ago: executing program 3 (id=111):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r7, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
bind$802154_dgram(r7, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r7, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

2m5.915671787s ago: executing program 3 (id=114):
socket$packet(0x11, 0x3, 0x300)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
unshare(0x26020480)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_JOIN_FILTERS(r4, 0x65, 0x6, 0x0, 0x0)
sched_setaffinity(0xffffffffffffffff, 0x8, &(0x7f00000007c0)=0xeb)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZrk6Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtK03U227TabZn8/OJlzzszs/5wNMztnZpgJYGC9FxHXIuJxmqbnI2Isq89lKbZbqbHco4d35xopiTS98c8kkqxu57OSbHoqW+1kRHztyxHfTJ6PW9vcWp6tVMrrWblUX1kr1Ta3LiytzC6WF8ur09NTl2euzFyamexJP09HxNUv/vUH3/3Zl67+6jO3/3Tz7+e+1WjWaDZ/bz9eUH6/ma2uF5rfxd4V1l8y2FGUb/YwM9xuiaHnau695jYBANBe4xj/gxHxyYg4H2MxtP/hLAAAAPAGSj8/Gv9LItL2TnSoBwAAAN4gueY9sEmuGBEjzXwuVyy27uH9cIzkKtVa/dML1Y3V+da9suNRyC0sVcqT2b3C41FIGuWpZv5J+eIz5emIeDsivj823CwX56qV+X6f/AAAAIABcWrP+D8XEf8Za43/AQAAgGNmvN8NAAAAAF47438AAAA4/oz/AQAA4Fj7yvXrjZTuvP96/tbmxnL11oX5cm25uLIxV5yrrq8VF6vVxeYz+1YO+rxKtbr22VjduFOql2v1Um1z6+ZKdWO1fnPpqVdgAwAAAIfo7Y/f/0MSEdufG26mhhPdrdrlYsBRld/NJdm0zWb9x7da078cUqOAQzHU7wYAfZPvdwOAvin0uwFA3yUHzO94885vs+knetseAACg9yY+2vn6f27fNbf3nw0ceTZiGFyu/8Pgal7/7/ZOXgcLcKwUHAHAwHvl6/8HStMXahAAANBzo82U5IrZ6b3RyOWKxYjTzdcCFJKFpUp5MiLeiojfjxU+0ChPNddMDhwzAAAAAAAAAAAAAAAAAAAAAAAAAAAtaZpECgAAABxrEbm/Jb9uPct/Yuzs6LPnB04k/x2L7BWht39844d3Zuv19alG/b926+s/yuov9uMMBgAAAAyEF3qB/844fWccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99Ojh3bmddJhx//GFiBhvFz8fJ5vTk1GIiJF/J5Hfs14SEUM9iD/c+PORdvGTRrN2Q7aLP9yD+Nv39o0f49m30C7+qR7Eh0F2v7H/udZu+8vFe81p++0vH/FU+WV13v/F7v5vqMP2f7rLGO88+EWpY/x7Ee/k2+9/duInHeKf6TL+N76+tdVpXvqTiIm2vz/JU7FK9ZW1Um1z68LSyuxiebG8Oj09dXnmysylmcnSwlKlnP1tG+N7H/vl4/36P9Ih/vgB/T/bZf///+DOww+1soV28c+daRP/Nz/Nlng+fi777ftUlm/Mn9jJb7fye73789+9u1//5zv0/6D//7ku+3/+q9/5c5eLAgCHoLa5tTxbqZTXj22mMUo/As2QOYKZb/f0A9M0TRvb1Ct8ThJH4WtpZvq9ZwIAAHrtyUF/v1sCAAAAAAAAAAAAAAAAAAAAg+swHif2bMzt3VzSi0doAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xPsBAAD//wdy2V0=")

1m48.950829769s ago: executing program 32 (id=114):
socket$packet(0x11, 0x3, 0x300)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
unshare(0x26020480)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_JOIN_FILTERS(r4, 0x65, 0x6, 0x0, 0x0)
sched_setaffinity(0xffffffffffffffff, 0x8, &(0x7f00000007c0)=0xeb)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZrk6Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtK03U227TabZn8/OJlzzszs/5wNMztnZpgJYGC9FxHXIuJxmqbnI2Isq89lKbZbqbHco4d35xopiTS98c8kkqxu57OSbHoqW+1kRHztyxHfTJ6PW9vcWp6tVMrrWblUX1kr1Ta3LiytzC6WF8ur09NTl2euzFyamexJP09HxNUv/vUH3/3Zl67+6jO3/3Tz7+e+1WjWaDZ/bz9eUH6/ma2uF5rfxd4V1l8y2FGUb/YwM9xuiaHnau695jYBANBe4xj/gxHxyYg4H2MxtP/hLAAAAPAGSj8/Gv9LItL2TnSoBwAAAN4gueY9sEmuGBEjzXwuVyy27uH9cIzkKtVa/dML1Y3V+da9suNRyC0sVcqT2b3C41FIGuWpZv5J+eIz5emIeDsivj823CwX56qV+X6f/AAAAIABcWrP+D8XEf8Za43/AQAAgGNmvN8NAAAAAF47438AAAA4/oz/AQAA4Fj7yvXrjZTuvP96/tbmxnL11oX5cm25uLIxV5yrrq8VF6vVxeYz+1YO+rxKtbr22VjduFOql2v1Um1z6+ZKdWO1fnPpqVdgAwAAAIfo7Y/f/0MSEdufG26mhhPdrdrlYsBRld/NJdm0zWb9x7da078cUqOAQzHU7wYAfZPvdwOAvin0uwFA3yUHzO94885vs+knetseAACg9yY+2vn6f27fNbf3nw0ceTZiGFyu/8Pgal7/7/ZOXgcLcKwUHAHAwHvl6/8HStMXahAAANBzo82U5IrZ6b3RyOWKxYjTzdcCFJKFpUp5MiLeiojfjxU+0ChPNddMDhwzAAAAAAAAAAAAAAAAAAAAAAAAAAAtaZpECgAAABxrEbm/Jb9uPct/Yuzs6LPnB04k/x2L7BWht39844d3Zuv19alG/b926+s/yuov9uMMBgAAAAyEF3qB/844fWccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99Ojh3bmddJhx//GFiBhvFz8fJ5vTk1GIiJF/J5Hfs14SEUM9iD/c+PORdvGTRrN2Q7aLP9yD+Nv39o0f49m30C7+qR7Eh0F2v7H/udZu+8vFe81p++0vH/FU+WV13v/F7v5vqMP2f7rLGO88+EWpY/x7Ee/k2+9/duInHeKf6TL+N76+tdVpXvqTiIm2vz/JU7FK9ZW1Um1z68LSyuxiebG8Oj09dXnmysylmcnSwlKlnP1tG+N7H/vl4/36P9Ih/vgB/T/bZf///+DOww+1soV28c+daRP/Nz/Nlng+fi777ftUlm/Mn9jJb7fye73789+9u1//5zv0/6D//7ku+3/+q9/5c5eLAgCHoLa5tTxbqZTXj22mMUo/As2QOYKZb/f0A9M0TRvb1Ct8ThJH4WtpZvq9ZwIAAHrtyUF/v1sCAAAAAAAAAAAAAAAAAAAAg+swHif2bMzt3VzSi0doAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xPsBAAD//wdy2V0=")

20.548939158s ago: executing program 1 (id=275):
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000911700000000000000000000000000000000d95853e46b000000000000913cf8b2c2f28ff414d8537e07682ec840a5775917042e57993d01baf117e7a000fb21cadea5"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = open(&(0x7f0000000340)='./file0\x00', 0x206303, 0x105)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x19, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000d8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f00000001c0), 0xffffffffffffffff)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{}, &(0x7f0000000080), &(0x7f0000000100)='%pB    \x00'}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r8}, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_PHY(r9, 0x0, 0x5)
userfaultfd(0x80801)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000060006000300000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)

20.222891662s ago: executing program 0 (id=278):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r7, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
bind$802154_dgram(r7, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r7, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

18.118468522s ago: executing program 1 (id=280):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={r1, 0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000040)='{(:\x00'}, 0x30)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB='ya\x00?\b\x00\x00\x00\x00\x00~'], 0x1c}}, 0x4000054)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x28, r8, 0x1, 0x4, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)

16.797965581s ago: executing program 1 (id=281):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x2, 0x6e, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)

16.036052942s ago: executing program 5 (id=284):
socket$packet(0x11, 0x3, 0x300)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
unshare(0x26020480)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_JOIN_FILTERS(r5, 0x65, 0x6, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZrk6Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtK03U227TabZn8/OJlzzszs/5wNMztnZpgJYGC9FxHXIuJxmqbnI2Isq89lKbZbqbHco4d35xopiTS98c8kkqxu57OSbHoqW+1kRHztyxHfTJ6PW9vcWp6tVMrrWblUX1kr1Ta3LiytzC6WF8ur09NTl2euzFyamexJP09HxNUv/vUH3/3Zl67+6jO3/3Tz7+e+1WjWaDZ/bz9eUH6/ma2uF5rfxd4V1l8y2FGUb/YwM9xuiaHnau695jYBANBe4xj/gxHxyYg4H2MxtP/hLAAAAPAGSj8/Gv9LItL2TnSoBwAAAN4gueY9sEmuGBEjzXwuVyy27uH9cIzkKtVa/dML1Y3V+da9suNRyC0sVcqT2b3C41FIGuWpZv5J+eIz5emIeDsivj823CwX56qV+X6f/AAAAIABcWrP+D8XEf8Za43/AQAAgGNmvN8NAAAAAF47438AAAA4/oz/AQAA4Fj7yvXrjZTuvP96/tbmxnL11oX5cm25uLIxV5yrrq8VF6vVxeYz+1YO+rxKtbr22VjduFOql2v1Um1z6+ZKdWO1fnPpqVdgAwAAAIfo7Y/f/0MSEdufG26mhhPdrdrlYsBRld/NJdm0zWb9x7da078cUqOAQzHU7wYAfZPvdwOAvin0uwFA3yUHzO94885vs+knetseAACg9yY+2vn6f27fNbf3nw0ceTZiGFyu/8Pgal7/7/ZOXgcLcKwUHAHAwHvl6/8HStMXahAAANBzo82U5IrZ6b3RyOWKxYjTzdcCFJKFpUp5MiLeiojfjxU+0ChPNddMDhwzAAAAAAAAAAAAAAAAAAAAAAAAAAAtaZpECgAAABxrEbm/Jb9uPct/Yuzs6LPnB04k/x2L7BWht39844d3Zuv19alG/b926+s/yuov9uMMBgAAAAyEF3qB/844fWccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99Ojh3bmddJhx//GFiBhvFz8fJ5vTk1GIiJF/J5Hfs14SEUM9iD/c+PORdvGTRrN2Q7aLP9yD+Nv39o0f49m30C7+qR7Eh0F2v7H/udZu+8vFe81p++0vH/FU+WV13v/F7v5vqMP2f7rLGO88+EWpY/x7Ee/k2+9/duInHeKf6TL+N76+tdVpXvqTiIm2vz/JU7FK9ZW1Um1z68LSyuxiebG8Oj09dXnmysylmcnSwlKlnP1tG+N7H/vl4/36P9Ih/vgB/T/bZf///+DOww+1soV28c+daRP/Nz/Nlng+fi777ftUlm/Mn9jJb7fye73789+9u1//5zv0/6D//7ku+3/+q9/5c5eLAgCHoLa5tTxbqZTXj22mMUo/As2QOYKZb/f0A9M0TRvb1Ct8ThJH4WtpZvq9ZwIAAHrtyUF/v1sCAAAAAAAAAAAAAAAAAAAAg+swHif2bMzt3VzSi0doAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xPsBAAD//wdy2V0=")

13.906034382s ago: executing program 1 (id=285):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000005c0)=ANY=[], 0xff2e)
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4000001, 0x4, 0x5, 0x0, "00000100"})
r1 = syz_open_pts(r0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
setxattr$security_capability(&(0x7f0000000300)='./bus\x00', &(0x7f0000000380), 0x0, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4a0470c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x58e, &(0x7f0000000180)={[{@errors_remount}, {@usrquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6e}}, {@block_validity}, {@resgid}, {@quota}]}, 0x1, 0x454, &(0x7f0000000c00)="$eJzs289vFFUcAPDvzLZA+WFXxB/8UKtobPzR0oLKwYtGEy8mJl7wWNtCkIUaWhMhRNAYPBoS78ajiX+BJ70Y9WTiVe+GhBguoqc1sztDt8tuaZdtB9nPJ5n2vZk3ee+7b97um3m7AQyssexPErEzIn6PiNFmdmWBsea/G9cvzP5z/cJsEvX6O38ljXJ/X78wWxQtztuRZ8bTiPSzJPZ3qHfx3PlTM7Xa/Nk8P7l0+oPJxXPnXzh5eubE/In5M9NHjx45PPXyS9Mv9iXO+7O27vt44cDeN9+98tbssSvv/fxtpYi/LY4+GVvt4NP1ep+rK9eulnQyVGJDWJdsDGTdNdwY/6NRieXOG403Pi21ccCGque6HL5UB+5hSZTdAqAcxQd9dv9bbJs3+yjftVebN0BZ3DfyrXlkKNK8zHDb/W0/jUXEsUv/fpVtsTHPIQAAVvg+m/8832n+l8ZDLeXuy9eGqvlayu6IeCAi9kTEgxGNsg9HxCPrrL99keTW+U96tafA1iib/72Sr22tnP8Vs7+oVvLcrkb8w8nxk7X5Q/lrMh7DW7P81Cp1/PD6b190O9Y6/8u2rP5iLpi34+rQ1pXnzM0szdxJzK2ufRKxb6hT/MnNlYAkIvZGxL4e6zj57DcHuh27ffyr6MM6U/3riGea/X8p2uIvJKuvT05ui9r8ocniqrjVL79efrtb/XcUfx9k/b+94/V/M/5q0rpeu7j+Oi7/8XnXe5qJnq7/5R1b8v8fzSwtnZ2K2JKcaDa6df/08rlFviifxT9+sPP43x3Lr8T+iMgu4kcj4rGIeDzvuyci4smIONgWV+v99U+vPfV+t/jvhv6fa+v/atQvthRp6//lxJZo39M5UTn143crKq2uJ/6s/480UuP5nrW8/62lXb1dzQAAAPD/k0bEzkjSiZvpkXRiovkd/j2xPa0tLC49d3zhwzNzzd8IVGM4LZ50jbY8D53Kb+uL/HRb/nD+3PjLykgjPzG7UJsrO3gYcDtuGf9pY/xn/qyU3Tpgw/m9FgyulvGflNkOYPP5/IfBZfzD4Oow/kfKaAew+Tp9/l8soR3A5msb/5b9YIC4/4fBZfzD4God/74AAANjcSRu/yP5Tolt0ctZEvdMItK7ohn9SSQ9joK1JnaWHeD6E2W/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTHfwEAAP//fQ3xRw==")
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000001100))

13.448639189s ago: executing program 5 (id=286):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000080)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005", @ANYBLOB='\x00\x00\x00\x00\x00'], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000000c0)={<r4=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x3b, r4})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0)
r5 = socket(0xa, 0x1, 0x0)
ioctl(r5, 0x8916, &(0x7f0000000000))
ioctl(r5, 0x8936, &(0x7f0000000000))
socket$netlink(0x10, 0x3, 0x8000000004)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

11.136267732s ago: executing program 5 (id=288):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000000000)=@chain)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000001140)={[{@grpquota}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@uid_lt}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@fsname={'fsname', 0x3d, '@@'}}, {@hash}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@uid_lt}, {@smackfsdef}, {@context={'context', 0x3d, 'system_u'}}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}]}, 0x1, 0x569, &(0x7f0000000800)="$eJzs3c9rHFUcAPDvbDb9kVaTQikqIoEerNZumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC+Jd7x6L/4B/RUELRUrQg5fIbGbTbbObbNK0m3Y/H5jw3vzY974z817e7NtlA+hbo9mfQsTLEfFtEjEcEUm+rRj5xtHV/ZbvX53KliRWVj77O2nsl+Wbr9U87kCeeSkifv864nhhfbm1xaXZcqWSzuf5sfrcpbHa4tKJC3PlmXQmvTgxOXnqncmJ9997d8difePsvz98evujU98cXf7+17uHbiZxOg7m21rj2Ehx483XWjOjMZqfk8E4/ciO41up+DMg6XUF2JaB/J4ejKwPGI6Bze5w4LnxVUSsAH0q0f6hTzXHAc1n+26fg58X9z5cfQBaH39x9b2R2Nd4NhpaTh56Msqed0d2oPysjN/+unUzW2IL70MAPK5r1yPiZLG4vv9L8v5v+052sc+jZej/4Om5nY1/3mo3/imsjX+izfjnQJu2ux2bt//C3R0opqNs/PdB2/Hv2qTVyECee6Ex5htMzl+opFnf9mJEHIvBvVl+o/mcU8t3Vjptax3/ZUtWfnMsmNfjbnHvw8dMl+vlx4m51b3rEa+0Hf8ma9c/aXP9s/NxtssyjqS3Xuu0bfP4n6yVnyNeb3v9H8xoJRvPT4417oex5l2x3j83jvzRqfxex59d/6GN4x9JWudra51fa7jD+p/2/Zd2OiaPf+jNLP7o/v7fk3zeSO/J110p1+vz4xF7kk/Wr594cGwz39w/i//Y0Y37v3b3//6I+KLzqXjIjcO/vLpJ/D29/tNbuv5bT9z5+MsfO5XfXf/3diN1LF/TTf/XbQUf59wBAAAAAADAblOIiIORFEpr6UKhVFr9fMfhGCpUqrX68fPVhYvT0fiu7EgMFpoz3cMtn4cYzz8P28xPPJKfjIhDEfHdwP5GvjRVrUz3OngAAAAAAAAAAAAAAAAAAADYJQ50+P5/5s+BXtcOeOL85Df0r03b/0780hOwK/n/D/1L+4f+pf1D/9L+oX9p/9C/tH/oX9o/9C/tHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHbU2TNnsmVl+f7VqSw/fXlxYbZ6+cR0WpstzS1Mlaaq85dKM9XqTCUtTVXnNnu9SrV6aXwiFq6M1dNafay2uHRurrpwsX7uwlx5Jj2XDj6VqAAAAAAAAAAAAAAAAAAAAODZUltcmi1XKum8hMS2EsXdUY0dSOzL28RuqU9vEz3umAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgxf8BAAD//zqCM0E=")
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000640)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

11.105795222s ago: executing program 2 (id=289):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)
fallocate(r2, 0x8, 0x4000, 0x4000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
r6 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000081ab09c9f7f6d9ca261e252a996890"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)={0x3c, 0x0, 0x100, 0x70bd28, 0x25dfdbfa, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x16}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8006}, 0x0)

11.104528202s ago: executing program 1 (id=290):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000000000)=@chain)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000001140)={[{@grpquota}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@uid_lt}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@fsname={'fsname', 0x3d, '@@'}}, {@hash}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@uid_lt}, {@smackfsdef}, {@context={'context', 0x3d, 'system_u'}}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}]}, 0x1, 0x569, &(0x7f0000000800)="$eJzs3c9rHFUcAPDvbDb9kVaTQikqIoEerNZumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC+Jd7x6L/4B/RUELRUrQg5fIbGbTbbObbNK0m3Y/H5jw3vzY974z817e7NtlA+hbo9mfQsTLEfFtEjEcEUm+rRj5xtHV/ZbvX53KliRWVj77O2nsl+Wbr9U87kCeeSkifv864nhhfbm1xaXZcqWSzuf5sfrcpbHa4tKJC3PlmXQmvTgxOXnqncmJ9997d8difePsvz98evujU98cXf7+17uHbiZxOg7m21rj2Ehx483XWjOjMZqfk8E4/ciO41up+DMg6XUF2JaB/J4ejKwPGI6Bze5w4LnxVUSsAH0q0f6hTzXHAc1n+26fg58X9z5cfQBaH39x9b2R2Nd4NhpaTh56Msqed0d2oPysjN/+unUzW2IL70MAPK5r1yPiZLG4vv9L8v5v+052sc+jZej/4Om5nY1/3mo3/imsjX+izfjnQJu2ux2bt//C3R0opqNs/PdB2/Hv2qTVyECee6Ex5htMzl+opFnf9mJEHIvBvVl+o/mcU8t3Vjptax3/ZUtWfnMsmNfjbnHvw8dMl+vlx4m51b3rEa+0Hf8ma9c/aXP9s/NxtssyjqS3Xuu0bfP4n6yVnyNeb3v9H8xoJRvPT4417oex5l2x3j83jvzRqfxex59d/6GN4x9JWudra51fa7jD+p/2/Zd2OiaPf+jNLP7o/v7fk3zeSO/J110p1+vz4xF7kk/Wr594cGwz39w/i//Y0Y37v3b3//6I+KLzqXjIjcO/vLpJ/D29/tNbuv5bT9z5+MsfO5XfXf/3diN1LF/TTf/XbQUf59wBAAAAAADAblOIiIORFEpr6UKhVFr9fMfhGCpUqrX68fPVhYvT0fiu7EgMFpoz3cMtn4cYzz8P28xPPJKfjIhDEfHdwP5GvjRVrUz3OngAAAAAAAAAAAAAAAAAAADYJQ50+P5/5s+BXtcOeOL85Df0r03b/0780hOwK/n/D/1L+4f+pf1D/9L+oX9p/9C/tH/oX9o/9C/tHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHbU2TNnsmVl+f7VqSw/fXlxYbZ6+cR0WpstzS1Mlaaq85dKM9XqTCUtTVXnNnu9SrV6aXwiFq6M1dNafay2uHRurrpwsX7uwlx5Jj2XDj6VqAAAAAAAAAAAAAAAAAAAAODZUltcmi1XKum8hMS2EsXdUY0dSOzL28RuqU9vEz3umAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgxf8BAAD//zqCM0E=")
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x60}, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

11.060400353s ago: executing program 0 (id=291):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r0, 0x2000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{0x0}], 0x1, 0xe7b, 0x0, 0x1)

9.033180802s ago: executing program 0 (id=294):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb8500000043000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)
fallocate(r2, 0x8, 0x4000, 0x4000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
r6 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000081ab09c9f7f6d9ca261e252a996890"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)={0x3c, 0x0, 0x100, 0x70bd28, 0x25dfdbfa, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x16}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8006}, 0x0)

7.988720516s ago: executing program 1 (id=296):
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$random(0xffffffffffffff9c, &(0x7f000000fe80), 0x40800, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x408, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x200, 0x248, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x468)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x0)
pipe(0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x18)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b", 0x17}, {&(0x7f0000000440)="9c74dfbf77572856c809ff86bb648daf351a32ad5ea7e5599da7a5b3d468381d8ff50420", 0x24}], 0x2)

7.75025708s ago: executing program 5 (id=297):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x3e)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
rt_sigprocmask(0x2, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x48)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYRES8], 0x40}}, 0xc800)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000008d07e488c07741bb800425bac14a307ba86e785c3d41ced24dad93d2cb74c6328b66202b3b23e67c5fec6d13911fa5ce37801be8b4cfe0f734f1c06e5673f440c2365cbe04b8505201", @ANYRES16=r4, @ANYBLOB="270e000000000000000004070200"], 0x14}, 0x1, 0x40030000000000, 0x0, 0x20008044}, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYRESDEC=r2, @ANYRES16=r4, @ANYBLOB="000826bd7000fcdbdf250200000014000200776c616e3000"/34, @ANYBLOB="0b54cb03c2110e6f8aafbb6c4587e7cadc3ad4dc815a1967a3c6555c41e91b335efe5779b35b9b721e837901dc494c3eac3c618d41a22ab2f88d1ecd85b1e40e239bccdfad36d092816c9fb19b7dacf42c8c484a7f61a4a409122d7997873b88da607d0de2e4236402a22b5406b6f0c1"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)

7.468999214s ago: executing program 4 (id=298):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r5, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
bind$802154_dgram(r5, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r5, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

6.901583802s ago: executing program 4 (id=299):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r7, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
bind$802154_dgram(r7, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r7, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

6.830102413s ago: executing program 2 (id=300):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f0000000580)=ANY=[@ANYRES8=r0, @ANYRESHEX, @ANYRES8=r0, @ANYRESDEC=0x0, @ANYRESOCT=r0, @ANYRES16=r0, @ANYRES16, @ANYRES32=r1], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r6, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
bind$802154_dgram(r6, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r6, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

5.568162721s ago: executing program 4 (id=301):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)
fallocate(r2, 0x8, 0x4000, 0x4000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
r6 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000081ab09c9f7f6d9ca261e252a996890"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)={0x3c, 0x0, 0x100, 0x70bd28, 0x25dfdbfa, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x16}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8006}, 0x0)

5.239411925s ago: executing program 0 (id=302):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r7, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
bind$802154_dgram(r7, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r7, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

4.376676518s ago: executing program 2 (id=303):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r6, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
connect$802154_dgram(r6, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

2.997096708s ago: executing program 2 (id=304):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x58, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}, @NFTA_SET_DESC={0x1c, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xffff}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xa0}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

2.996330948s ago: executing program 5 (id=305):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

1.899831673s ago: executing program 4 (id=306):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r7, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
connect$802154_dgram(r7, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

1.567564268s ago: executing program 2 (id=307):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r0, 0x2284, &(0x7f0000000080))

1.448256909s ago: executing program 0 (id=308):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_flowlabel\x00')
preadv(r0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x2e, &(0x7f0000000000)=r2, 0x4)
recvmsg$unix(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x10002)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000080)={0x64, r4, 0x1, 0xff7fffff, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x9}}, {0x8, 0xb, 0x82}, {0x6, 0x16, 0x1}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0xffff}, {0x8, 0xb, 0x2f}}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x6, &(0x7f0000000300)=<r6=>0x0)
io_getevents(r6, 0x2, 0x0, &(0x7f0000001340), 0x0)
r7 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x4e24, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@multicast1, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r7, &(0x7f0000000480), 0x2e9, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@newsa={0x138, 0x10, 0x633, 0x0, 0x80000008, {{@in=@multicast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80}, {@in=@local, 0x4d2, 0x32}, @in6=@mcast2, {0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x100}, {0x5, 0x2000000000, 0x0, 0x5}, {}, 0x2, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

1.291088532s ago: executing program 2 (id=309):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)
fallocate(r2, 0x8, 0x4000, 0x4000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
r6 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200e, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000081ab09c9f7f6d9ca261e252a996890"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)={0x3c, 0x0, 0x100, 0x70bd28, 0x25dfdbfa, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x16}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8006}, 0x0)

1.086726995s ago: executing program 5 (id=310):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
rt_sigprocmask(0x2, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x48)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYRES8], 0x40}}, 0xc800)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000008d07e488c07741bb800425bac14a307ba86e785c3d41ced24dad93d2cb74c6328b66202b3b23e67c5fec6d13911fa5ce37801be8b4cfe0f734f1c06e5673f440c2365cbe04b8505201", @ANYRES16=r4, @ANYBLOB="270e000000000000000004070200"], 0x14}, 0x1, 0x40030000000000, 0x0, 0x20008044}, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYRESDEC=r2, @ANYRES16=r4, @ANYBLOB="000826bd7000fcdbdf250200000014000200776c616e3000"/34, @ANYBLOB="0b54cb03c2110e6f8aafbb6c4587e7cadc3ad4dc815a1967a3c6555c41e91b335efe5779b35b9b721e837901dc494c3eac3c618d41a22ab2f88d1ecd85b1e40e239bccdfad36d092816c9fb19b7dacf42c8c484a7f61a4a409122d7997873b88da607d0de2e4236402a22b5406b6f0c1"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)

230.637477ms ago: executing program 4 (id=311):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r0, 0x2284, &(0x7f0000000080))

45.040329ms ago: executing program 0 (id=312):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYRES16=r1, @ANYRES16, @ANYRES32=r2], 0xfffffeb7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB])
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x2, &(0x7f0000000180)=[{0x61}, {0x6, 0x0, 0xfc, 0x9}]})
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$sock(r7, &(0x7f0000000300)={&(0x7f0000000040)=@isdn={0x22, 0x2, 0x80, 0x5, 0x3a}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000380)="449df18d098dfcd2c50c61580cd0ba7d5524fac46e641423b01613908be1e46241affd2884d0acb6cde2156c7cbad852c33bb67db850bf9a3869224683ba8cc2d245a2dd7efc089c7dffeff32aab05e5ce9b7eebe34bbea122e427915249b4b662c8d9aca64c9872ad5feb42cebac0b127da8481bc0cf7fc83b057eee475bec953683a7b054d25f30cbfc72e629b217baa6df41c78bf8c328cdb786149a18fbe6e09f6e52e38e6a84a62150d6ee0240e01b2fa467c204a0d", 0xb8}, {&(0x7f00000000c0)="2bc9d0ab0a0169d6a88f99466c2904", 0xf}, {&(0x7f0000000440)="543a9a82b0ddaf4e28041970cb4a94cb3fd34be39b47bff70298a3750a875f445474a9144ae1c33a74ba15afa1ddc5750643c9f4db3b710c327bcb901225181f03fc254ca2c43f5e40aed38a6aad8acfd6ed7a3287b828bcfe087fbe4364e06e858883d7e13f68185ea008236571099482c60211f12d2aabc4ef99d44c7deb646fdd8ba8cee489afb1a56e8b185cc02922eb4499bec899a195e299f24e5be663", 0xa0}, {&(0x7f0000000500)="1723ef612486b918945fc9531d73c06c3eb2bf978afb5feaeb3825058e5e8b10c1247a31d772aa348005d54c79094049f029986ddb1ab18190d67bd4be2746f210a944be6999b102706bb6ace08bcc8160a7e8a3de852bad413db730e6b2afc90fe7e8a9de0a3c893637eb65308f72a2eec15a95aeec262a0bdef7104c4cd88cddb650df6f23a7dc3705b676d6317cdc5a5c545ce2f5023450958171a2970c4b2c3c7cbc93c82e405556b8bb2b28f5", 0xaf}], 0x4, &(0x7f00000001c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x30}, 0x8000)
bind$802154_dgram(r7, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r7, &(0x7f0000000640)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)

0s ago: executing program 4 (id=313):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
rt_sigprocmask(0x2, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x48)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYRES8], 0x40}}, 0xc800)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000008d07e488c07741bb800425bac14a307ba86e785c3d41ced24dad93d2cb74c6328b66202b3b23e67c5fec6d13911fa5ce37801be8b4cfe0f734f1c06e5673f440c2365cbe04b8505201", @ANYRES16=r4, @ANYBLOB="270e000000000000000004070200"], 0x14}, 0x1, 0x40030000000000, 0x0, 0x20008044}, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYRESDEC=r2, @ANYRES16=r4, @ANYBLOB="000826bd7000fcdbdf250200000014000200776c616e3000"/34, @ANYBLOB="0b54cb03c2110e6f8aafbb6c4587e7cadc3ad4dc815a1967a3c6555c41e91b335efe5779b35b9b721e837901dc494c3eac3c618d41a22ab2f88d1ecd85b1e40e239bccdfad36d092816c9fb19b7dacf42c8c484a7f61a4a409122d7997873b88da607d0de2e4236402a22b5406b6f0c1"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)

kernel console output (not intermixed with test programs):

rom eth1
[   80.698619][ T4251] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   80.711619][ T4251] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   80.725340][ T4265] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.791954][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   80.802212][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   80.814799][ T4260] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   80.828917][ T4250] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.846105][ T4260] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   80.860280][ T4260] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   80.872814][ T4265] 8021q: adding VLAN 0 to HW filter on device team0
[   80.888721][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   80.899920][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   80.909231][ T4260] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   80.922431][ T4250] 8021q: adding VLAN 0 to HW filter on device team0
[   80.939377][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   80.950300][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   80.960180][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.967564][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.976391][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   80.985692][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   80.994705][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.001949][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.037028][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   81.045505][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   81.055544][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   81.064482][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   81.074366][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.082031][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.097172][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   81.105995][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   81.114713][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.121905][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.133178][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   81.174725][ T4253] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.184326][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   81.194453][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   81.204499][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   81.213959][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   81.224358][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   81.233217][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   81.243588][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   81.255531][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   81.264772][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   81.294552][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   81.304882][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   81.315269][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   81.324774][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   81.333922][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   81.342743][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   81.351828][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   81.360660][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   81.388302][ T4253] 8021q: adding VLAN 0 to HW filter on device team0
[   81.399521][ T4265] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   81.412328][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   81.422016][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   81.430212][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   81.439629][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   81.478243][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   81.489797][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   81.499693][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.506886][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.515807][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   81.525614][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   81.535581][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   81.544695][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   81.554132][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.561325][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.571202][ T4250] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   81.595021][ T4251] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.623372][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   81.632443][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   81.642372][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   81.651819][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   81.662935][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   81.674500][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   81.693378][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   81.704848][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   81.736296][ T4251] 8021q: adding VLAN 0 to HW filter on device team0
[   81.760074][ T4253] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   81.786962][ T4253] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   81.797268][ T4269] Bluetooth: hci1: command 0x041b tx timeout
[   81.798595][ T4268] Bluetooth: hci3: command 0x041b tx timeout
[   81.803372][ T4269] Bluetooth: hci0: command 0x041b tx timeout
[   81.810278][ T4261] Bluetooth: hci4: command 0x041b tx timeout
[   81.837983][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   81.846520][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   81.854849][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   81.864142][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   81.874390][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   81.878207][ T4269] Bluetooth: hci2: command 0x041b tx timeout
[   81.884017][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   81.897200][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   81.932251][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   81.958250][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   81.987665][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.994825][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.021559][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   82.040953][ T4260] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.070688][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   82.087835][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   82.097334][ T4308] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.104495][ T4308] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.157364][ T4260] 8021q: adding VLAN 0 to HW filter on device team0
[   82.179212][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   82.198902][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   82.217023][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   82.254950][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   82.268022][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   82.275584][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   82.290780][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   82.299442][ T4308] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.306607][ T4308] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.314310][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   82.323364][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   82.332619][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   82.341419][ T4308] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.348656][ T4308] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.360823][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   82.371275][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   82.392690][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   82.402868][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   82.413594][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   82.424643][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   82.450152][ T4265] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.466781][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   82.476078][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   82.515110][ T4251] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   82.526494][ T4251] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   82.552013][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   82.562233][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   82.580354][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   82.589912][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   82.597940][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   82.608155][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   82.618096][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   82.632383][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   82.640888][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   82.650349][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   82.659003][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   82.667691][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   82.676279][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   82.685148][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   82.696932][ T4250] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.723253][ T4260] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   82.735257][ T4260] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   82.747922][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   82.758442][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   82.767885][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   82.776325][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   82.810703][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   82.821735][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   82.863591][ T4253] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.912546][ T4265] device veth0_vlan entered promiscuous mode
[   82.942979][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   82.959600][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   82.984363][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   83.004803][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   83.038577][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   83.047234][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   83.074742][ T4265] device veth1_vlan entered promiscuous mode
[   83.105162][ T4250] device veth0_vlan entered promiscuous mode
[   83.113392][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   83.125856][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   83.134833][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   83.182650][ T4250] device veth1_vlan entered promiscuous mode
[   83.220244][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   83.230847][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   83.240212][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   83.248980][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   83.261600][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   83.271125][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   83.285947][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   83.299565][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   83.309624][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   83.320003][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   83.337069][ T4265] device veth0_macvtap entered promiscuous mode
[   83.348315][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   83.359885][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   83.368711][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   83.382953][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   83.417118][ T4253] device veth0_vlan entered promiscuous mode
[   83.430854][ T4265] device veth1_macvtap entered promiscuous mode
[   83.458572][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   83.473471][ T4253] device veth1_vlan entered promiscuous mode
[   83.507856][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   83.518830][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   83.533817][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   83.541491][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   83.551825][ T4250] device veth0_macvtap entered promiscuous mode
[   83.568441][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   83.577391][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   83.584897][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   83.600552][ T4265] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.611746][ T4250] device veth1_macvtap entered promiscuous mode
[   83.622644][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   83.632430][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   83.642208][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   83.661352][ T4260] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.673299][ T4251] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.695113][ T4253] device veth0_macvtap entered promiscuous mode
[   83.712954][ T4265] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.733841][ T4265] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.750570][ T4265] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.762561][ T4265] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.775044][ T4265] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.804761][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   83.831174][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   83.857967][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   83.869775][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   83.878396][ T4268] Bluetooth: hci0: command 0x040f tx timeout
[   83.885420][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   83.893925][ T4269] Bluetooth: hci4: command 0x040f tx timeout
[   83.900424][ T4268] Bluetooth: hci3: command 0x040f tx timeout
[   83.903825][ T4253] device veth1_macvtap entered promiscuous mode
[   83.906501][ T4268] Bluetooth: hci1: command 0x040f tx timeout
[   83.966880][ T4269] Bluetooth: hci2: command 0x040f tx timeout
[   83.980157][ T4250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.000624][ T4250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.026400][ T4250] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.034507][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   84.044584][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   84.054012][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   84.063114][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   84.072743][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   84.093675][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.123253][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.135711][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.146675][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.158497][ T4253] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.170196][ T4250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.180824][ T4250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.192991][ T4250] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.210493][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   84.220842][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   84.230031][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   84.239562][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   84.250666][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.262150][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.273217][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.284691][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.301610][ T4253] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.327485][ T4250] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.337831][ T4250] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.354194][ T4250] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.377233][ T4250] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.394945][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   84.404459][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   84.418347][ T4253] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.428102][ T4253] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.438075][ T4253] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.447234][ T4253] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.474797][ T4251] device veth0_vlan entered promiscuous mode
[   84.494996][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   84.504361][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   84.516460][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   84.525752][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   84.572806][ T4251] device veth1_vlan entered promiscuous mode
[   84.582414][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.592822][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.619318][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   84.649494][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   84.659724][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   84.729891][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   84.740718][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   84.760776][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.763098][ T4260] device veth0_vlan entered promiscuous mode
[   84.775973][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.797893][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   84.810115][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   84.818243][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   84.826161][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   84.835444][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   84.851300][ T4260] device veth1_vlan entered promiscuous mode
[   84.866423][ T4251] device veth0_macvtap entered promiscuous mode
[   84.888126][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.896327][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.921536][ T4251] device veth1_macvtap entered promiscuous mode
[   84.940570][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   84.952311][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   84.961978][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   84.971410][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   84.979961][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   85.058353][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.071223][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.081189][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.092513][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.112123][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.133570][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.143840][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.154815][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.168440][ T4251] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.186154][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.196282][ T4260] device veth0_macvtap entered promiscuous mode
[   85.205489][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.230718][ T4260] device veth1_macvtap entered promiscuous mode
[   85.252052][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.273183][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.292108][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.312308][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.323818][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.340453][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.352759][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.369440][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.385246][ T4260] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.412444][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   85.429246][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   85.504114][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   85.513240][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   85.521394][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   85.543508][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   85.561437][ T4346] process 'syz.1.2' launched './file0' with NULL argv: empty string added
[   85.582974][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   85.605422][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   85.623797][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   85.656236][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   85.853324][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.865827][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.876846][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.889640][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.899732][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.910343][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.926403][ T4251] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.935474][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.935696][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.947189][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.964881][ T4269] Bluetooth: hci4: command 0x0419 tx timeout
[   85.971038][ T4261] Bluetooth: hci1: command 0x0419 tx timeout
[   85.977841][ T4268] Bluetooth: hci3: command 0x0419 tx timeout
[   85.984052][ T4269] Bluetooth: hci0: command 0x0419 tx timeout
[   85.984158][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.984175][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.984185][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.984198][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.984213][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.984227][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.986737][ T4260] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.017010][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.073147][ T4268] Bluetooth: hci2: command 0x0419 tx timeout
[   86.104918][ T4260] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.115354][ T4260] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.124798][ T4260] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.134126][ T4260] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.146356][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   86.154697][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   86.163738][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   86.173267][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   86.182276][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   86.195186][ T4251] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.210134][ T4251] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.254916][ T4349] loop1: detected capacity change from 0 to 512
[   86.266288][ T4251] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.283643][ T4251] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.509105][ T4354] loop2: detected capacity change from 0 to 128
[   86.567897][ T4354] =======================================================
[   86.567897][ T4354] WARNING: The mand mount option has been deprecated and
[   86.567897][ T4354]          and is ignored by this kernel. Remove the mand
[   86.567897][ T4354]          option from the mount to silence this warning.
[   86.567897][ T4354] =======================================================
[   86.642737][ T4313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.697203][ T4313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.739905][ T4354] EXT4-fs (loop2): Test dummy encryption mode enabled
[   86.758814][    T7] cfg80211: failed to load regulatory.db
[   86.794836][ T4349] EXT4-fs (loop1): Test dummy encryption mode enabled
[   86.802795][ T4349] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   86.816233][ T4349] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   86.848717][ T4354] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   86.858666][ T4349] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[   86.866847][ T4349] System zones: 1-12
[   86.873733][ T4349] EXT4-fs (loop1): 1 truncate cleaned up
[   86.879589][ T4349] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   86.935322][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   87.753797][ T4354] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   88.184079][ T4308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.192474][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.202244][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.222185][ T4308] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.042129][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   89.050572][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   89.220473][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.234776][ T4253] EXT4-fs (loop2): unmounting filesystem.
[   89.240520][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.300288][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   89.470922][ T4379] loop2: detected capacity change from 0 to 128
[   89.536143][ T4379] EXT4-fs (loop2): Test dummy encryption mode enabled
[   89.998486][ T4383] loop4: detected capacity change from 0 to 512
[   91.156613][    C1] sched: RT throttling activated
[   91.540029][ T4383] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   91.553297][ T4383] EXT4-fs (loop4): orphan cleanup on readonly fs
[   91.553367][ T4379] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   91.586395][ T4383] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.5: bg 0: block 248: padding at end of block bitmap is not set
[   91.612122][ T4383] Quota error (device loop4): write_blk: dquota write failed
[   91.621231][ T4383] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   91.631454][ T4383] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.5: Failed to acquire dquot type 1
[   91.648440][ T4383] EXT4-fs (loop4): 1 truncate cleaned up
[   91.659045][ T4379] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   91.873380][ T4383] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   91.924818][ T4265] EXT4-fs (loop1): unmounting filesystem.
[   92.509882][ T4383] EXT4-fs (loop4): unmounting filesystem.
[   92.621693][ T4395] loop1: detected capacity change from 0 to 128
[   92.750940][ T4395] EXT4-fs (loop1): Test dummy encryption mode enabled
[   92.752198][ T4253] EXT4-fs (loop2): unmounting filesystem.
[   92.778106][ T4395] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   92.930764][ T4397] device syzkaller0 entered promiscuous mode
[   92.950294][ T4395] ext4 filesystem being mounted at /2/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   95.427658][ T4411] lo speed is unknown, defaulting to 1000
[   95.433761][ T4411] lo speed is unknown, defaulting to 1000
[   95.441986][ T4411] lo speed is unknown, defaulting to 1000
[   95.452339][ T4411] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   95.474388][ T4411] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   95.525475][ T4411] lo speed is unknown, defaulting to 1000
[   95.533835][ T4411] lo speed is unknown, defaulting to 1000
[   95.544214][ T4411] lo speed is unknown, defaulting to 1000
[   95.550982][ T4411] lo speed is unknown, defaulting to 1000
[   95.557859][ T4411] lo speed is unknown, defaulting to 1000
[   95.559753][ T4265] EXT4-fs (loop1): unmounting filesystem.
[   95.564865][ T4411] lo speed is unknown, defaulting to 1000
[   95.868578][ T4418] loop4: detected capacity change from 0 to 512
[   95.975314][ T4418] EXT4-fs (loop4): 1 orphan inode deleted
[   96.040042][ T4418] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   96.060843][   T11] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   96.511784][ T4421] siw: device registration error -23
[   96.518916][ T4418] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.523415][   T11] EXT4-fs error (device loop4): ext4_release_dquot:6850: comm kworker/u4:1: Failed to release dquot type 1
[   97.516885][ T4424] lo speed is unknown, defaulting to 1000
[   97.564181][ T4260] EXT4-fs (loop4): unmounting filesystem.
[   97.793295][ T4434] loop3: detected capacity change from 0 to 512
[   99.215465][ T4434] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   99.939035][ T4434] EXT4-fs (loop3): orphan cleanup on readonly fs
[  100.098965][ T4434] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.17: bg 0: block 248: padding at end of block bitmap is not set
[  100.189725][ T4434] Quota error (device loop3): write_blk: dquota write failed
[  100.198545][ T4434] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  100.209320][ T4434] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.17: Failed to acquire dquot type 1
[  100.293715][ T4434] EXT4-fs (loop3): 1 truncate cleaned up
[  100.327323][ T4434] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  100.393281][ T4433] lo speed is unknown, defaulting to 1000
[  100.639448][ T4440] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  100.679219][ T4434] EXT4-fs (loop3): unmounting filesystem.
[  100.693500][ T4434] syz.3.17 (4434) used greatest stack depth: 20464 bytes left
[  100.718847][ T4443] loop2: detected capacity change from 0 to 128
[  100.748360][ T4443] EXT4-fs (loop2): Test dummy encryption mode enabled
[  100.798126][ T4443] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  100.812563][ T4442] loop4: detected capacity change from 0 to 2048
[  100.934880][ T4442]  loop4: p1 < > p3
[  100.935189][ T4443] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  100.951135][ T4442] loop4: p3 size 134217728 extends beyond EOD, truncated
[  101.018480][ T4449] tipc: Started in network mode
[  101.023600][ T4449] tipc: Node identity 5e61002950be, cluster identity 4711
[  101.107074][ T4449] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  101.358149][ T4451] device syzkaller0 entered promiscuous mode
[  101.843612][ T4452] tipc: Resetting bearer <eth:syzkaller0>
[  101.909611][ T4448] tipc: Resetting bearer <eth:syzkaller0>
[  102.031169][ T4448] tipc: Disabling bearer <eth:syzkaller0>
[  102.078588][ T4337] udevd[4337]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  102.103517][ T4351] udevd[4351]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  102.255425][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  102.284603][ T4463] loop0: detected capacity change from 0 to 2048
[  102.419823][ T4463]  loop0: p1 < > p3
[  102.457870][ T4463] loop0: p3 size 134217728 extends beyond EOD, truncated
[  102.493047][ T4351] udevd[4351]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  102.859316][ T4468] lo speed is unknown, defaulting to 1000
[  103.319609][ T4473] siw: device registration error -23
[  103.356719][ T4475] kvm: emulating exchange as write
[  103.456293][ T4399] udevd[4399]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  103.480882][ T4351] udevd[4351]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  103.665509][   T27] audit: type=1326 audit(1749762978.362:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4476 comm="syz.4.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  103.757563][   T27] audit: type=1326 audit(1749762978.392:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4476 comm="syz.4.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  103.870651][   T27] audit: type=1326 audit(1749762978.392:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4476 comm="syz.4.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  103.897309][ T4479] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  103.965631][ T4479] tipc: Resetting bearer <eth:syzkaller0>
[  103.994060][ T4478] tipc: Disabling bearer <eth:syzkaller0>
[  104.383444][   T27] audit: type=1326 audit(1749762978.392:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4476 comm="syz.4.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  104.405591][   T27] audit: type=1326 audit(1749762978.392:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4476 comm="syz.4.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  104.472778][   T27] audit: type=1326 audit(1749762978.402:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4476 comm="syz.4.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  104.507814][   T27] audit: type=1326 audit(1749762978.402:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4476 comm="syz.4.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  104.570834][   T27] audit: type=1326 audit(1749762978.402:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4476 comm="syz.4.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  104.761016][ T4484] loop0: detected capacity change from 0 to 8192
[  104.782099][ T4488] loop3: detected capacity change from 0 to 512
[  104.905246][ T4488] EXT4-fs (loop3): 1 orphan inode deleted
[  104.919447][ T4374] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:7: Failed to release dquot type 1
[  104.991527][ T4488] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  105.067778][ T4488] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.472336][ T4499] siw: device registration error -23
[  107.212617][ T4251] EXT4-fs (loop3): unmounting filesystem.
[  107.625274][ T4506] loop0: detected capacity change from 0 to 1024
[  107.743714][ T4512] siw: device registration error -23
[  108.716913][ T4513] siw: device registration error -23
[  109.169300][ T4506] EXT4-fs: Ignoring removed nobh option
[  109.174931][ T4506] EXT4-fs: Ignoring removed bh option
[  109.268517][ T4506] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  109.458238][ T4506] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  109.489211][ T4520] loop3: detected capacity change from 0 to 128
[  109.561750][ T4520] EXT4-fs (loop3): Test dummy encryption mode enabled
[  109.837970][ T4520] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  109.848689][ T4520] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  109.862068][ T4527] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.34: Allocating blocks 497-513 which overlap fs metadata
[  109.878521][ T4508] siw: device registration error -23
[  110.070001][ T4531] lo speed is unknown, defaulting to 1000
[  112.203920][ T4539] siw: device registration error -23
[  112.703674][ T4251] EXT4-fs (loop3): unmounting filesystem.
[  112.892446][ T4250] EXT4-fs (loop0): unmounting filesystem.
[  113.157760][ T4548] loop3: detected capacity change from 0 to 1024
[  113.174823][ T4548] EXT4-fs: Ignoring removed nobh option
[  113.180528][ T4548] EXT4-fs: Ignoring removed bh option
[  113.196299][ T4548] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  114.207985][ T4555] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  114.219514][ T4555] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  115.130228][ T4561] syz.1.45[4561] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.130341][ T4561] syz.1.45[4561] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.147472][ T4561] loop1: detected capacity change from 0 to 256
[  115.253283][ T4548] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  117.668754][ T4568] lo speed is unknown, defaulting to 1000
[  118.045254][ T4581] loop0: detected capacity change from 0 to 128
[  118.076042][ T4581] EXT4-fs (loop0): Test dummy encryption mode enabled
[  118.183222][ T4251] EXT4-fs (loop3): unmounting filesystem.
[  118.200089][ T4581] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  118.215523][ T4581] ext4 filesystem being mounted at /9/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  121.356676][ T4250] EXT4-fs (loop0): unmounting filesystem.
[  121.375241][ T4590] loop2: detected capacity change from 0 to 2048
[  122.877567][ T4595] siw: device registration error -23
[  123.364433][ T4590]  loop2: p1 < > p3
[  125.740448][ T4606] lo speed is unknown, defaulting to 1000
[  126.038852][ T4604] loop4: detected capacity change from 0 to 512
[  126.150929][ T4604] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  126.268385][ T4604] EXT4-fs (loop4): orphan cleanup on readonly fs
[  126.288305][ T4604] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.55: bg 0: block 248: padding at end of block bitmap is not set
[  126.307015][ T4604] __quota_error: 41 callbacks suppressed
[  126.307057][ T4604] Quota error (device loop4): write_blk: dquota write failed
[  126.320639][ T4604] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  126.331569][ T4604] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.55: Failed to acquire dquot type 1
[  126.368915][ T4604] EXT4-fs (loop4): 1 truncate cleaned up
[  126.380167][ T4590] loop2: p3 size 134217728 extends beyond EOD, truncated
[  126.456767][ T4604] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  127.365239][ T4616] loop0: detected capacity change from 0 to 512
[  128.739815][ T4619] loop1: detected capacity change from 0 to 512
[  128.764803][ T4619] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  129.138538][ T4616] EXT4-fs (loop0): Test dummy encryption mode enabled
[  129.177592][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  129.553656][ T4616] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  129.616777][ T4619] EXT4-fs (loop1): orphan cleanup on readonly fs
[  129.624849][ T4619] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.56: bg 0: block 248: padding at end of block bitmap is not set
[  129.641004][ T4619] Quota error (device loop1): write_blk: dquota write failed
[  129.648622][ T4619] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  129.658675][ T4619] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.56: Failed to acquire dquot type 1
[  129.674745][ T4619] EXT4-fs (loop1): 1 truncate cleaned up
[  129.718856][ T4351] udevd[4351]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  129.780164][ T4337] udevd[4337]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  129.781506][ T4619] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  129.827968][ T4616] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  129.885687][ T4616] System zones: 1-12
[  130.074774][ T4619] EXT4-fs (loop1): unmounting filesystem.
[  130.152226][ T4616] EXT4-fs (loop0): 1 truncate cleaned up
[  130.214326][ T4636] syz.3.61[4636] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  130.214550][ T4636] syz.3.61[4636] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  130.237007][ T4636] loop3: detected capacity change from 0 to 256
[  130.256508][ T4636] exfat: Unknown parameter 'iocrarseyrillicdiscard'
[  136.920083][ T4616] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  137.213920][ T4250] EXT4-fs (loop0): unmounting filesystem.
[  137.839876][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  137.846579][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  137.911983][ T4351] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  139.146996][ T4656] siw: device registration error -23
[  140.456822][ T4657] siw: device registration error -23
[  143.353983][ T4666] lo speed is unknown, defaulting to 1000
[  144.629619][ T4671] syz.3.68[4671] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.629733][ T4671] syz.3.68[4671] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.666343][ T4671] loop3: detected capacity change from 0 to 256
[  145.752897][ T4670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.69'.
[  148.200143][ T4670] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  148.209613][ T4670] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  148.219281][ T4670] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  148.330809][ T4670] syz.1.69 (4670) used greatest stack depth: 20200 bytes left
[  148.356619][   T27] audit: type=1800 audit(1749763022.902:50): pid=4670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.69" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  148.529643][ T4682] loop0: detected capacity change from 0 to 128
[  150.128172][ T4690] overlayfs: failed to resolve './file0': -2
[  152.028291][ T4682] EXT4-fs (loop0): Test dummy encryption mode enabled
[  152.186244][ T4682] EXT4-fs: failed to create workqueue
[  152.206863][ T4682] EXT4-fs (loop0): mount failed
[  152.376169][ T4710] loop3: detected capacity change from 0 to 512
[  152.971855][ T4714] lo speed is unknown, defaulting to 1000
[  155.108810][ T4710] EXT4-fs (loop3): 1 orphan inode deleted
[  155.122421][ T4718] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  155.132292][ T4693] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  155.145760][ T4710] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  155.186801][ T4693] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:16: Failed to release dquot type 1
[  155.205563][ T4710] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.222815][ T4720] device syzkaller0 entered promiscuous mode
[  155.365004][ T4724] loop2: detected capacity change from 0 to 512
[  155.397846][ T4724] EXT4-fs: Ignoring removed oldalloc option
[  155.432824][ T4724] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.502629][ T4724] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  155.575717][ T4724] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.81: bg 0: block 64: padding at end of block bitmap is not set
[  155.601663][ T4734] loop4: detected capacity change from 0 to 256
[  155.609015][ T4734] exfat: Unknown parameter 'iocrarseyrillicdiscard'
[  155.644195][ T4724] Quota error (device loop2): write_blk: dquota write failed
[  155.741565][ T4724] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  155.767678][ T4724] EXT4-fs error (device loop2): ext4_acquire_dquot:6814: comm syz.2.81: Failed to acquire dquot type 0
[  155.888853][ T4724] EXT4-fs (loop2): 1 truncate cleaned up
[  155.906183][ T4724] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  156.999714][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  157.146972][ T4251] EXT4-fs (loop3): unmounting filesystem.
[  157.429569][ T4751] loop4: detected capacity change from 0 to 1024
[  157.516333][ T4751] EXT4-fs: Ignoring removed nobh option
[  157.583198][ T4751] EXT4-fs: Ignoring removed bh option
[  157.629403][ T4751] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  157.652111][ T4756] siw: device registration error -23
[  157.764417][ T4759] siw: device registration error -23
[  157.997843][ T4751] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  159.402990][ T4763] lo speed is unknown, defaulting to 1000
[  160.595284][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  160.719274][ T4769] loop2: detected capacity change from 0 to 512
[  161.009087][ T4769] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  161.018591][ T4769] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.104937][ T4778] siw: device registration error -23
[  162.316442][ T4776] loop1: detected capacity change from 0 to 2048
[  162.470299][ T4782] loop0: detected capacity change from 0 to 256
[  162.477968][ T4782] exfat: Unknown parameter 'iocrarseyrillicdiscard'
[  163.716458][ T4776]  loop1: p1 < > p3
[  163.730378][ T4776] loop1: p3 size 134217728 extends beyond EOD, truncated
[  163.754422][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  165.190228][ T3623]  loop1: p1 < > p3
[  165.572129][ T3623] loop1: p3 size 134217728 extends beyond EOD, truncated
[  165.765447][   T27] audit: type=1326 audit(1749763040.462:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  165.877270][   T27] audit: type=1326 audit(1749763040.512:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  165.982445][   T27] audit: type=1326 audit(1749763040.512:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  166.091738][ T4800] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  166.102975][ T4800] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  168.092873][ T4803] netlink: 8 bytes leftover after parsing attributes in process `syz.0.98'.
[  168.680450][ T4803] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  168.689869][ T4803] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  168.699490][ T4803] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  168.711105][ T4803] syz.0.98 (4803) used greatest stack depth: 18248 bytes left
[  168.899005][   T27] audit: type=1326 audit(1749763040.512:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  168.958027][   T27] audit: type=1326 audit(1749763040.522:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  169.038050][ T4791] lo speed is unknown, defaulting to 1000
[  169.043365][ T4658] udevd[4658]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  169.063245][ T4707] udevd[4707]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  169.131727][ T4808] loop1: detected capacity change from 0 to 256
[  169.139003][ T4808] exfat: Unknown parameter 'iocrarseyrillicdiscard'
[  169.274142][   T27] audit: type=1326 audit(1749763040.522:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  170.084728][   T27] audit: type=1326 audit(1749763040.522:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  170.169502][   T27] audit: type=1326 audit(1749763040.522:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  170.243433][   T27] audit: type=1326 audit(1749763040.522:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  170.327781][ T4810] udevd[4810]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  170.341987][   T27] audit: type=1326 audit(1749763040.522:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4794 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1dc2390847 code=0x7ffc0000
[  170.362229][ T4658] udevd[4658]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  170.481799][ T4822] loop1: detected capacity change from 0 to 512
[  170.814637][ T4822] EXT4-fs (loop1): 1 orphan inode deleted
[  170.826756][ T4822] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  171.931356][ T4836] siw: device registration error -23
[  172.166804][ T4822] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.191417][ T4654] __quota_error: 66 callbacks suppressed
[  172.191432][ T4654] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  172.412603][ T4654] EXT4-fs error (device loop1): ext4_release_dquot:6850: comm kworker/u4:15: Failed to release dquot type 1
[  172.524786][ T4841] loop0: detected capacity change from 0 to 512
[  172.553964][ T4841] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  172.704623][ T4841] EXT4-fs (loop0): orphan cleanup on readonly fs
[  172.725244][ T4841] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.107: bg 0: block 248: padding at end of block bitmap is not set
[  172.749112][ T4841] Quota error (device loop0): write_blk: dquota write failed
[  172.757019][ T4841] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  172.767265][ T4841] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.107: Failed to acquire dquot type 1
[  172.793691][ T4841] EXT4-fs (loop0): 1 truncate cleaned up
[  172.813186][ T4841] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  175.226435][ T4841] EXT4-fs (loop0): unmounting filesystem.
[  175.235668][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  176.565738][ T4856] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  176.576905][ T4856] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  176.691967][ T4857] siw: device registration error -23
[  177.571764][ T4863] lo speed is unknown, defaulting to 1000
[  177.721777][ T4870] loop3: detected capacity change from 0 to 512
[  178.113031][ T4870] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  178.167235][ T4870] EXT4-fs (loop3): orphan cleanup on readonly fs
[  178.176268][ T4870] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.114: bg 0: block 248: padding at end of block bitmap is not set
[  178.192301][ T4870] Quota error (device loop3): write_blk: dquota write failed
[  178.199904][ T4870] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  178.209992][ T4870] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.114: Failed to acquire dquot type 1
[  178.227732][ T4870] EXT4-fs (loop3): 1 truncate cleaned up
[  178.234373][ T4870] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  178.247850][ T4869] siw: device registration error -23
[  178.468130][ T4870] EXT4-fs (loop3): unmounting filesystem.
[  179.202929][ T4877] lo speed is unknown, defaulting to 1000
[  179.747497][ T4876] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  180.974598][ T4884] loop0: detected capacity change from 0 to 8192
[  181.316768][   T27] audit: type=1326 audit(1749763055.902:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  181.425668][   T27] audit: type=1326 audit(1749763055.902:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  181.467977][   T27] audit: type=1326 audit(1749763055.902:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  182.372119][   T27] audit: type=1326 audit(1749763055.902:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  182.421865][   T27] audit: type=1326 audit(1749763055.902:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  182.916629][   T27] audit: type=1326 audit(1749763055.902:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  183.774248][ T4905] siw: device registration error -23
[  184.561144][ T4912] loop1: detected capacity change from 0 to 512
[  184.570287][ T4912] EXT4-fs (loop1): Test dummy encryption mode enabled
[  184.577195][ T4912] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  184.636785][   T27] audit: type=1326 audit(1749763055.902:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  184.910658][ T4918] loop4: detected capacity change from 0 to 512
[  185.639149][   T27] audit: type=1326 audit(1749763055.902:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  185.697070][ T4912] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  185.705113][ T4912] System zones: 1-12
[  185.714426][ T4912] EXT4-fs (loop1): 1 truncate cleaned up
[  185.721076][ T4912] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  185.731053][   T27] audit: type=1326 audit(1749763055.902:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  185.758486][   T27] audit: type=1326 audit(1749763055.902:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8d19190847 code=0x7ffc0000
[  185.780896][   T27] audit: type=1326 audit(1749763055.902:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f8d191907bc code=0x7ffc0000
[  185.830126][   T27] audit: type=1326 audit(1749763055.902:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f8d191906f4 code=0x7ffc0000
[  185.938072][ T4918] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  185.947114][ T4918] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.997076][ T4915] overlayfs: unrecognized mount option "t:0 prog->len:3)
[  185.997076][ T4915] verification time 829 usec
[  185.997076][ T4915] stack depth 0
[  185.997076][ T4915] processed 0 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0
[  185.997076][ T4915] " or missing value
[  186.638661][   T27] audit: type=1326 audit(1749763055.902:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f8d191906f4 code=0x7ffc0000
[  187.093994][   T27] audit: type=1326 audit(1749763055.902:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8d1918d58a code=0x7ffc0000
[  187.158462][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  187.187931][   T27] audit: type=1326 audit(1749763055.902:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  187.215914][   T27] audit: type=1326 audit(1749763055.912:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4892 comm="syz.4.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d1918e929 code=0x7ffc0000
[  187.404964][ T4931] device syzkaller0 entered promiscuous mode
[  187.529126][ T4935] loop4: detected capacity change from 0 to 512
[  187.544347][ T4935] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  187.696051][ T4935] EXT4-fs (loop4): orphan cleanup on readonly fs
[  187.709915][ T4935] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.127: bg 0: block 248: padding at end of block bitmap is not set
[  187.727145][ T4935] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.127: Failed to acquire dquot type 1
[  187.747611][ T4935] EXT4-fs (loop4): 1 truncate cleaned up
[  187.756364][ T4935] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  188.590507][ T4935] EXT4-fs (loop4): unmounting filesystem.
[  189.821674][ T4941] loop0: detected capacity change from 0 to 512
[  189.891877][ T4941] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  190.041392][ T4941] EXT4-fs (loop0): orphan cleanup on readonly fs
[  190.058426][ T4941] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.129: bg 0: block 248: padding at end of block bitmap is not set
[  190.085015][ T4941] __quota_error: 26 callbacks suppressed
[  190.085055][ T4941] Quota error (device loop0): write_blk: dquota write failed
[  190.098664][ T4941] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  190.108792][ T4941] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.129: Failed to acquire dquot type 1
[  190.135170][ T4941] EXT4-fs (loop0): 1 truncate cleaned up
[  190.169980][ T4941] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  190.766777][ T4941] EXT4-fs (loop0): unmounting filesystem.
[  190.816425][ T4946] loop4: detected capacity change from 0 to 512
[  190.865624][ T4946] EXT4-fs (loop4): Test dummy encryption mode enabled
[  190.872558][ T4946] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  190.913323][ T4946] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  190.922366][ T4946] System zones: 1-12
[  190.973331][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  190.995759][ T4946] EXT4-fs (loop4): 1 truncate cleaned up
[  191.002159][ T4946] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  191.380661][ T4950] lo speed is unknown, defaulting to 1000
[  192.117222][ T4957] loop0: detected capacity change from 0 to 256
[  192.124840][ T4957] exfat: Unknown parameter 'iocrarseyrillicdiscard'
[  192.181638][ T4810] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  192.376946][ T4961] loop1: detected capacity change from 0 to 512
[  194.440285][ T4961] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  194.449450][ T4961] ext4 filesystem being mounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  194.496203][   T27] audit: type=1326 audit(1749763069.162:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  194.754184][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  194.901623][   T27] audit: type=1326 audit(1749763069.162:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  195.686757][   T27] audit: type=1326 audit(1749763069.162:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  195.811384][   T27] audit: type=1326 audit(1749763069.162:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  195.839837][ T4973] loop1: detected capacity change from 0 to 512
[  195.870217][ T4973] EXT4-fs: Ignoring removed oldalloc option
[  195.883929][ T4973] EXT4-fs: Ignoring removed mblk_io_submit option
[  195.913407][   T27] audit: type=1326 audit(1749763069.162:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  195.928200][ T4971] tipc: Started in network mode
[  195.943214][ T4973] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  195.957858][ T4971] tipc: Node identity 4, cluster identity 4711
[  195.964567][ T4971] tipc: Node number set to 4
[  196.192437][ T4973] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.138: bg 0: block 64: padding at end of block bitmap is not set
[  196.206895][   T27] audit: type=1326 audit(1749763069.162:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  196.227585][ T4973] Quota error (device loop1): write_blk: dquota write failed
[  196.229238][   T27] audit: type=1326 audit(1749763069.162:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  196.244168][ T4973] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  196.270980][ T4973] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.138: Failed to acquire dquot type 0
[  196.325920][ T4973] EXT4-fs (loop1): 1 truncate cleaned up
[  196.385672][ T4981] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  196.397486][ T4981] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  196.718889][ T4973] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  196.997962][   T27] audit: type=1326 audit(1749763069.162:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  197.027004][   T27] audit: type=1326 audit(1749763069.172:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  197.050292][   T27] audit: type=1326 audit(1749763069.172:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4965 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  197.131861][ T4254] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  197.144498][ T4254] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  197.156265][ T4254] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  197.165795][ T4254] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  197.177105][ T4254] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  197.184450][ T4254] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  197.240127][ T4984] loop2: detected capacity change from 0 to 512
[  197.345249][ T4979] lo speed is unknown, defaulting to 1000
[  197.427148][ T4984] EXT4-fs (loop2): 1 orphan inode deleted
[  197.433205][ T4984] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  197.468543][ T4436] EXT4-fs error (device loop2): ext4_release_dquot:6850: comm kworker/u4:9: Failed to release dquot type 1
[  197.525346][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  197.567065][ T4984] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.602122][ T4989] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  197.938563][ T4979] chnl_net:caif_netlink_parms(): no params data found
[  198.730029][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  198.805955][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  198.981405][ T4979] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.015784][ T4979] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.048474][ T4979] device bridge_slave_0 entered promiscuous mode
[  199.116260][ T4979] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.144552][ T4979] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.193408][ T4979] device bridge_slave_1 entered promiscuous mode
[  199.236824][ T4268] Bluetooth: hci5: command 0x0409 tx timeout
[  199.264949][ T5003] lo speed is unknown, defaulting to 1000
[  199.406827][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  199.413224][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  199.533282][ T5009] siw: device registration error -23
[  200.122958][ T4979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.283426][ T4979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.325157][ T4979] team0: Port device team_slave_0 added
[  200.420024][ T5017] loop2: detected capacity change from 0 to 1024
[  200.427725][ T5017] EXT4-fs: Ignoring removed nobh option
[  200.433438][ T5017] EXT4-fs: Ignoring removed bh option
[  200.460381][ T5017] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  200.759310][ T5017] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  201.414833][ T4254] Bluetooth: hci5: command 0x041b tx timeout
[  201.793113][ T5022] netlink: 8 bytes leftover after parsing attributes in process `syz.0.143'.
[  202.146699][ T4268] Bluetooth: hci4: command 0x0406 tx timeout
[  202.153432][ T4254] Bluetooth: hci2: command 0x0406 tx timeout
[  202.153467][ T4269] Bluetooth: hci0: command 0x0406 tx timeout
[  202.159516][ T4254] Bluetooth: hci3: command 0x0406 tx timeout
[  202.166231][ T4261] Bluetooth: hci1: command 0x0406 tx timeout
[  202.337925][ T4979] team0: Port device team_slave_1 added
[  202.473999][ T4979] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.512344][ T4979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.646779][ T4979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  202.710332][ T4979] batman_adv: batadv0: Adding interface: batadv_slave_1
[  202.743597][ T4979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.771557][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  202.871877][ T4979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.979310][   T27] kauditd_printk_skb: 39 callbacks suppressed
[  202.979324][   T27] audit: type=1800 audit(1749763077.682:215): pid=5022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.143" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  202.979477][ T5022] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  203.085496][ T5026] loop2: detected capacity change from 0 to 1024
[  203.092884][ T4979] device hsr_slave_0 entered promiscuous mode
[  203.118545][ T4979] device hsr_slave_1 entered promiscuous mode
[  203.133295][ T4979] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  203.136101][ T5026] EXT4-fs: Ignoring removed nobh option
[  203.180328][ T4979] Cannot create hsr debugfs directory
[  203.210276][ T5026] EXT4-fs: Ignoring removed bh option
[  203.235206][ T5022] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  203.267764][ T5026] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  203.283576][ T5022] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  203.404400][ T5026] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  203.477004][ T4269] Bluetooth: hci5: command 0x040f tx timeout
[  203.992389][ T5035] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  204.994280][ T5025] EXT4-fs error (device loop2): ext4_ext_map_blocks:4183: inode #15: comm syz.2.147: bad extent address lblock: 556, depth: 1 pblock 0
[  205.034794][ T4979] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  205.051396][ T5025] EXT4-fs error (device loop2): ext4_ext_map_blocks:4183: inode #15: comm syz.2.147: bad extent address lblock: 556, depth: 1 pblock 0
[  205.097058][ T4979] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  205.107164][ T4979] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  205.147107][ T4979] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  205.244075][ T4654] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.318756][ T4308] EXT4-fs error (device loop2): ext4_ext_map_blocks:4183: inode #15: comm kworker/u4:5: bad extent address lblock: 1, depth: 1 pblock 0
[  205.363624][ T4308] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  205.378782][ T4654] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.389700][ T4308] EXT4-fs (loop2): This should not happen!! Data will be lost
[  205.389700][ T4308] 
[  205.404802][ T4436] EXT4-fs error (device loop2): ext4_ext_map_blocks:4183: inode #15: comm kworker/u4:9: bad extent address lblock: 468, depth: 1 pblock 0
[  205.422245][ T4436] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 468 with max blocks 1 with error 117
[  205.440778][ T4436] EXT4-fs (loop2): This should not happen!! Data will be lost
[  205.440778][ T4436] 
[  205.566848][ T4269] Bluetooth: hci5: command 0x0419 tx timeout
[  205.605109][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  205.655682][ T4654] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.741031][ T5045] syz.0.150[5045] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  205.741137][ T5045] syz.0.150[5045] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  205.759030][ T5045] loop0: detected capacity change from 0 to 256
[  205.777807][ T5045] exfat: Unknown parameter 'iocrarseyrillicdiscard'
[  205.985827][ T4654] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.280649][ T4979] 8021q: adding VLAN 0 to HW filter on device bond0
[  208.064053][ T4979] 8021q: adding VLAN 0 to HW filter on device team0
[  208.153998][ T4979] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  208.166322][ T4979] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  208.184510][ T5049] lo speed is unknown, defaulting to 1000
[  208.200771][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  208.225082][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  208.270902][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  208.331617][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  208.379583][ T4851] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.386800][ T4851] bridge0: port 1(bridge_slave_0) entered forwarding state
[  208.460097][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  208.498533][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  208.547277][ T4851] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.554524][ T4851] bridge0: port 2(bridge_slave_1) entered forwarding state
[  208.593731][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  208.622099][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  208.692774][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  208.720294][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  208.731856][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  208.745898][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  208.808386][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  208.823882][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  208.835458][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  208.857356][ T5061] loop0: detected capacity change from 0 to 1024
[  208.858603][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  208.878881][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  208.891141][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  208.891362][ T5061] EXT4-fs: Ignoring removed nobh option
[  208.910368][ T4851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  208.927945][ T5054] lo speed is unknown, defaulting to 1000
[  209.062505][ T5065] loop1: detected capacity change from 0 to 512
[  209.184737][ T5065] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  209.250698][ T5065] EXT4-fs (loop1): orphan cleanup on readonly fs
[  209.264298][ T5065] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.155: bg 0: block 248: padding at end of block bitmap is not set
[  209.297816][ T5065] Quota error (device loop1): write_blk: dquota write failed
[  209.305688][ T5065] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  209.315885][ T5065] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.155: Failed to acquire dquot type 1
[  209.334678][ T5065] EXT4-fs (loop1): 1 truncate cleaned up
[  209.374536][ T5065] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  210.032868][ T5061] EXT4-fs: Ignoring removed bh option
[  210.337171][ T5061] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  210.437177][ T5061] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  211.405568][ T5065] EXT4-fs (loop1): unmounting filesystem.
[  211.517900][ T4654] tipc: Left network mode
[  211.647794][ T5080] loop2: detected capacity change from 0 to 512
[  211.680257][ T5080] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  212.931559][ T5080] EXT4-fs (loop2): orphan cleanup on readonly fs
[  212.948567][ T5080] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.156: bg 0: block 248: padding at end of block bitmap is not set
[  212.972701][ T5080] Quota error (device loop2): write_blk: dquota write failed
[  212.980801][ T5080] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  212.990906][ T5080] EXT4-fs error (device loop2): ext4_acquire_dquot:6814: comm syz.2.156: Failed to acquire dquot type 1
[  213.012996][ T5080] EXT4-fs (loop2): 1 truncate cleaned up
[  213.024159][ T5080] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  213.133546][ T5087] lo speed is unknown, defaulting to 1000
[  213.409912][ T5080] EXT4-fs (loop2): unmounting filesystem.
[  213.613411][ T4250] EXT4-fs (loop0): unmounting filesystem.
[  213.784096][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  213.802089][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  213.841933][ T4979] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.340404][   T27] audit: type=1326 audit(1749763089.042:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.393128][   T27] audit: type=1326 audit(1749763089.042:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.423131][   T27] audit: type=1326 audit(1749763089.042:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.453515][   T27] audit: type=1326 audit(1749763089.042:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.484051][   T27] audit: type=1326 audit(1749763089.042:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.573057][   T27] audit: type=1326 audit(1749763089.042:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.652091][   T27] audit: type=1326 audit(1749763089.042:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.681832][   T27] audit: type=1326 audit(1749763089.042:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.744347][   T27] audit: type=1326 audit(1749763089.042:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  214.829921][   T27] audit: type=1326 audit(1749763089.042:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5099 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fee12b90847 code=0x7ffc0000
[  214.972826][ T5107] siw: device registration error -23
[  216.073238][ T5113] loop0: detected capacity change from 0 to 512
[  216.321436][ T5121] siw: device registration error -23
[  216.490338][ T5113] EXT4-fs (loop0): 1 orphan inode deleted
[  216.612978][ T5113] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  216.975255][    T9] EXT4-fs error (device loop0): ext4_release_dquot:6850: comm kworker/u4:0: Failed to release dquot type 1
[  216.994128][ T5113] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.349247][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  217.415055][ T4436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  218.285177][ T4250] EXT4-fs (loop0): unmounting filesystem.
[  218.426695][ T4693] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  218.435320][ T4693] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  218.467389][ T4979] device veth0_vlan entered promiscuous mode
[  218.513602][ T4693] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  218.522204][ T4693] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  218.543472][ T4979] device veth1_vlan entered promiscuous mode
[  218.673958][ T4979] device veth0_macvtap entered promiscuous mode
[  218.719151][ T4979] device veth1_macvtap entered promiscuous mode
[  219.653149][   T27] kauditd_printk_skb: 74 callbacks suppressed
[  219.653163][   T27] audit: type=1326 audit(1749763094.352:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5138 comm="syz.0.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  219.720101][   T27] audit: type=1326 audit(1749763094.352:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5138 comm="syz.0.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee12b8e929 code=0x7ffc0000
[  219.749337][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  219.788577][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  219.836194][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  219.923436][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  220.463976][ T5156] loop0: detected capacity change from 0 to 512
[  220.483965][ T5156] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.597531][ T5156] EXT4-fs (loop0): orphan cleanup on readonly fs
[  220.620411][ T5156] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.166: bg 0: block 248: padding at end of block bitmap is not set
[  220.637747][ T5156] Quota error (device loop0): write_blk: dquota write failed
[  220.646371][ T5156] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  220.656533][ T5156] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.166: Failed to acquire dquot type 1
[  220.677673][ T5156] EXT4-fs (loop0): 1 truncate cleaned up
[  220.688649][ T5156] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  221.195422][ T5142] lo speed is unknown, defaulting to 1000
[  221.204319][ T5149] lo speed is unknown, defaulting to 1000
[  221.447805][ T5156] EXT4-fs (loop0): unmounting filesystem.
[  223.653095][ T5162] lo speed is unknown, defaulting to 1000
[  224.119381][ T5170] netlink: 8 bytes leftover after parsing attributes in process `syz.1.168'.
[  224.132288][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.160901][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.175060][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.187307][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.200166][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.233069][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.252560][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.263748][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.284467][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.295539][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.312658][ T4979] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.341055][   T27] audit: type=1800 audit(1749763099.042:301): pid=5170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.168" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  224.341176][ T5170] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  224.371350][ T5170] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  224.378827][ T5168] lo speed is unknown, defaulting to 1000
[  224.381064][ T5170] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  224.473793][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  224.491964][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  224.521016][ T5176] device syzkaller0 entered promiscuous mode
[  224.593729][ T5178] loop1: detected capacity change from 0 to 128
[  224.602596][ T5178] EXT4-fs (loop1): Test dummy encryption mode enabled
[  224.627125][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.645802][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.660424][ T5178] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  224.669172][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.686886][ T5178] ext4 filesystem being mounted at /31/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  224.687655][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.722262][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.742245][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.762817][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.776852][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.793066][ T4979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.805483][ T4979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.823317][ T4979] batman_adv: batadv0: Interface activated: batadv_slave_1
[  224.955379][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  224.966192][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  224.983115][ T4979] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.992517][ T4979] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.005824][ T4979] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.428872][ T4979] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.493712][ T4654] device hsr_slave_0 left promiscuous mode
[  225.506858][ T4654] device hsr_slave_1 left promiscuous mode
[  225.533673][ T4654] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  225.545555][ T4654] batman_adv: batadv0: Removing interface: batadv_slave_0
[  225.590835][ T4654] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  225.601935][ T4654] batman_adv: batadv0: Removing interface: batadv_slave_1
[  225.652002][ T4654] device bridge_slave_1 left promiscuous mode
[  225.663599][ T4654] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.694612][ T4654] device bridge_slave_0 left promiscuous mode
[  225.709953][ T4654] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.809974][ T4654] device veth1_macvtap left promiscuous mode
[  225.823233][ T4654] device veth0_macvtap left promiscuous mode
[  225.829668][ T4654] device veth1_vlan left promiscuous mode
[  225.835785][ T4654] device veth0_vlan left promiscuous mode
[  226.982714][ T5190] siw: device registration error -23
[  229.040977][ T5195] siw: device registration error -23
[  229.058881][ T4654] team0 (unregistering): Port device team_slave_1 removed
[  229.100315][ T4654] team0 (unregistering): Port device team_slave_0 removed
[  229.137853][ T4654] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.195262][ T4654] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.602921][ T5201] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  229.615288][ T5201] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  229.724815][ T4654] bond0 (unregistering): Released all slaves
[  229.916891][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  230.020630][ T5196] lo speed is unknown, defaulting to 1000
[  230.197338][ T5204] lo speed is unknown, defaulting to 1000
[  230.417954][ T4374] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.452826][ T4374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.505388][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  231.060717][ T5219] overlayfs: overlapping lowerdir path
[  231.101006][ T5217] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  231.124931][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.158885][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.210983][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  232.469167][ T5234] lo speed is unknown, defaulting to 1000
[  232.954931][ T5238] loop2: detected capacity change from 0 to 128
[  233.044175][ T5238] EXT4-fs (loop2): Test dummy encryption mode enabled
[  233.182472][ T5238] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  233.192439][ T5240] device syzkaller0 entered promiscuous mode
[  233.232156][ T5238] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  235.378884][ T5251] siw: device registration error -23
[  235.950471][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  236.302329][ T5261] siw: device registration error -23
[  237.454867][ T5268] loop2: detected capacity change from 0 to 512
[  237.566293][ T5268] EXT4-fs: Ignoring removed oldalloc option
[  237.680395][ T5268] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.716658][ T5260] siw: device registration error -23
[  237.786633][ T5268] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  238.062800][ T5268] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.186: bg 0: block 64: padding at end of block bitmap is not set
[  238.204411][ T5268] Quota error (device loop2): write_blk: dquota write failed
[  238.335296][ T5268] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  238.384371][ T5286] siw: device registration error -23
[  239.063950][ T5268] EXT4-fs error (device loop2): ext4_acquire_dquot:6814: comm syz.2.186: Failed to acquire dquot type 0
[  239.271105][ T5268] EXT4-fs (loop2): 1 truncate cleaned up
[  239.309058][ T5268] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  239.795407][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  239.806793][ T5294] siw: device registration error -23
[  240.291688][ T5303] netlink: 8 bytes leftover after parsing attributes in process `syz.4.193'.
[  240.317148][ T5302] lo speed is unknown, defaulting to 1000
[  240.456389][ T5303] syz.4.193 (5303) used greatest stack depth: 17664 bytes left
[  240.734878][ T5306] loop4: detected capacity change from 0 to 512
[  241.005894][ T5311] lo speed is unknown, defaulting to 1000
[  241.024650][ T5306] EXT4-fs (loop4): 1 orphan inode deleted
[  241.037068][ T4436] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  241.042509][ T5306] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  241.059888][ T5306] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.148196][ T4436] EXT4-fs error (device loop4): ext4_release_dquot:6850: comm kworker/u4:9: Failed to release dquot type 1
[  242.076869][ T5315] tipc: Started in network mode
[  242.144482][ T5315] tipc: Node identity 5a8ef368b283, cluster identity 4711
[  242.152346][ T5315] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  242.159372][ T5317] device syzkaller0 entered promiscuous mode
[  243.313774][ T5333] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  243.325521][ T5333] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  243.366088][ T4392] tipc: Node number set to 3893228392
[  243.375453][ T5309] tipc: Resetting bearer <eth:syzkaller0>
[  243.858321][ T5309] tipc: Disabling bearer <eth:syzkaller0>
[  243.987890][ T5325] lo speed is unknown, defaulting to 1000
[  244.121075][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  244.596753][ T5340] siw: device registration error -23
[  244.644766][ T5345] netlink: 8 bytes leftover after parsing attributes in process `syz.4.201'.
[  247.074402][ T5366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.206'.
[  247.787473][ T5366] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  247.796991][ T5366] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  247.806689][ T5366] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  249.372805][ T5381] netlink: 8 bytes leftover after parsing attributes in process `syz.4.209'.
[  250.358249][ T5381] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  250.367831][ T5381] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  250.377488][ T5381] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  251.865441][ T5397] sd 0:0:1:0: device reset
[  252.301773][ T5402] netlink: 8 bytes leftover after parsing attributes in process `syz.2.214'.
[  253.011817][ T5403] siw: device registration error -23
[  253.788520][ T5418] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(9)
[  253.795370][ T5418] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  253.823012][ T5414] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(6)
[  253.829599][ T5414] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  253.957722][ T5410] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  253.964310][ T5410] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  253.982026][ T5429] loop1: detected capacity change from 0 to 1024
[  254.002780][ T5422] loop0: detected capacity change from 0 to 512
[  254.051904][ T5422] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  254.086648][ T5431] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(12)
[  254.093329][ T5431] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  254.110995][ T5429] EXT4-fs: Ignoring removed nobh option
[  254.176696][ T5429] EXT4-fs: Ignoring removed bh option
[  254.206752][ T5422] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.215: bad orphan inode 17
[  254.255926][ T5422] EXT4-fs (loop0): Remounting filesystem read-only
[  254.263463][ T5429] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  254.282956][ T5422] ext4_test_bit(bit=16, block=4) = 1
[  254.296673][ T5431] vhci_hcd vhci_hcd.0: Device attached
[  254.300200][ T5422] is_bad_inode(inode)=0
[  254.325701][ T5422] NEXT_ORPHAN(inode)=2147418128
[  254.354036][ T5437] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  254.356779][ T5418] vhci_hcd vhci_hcd.0: Device attached
[  254.378355][ T5422] max_ino=32
[  254.381704][ T5422] i_nlink=0
[  254.384880][ T5422] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2818: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  254.406816][ T4392] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  254.439835][ T5410] vhci_hcd vhci_hcd.0: Device attached
[  254.480475][ T5429] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  254.498214][ T5422] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  254.511049][ T5414] vhci_hcd vhci_hcd.0: Device attached
[  254.520523][ T5440] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  254.697489][ T5410] vhci_hcd vhci_hcd.0: pdev(5) rhport(6) sockfd(8)
[  254.704075][ T5410] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  254.784970][ T5410] vhci_hcd vhci_hcd.0: Device attached
[  254.788783][ T5425] EXT4-fs error (device loop1): ext4_ext_map_blocks:4183: inode #15: comm syz.1.220: bad extent address lblock: 448, depth: 1 pblock 0
[  254.850038][ T5432] vhci_hcd: connection closed
[  254.853287][ T4844] vhci_hcd: stop threads
[  254.865316][ T5419] vhci_hcd: connection closed
[  254.865632][ T5417] vhci_hcd: connection closed
[  254.867188][ T5416] vhci_hcd: connection reset by peer
[  254.886545][ T5447] vhci_hcd: connection closed
[  254.887680][ T4844] vhci_hcd: release socket
[  254.952633][ T5450] siw: device registration error -23
[  254.971843][ T5425] EXT4-fs error (device loop1): ext4_ext_map_blocks:4183: inode #15: comm syz.1.220: bad extent address lblock: 448, depth: 1 pblock 0
[  255.032281][ T4844] vhci_hcd: disconnect device
[  255.108166][ T4844] vhci_hcd: stop threads
[  255.136321][ T4844] vhci_hcd: release socket
[  255.161697][ T4844] vhci_hcd: disconnect device
[  255.188413][ T4844] vhci_hcd: stop threads
[  255.223382][ T4844] vhci_hcd: release socket
[  255.266724][ T4844] vhci_hcd: disconnect device
[  255.276939][ T4844] vhci_hcd: stop threads
[  255.281218][ T4844] vhci_hcd: release socket
[  255.316711][ T4844] vhci_hcd: disconnect device
[  255.366758][ T4844] vhci_hcd: stop threads
[  255.371223][ T4844] vhci_hcd: release socket
[  255.421455][ T4844] vhci_hcd: disconnect device
[  255.453158][ T4250] EXT4-fs (loop0): unmounting filesystem.
[  255.662875][ T4773] EXT4-fs error (device loop1): ext4_ext_map_blocks:4183: inode #15: comm kworker/u4:17: bad extent address lblock: 1, depth: 1 pblock 0
[  255.797527][ T4773] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  255.813066][ T5456] siw: device registration error -23
[  255.836423][ T4773] EXT4-fs (loop1): This should not happen!! Data will be lost
[  255.836423][ T4773] 
[  255.853247][ T4773] EXT4-fs error (device loop1): ext4_ext_map_blocks:4183: inode #15: comm kworker/u4:17: bad extent address lblock: 440, depth: 1 pblock 0
[  255.882900][ T5464] netlink: 12 bytes leftover after parsing attributes in process `syz.0.222'.
[  255.905219][ T4773] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 440 with max blocks 1 with error 117
[  255.950951][ T4773] EXT4-fs (loop1): This should not happen!! Data will be lost
[  255.950951][ T4773] 
[  256.184446][ T5467] siw: device registration error -23
[  256.894062][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  257.668005][ T5480] siw: device registration error -23
[  258.824052][ T5500] sd 0:0:1:0: device reset
[  260.000765][ T5513] sd 0:0:1:0: device reset
[  260.034732][ T5511] loop5: detected capacity change from 0 to 1024
[  260.157468][ T5511] EXT4-fs: Ignoring removed nobh option
[  260.264503][ T5511] EXT4-fs: Ignoring removed bh option
[  260.401001][ T5511] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  260.546796][ T4392] vhci_hcd: vhci_device speed not set
[  260.964517][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  260.970919][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  260.988345][ T5519] siw: device registration error -23
[  261.127751][ T5511] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  261.185467][ T5526] siw: device registration error -23
[  261.239255][ T5494] siw: device registration error -23
[  262.429976][ T5537] mmap: syz.4.241 (5537) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  264.119225][ T5552] netlink: 12 bytes leftover after parsing attributes in process `syz.4.245'.
[  264.722618][ T4979] EXT4-fs (loop5): unmounting filesystem.
[  265.283994][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  265.386962][    T0] NOHZ tick-stop error: local softirq work is pending, handler #342!!!
[  265.395866][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  265.406618][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  265.414862][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  265.423157][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  265.431462][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  265.439728][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  265.447998][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  265.456202][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  266.649509][ T5570] loop1: detected capacity change from 0 to 32768
[  266.706168][ T5570] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.249 (5570)
[  266.738938][ T5570] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  266.813973][ T5570] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  266.823632][ T5570] BTRFS info (device loop1): turning on sync discard
[  266.830473][ T5570] BTRFS info (device loop1): max_inline at 0
[  266.836625][ T5570] BTRFS info (device loop1): enabling disk space caching
[  266.843860][ T5570] BTRFS info (device loop1): setting nodatasum
[  266.850119][ T5570] BTRFS info (device loop1): turning off barriers
[  266.883111][ T5570] BTRFS info (device loop1): turning on flush-on-commit
[  266.890451][ T5570] BTRFS info (device loop1): disabling disk space caching
[  266.897813][ T5570] BTRFS info (device loop1): force clearing of disk cache
[  266.905197][ T5570] BTRFS info (device loop1): enabling ssd optimizations
[  267.722857][ T5576] lo speed is unknown, defaulting to 1000
[  269.191582][ T5570] BTRFS error (device loop1): open_ctree failed: -12
[  269.191695][ T5593] loop2: detected capacity change from 0 to 1024
[  269.281539][ T5593] EXT4-fs: Ignoring removed nobh option
[  269.495281][ T5593] EXT4-fs: Ignoring removed bh option
[  269.662921][ T5593] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  270.178458][ T5619] siw: device registration error -23
[  271.519466][ T4810] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by udevd (4810)
[  271.656042][ T5593] EXT4-fs warning (device loop2): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop2.
[  271.888462][ T5630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.255'.
[  272.777286][ T5630] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  272.786809][ T5630] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  272.796408][ T5630] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  273.039046][ T5639] loop4: detected capacity change from 0 to 1024
[  273.100847][ T5639] EXT4-fs: Ignoring removed nobh option
[  273.108041][ T5643] loop2: detected capacity change from 0 to 128
[  273.151160][ T5639] EXT4-fs: Ignoring removed bh option
[  273.213503][ T5643] EXT4-fs (loop2): Test dummy encryption mode enabled
[  273.272697][ T5639] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  273.332056][ T5638] loop5: detected capacity change from 0 to 8192
[  273.462237][ T5649] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  273.473866][ T5649] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  273.752037][ T5643] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  274.207056][ T5643] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  274.261401][ T5639] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  275.103350][ T5635] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.260: Allocating blocks 497-513 which overlap fs metadata
[  275.430859][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  275.558053][ T5662] siw: device registration error -23
[  276.252253][ T5659] loop0: detected capacity change from 0 to 512
[  276.271423][ T5635] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.260: Allocating blocks 497-513 which overlap fs metadata
[  276.431020][ T5659] EXT4-fs (loop0): 1 orphan inode deleted
[  276.447133][ T5659] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  276.467873][ T4654] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  276.484820][   T27] audit: type=1326 audit(1749763151.182:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  276.515778][   T27] audit: type=1326 audit(1749763151.212:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  276.537125][ T4654] EXT4-fs error (device loop0): ext4_release_dquot:6850: comm kworker/u4:15: Failed to release dquot type 1
[  276.544874][   T27] audit: type=1326 audit(1749763151.212:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  276.572444][   T27] audit: type=1326 audit(1749763151.212:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  276.595137][   T27] audit: type=1326 audit(1749763151.212:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  276.619735][   T27] audit: type=1326 audit(1749763151.212:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  276.644213][ T4639] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm kworker/u4:14: Allocating blocks 497-513 which overlap fs metadata
[  276.710293][ T4639] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 377 with max blocks 3 with error 117
[  276.754076][   T27] audit: type=1326 audit(1749763151.212:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  276.777086][ T5659] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.795274][   T27] audit: type=1326 audit(1749763151.212:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  277.186842][ T4639] EXT4-fs (loop4): This should not happen!! Data will be lost
[  277.186842][ T4639] 
[  277.773737][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  277.781371][   T27] audit: type=1326 audit(1749763151.212:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz.5.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4b98e929 code=0x7ffc0000
[  277.933763][ T5671] lo speed is unknown, defaulting to 1000
[  278.045009][ T5687] loop4: detected capacity change from 0 to 128
[  278.155833][ T5687] EXT4-fs (loop4): Test dummy encryption mode enabled
[  278.703478][ T5692] siw: device registration error -23
[  278.745596][ T5687] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  279.266319][ T5687] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  279.594159][ T5694] lo speed is unknown, defaulting to 1000
[  280.131349][ T4250] EXT4-fs (loop0): unmounting filesystem.
[  280.296785][ T5697] lo speed is unknown, defaulting to 1000
[  280.354539][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  280.365321][ T5707] Zero length message leads to an empty skb
[  280.472234][ T5708] tipc: Started in network mode
[  280.493370][ T5708] tipc: Node identity 32f136857d9d, cluster identity 4711
[  280.507689][ T5708] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  280.551916][ T5709] device syzkaller0 entered promiscuous mode
[  280.867878][ T5716] loop4: detected capacity change from 0 to 512
[  281.089023][ T5716] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  282.149270][   T22] tipc: Node number set to 1332491909
[  282.165296][ T5716] EXT4-fs (loop4): orphan cleanup on readonly fs
[  282.178174][ T5716] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.273: bg 0: block 248: padding at end of block bitmap is not set
[  282.241662][ T5716] __quota_error: 31 callbacks suppressed
[  282.242093][ T5716] Quota error (device loop4): write_blk: dquota write failed
[  282.256287][ T5716] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  282.267982][ T5716] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.273: Failed to acquire dquot type 1
[  282.370320][ T5716] EXT4-fs (loop4): 1 truncate cleaned up
[  282.587674][ T5716] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  282.611169][ T5709] tipc: Resetting bearer <eth:syzkaller0>
[  282.644994][ T5706] tipc: Resetting bearer <eth:syzkaller0>
[  282.738337][ T5706] tipc: Disabling bearer <eth:syzkaller0>
[  282.803804][ T5716] EXT4-fs (loop4): unmounting filesystem.
[  282.860879][   T27] audit: type=1326 audit(1749763157.562:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5719 comm="syz.1.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  282.944199][   T27] audit: type=1326 audit(1749763157.642:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5719 comm="syz.1.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  282.974363][ T5722] loop2: detected capacity change from 0 to 512
[  283.063615][ T5722] EXT4-fs (loop2): 1 orphan inode deleted
[  283.086682][ T4609] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  283.130717][ T4609] EXT4-fs error (device loop2): ext4_release_dquot:6850: comm kworker/u4:12: Failed to release dquot type 1
[  283.146584][ T5722] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  283.183673][   T27] audit: type=1326 audit(1749763157.672:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5719 comm="syz.1.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  283.207224][   T27] audit: type=1326 audit(1749763157.672:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5719 comm="syz.1.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  283.230231][   T27] audit: type=1326 audit(1749763157.672:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5719 comm="syz.1.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  283.264130][ T5722] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.302065][   T27] audit: type=1326 audit(1749763157.672:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5719 comm="syz.1.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  285.061173][   T27] audit: type=1326 audit(1749763157.672:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5719 comm="syz.1.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dc238e929 code=0x7ffc0000
[  285.345409][ T5736] lo speed is unknown, defaulting to 1000
[  285.789429][ T5748] netlink: 8 bytes leftover after parsing attributes in process `syz.1.280'.
[  286.699050][ T5752] lo speed is unknown, defaulting to 1000
[  287.890443][ T5769] loop5: detected capacity change from 0 to 512
[  288.083782][ T5769] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  289.168149][ T5764] lo speed is unknown, defaulting to 1000
[  289.428292][ T5769] EXT4-fs (loop5): orphan cleanup on readonly fs
[  289.437514][ T5769] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.284: bg 0: block 248: padding at end of block bitmap is not set
[  289.454194][ T5769] __quota_error: 40 callbacks suppressed
[  289.454210][ T5769] Quota error (device loop5): write_blk: dquota write failed
[  289.468939][ T5769] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  289.479269][ T5769] EXT4-fs error (device loop5): ext4_acquire_dquot:6814: comm syz.5.284: Failed to acquire dquot type 1
[  289.508352][ T5769] EXT4-fs (loop5): 1 truncate cleaned up
[  289.523030][ T5769] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  289.820674][ T5779] loop1: detected capacity change from 0 to 512
[  289.828745][ T5769] EXT4-fs (loop5): unmounting filesystem.
[  289.893299][ T5779] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  289.974098][ T5779] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.285: bad orphan inode 17
[  290.029812][ T5783] loop5: detected capacity change from 0 to 128
[  290.069685][ T5779] EXT4-fs (loop1): Remounting filesystem read-only
[  290.076268][ T5779] ext4_test_bit(bit=16, block=4) = 1
[  290.089665][ T5783] EXT4-fs (loop5): Test dummy encryption mode enabled
[  290.126525][ T5779] is_bad_inode(inode)=0
[  290.137252][ T5779] NEXT_ORPHAN(inode)=2147418128
[  290.150652][ T5779] max_ino=32
[  290.153917][ T5779] i_nlink=0
[  290.177683][ T5783] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  290.186541][ T5779] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  290.297944][ T5783] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  291.616685][ T5793] overlayfs: overlapping lowerdir path
[  291.725675][ T5794] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  292.171704][ T4979] EXT4-fs (loop5): unmounting filesystem.
[  292.194505][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  292.238487][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  292.505710][ T5802] loop1: detected capacity change from 0 to 2048
[  292.599857][ T5802]  loop1: p1 < > p3
[  292.608755][ T5807] loop5: detected capacity change from 0 to 2048
[  292.621791][ T5802] loop1: p3 size 134217728 extends beyond EOD, truncated
[  292.653142][ T5810] loop2: detected capacity change from 0 to 1024
[  292.737860][ T5807]  loop5: p1 < > p3
[  292.768060][ T5807] loop5: p3 size 134217728 extends beyond EOD, truncated
[  292.777251][ T5810] EXT4-fs: Ignoring removed nobh option
[  292.782890][ T5810] EXT4-fs: Ignoring removed bh option
[  292.876691][ T5810] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  292.962963][ T5814] siw: device registration error -23
[  293.689245][ T5800] loop0: detected capacity change from 0 to 8192
[  293.818165][ T4812] I/O error, dev loop1, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  293.828058][ T5802] __loop_clr_fd: partition scan of loop1 failed (rc=-16)
[  293.846650][ T4810] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  293.900635][ T4812] I/O error, dev loop1, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  293.906955][ T5810] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  293.932908][ T5802] loop1: detected capacity change from 0 to 1024
[  293.936296][ T4663] udevd[4663]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  293.968110][ T4812] Buffer I/O error on dev loop1p3, logical block 8, async page read
[  293.979799][ T4658] udevd[4658]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  293.988327][ T5802] ext2: Unknown parameter 'defcontext'
[  294.351160][ T5825] siw: device registration error -23
[  295.063242][ T5805] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.289: Allocating blocks 497-513 which overlap fs metadata
[  295.219803][ T4707] udevd[4707]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  295.237364][ T5826] EXT4-fs (loop2): pa ffff8880702148c0: logic 0, phys. 113, len 25
[  295.245938][ T5826] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 22, pa_free 23
[  295.264596][ T4658] udevd[4658]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  295.439675][ T5830] tipc: Started in network mode
[  295.492668][ T5830] tipc: Node identity a6c396f9deef, cluster identity 4711
[  295.521804][ T5830] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  295.534024][ T5831] loop0: detected capacity change from 0 to 1024
[  295.577783][ T5829] tipc: Disabling bearer <eth:syzkaller0>
[  295.600836][ T5831] EXT4-fs: Ignoring removed nobh option
[  295.633135][ T5831] EXT4-fs: Ignoring removed bh option
[  295.653588][ T5831] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  295.778183][ T5831] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  295.802316][ T5837] tipc: Started in network mode
[  295.943700][ T5837] tipc: Node identity e6d3ba88a841, cluster identity 4711
[  296.004856][ T5837] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  296.284960][ T5849] siw: device registration error -23
[  296.441526][ T5844] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.294: Allocating blocks 497-513 which overlap fs metadata
[  296.488031][ T5835] tipc: Resetting bearer <eth:syzkaller0>
[  296.585602][ T4253] EXT4-fs (loop2): unmounting filesystem.
[  296.933089][ T5859] siw: device registration error -23
[  297.722226][  T127] tipc: Node number set to 1318238856
[  297.987156][ T5866] loop4: detected capacity change from 0 to 1024
[  298.005398][ T5866] EXT4-fs: Ignoring removed nobh option
[  298.011102][ T5866] EXT4-fs: Ignoring removed bh option
[  298.040528][ T5866] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  298.158183][ T5869] siw: device registration error -23
[  298.414577][ T5866] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  298.953076][ T4250] EXT4-fs (loop0): unmounting filesystem.
[  301.471972][ T5886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.304'.
[  301.573131][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  301.739437][ T5884] siw: device registration error -23
[  301.888472][ T5891] sd 0:0:1:0: device reset
[  302.293260][ T5900] siw: device registration error -23
[  302.356528][ T5899] loop2: detected capacity change from 0 to 1024
[  302.946282][ T5899] EXT4-fs: Ignoring removed nobh option
[  302.968197][ T5899] EXT4-fs: Ignoring removed bh option
[  302.975334][ T5899] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  303.006197][ T5899] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  303.198832][ T5909] sd 0:0:1:0: device reset
[  303.530231][ T5897] ==================================================================
[  303.538368][ T5897] BUG: KASAN: use-after-free in ext4_find_extent+0xbcc/0xe00
[  303.545803][ T5897] Read of size 4 at addr ffff88805485ed18 by task syz.2.309/5897
[  303.553548][ T5897] 
[  303.555912][ T5897] CPU: 0 PID: 5897 Comm: syz.2.309 Not tainted 6.1.141-syzkaller #0
[  303.563928][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  303.574030][ T5897] Call Trace:
[  303.577340][ T5897]  <TASK>
[  303.580298][ T5897]  dump_stack_lvl+0x168/0x22e
[  303.585016][ T5897]  ? __lock_acquire+0x7c50/0x7c50
[  303.590079][ T5897]  ? show_regs_print_info+0x12/0x12
[  303.595321][ T5897]  ? load_image+0x3b0/0x3b0
[  303.599864][ T5897]  ? __virt_addr_valid+0x465/0x540
[  303.605019][ T5897]  ? ext4_find_extent+0xbcc/0xe00
[  303.610080][ T5897]  print_report+0xa8/0x220
[  303.614530][ T5897]  kasan_report+0x10b/0x140
[  303.619086][ T5897]  ? ext4_find_extent+0xbcc/0xe00
[  303.624146][ T5897]  ext4_find_extent+0xbcc/0xe00
[  303.629039][ T5897]  ext4_ext_map_blocks+0x27d/0x66d0
[  303.634275][ T5897]  ? __lock_acquire+0x12e5/0x7c50
[  303.639352][ T5897]  ? ext4_ext_release+0x10/0x10
[  303.644239][ T5897]  ? rwsem_write_trylock+0x12f/0x1b0
[  303.649555][ T5897]  ? ext4_es_lookup_extent+0x443/0xb20
[  303.655057][ T5897]  ext4_map_blocks+0x9d1/0x1b60
[  303.659943][ T5897]  ? ext4_issue_zeroout+0x250/0x250
[  303.665195][ T5897]  _ext4_get_block+0x1d7/0x4e0
[  303.670007][ T5897]  ? alloc_buffer_head+0xd4/0x100
[  303.675079][ T5897]  ? __lock_acquire+0x7c50/0x7c50
[  303.680151][ T5897]  ? ext4_get_block+0x40/0x40
[  303.684874][ T5897]  ? attach_page_private+0x110/0x300
[  303.690210][ T5897]  ? create_empty_buffers+0x59e/0x7a0
[  303.695637][ T5897]  ? do_raw_spin_unlock+0x11d/0x230
[  303.700887][ T5897]  ext4_get_block_unwritten+0x2a/0x100
[  303.706392][ T5897]  __block_write_begin_int+0x54b/0x1a70
[  303.712003][ T5897]  ? _ext4_get_block+0x4e0/0x4e0
[  303.716982][ T5897]  ? page_zero_new_buffers+0x650/0x650
[  303.722488][ T5897]  ? ext4_journal_check_start+0x17e/0x240
[  303.728250][ T5897]  block_page_mkwrite+0x2d8/0x5f0
[  303.733310][ T5897]  ? _ext4_get_block+0x4e0/0x4e0
[  303.738279][ T5897]  ext4_page_mkwrite+0x3b2/0x10c0
[  303.743340][ T5897]  ? _ext4_get_block+0x4e0/0x4e0
[  303.748317][ T5897]  ? ext4_change_inode_journal_flag+0x6b0/0x6b0
[  303.754615][ T5897]  ? count_memcg_event_mm+0x8f/0x3b0
[  303.760017][ T5897]  ? put_page+0x270/0x270
[  303.764382][ T5897]  do_page_mkwrite+0x16b/0x5c0
[  303.769184][ T5897]  handle_mm_fault+0x1b10/0x3e70
[  303.774157][ T5897]  ? mt_find+0x145/0x810
[  303.778440][ T5897]  ? numa_migrate_prep+0x250/0x250
[  303.783596][ T5897]  ? lock_chain_count+0x20/0x20
[  303.788488][ T5897]  ? lock_mm_and_find_vma+0xae/0x2f0
[  303.793810][ T5897]  do_user_addr_fault+0x51f/0xb10
[  303.798890][ T5897]  exc_page_fault+0x60/0x100
[  303.803508][ T5897]  asm_exc_page_fault+0x22/0x30
[  303.808387][ T5897] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[  303.815019][ T5897] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[  303.834692][ T5897] RSP: 0018:ffffc900032b7a88 EFLAGS: 00050246
[  303.840800][ T5897] RAX: ffffffff8407c001 RBX: 0000000000000040 RCX: 0000000000000040
[  303.848806][ T5897] RDX: 0000000000000040 RSI: ffffc900032b7b20 RDI: 000020000004c000
[  303.856809][ T5897] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff52000656f6c
[  303.864811][ T5897] R10: fffff52000656f6c R11: 1ffff92000656f64 R12: 00007fffffffefc0
[  303.872814][ T5897] R13: 000000007ffe6a80 R14: 000020000004c000 R15: ffffc900032b7b20
[  303.880826][ T5897]  ? _copy_to_user+0xa1/0x130
[  303.885545][ T5897]  _copy_to_user+0xea/0x130
[  303.890097][ T5897]  rng_dev_read+0x3c5/0x710
[  303.894631][ T5897]  ? hwrng_yield+0x20/0x20
[  303.899076][ T5897]  ? common_file_perm+0x171/0x1c0
[  303.904134][ T5897]  ? fsnotify_perm+0x39b/0x550
[  303.908932][ T5897]  do_iter_read+0x49f/0xb10
[  303.913467][ T5897]  ? vfs_iter_read+0xa0/0xa0
[  303.918078][ T5897]  ? __import_iovec+0x315/0x500
[  303.922961][ T5897]  ? import_iovec+0x6f/0xa0
[  303.927494][ T5897]  do_preadv+0x1f6/0x330
[  303.931773][ T5897]  ? do_writev+0x410/0x410
[  303.936222][ T5897]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  303.942239][ T5897]  ? lock_chain_count+0x20/0x20
[  303.947130][ T5897]  ? lockdep_hardirqs_on+0x94/0x140
[  303.952370][ T5897]  do_syscall_64+0x4c/0xa0
[  303.956823][ T5897]  ? clear_bhb_loop+0x60/0xb0
[  303.961525][ T5897]  ? clear_bhb_loop+0x60/0xb0
[  303.966231][ T5897]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  303.972166][ T5897] RIP: 0033:0x7fbe5578e929
[  303.976620][ T5897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.996261][ T5897] RSP: 002b:00007fbe566e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  304.004713][ T5897] RAX: ffffffffffffffda RBX: 00007fbe559b5fa0 RCX: 00007fbe5578e929
[  304.012713][ T5897] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  304.020711][ T5897] RBP: 00007fbe55810b39 R08: 0000000000000000 R09: 0000000000000000
[  304.028713][ T5897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  304.036712][ T5897] R13: 0000000000000000 R14: 00007fbe559b5fa0 R15: 00007ffc601e6618
[  304.044721][ T5897]  </TASK>
[  304.047777][ T5897] 
[  304.050121][ T5897] Allocated by task 4979:
[  304.054463][ T5897]  kasan_set_track+0x4b/0x70
[  304.059090][ T5897]  __kasan_slab_alloc+0x6b/0x80
[  304.063975][ T5897]  slab_post_alloc_hook+0x4b/0x480
[  304.069114][ T5897]  kmem_cache_alloc_lru+0x11a/0x2e0
[  304.074342][ T5897]  sock_alloc_inode+0x24/0xc0
[  304.079044][ T5897]  new_inode_pseudo+0x5f/0x1c0
[  304.083842][ T5897]  __sock_create+0x129/0x940
[  304.088463][ T5897]  __sys_socket+0xc4/0x190
[  304.092915][ T5897]  __x64_sys_socket+0x76/0x80
[  304.097623][ T5897]  do_syscall_64+0x4c/0xa0
[  304.102090][ T5897]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  304.108019][ T5897] 
[  304.110360][ T5897] Last potentially related work creation:
[  304.116087][ T5897]  kasan_save_stack+0x3a/0x60
[  304.120816][ T5897]  __kasan_record_aux_stack+0xb2/0xc0
[  304.126216][ T5897]  call_rcu+0x14b/0x970
[  304.130406][ T5897]  evict+0x7da/0x870
[  304.134333][ T5897]  __dentry_kill+0x431/0x650
[  304.138963][ T5897]  dentry_kill+0xb8/0x290
[  304.143326][ T5897]  dput+0xfa/0x1d0
[  304.147070][ T5897]  __fput+0x5e0/0x920
[  304.151082][ T5897]  task_work_run+0x1ca/0x250
[  304.155709][ T5897]  exit_to_user_mode_loop+0xe6/0x110
[  304.161034][ T5897]  exit_to_user_mode_prepare+0xb1/0x140
[  304.166629][ T5897]  syscall_exit_to_user_mode+0x16/0x40
[  304.172117][ T5897]  do_syscall_64+0x58/0xa0
[  304.176568][ T5897]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  304.182509][ T5897] 
[  304.184858][ T5897] Second to last potentially related work creation:
[  304.191460][ T5897]  kasan_save_stack+0x3a/0x60
[  304.196179][ T5897]  __kasan_record_aux_stack+0xb2/0xc0
[  304.201581][ T5897]  call_rcu+0x14b/0x970
[  304.205782][ T5897]  evict+0x7da/0x870
[  304.209712][ T5897]  __dentry_kill+0x431/0x650
[  304.214333][ T5897]  dentry_kill+0xb8/0x290
[  304.218686][ T5897]  dput+0xfa/0x1d0
[  304.222427][ T5897]  __fput+0x5e0/0x920
[  304.226436][ T5897]  task_work_run+0x1ca/0x250
[  304.231077][ T5897]  exit_to_user_mode_loop+0xe6/0x110
[  304.236404][ T5897]  exit_to_user_mode_prepare+0xb1/0x140
[  304.241986][ T5897]  syscall_exit_to_user_mode+0x16/0x40
[  304.247486][ T5897]  do_syscall_64+0x58/0xa0
[  304.251938][ T5897]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  304.257866][ T5897] 
[  304.260208][ T5897] The buggy address belongs to the object at ffff88805485ec00
[  304.260208][ T5897]  which belongs to the cache sock_inode_cache of size 1408
[  304.274808][ T5897] The buggy address is located 280 bytes inside of
[  304.274808][ T5897]  1408-byte region [ffff88805485ec00, ffff88805485f180)
[  304.288203][ T5897] 
[  304.290546][ T5897] The buggy address belongs to the physical page:
[  304.296991][ T5897] page:ffffea0001521600 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88805485a400 pfn:0x54858
[  304.308480][ T5897] head:ffffea0001521600 order:3 compound_mapcount:0 compound_pincount:0
[  304.316830][ T5897] memcg:ffff88801d747e01
[  304.321086][ T5897] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  304.329118][ T5897] raw: 00fff00000010200 ffffea0001c01c08 ffffea0001522608 ffff8880177de3c0
[  304.337731][ T5897] raw: ffff88805485a400 000000000015000a 00000001ffffffff ffff88801d747e01
[  304.346334][ T5897] page dumped because: kasan: bad access detected
[  304.352777][ T5897] page_owner tracks the page as allocated
[  304.358520][ T5897] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 4260, tgid 4260 (syz-executor), ts 85244605547, free_ts 22962326957
[  304.383054][ T5897]  post_alloc_hook+0x173/0x1a0
[  304.387874][ T5897]  get_page_from_freelist+0x1a26/0x1ac0
[  304.393461][ T5897]  __alloc_pages+0x1df/0x4e0
[  304.398088][ T5897]  alloc_slab_page+0x5d/0x160
[  304.402799][ T5897]  new_slab+0x87/0x2c0
[  304.406899][ T5897]  ___slab_alloc+0xbc6/0x1220
[  304.411599][ T5897]  kmem_cache_alloc_lru+0x1ae/0x2e0
[  304.416816][ T5897]  sock_alloc_inode+0x24/0xc0
[  304.421500][ T5897]  new_inode_pseudo+0x5f/0x1c0
[  304.426292][ T5897]  __sock_create+0x129/0x940
[  304.430889][ T5897]  __sys_socket+0xc4/0x190
[  304.435312][ T5897]  __x64_sys_socket+0x76/0x80
[  304.439998][ T5897]  do_syscall_64+0x4c/0xa0
[  304.444459][ T5897]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  304.450362][ T5897] page last free stack trace:
[  304.455035][ T5897]  free_unref_page_prepare+0x8b4/0x9a0
[  304.460516][ T5897]  free_unref_page+0x2e/0x3f0
[  304.465228][ T5897]  free_contig_range+0x9d/0x150
[  304.470080][ T5897]  destroy_args+0xef/0x8bf
[  304.474508][ T5897]  debug_vm_pgtable+0x32a/0x37e
[  304.479372][ T5897]  do_one_initcall+0x214/0x7a0
[  304.484162][ T5897]  do_initcall_level+0x137/0x1e4
[  304.489135][ T5897]  do_initcalls+0x4b/0x8a
[  304.493471][ T5897]  kernel_init_freeable+0x3fa/0x5ac
[  304.498690][ T5897]  kernel_init+0x19/0x1b0
[  304.503050][ T5897]  ret_from_fork+0x1f/0x30
[  304.507503][ T5897] 
[  304.509833][ T5897] Memory state around the buggy address:
[  304.515554][ T5897]  ffff88805485ec00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  304.523620][ T5897]  ffff88805485ec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  304.531698][ T5897] >ffff88805485ed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  304.539759][ T5897]                             ^
[  304.544614][ T5897]  ffff88805485ed80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  304.552681][ T5897]  ffff88805485ee00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  304.560768][ T5897] ==================================================================
[  304.624454][ T5897] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  304.631713][ T5897] CPU: 0 PID: 5897 Comm: syz.2.309 Not tainted 6.1.141-syzkaller #0
[  304.639817][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.649903][ T5897] Call Trace:
[  304.653211][ T5897]  <TASK>
[  304.656174][ T5897]  dump_stack_lvl+0x168/0x22e
[  304.660893][ T5897]  ? memcpy+0x3c/0x60
[  304.664904][ T5897]  ? show_regs_print_info+0x12/0x12
[  304.670138][ T5897]  ? load_image+0x3b0/0x3b0
[  304.674675][ T5897]  panic+0x2c9/0x710
[  304.678604][ T5897]  ? bpf_jit_dump+0xd0/0xd0
[  304.683134][ T5897]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[  304.689071][ T5897]  ? _raw_spin_unlock+0x40/0x40
[  304.693965][ T5897]  ? print_memory_metadata+0x314/0x400
[  304.699467][ T5897]  check_panic_on_warn+0x80/0xa0
[  304.704448][ T5897]  ? ext4_find_extent+0xbcc/0xe00
[  304.709509][ T5897]  end_report+0x66/0x110
[  304.713797][ T5897]  kasan_report+0x118/0x140
[  304.718344][ T5897]  ? ext4_find_extent+0xbcc/0xe00
[  304.723409][ T5897]  ext4_find_extent+0xbcc/0xe00
[  304.728296][ T5897]  ext4_ext_map_blocks+0x27d/0x66d0
[  304.733601][ T5897]  ? __lock_acquire+0x12e5/0x7c50
[  304.738662][ T5897]  ? ext4_ext_release+0x10/0x10
[  304.743528][ T5897]  ? rwsem_write_trylock+0x12f/0x1b0
[  304.748830][ T5897]  ? ext4_es_lookup_extent+0x443/0xb20
[  304.754309][ T5897]  ext4_map_blocks+0x9d1/0x1b60
[  304.759175][ T5897]  ? ext4_issue_zeroout+0x250/0x250
[  304.764389][ T5897]  _ext4_get_block+0x1d7/0x4e0
[  304.769165][ T5897]  ? alloc_buffer_head+0xd4/0x100
[  304.774204][ T5897]  ? __lock_acquire+0x7c50/0x7c50
[  304.779238][ T5897]  ? ext4_get_block+0x40/0x40
[  304.783922][ T5897]  ? attach_page_private+0x110/0x300
[  304.789225][ T5897]  ? create_empty_buffers+0x59e/0x7a0
[  304.794619][ T5897]  ? do_raw_spin_unlock+0x11d/0x230
[  304.799850][ T5897]  ext4_get_block_unwritten+0x2a/0x100
[  304.805317][ T5897]  __block_write_begin_int+0x54b/0x1a70
[  304.810898][ T5897]  ? _ext4_get_block+0x4e0/0x4e0
[  304.815839][ T5897]  ? page_zero_new_buffers+0x650/0x650
[  304.821323][ T5897]  ? ext4_journal_check_start+0x17e/0x240
[  304.827062][ T5897]  block_page_mkwrite+0x2d8/0x5f0
[  304.832092][ T5897]  ? _ext4_get_block+0x4e0/0x4e0
[  304.837035][ T5897]  ext4_page_mkwrite+0x3b2/0x10c0
[  304.842077][ T5897]  ? _ext4_get_block+0x4e0/0x4e0
[  304.847026][ T5897]  ? ext4_change_inode_journal_flag+0x6b0/0x6b0
[  304.853276][ T5897]  ? count_memcg_event_mm+0x8f/0x3b0
[  304.858568][ T5897]  ? put_page+0x270/0x270
[  304.862910][ T5897]  do_page_mkwrite+0x16b/0x5c0
[  304.867686][ T5897]  handle_mm_fault+0x1b10/0x3e70
[  304.872628][ T5897]  ? mt_find+0x145/0x810
[  304.876889][ T5897]  ? numa_migrate_prep+0x250/0x250
[  304.882013][ T5897]  ? lock_chain_count+0x20/0x20
[  304.886879][ T5897]  ? lock_mm_and_find_vma+0xae/0x2f0
[  304.892174][ T5897]  do_user_addr_fault+0x51f/0xb10
[  304.897218][ T5897]  exc_page_fault+0x60/0x100
[  304.901814][ T5897]  asm_exc_page_fault+0x22/0x30
[  304.906674][ T5897] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[  304.913274][ T5897] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[  304.932891][ T5897] RSP: 0018:ffffc900032b7a88 EFLAGS: 00050246
[  304.938967][ T5897] RAX: ffffffff8407c001 RBX: 0000000000000040 RCX: 0000000000000040
[  304.946949][ T5897] RDX: 0000000000000040 RSI: ffffc900032b7b20 RDI: 000020000004c000
[  304.954928][ T5897] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffff52000656f6c
[  304.962904][ T5897] R10: fffff52000656f6c R11: 1ffff92000656f64 R12: 00007fffffffefc0
[  304.970883][ T5897] R13: 000000007ffe6a80 R14: 000020000004c000 R15: ffffc900032b7b20
[  304.978877][ T5897]  ? _copy_to_user+0xa1/0x130
[  304.983576][ T5897]  _copy_to_user+0xea/0x130
[  304.988096][ T5897]  rng_dev_read+0x3c5/0x710
[  304.992612][ T5897]  ? hwrng_yield+0x20/0x20
[  304.997040][ T5897]  ? common_file_perm+0x171/0x1c0
[  305.002073][ T5897]  ? fsnotify_perm+0x39b/0x550
[  305.006847][ T5897]  do_iter_read+0x49f/0xb10
[  305.011360][ T5897]  ? vfs_iter_read+0xa0/0xa0
[  305.015957][ T5897]  ? __import_iovec+0x315/0x500
[  305.020817][ T5897]  ? import_iovec+0x6f/0xa0
[  305.025336][ T5897]  do_preadv+0x1f6/0x330
[  305.029594][ T5897]  ? do_writev+0x410/0x410
[  305.034025][ T5897]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  305.040020][ T5897]  ? lock_chain_count+0x20/0x20
[  305.044890][ T5897]  ? lockdep_hardirqs_on+0x94/0x140
[  305.050114][ T5897]  do_syscall_64+0x4c/0xa0
[  305.054547][ T5897]  ? clear_bhb_loop+0x60/0xb0
[  305.059232][ T5897]  ? clear_bhb_loop+0x60/0xb0
[  305.063918][ T5897]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  305.069848][ T5897] RIP: 0033:0x7fbe5578e929
[  305.074273][ T5897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.093886][ T5897] RSP: 002b:00007fbe566e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  305.102308][ T5897] RAX: ffffffffffffffda RBX: 00007fbe559b5fa0 RCX: 00007fbe5578e929
[  305.110284][ T5897] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  305.118278][ T5897] RBP: 00007fbe55810b39 R08: 0000000000000000 R09: 0000000000000000
[  305.126255][ T5897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  305.134235][ T5897] R13: 0000000000000000 R14: 00007fbe559b5fa0 R15: 00007ffc601e6618
[  305.142219][ T5897]  </TASK>
[  305.145622][ T5897] Kernel Offset: disabled
[  305.149955][ T5897] Rebooting in 86400 seconds..