last executing test programs:

55.624487995s ago: executing program 2 (id=1996):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000c40)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497856e476ce5b101c837cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf2c", 0x341}], 0x1, 0xa)
fcntl$setpipe(r2, 0x407, 0x6)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x2, 0x2, 0x44, 0x0, 0xd})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ppoll(&(0x7f0000000d40)=[{}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="1242ffff040000000000000000000037660b6aff00000000000000000000000000000000000000000200002000000000", @ANYRES32, @ANYRES32, @ANYRES16=0x0], 0x254}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f00000001c0), 0xffffffffffffffff)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0258ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090810000000000000040000", 0x58}], 0x1)

55.31179416s ago: executing program 2 (id=1998):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r1}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000000)=0x10000000000000, 0xffffff6a)
creat(&(0x7f0000000580)='./bus\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='sched_switch\x00', r0}, 0x18)
openat$cgroup_ro(r2, 0x0, 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
fdatasync(r3)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x6}, 0x18)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
r6 = syz_io_uring_setup(0x73d3, &(0x7f0000000680)={0x0, 0x7d89, 0x10100, 0x3, 0x289}, &(0x7f0000000540)=<r7=>0x0, &(0x7f0000000700)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r5, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
io_uring_enter(r6, 0x567, 0x72, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

54.908492996s ago: executing program 2 (id=2001):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRESDEC=r0, @ANYRES16=r0, @ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x8}, 0x18)
r2 = socket(0x10, 0x3, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) (async)
r3 = shmget$private(0x0, 0x1000, 0x2, &(0x7f0000fff000/0x1000)=nil)
shmat(r3, &(0x7f0000ffc000/0x3000)=nil, 0x4000) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) (async)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0) (async)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10) (async)
sendmsg$nl_generic(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="240000001600010a000000020000000000000000040000000c"], 0x24}}, 0x0) (async)
ioctl$SNAPSHOT_FREE(r5, 0x3305) (async)
sendto$inet6(r2, &(0x7f0000000180)="7800000018002507b9409b14ffff00000204be04020506050e0204095c0008000400000046000045653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004b32000400170005000a00000000e5c2cc7f18ff2439d1ddf66ed538f252325bd059c52cd85ab6d3", 0x78, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000005c0), 0x0, &(0x7f0000000600)={[{@name={'name', 0x3d, 'kfree\x00'}}]}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x4048010)

54.751918738s ago: executing program 2 (id=2002):
brk(0x1ff)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, &(0x7f0000000300)={[{@nogrpid}, {@resuid}]}, 0xfe, 0x252, &(0x7f0000000340)="$eJzs3T1oJGUcBvBnZnc9c7ccpzaC+AEiooFwdoLN2SgcyHGICCqciNgod8J5h92tlY2F1n5cZRPEzmgpaYKNIlhFTREbQYOFwUKLld1JJCYTNG6cOTK/H8zO5zv/d3b3eXeb2Q3QWaeSnEnSSzKfZJCk2HnAPdV0amv1+tzKhWQ8fvKXYnpctV7ZbnciySjJw0mWyyIv95OrS8+u/7b6+P1vXRnc9+HSM3ONXuSWjfW1JzbfP/fmJ2cfuvrVNz+dK3Imw79d1+Erarb1i+TW/6PYDaLot90D/o3zr3/87ST3tyW5d5r/QcpUL97bl29aHuTB9/Zr+87PX9/RZF+BwzceDyafgaMx0DllkmGKciFJtVyWCwvVd/jvesfLVy5dfm3+pUtXLr7Y9kgFHJZhsvbYZ8c+PbEr/z/2qvwDR9ck/0+dX/x+srzZa7s3QCPurGaT/M8/f+2ByD90jvzD0fbByf33yT90l/xDd8k/dJf8Q3fJPxxhg+2FUe1u+Yfukn/oLvmH7tqZfwCgW8bH2r4DGWhL2+MPAAAAAAAAAAAAAAAAAACw1/W5lQvbU1M1v3g32Xg0Sb+ufm/6f8TJzdPH478Wk8P+UlTNZvLc3TOeYEYfNXf3dVm38eQPjdWv9eVd7da/djEZvZHkdL+/9/1X1D9pB3DLP+wfvDBjgQMqdq0/8nSz9Xf7Y7Hd+mdXk88n48/puvGnzO3Tef34M9z5E8v/0au/z3gCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGvNnAAAA///kK256")
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000440)=""/148, &(0x7f0000000100)=0x94)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket(0x10, 0x3, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'sit0\x00', 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4c050}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000780)={'syztnl2\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x40, 0x1, 0x8, 0x6, {{0x5, 0x4, 0x1, 0x3b, 0x14, 0x65, 0x0, 0xea, 0x2f, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})
migrate_pages(0x0, 0x9, &(0x7f0000000040)=0xffff, &(0x7f0000000180)=0x10001)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3014850, &(0x7f0000000000)={[{@nobh}, {@debug}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@usrquota}, {@user_xattr}]}, 0x3, 0x4e1, &(0x7f0000000a00)="$eJzs3U1rW9kZAOD3ynbsJE7ttF2kgaahTXFCG8mOm8R0kbpQ2lWgabp3XVs2xrJlLDmJTSgO/QGF0i/aVVfdFLouhZKfMAwEZvbDMMwQZpLMYhYzo0HS1STjyLKNLSuxngeOde7n+x6Le6Sje7k3gK51PiImI6InIi5FxFA6P5OW2KyX6npPn9yfqZYkKpXbHyaRpPMa+0rS15PpZgMR8atfRPw2eTluaX1jcbpQyK+m07ny0kqutL5xeWFpej4/n1+eHB+7NnF94urE6IG19cbP3vvLH/718xv//+Hdd6Y+uPi7alqD6bIX27Ebm7tcr970vtr/oqE3Ilb3EuwV1pO2p6/TiQAAsCvV7/hfj4jvRsSzv3c6GwAAAKAdKj8ZjE+TiAoAAABwZGVq18AmmWx6LcBgZDLZbP0a3m/GiUyhWCr/YK64tjxbv1Z2OPoycwuF/Gh6rfBw9CXV6bFa/fn0lS3T4xFxOiL+NHS8Np2dKRZmO/3jBwAAAHSJk1vG/x8P1cf/AAAAwBEz3OkEAAAAgLYz/gcAAICj78F2C5Lew00EAAAAaIdf3rxZLZXG869n76yvLRbvXJ7NlxazS2sz2Zni6kp2vlicr92zb2mn/RWKxZUfxfLavVw5XyrnSusbU0vFteXyVO253lN5z4kGAACAw3f6Ow/fTiJi88fHa6XqWLpsF2P1yfZmB7RTZm+rJ+3KAzh8PZ1OAOgYF/hC93I+HthhYP/nLdN7/NkAAAB4FYx8a1/n/50PhNeYgTx0L+f/oXs5/w/dy/l/6HL9O68ysN2CNw44FwAAoG0GayXJZNNzgYORyWSzEadqjwXsS+YWCvnRiPhaRLw11NdfnR7rdNIAAAAAAAAAAAAAAAAAAAAAAAAA8JqpVJKoAAAAAEdaROb9JH2Q/8jQhcGtvw8cSz4Zqr1GxN1/3P7rvelyeXWsOv+jL+eX/5bOv9KYAwAAAHRSY5zeGMcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEF6+uT+TKMcZtzHP42I4Wbxe2Og9jrw36GIOPEsid4XtksioucA4m8+iIgzzeIn1bRiOM1ia/xMRBzvcPyTBxAfutnDav8zWT3++rYcf5k4X3ttfvz1pmW/Hp/frv/LNPq/Wj/XrP871XrXA43K2Uf/yW0b/0HE2d7m/U8jfrLP/vc3v97Y2G5Z5Z8RI43Pn6T5OtXZufLSSq60vnF5YWl6Pj+fXx4fH7s2cX3i6sRobm6hkE//Nt3+j9/+3+et2n+i6edfvf9t1f4LL++uv1mMzx7de/KNFvEvfq/5+3+mRfzq//776edAdflIo75Zr7/o3L/fPNeq/bPbtH+n9//idjvd4tKt37+7y1UBgENQWt9YnC4U8quvRyWi/q38VclHRWU/lZ62h7iVHuh73ryz/RIAAHDwnn/p73QmAAAAAAAAAAAAAAAAAAAA0L1evvtXsvdbhbWq9H/1zgIDnWsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBLXwQAAP//fM3J3g==")
rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000001900)='./file1\x00')
r1 = msgget$private(0x0, 0x790)
msgsnd(r1, &(0x7f0000000800)=ANY=[@ANYRES8=<r2=>0xffffffffffffffff], 0x401, 0x0)
msgsnd(r1, &(0x7f0000000200)=ANY=[@ANYRES16=r2], 0x401, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000000780)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x102, 0xffff}, 0x0, 0x0, 0x400000000200, 0x7, 0xfffffffffffff734, 0x40, 0x119, 0x4, 0xfffd, 0x344c})
creat(&(0x7f0000000280)='./file0\x00', 0x80)
r3 = openat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x141842, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x7}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCGWINSZ(r3, 0x5413, &(0x7f0000000040))
process_vm_writev(r5, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
capset(&(0x7f0000000280)={0x20071026, r5}, &(0x7f0000000240)={0x0, 0x1, 0x0, 0x81, 0xfffffffb})
quotactl_fd$Q_QUOTAOFF(r3, 0xffffffff80000300, 0xffffffffffffffff, 0x0)

54.060177449s ago: executing program 2 (id=2013):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000c40)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497856e476ce5b101c837cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf2c", 0x341}], 0x1, 0xa)
fcntl$setpipe(r2, 0x407, 0x6)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x2, 0x2, 0x44, 0x0, 0xd})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ppoll(&(0x7f0000000d40)=[{}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="1242ffff040000000000000000000037660b6aff00000000000000000000000000000000000000000200002000000000", @ANYRES32, @ANYRES32, @ANYRES16=0x0], 0x254}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f00000001c0), 0xffffffffffffffff)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0258ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090810000000000000040000", 0x58}], 0x1)

53.2570835s ago: executing program 2 (id=2029):
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f0000000000)={[{@dioread_lock}, {@noquota}, {@errors_remount}, {@noblock_validity}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
ppoll(&(0x7f0000000340)=[{0xffffffffffffffff, 0x10c0}, {r1, 0x1200}, {r4, 0x8052}, {0xffffffffffffffff, 0x10}, {r2, 0x88}], 0x5, 0x0, 0x0, 0x0)
fallocate(r0, 0x0, 0x0, 0x1001f0)

53.231378441s ago: executing program 32 (id=2029):
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f0000000000)={[{@dioread_lock}, {@noquota}, {@errors_remount}, {@noblock_validity}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
ppoll(&(0x7f0000000340)=[{0xffffffffffffffff, 0x10c0}, {r1, 0x1200}, {r4, 0x8052}, {0xffffffffffffffff, 0x10}, {r2, 0x88}], 0x5, 0x0, 0x0, 0x0)
fallocate(r0, 0x0, 0x0, 0x1001f0)

31.133936859s ago: executing program 3 (id=2258):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
sendto(r0, &(0x7f00000002c0)="1c488bab78e5e94b1f92022a0d039f4e7a93fc63fe8cd0d7a729257097a72e4bbb11afe6af7dff89f1f52e3428bf74eb3d1083065df7839442d7c222039ee4761aa0051a5a4dbdaa868228df67d332d81a38227205718bd961443be0a21998d1d0b2a1cfccc86eb549b4336b97f778f924c7f52794f4bad6251c965ff9ec76c3e9b67073b784064992ed75a98f6789dee6e2ab17d21f375b6f1a5308b8b9a9b1a1b386", 0xa3, 0x0, &(0x7f0000000400)=@l2tp6={0xa, 0x0, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xb583, 0x1}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
newfstatat(0xffffffffffffff9c, &(0x7f0000000b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file0\x00', 0x0, 0x4000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00'})
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x36, 0x1, 0x0, 0x4, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_bp={0x0, 0xe}, 0x0, 0x7, 0x5, 0x5, 0x8, 0x80000000, 0xb, 0x0, 0x3, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4800)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
fcntl$setpipe(r3, 0x407, 0x6)

31.072128899s ago: executing program 3 (id=2259):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'erspan0\x00', <r1=>0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x20, r3, 0xe09, 0x70bd2b, 0x25dfdc02, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
sendto$packet(r0, &(0x7f0000000180)="0b032212e0ff25000200475400f6a13bb1000000080086dd4803", 0x10300, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14)

31.04989286s ago: executing program 3 (id=2261):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = getpid()
ioprio_get$pid(0x2, r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_INFO(r3, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000426bd7000fedbdf250f00000008000600090000001c000280247f41ca491a54dc8bcf7b06000b000200000006000e004e23000008000900e50000000800040009000000080006000002000008000600000000005ac2c8b1535e315a8087edd349dcf136995ad83b7dec4e0d0ac1eaf135d06fd8"], 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x40)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
r6 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x1, 0x1, 0x0, 0x0, 0x0, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000080), 0x8101000000000000}, 0x5, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000000c0)='memory.numa_stat\x00')
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01ef24bd057280802a2501"], 0x28}, 0x1, 0x0, 0x0, 0x1080}, 0x0)
fcntl$getflags(r0, 0x40b)
socket(0x2, 0x80805, 0x0)
syz_emit_ethernet(0x10d, &(0x7f0000000640)=ANY=[@ANYRESHEX=r0, @ANYBLOB="dbdcafd60288b8a3a5fd2f884cd2874a16fec3ce804f21434a2ba4f057c0f478c6c8602eac38146db6b5b0b94c33b04b81eee95b3e4ff7c6e521b974f8934edf06"], 0x0)
r8 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r9, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000040)=0x3)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
ioctl$SG_GET_VERSION_NUM(r8, 0x2284, &(0x7f0000000080))

30.014264615s ago: executing program 3 (id=2271):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x23, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
r2 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mlock(&(0x7f00008e3000/0x3000)=nil, 0x3000)
mq_unlink(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r3}, 0x18)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x10, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000e000000bf91000000000000b70200000000"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000680))
r7 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000b78000/0x2000)=nil, 0x2000, 0xa, 0x110, r2, 0xee8ab000)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
sched_getparam(r7, &(0x7f0000000400))
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

29.396151065s ago: executing program 3 (id=2277):
socket$nl_netfilter(0x10, 0x3, 0xc)
removexattr(&(0x7f00000002c0)='\x00', &(0x7f0000000000)=@known='com.apple.FinderInfo\x00')
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x20081e, &(0x7f0000000340), 0x1, 0x532, &(0x7f0000001200)="$eJzs3c9vI1cdAPCvZ/PDm02bbekBEG2XtrCg1TqJt42qHqCcEEKVED0WKQ2JE0Wx4yh2ShP2kJ65IlGJExz5Azj3hMSRC4Ibl3JAKhCBGhAHoxmPgze1yc+1s/HnI43mzbx4vt8Xy+/Zz/K8AEbWnYjYj4iJiHg3Imby84V8izfbW/p3nx48XD48eLhciFbr7b8Vsvr0XHQ9JnUrv2YxIr7/7YgfFj4bt7G7t7FUrVa28+PZZm1rtrG7d3+9trRWWatslssL8wtzrz94rXxpbX2xNpGXnv/4d/tf/3Ga1nR+prsdl6nd9PGjOKmxiPju4wg2BDfy9kwMOxHOJYmIZyPipez1PxM3smcTALjOWq2ZaM10HwMA112SzYEVklI+FzAdSVIqtefwnouppFpvNO+t1nc2V9pzZbdjPFldr1bm8rnC2zFZSI/ns3JWnx2Xjx0/iIhnIuKnkzez49JyvboyzDc+ADDCbh0b//852R7/T/T84gCyAwAem+KwEwAABs74DwCjx/gPAKPH+A8Ao6c9/t88y0PGH1cuAMBg+PwPAKPnIuP//iXmAQAMxPfeeivdWof5/a9X3tvd2ai/d3+l0tgo1XaWS8v17a3SWr2+lt2zp3bS9ar1+tb8q7Hz/u1vbDWas43dvcVafWezuZjd13ux0v7ewJsGABimZ1786I+FdER+42a2RddaDr7jh+stGXYCwNDcGHYCwNBY7QtG10mf8f/dOvdDgSdEjyV6H1Hs9QOhVqvVv3sArrq7XzD/D6Oqa/7fr4BgxJj/h9Fl/h9GV6tVSLfTLBXcnu8DAJ545viBPt//P5vvf5V/OfCDleN/8eFZopzpFqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw5XXW/y3la4FPR5KUShFPRcTtGC+srlcrcxHxdET8YXJ8Mj2eH3LOAMBFJX8p5Ot/3Z15ZfqRqhduHRUnIuJHP3/7Z+8vNZvbv4+YKPx9snO++WF+vjz47AGAk3XG6Wzf9UH+04OHy51tkPl88q2IKLbjHx5MxOFR/LEYy/bFGI+IqX8U8uO2QtfcxUXsfxARn+/V/kJMZ3Mg7ZVPj8dPYz810PjJI/GTrK69T/8Xn7uEXGDUfJT2P2/2ev0lcSfb9379F7Me6uLy/i+91PJh1gf+L36n/7vRp/+7c9oYr/7mO+3SZ9df/uSDiC+ORXRiH3b1P534hT7xXzll/D996YWX+tW1fhFxN3rH744126xtzTZ29+6v15bWKmuVzXJ5YX5h7vUHr5VnV9d/W5mb7T8a/PWNe0/3q0vbP9UnfvGE9n/llO3/5X/efefLPc6P5fG/9nKv+Ek893/ip2PiV08Zf2nq18V+dWn8lT7tP+n5v3fK+B//eW8lG6gAgCuhsbu3sVStVrYvXngnv2R2JpJLvPJ5C8UYZvShF6bO8Med93bDzvmEQpriFUijZ+Gbg4o1Eb2rfvJy+zk8VtVqnStWvx7jMmbdgKvg6EUfEf8adjIAAAAAAAAAAAAAAEBPg/jF0rDbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPX13wAAAP//JUXJAg==")
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfe6a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1, 0x0, 0x2}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local}, &(0x7f00000004c0)=0x37)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r2, &(0x7f0000000240), 0xfffffecc)

28.774932944s ago: executing program 3 (id=2280):
syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x1b}, &(0x7f0000000100), &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x10, &(0x7f0000000040)={[{@noblock_validity}, {@stripe}, {@jqfmt_vfsv1}]}, 0x0, 0x45d, &(0x7f0000001480)="$eJzs3MtvG0UYAPBvnTjpg5JQyqMvCBRExSNp0gc9cCkCiQNISHAo4hTStCp1G9QEiVYVFA7hiCpxRxyR+Au4UC4IOCFxhTtCqlAvFE5Gu95NXcd27MaNof79pFVndiee+XZ36vGM1wEMrImI2B0R90TErxExFhFJY4GJ2j83rl+a+/v6pbkkqtU3/kyycn9dvzRXFC3+bmstUx1qU+/y2xGzlcr8+Tw/tXT2vanFCxefO3129tT8qflzM0ePHjq4d+TIzOGexLktbeuuDxf27HzlrSuvzR2/8s6PXyd53NEQR69MZGctM7bccOzJXlfWZ9vq0slwHxtCV8YjIr1c5az/j8VQbF45NhYvf9LXxgF3VLVaqo7euqtcl75cBe5i6WgeGETFG336+bfYNnD40XfXjsXKPMaNfKsdGY5SXqZ8B+ufiIjjl//5It3iDs1DAADUu3osIp5tNv4rxYN15e7N14bGI+K+iNgeEfdHxI6IeCAiK/tQRDzcZf0TDfnV45/q2G0F1qF0/PdCvrZ16/ivGP3F+FCe25bFX05Onq7MH8jPyf4oj6b56TZ1fPfSL5+1OlY//ku3tP5iLJi344/hhgm6E7Pl2fXEXO/ax7UFgNXxJ1Es46Tj450RsauL1y1nc4s1p5/+ak+rcmvH30YP1pmqX0Y8Vbv+l6Mh/kLScn1y+vkjM4enNkVl/sBUcVes9tPPy6+3qn9d8ffAtavV2NL0/l+JfzzZFLF44eKZbL12sfs6ln/7tOVnmtu7/5dmR5I3s/RIvu+D2aWl89MRI8mrq/fP3PzbIl+UT+///fua9//tcfNM7I6I9CbeGxGPRMSjedsfi4jHI2Jfm/h/ePGJd1ca1HH8o21esXfS+E+sdf2j/vp3nxg68/03rerv7PofylL78z3p9V8rrk4buJ5zBwAAAP8Xpew78ElpciVdKk1O1r7DvyO2lCoLi0vPnFx4/9yJ2nflx6NcKma6xurmQ6fzueEiP9OQP5jPG38+tDnLT84tVLqZTwR6b2uL/p/6vd0DPMDdwfNaMLj0fxhc+j8MLv0fBpf+D4OrWf//qA/tADbeGu//mzeqHcDGM/6HwaX/w+DS/2EgtXw2vrSuR/4l+pT4dmR9v9XQeSJK/5GQ75pEOZoeGu74xyxuI5FExGjTQ/3+nwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/g0AAP//wMnoQw==")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_bp={0x0, 0xd}, 0x10434, 0x10000, 0xfffffff9, 0x1, 0x8, 0x20009, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x54, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xe, 0x1, 0x1, 0x1, 0x4, 0x2, 0x6, 0xfffffffa, [{0x200, 0x500, 0x3, 0x6}]}}]}}]}, 0x54}}, 0x24040084)

28.751603554s ago: executing program 33 (id=2280):
syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x1b}, &(0x7f0000000100), &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x10, &(0x7f0000000040)={[{@noblock_validity}, {@stripe}, {@jqfmt_vfsv1}]}, 0x0, 0x45d, &(0x7f0000001480)="$eJzs3MtvG0UYAPBvnTjpg5JQyqMvCBRExSNp0gc9cCkCiQNISHAo4hTStCp1G9QEiVYVFA7hiCpxRxyR+Au4UC4IOCFxhTtCqlAvFE5Gu95NXcd27MaNof79pFVndiee+XZ36vGM1wEMrImI2B0R90TErxExFhFJY4GJ2j83rl+a+/v6pbkkqtU3/kyycn9dvzRXFC3+bmstUx1qU+/y2xGzlcr8+Tw/tXT2vanFCxefO3129tT8qflzM0ePHjq4d+TIzOGexLktbeuuDxf27HzlrSuvzR2/8s6PXyd53NEQR69MZGctM7bccOzJXlfWZ9vq0slwHxtCV8YjIr1c5az/j8VQbF45NhYvf9LXxgF3VLVaqo7euqtcl75cBe5i6WgeGETFG336+bfYNnD40XfXjsXKPMaNfKsdGY5SXqZ8B+ufiIjjl//5It3iDs1DAADUu3osIp5tNv4rxYN15e7N14bGI+K+iNgeEfdHxI6IeCAiK/tQRDzcZf0TDfnV45/q2G0F1qF0/PdCvrZ16/ivGP3F+FCe25bFX05Onq7MH8jPyf4oj6b56TZ1fPfSL5+1OlY//ku3tP5iLJi344/hhgm6E7Pl2fXEXO/ax7UFgNXxJ1Es46Tj450RsauL1y1nc4s1p5/+ak+rcmvH30YP1pmqX0Y8Vbv+l6Mh/kLScn1y+vkjM4enNkVl/sBUcVes9tPPy6+3qn9d8ffAtavV2NL0/l+JfzzZFLF44eKZbL12sfs6ln/7tOVnmtu7/5dmR5I3s/RIvu+D2aWl89MRI8mrq/fP3PzbIl+UT+///fua9//tcfNM7I6I9CbeGxGPRMSjedsfi4jHI2Jfm/h/ePGJd1ca1HH8o21esXfS+E+sdf2j/vp3nxg68/03rerv7PofylL78z3p9V8rrk4buJ5zBwAAAP8Xpew78ElpciVdKk1O1r7DvyO2lCoLi0vPnFx4/9yJ2nflx6NcKma6xurmQ6fzueEiP9OQP5jPG38+tDnLT84tVLqZTwR6b2uL/p/6vd0DPMDdwfNaMLj0fxhc+j8MLv0fBpf+D4OrWf//qA/tADbeGu//mzeqHcDGM/6HwaX/w+DS/2EgtXw2vrSuR/4l+pT4dmR9v9XQeSJK/5GQ75pEOZoeGu74xyxuI5FExGjTQ/3+nwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA3/g0AAP//wMnoQw==")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_bp={0x0, 0xd}, 0x10434, 0x10000, 0xfffffff9, 0x1, 0x8, 0x20009, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x54, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xe, 0x1, 0x1, 0x1, 0x4, 0x2, 0x6, 0xfffffffa, [{0x200, 0x500, 0x3, 0x6}]}}]}}]}, 0x54}}, 0x24040084)

2.09473522s ago: executing program 6 (id=2607):
socket$nl_netfilter(0x10, 0x3, 0xc)
removexattr(&(0x7f00000002c0)='\x00', &(0x7f0000000000)=@known='com.apple.FinderInfo\x00')
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x20081e, &(0x7f0000000340), 0x1, 0x532, &(0x7f0000001200)="$eJzs3c9vI1cdAPCvZ/PDm02bbekBEG2XtrCg1TqJt42qHqCcEEKVED0WKQ2JE0Wx4yh2ShP2kJ65IlGJExz5Azj3hMSRC4Ibl3JAKhCBGhAHoxmPgze1yc+1s/HnI43mzbx4vt8Xy+/Zz/K8AEbWnYjYj4iJiHg3Imby84V8izfbW/p3nx48XD48eLhciFbr7b8Vsvr0XHQ9JnUrv2YxIr7/7YgfFj4bt7G7t7FUrVa28+PZZm1rtrG7d3+9trRWWatslssL8wtzrz94rXxpbX2xNpGXnv/4d/tf/3Ga1nR+prsdl6nd9PGjOKmxiPju4wg2BDfy9kwMOxHOJYmIZyPipez1PxM3smcTALjOWq2ZaM10HwMA112SzYEVklI+FzAdSVIqtefwnouppFpvNO+t1nc2V9pzZbdjPFldr1bm8rnC2zFZSI/ns3JWnx2Xjx0/iIhnIuKnkzez49JyvboyzDc+ADDCbh0b//852R7/T/T84gCyAwAem+KwEwAABs74DwCjx/gPAKPH+A8Ao6c9/t88y0PGH1cuAMBg+PwPAKPnIuP//iXmAQAMxPfeeivdWof5/a9X3tvd2ai/d3+l0tgo1XaWS8v17a3SWr2+lt2zp3bS9ar1+tb8q7Hz/u1vbDWas43dvcVafWezuZjd13ux0v7ewJsGABimZ1786I+FdER+42a2RddaDr7jh+stGXYCwNDcGHYCwNBY7QtG10mf8f/dOvdDgSdEjyV6H1Hs9QOhVqvVv3sArrq7XzD/D6Oqa/7fr4BgxJj/h9Fl/h9GV6tVSLfTLBXcnu8DAJ545viBPt//P5vvf5V/OfCDleN/8eFZopzpFqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw5XXW/y3la4FPR5KUShFPRcTtGC+srlcrcxHxdET8YXJ8Mj2eH3LOAMBFJX8p5Ot/3Z15ZfqRqhduHRUnIuJHP3/7Z+8vNZvbv4+YKPx9snO++WF+vjz47AGAk3XG6Wzf9UH+04OHy51tkPl88q2IKLbjHx5MxOFR/LEYy/bFGI+IqX8U8uO2QtfcxUXsfxARn+/V/kJMZ3Mg7ZVPj8dPYz810PjJI/GTrK69T/8Xn7uEXGDUfJT2P2/2ev0lcSfb9379F7Me6uLy/i+91PJh1gf+L36n/7vRp/+7c9oYr/7mO+3SZ9df/uSDiC+ORXRiH3b1P534hT7xXzll/D996YWX+tW1fhFxN3rH744126xtzTZ29+6v15bWKmuVzXJ5YX5h7vUHr5VnV9d/W5mb7T8a/PWNe0/3q0vbP9UnfvGE9n/llO3/5X/efefLPc6P5fG/9nKv+Ek893/ip2PiV08Zf2nq18V+dWn8lT7tP+n5v3fK+B//eW8lG6gAgCuhsbu3sVStVrYvXngnv2R2JpJLvPJ5C8UYZvShF6bO8Med93bDzvmEQpriFUijZ+Gbg4o1Eb2rfvJy+zk8VtVqnStWvx7jMmbdgKvg6EUfEf8adjIAAAAAAAAAAAAAAEBPg/jF0rDbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPX13wAAAP//JUXJAg==")
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc)

1.790443004s ago: executing program 4 (id=2609):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000006000000040000000000000e0400000000000000000000000100000d04000000040000000400"/67], 0x0, 0x5a, 0x0, 0x4, 0x80000}, 0x28)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, r0, 0x4, 0x3}, 0x50)

1.769309505s ago: executing program 4 (id=2610):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x23, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mlock(&(0x7f00008e3000/0x3000)=nil, 0x3000)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

1.501615039s ago: executing program 1 (id=2614):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0/../file0/../file0/../file0\x00', 0x410, &(0x7f00000001c0)={[], [{@subj_type={'subj_type', 0x3d, 'ethtool\x00'}}]}, 0x1, 0x58e, &(0x7f00000006c0)="$eJzs3d9qHNUfAPDv2WySJml/SX8IWnthQLAFNWnSiiKCLdY7L0QLXgnGJi2l2zY0EWyt0EIfQR/ANxAvvZCi3njrneADSLFImxvvIjOZSbftbpo/m0ya+XxgknNmdjhndvnumT17ztkAams8+9OIOBQR8ylitO1YM4qD4yuPe3D/xtml+zfOplhe/vifFKnYVz4+Ff9HipP3RcTvP6f4f9+T5S5cu35xptWau1rkJxcvzU8uXLv++oVLM+fnzs9dnp56c+qNE8enTxzryXUeiIhfJ043b5977/D3g+Xek7G/SLVfR6+Mx/jqc9Iue17f6nVhFekrrqf9JU7NCivEhpSvX39EPB+j0RcPX7zRoUqrBmyz5RSxDNRUEv9QU+V9QPb5t9yqvSMBdsq9UysdAA/SSt/e0mr8N1f6BmPfyfKx7d06KSJ60TOXlTH/ShrNttimfjigs5u3IuKFTu1/ymNzLO/FjxheajwS/42I+LD4n+3/aJPljz+WF/+wc7YS/5+1xf/nmyxf/AMAAAAAAEDv3DkVEa91+v6vUY7/yf8OL6VHvv8byWfPbd3Tv/9r3O1BMUAH905FvBMR5di/pbb4L4z1FbkD+XiA/nTuQmvuWET8LyKORv9glp9ao4zxw7/1dz3WNv4v27Lyy7GART3uNgcfPWd2ZnFmK9cMrLh3K+LFZqf4T6vtf+rQ/mfvB/PrLGP59Lu/dDv29PgHtsvydxFHOrb/D1euSGuvzzGZ3w9MlncFT/rq0x9/6Fa++IfqZO3/8NrxP5ba1+tZ2HgZX//95xbiv/P9/0A6ky85M1Ds+3JmcfHqVMRA+uDJ/dMbrzPsRWU8lPGSxX/EzY6f/9e6/x/Kz1qfMz+9f7vbMe0/VCeL/9kNtf8bT7z8ybf/dit/fe3/ibxNP1rs0f8Ha1tvgFZdTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FjUiYn+kxsRqutGYmIgYiYjnYrjRurKw+Oq5K19cns2O5b//3yh/6Xd0JZ/K3/8fa8tPP5Y/HhEHI+KbvqE8P3H2Smu26osHAAAAAAAAAAAAAAAAAACAXWKky/z/zF99VdcO2HbN9kx/dfUAdl5z208AdivhDPUl/qG+xD/Ul/iH+hL/UF/iH+pL/EN9iX8AAAAAANhTDr50548UETffHsq3zEBxzExg2NsamzpruOf1AHaeJX6gvgz9gfpKVVcAqNzT3gf2bfpMAAAAAAAAAAAAAKBXjhxa//z/7mOAgWfR5ub/A3tB9/n/VgaAva7z/H93BVAH1vgDzP8HAAAAAAAAAAAAgN1v4dr1izOt1tzVzSYGt3a6hER9EpF6EHE7lKj6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACj9FwAA///iUPFG")
mount$bind(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x44)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r0, 0x0, 0x40)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f0000000000000000020000000000000008000100010000"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)

1.41020522s ago: executing program 0 (id=2615):
r0 = socket$inet6(0xa, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1.339285861s ago: executing program 1 (id=2616):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x518, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x9001, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf250900000008000300", @ANYRES32=0x0, @ANYBLOB="05000800070000000c000601030000000000000008000100010000000500080013000000050007"], 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x44044)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
read$usbfs(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)

1.321543341s ago: executing program 0 (id=2617):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)

1.267181512s ago: executing program 0 (id=2618):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sigaltstack(&(0x7f0000000040)={0x0, 0x0, 0xffffffffffffffeb}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x200000000007}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000038c0)=[{{&(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000900)=[@rights={{0x18, 0x1, 0x1, [r3, r3]}}], 0x18, 0x15}}], 0x1, 0x0)

1.209580803s ago: executing program 0 (id=2619):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@errors_remount}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x10}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@nojournal_checksum}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f00000002c0)={{}, {0x1, 0x2}, [{0x2, 0x5}, {0x2, 0x2}, {0x2, 0x3}, {0x2, 0x4}], {}, [], {0x10, 0x5}}, 0x44, 0x0)

1.195865763s ago: executing program 1 (id=2620):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000180)={'\x00', 0x8, 0x2, 0x803fd, 0x1, 0x800})

1.150618724s ago: executing program 6 (id=2621):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f00000000000000"], &(0x7f0000000140)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
mknod(&(0x7f0000000240)='./file3\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0x101}}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
syz_open_dev$loop(&(0x7f0000000480), 0xffffffffffff0000, 0x440c0)
mkdir(0x0, 0x10b)
lsetxattr$trusted_overlay_origin(&(0x7f0000000380)='./file3\x00', &(0x7f0000000400), &(0x7f0000000440), 0x2, 0x0)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./bus\x00')
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'bond_slave_0\x00', &(0x7f00000004c0)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2}})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x8, 0x3, 0x270, 0xd8, 0x43, 0xa0, 0xd8, 0x98, 0x200, 0x178, 0x178, 0x200, 0x178, 0x49, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'bridge_slave_0\x00', {0xff}, {}, 0x11, 0x2, 0x65}, 0x12a, 0x70, 0xd8, 0x0, {0x0, 0x7a010000}}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7fff, 0x0, '\x00', 'syz1\x00'}}}, {{@ip={@local, @empty, 0xff000000, 0xff, 'pim6reg0\x00', 'macsec0\x00', {0xff}, {0xff}, 0x0, 0x0, 0x68}, 0x0, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x18, 0x800, 0xd, 0x7, 'syz0\x00', 'syz0\x00', {0x1}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2d0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'veth0_to_bond\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x34, r4, 0x1, 0x6, 0x6, @remote}, 0x14)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0xc, 0xfff1}, {0xfff3}}}, 0x24}}, 0x20040010)
ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f0000000540)={0x0, @ethernet={0x1, @random="ecb22bf5b8a3"}, @in={0x2, 0x4e20, @local}, @can={0x1d, r4}, 0x2, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000500)='team0\x00', 0x5, 0x0, 0x5})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})

1.111520634s ago: executing program 5 (id=2623):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000c40)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000001cc0)="b70cdbd771882612c450d694c9dd7d7f28d237e84e2780ca6428d132e03f188fff6bd9f85ead7e68f90830db9295022700491841f4a15a000aa4e29ac23601041ec521aa0ea8044f23feb74151693f228ba89f0a43385617bc7930f30a52ca91d02c64bd39d3d581abe9089b2284f876f9c58c124aba7a28700efcb0588ff4ab54a62c0c64fd577d85f5f753ec15281cf73fc37442b0a5ca4a1818cb01590d6415b1e9fda6c7d63cd293d7cc7ca5581041a2736e95b9b0322880b5fd7f27c0d4a59df8101b755fd6cc495963381c8a95d5d605b8ef4800b47091c8749f9e8e9fce163e46db0f7c0e4d0d3a621e3c999453e95aaa56090f220b220c50b31b9d6af722477ab1cda6d561156d85c658a3cd42d777314d154bf31bb61918ac7de8bfad7a5825be505af82806130e8dd03816b86086cc3361bf3a2a0cf6c18b7c84503477660ef5a0bf92d8169c43df1d7bb140652c799a4ac292b94fcea7f0c74413791879104e2bc9b414eda6c74f3625299f67d03e3ef58eeae5ca5fb029005ffa0fe23fb541bc24a57e9c6d8169702998273789ee8c9f08132ab9f76c02a6696c3ad68bf7a772d8be6b1840cfad2184edcf10bd5620f51657239e8eb49b8e77c1483dcc3dc04aeb6cae2922af4be346d52f2983dd5330cbef40b3207432ea6d2a6d2ffb0c3440c78add8395da089aa80e21d8692b16582edea583b73266fd1ab37abc02aa89310ed72a827153f1cbba0f76147a09977724706fdcd68ac168ceb433eba816f55bb5069924c0a6c59b1116e27de7938b835c467dbd9be1843913748e5a2e6f6621bf4944045d82b5124d23fa1d87e780b54a6955a51e47fbf36432be1b3d9d01c05d86e390e497856e476ce5b101c837cef62edce520860667c5259478602febbc5e87f216a6f1452b285f44282333569cbd2f49613730b86a74485e49e1979690ee2c11e1fb49d642c9f515d9e0cf30fe8995379b0b4b2177b2541a34cef72af676c2402b3ab03993047186d45016f83a735b7babda7b3e408f9a7b5c36e7daaaad51e437060c8a5a07646a31a43ebdda0b12a3f64f963315febebf0ad610f2ec9500717c4f33d8bf0e5b55ed2a976339643658df80f07bb29f5fac6f25957ef64ef1bac93f0ea64bfea48b38a4985ff610259762996044543bdf", 0x340}], 0x1, 0xa)
fcntl$setpipe(r2, 0x407, 0x6)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x2, 0x2, 0x44, 0x0, 0xd})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ppoll(&(0x7f0000000d40)=[{}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="1242ffff040000000000000000000037660b6aff00000000000000000000000000000000000000000200002000000000", @ANYRES32, @ANYRES32, @ANYRES16=0x0], 0x254}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f00000001c0), 0xffffffffffffffff)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0258ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090810000000000000040000", 0x58}], 0x1)

1.102261594s ago: executing program 1 (id=2624):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x7ffff000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
sendfile(r3, r2, 0x0, 0x3ffff)
dup3(r2, 0xffffffffffffffff, 0x0)
move_mount(r2, &(0x7f0000000100)='./bus\x00', r3, &(0x7f00000000c0)='./bus\x00', 0x14)
sendfile(r3, r2, 0x0, 0x7ffff000)

1.057623285s ago: executing program 0 (id=2625):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x7ffff000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
sendfile(r3, r2, 0x0, 0x3ffff)
dup3(r2, 0xffffffffffffffff, 0x0)
move_mount(r2, &(0x7f0000000100)='./bus\x00', r3, &(0x7f00000000c0)='./bus\x00', 0x14)
sendfile(r3, r2, 0x0, 0x7ffff000)

687.816501ms ago: executing program 5 (id=2626):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0/../file0/../file0/../file0\x00', 0x410, &(0x7f00000001c0)={[], [{@subj_type={'subj_type', 0x3d, 'ethtool\x00'}}]}, 0x1, 0x58e, &(0x7f00000006c0)="$eJzs3d9qHNUfAPDv2WySJml/SX8IWnthQLAFNWnSiiKCLdY7L0QLXgnGJi2l2zY0EWyt0EIfQR/ANxAvvZCi3njrneADSLFImxvvIjOZSbftbpo/m0ya+XxgknNmdjhndvnumT17ztkAams8+9OIOBQR8ylitO1YM4qD4yuPe3D/xtml+zfOplhe/vifFKnYVz4+Ff9HipP3RcTvP6f4f9+T5S5cu35xptWau1rkJxcvzU8uXLv++oVLM+fnzs9dnp56c+qNE8enTxzryXUeiIhfJ043b5977/D3g+Xek7G/SLVfR6+Mx/jqc9Iue17f6nVhFekrrqf9JU7NCivEhpSvX39EPB+j0RcPX7zRoUqrBmyz5RSxDNRUEv9QU+V9QPb5t9yqvSMBdsq9UysdAA/SSt/e0mr8N1f6BmPfyfKx7d06KSJ60TOXlTH/ShrNttimfjigs5u3IuKFTu1/ymNzLO/FjxheajwS/42I+LD4n+3/aJPljz+WF/+wc7YS/5+1xf/nmyxf/AMAAAAAAEDv3DkVEa91+v6vUY7/yf8OL6VHvv8byWfPbd3Tv/9r3O1BMUAH905FvBMR5di/pbb4L4z1FbkD+XiA/nTuQmvuWET8LyKORv9glp9ao4zxw7/1dz3WNv4v27Lyy7GART3uNgcfPWd2ZnFmK9cMrLh3K+LFZqf4T6vtf+rQ/mfvB/PrLGP59Lu/dDv29PgHtsvydxFHOrb/D1euSGuvzzGZ3w9MlncFT/rq0x9/6Fa++IfqZO3/8NrxP5ba1+tZ2HgZX//95xbiv/P9/0A6ky85M1Ds+3JmcfHqVMRA+uDJ/dMbrzPsRWU8lPGSxX/EzY6f/9e6/x/Kz1qfMz+9f7vbMe0/VCeL/9kNtf8bT7z8ybf/dit/fe3/ibxNP1rs0f8Ha1tvgFZdTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FjUiYn+kxsRqutGYmIgYiYjnYrjRurKw+Oq5K19cns2O5b//3yh/6Xd0JZ/K3/8fa8tPP5Y/HhEHI+KbvqE8P3H2Smu26osHAAAAAAAAAAAAAAAAAACAXWKky/z/zF99VdcO2HbN9kx/dfUAdl5z208AdivhDPUl/qG+xD/Ul/iH+hL/UF/iH+pL/EN9iX8AAAAAANhTDr50548UETffHsq3zEBxzExg2NsamzpruOf1AHaeJX6gvgz9gfpKVVcAqNzT3gf2bfpMAAAAAAAAAAAAAKBXjhxa//z/7mOAgWfR5ub/A3tB9/n/VgaAva7z/H93BVAH1vgDzP8HAAAAAAAAAAAAgN1v4dr1izOt1tzVzSYGt3a6hER9EpF6EHE7lKj6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACj9FwAA///iUPFG")
mount$bind(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x44)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r0, 0x0, 0x40)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f0000000000000000020000000000000008000100010000"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)

682.640031ms ago: executing program 5 (id=2627):
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000240)={'syztnl1\x00', &(0x7f0000000040)={'gre0\x00', <r0=>0x0, 0x10, 0x40, 0x3, 0xf, {{0x5, 0x4, 0x3, 0x31, 0x14, 0x64, 0x0, 0x6, 0x29, 0x0, @empty, @local}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="680000001000000400"/20, @ANYRES32=0x0, @ANYBLOB="0000000012002000480012800b000100697036746e6c00003800028008000100", @ANYRES32=r0, @ANYBLOB="1400030000000000000000000000000000000000080008001f0000000800080001000000060012004e200000"], 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x240440c4}, 0x4000)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
syz_open_dev$sg(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x18)
geteuid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
read(0xffffffffffffffff, &(0x7f0000000780)=""/210, 0xd2)
syz_emit_ethernet(0xfdef, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x38}}, 0x8df48fcf01e6e174)
r4 = socket$netlink(0x10, 0x3, 0x0)
socket$isdn(0x22, 0x3, 0x25)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

637.978931ms ago: executing program 5 (id=2628):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d0000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)

637.446531ms ago: executing program 6 (id=2629):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sigaltstack(&(0x7f0000000040)={0x0, 0x0, 0xffffffffffffffeb}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x200000000007}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000038c0)=[{{&(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000900)=[@rights={{0x18, 0x1, 0x1, [r3, r3]}}], 0x18, 0x15}}], 0x1, 0x0)

620.114881ms ago: executing program 4 (id=2630):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x518, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x9001, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf250900000008000300", @ANYRES32=0x0, @ANYBLOB="05000800070000000c000601030000000000000008000100010000000500080013000000050007"], 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x44044)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
read$usbfs(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)

602.897692ms ago: executing program 5 (id=2631):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x169)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000800)="59fdd4", 0xfdef}], 0x1, 0x8, 0x365)
r3 = socket$kcm(0x10, 0x2, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000580)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40002400f000100035c0461c1d67f6f94007134cf6edb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6", 0x6b}, {&(0x7f00000004c0)="846d2ad6d4ef6560542286af609ff6ca49c12d9b19e1843ce4c332e6f0932bc521d0bdcd40638430b5dbdb1a26009aaba510eb36442d9c3fb54c6b14c0e5c2867c43e8a75801149e1613c3fc8a5fd8470359795f85d3741efcbe77df1b9bfad527863f7684842cce7eeb775eda", 0x6d}], 0x2}, 0x200000d4)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYRES8, @ANYBLOB="e19530c4dc12b317c69040b4e2b418173e3d7dd14717d54350fbf176dcd49f6fcfcbcd8647d79046fd48a74f70f1f2e90a19b7c5bba85233477c91c068f43eae", @ANYBLOB="3f7964687a60aa2dbdd61febcd15b1484aba76398f21291a07a32fa46ac729ad5bca58a8c29973fa4cfc4f2ae76f805cf65f9e46c6621a97cf841883d9e82df4dafbc814a43d7d65a3ce5543407c74f63ea18bb58aa4decb2e4b47bf3bb79ea9176dd54ddc4531bfdf7b2f842e0c90ad156445035665021df8cb75e9bf4beb9717a2b3e4dba5164f74251a5f601d93d31e9d66c9265aedad136c383546dc35c24b494d5c81e5d15044f334584be73b7fcf540ac4e3e9734f44b4af6147bc785713eb65d78b091fb17e78cda15d8326c6e3120a01eaae71418a511a4031cab828406fce9e952239482ff2dc199474513ca8a441bf293677", @ANYBLOB="b5994bec4b684e5182b24ad09900b5c62f8e000000020000000000000000", @ANYRESOCT, @ANYRES64], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r2)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, 0x0, 0x0, 0x7c00, 0x0, 0x3)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[], 0x15)
move_mount(0xffffffffffffff9c, &(0x7f0000000d80)='./file0\x00', r2, &(0x7f0000001040)='./file0\x00', 0x0)
dup(r5)
socket(0xa, 0x3, 0x3a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)

593.489632ms ago: executing program 6 (id=2632):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x58e, &(0x7f00000001c0)={[{@minixdf}, {@lazytime}, {@block_validity}, {@block_validity}, {@block_validity}, {@quota}, {@jqfmt_vfsv0}]}, 0x1, 0x459, &(0x7f0000000240)="$eJzs289vFFUcAPDvTFug/LAV8Qc/1CoaG3+0tKBy8KLRxIMmJl7wWNtCkEINrYkQomAMHg2Jd+PRxL/Ak16MejLxqndDQgwXkdOa2Z1hf3S3tMu2g+znkwx9b+YN7333zdt9M283gL41lv2TROyMiD8iYqSWbS4wVvtz4/qF2X+vX5hNolJ59++kWu6f6xdmi6LFeTvyzHgakX6exP429S6dO39qZmFh/myen1w+/eHk0rnzL5w8PXNi/sT8memjR48cnnr5pekXV558c/1x3p+1dd8niwf2vvnelbdnj115/5fvBor4W+LokbHVDj5dqfS4unLtakgngyU2hHXJxkDWXUPV8T8SA1HvvJF447NSGwdsqEquw+GLFeAelkTZLQDKUXzQZ/e/xbZ5s4/yXXu1dgOUxX0j32pHBiPNywy13N/20lhEHLt48+tsi415DgEA0OSHbP7zfLv5XxoPNZS7L18bGs3XUnZHxAMRsSciHoyoln04Ih5ZZ/2tiyQr5z/p1a4CW6Ns/vdKvrbVPP8rZn8xOpDndlXjH0qOn1yYP5S/JuMxtDXLT61Sx4+v//5lp2ON879sy+ov5oJ5O64Obm0+Z25meeZOYm507VLEvsF28Se3VgKSiNgbEfu6rOPks98e6HTs9vGvogfrTJVvIp6p9f/FaIm/kKy+Pjm5LRbmD00WV8VKv/52+Z1O9d9R/D2Q9f/2ttf/rfhHk8b12qX113H5zy863tNMdHX913dsyf9+PLO8fHYqYkvyVq3Rjfun6+cW+aJ8Fv/4wfbjf3fUX4n9EZFdxI9GxGMR8Xjed09ExJMRcbAlrsb7659fe+qDTvHfDf0/19L/o81FWvq/ntgSrXvaJwZO/fR98/9YT67t/e9INTWe71nL+99a2tXd1QwAAAD/P2lE7IwknbiVHk4nJmrf4d8T29OFxaXl544vfnRmrvYbgdEYSosnXSMNz0On8tv60Uu1/HSRz48fzp8bfzUwXM1PzC4uzJUdPPS5HSvGf1od/5m/BspuHbDh/F4L+lfD+E/KbAew+Xz+Q/8y/qF/tRn/w2W0A9h87T7/Py2hHcDmaxn/lv2gj7j/h/5l/EP/ahz/vgAAfWNpOG7/I/l2iW3RzVkS90wi0ruiGb1JJF2OgrUmdpYd4PoTZb8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9MZ/AQAA//8L+fEo")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r4, 0x40106614, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

529.931843ms ago: executing program 5 (id=2633):
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000200)={'ip6gre0\x00', &(0x7f0000000340)={'ip6gre0\x00', <r2=>0x0, 0x29, 0xb, 0x7, 0x5, 0x16, @loopback, @mcast2, 0x8, 0x700, 0xe, 0x1}})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=@newlink={0x64, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @sit={{0x8}, {0x20, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_PREFIX={0x14, 0xb, @dev={0xfe, 0x80, '\x00', 0x15}}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @rand_addr=0x64010100}]}}}, @IFLA_MASTER={0x8, 0xa, r2}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x765}]}, 0x64}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r0, 0x0, 0x7fffffffffffffff}, 0x18)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtaction={0x88c, 0x30, 0xffff, 0x3, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0xfffffffe, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x40000000, 0x90, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0xfffffffd, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x4, 0x0, 0x9, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7ffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x7, 0x0, 0x0, 0xfffffffe, {0x3, 0x0, 0x0, 0x0, 0xb, 0x3}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x3, 0x2}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0xfffffffd, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x4, 0x4, 0xffffffff, 0xd1f, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 0x1, 0x25d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x80000, 0x0, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffe, 0xffffff81, 0x0, 0x0, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2, 0x8, 0x0, 0xffffffff]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1}}}}]}]}, 0x88c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0x164, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@dev={0xac, 0x14, 0x14, 0x3c}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0x2, 0x0, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@private1={0xfc, 0x1, '\x00', 0x40}, 0xfe, 0x32}, @in6=@ipv4={'\x00', '\xff\xff', @remote}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x543}, {0x4, 0x7fffffffffffffff}, {}, 0x70bd2c, 0x34fd, 0x2, 0x4, 0x0, 0x50}, [@algo_aead={0x71, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x128, 0x60, "210466d37b201c8ce8b1c87be3eea27c1a1b3145d0e993896765ea3caa22b87a01a7c953ea"}}]}, 0x164}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b4000000100009040000", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

511.655183ms ago: executing program 4 (id=2634):
r0 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

475.415324ms ago: executing program 4 (id=2635):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000300)={0x4, 0xff8e, 0x4, 0x0, 0x5002})
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0xc, &(0x7f00000012c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000027000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008ce0000b703000000000000850000009b00000095"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b990a0d387dbe9abc89b6f5bec", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
creat(&(0x7f0000000000)='./file0\x00', 0xecf86c37d53049cc)

414.234694ms ago: executing program 4 (id=2636):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x7, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r5}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x44040, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r0, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000680)={0x3c, r7, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x7ffe, 0x402c}}}}, [@NL80211_ATTR_IE={0xa, 0x2a, [@ext_channel_switch={0x3c, 0x4, {0x0, 0x7a, 0x24, 0x7f}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x1f}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44000}, 0xa801)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "0000004a650600", "af193cff4810ba5ac120d096eb00000052095b4285514ca312c52e3a08756735", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
close(r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000400)={'batadv_slave_1\x00'})
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
getpriority(0x2, 0x80000000)

217.459408ms ago: executing program 6 (id=2637):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0/../file0/../file0/../file0\x00', 0x410, &(0x7f00000001c0)={[], [{@subj_type={'subj_type', 0x3d, 'ethtool\x00'}}]}, 0x1, 0x58e, &(0x7f00000006c0)="$eJzs3d9qHNUfAPDv2WySJml/SX8IWnthQLAFNWnSiiKCLdY7L0QLXgnGJi2l2zY0EWyt0EIfQR/ANxAvvZCi3njrneADSLFImxvvIjOZSbftbpo/m0ya+XxgknNmdjhndvnumT17ztkAams8+9OIOBQR8ylitO1YM4qD4yuPe3D/xtml+zfOplhe/vifFKnYVz4+Ff9HipP3RcTvP6f4f9+T5S5cu35xptWau1rkJxcvzU8uXLv++oVLM+fnzs9dnp56c+qNE8enTxzryXUeiIhfJ043b5977/D3g+Xek7G/SLVfR6+Mx/jqc9Iue17f6nVhFekrrqf9JU7NCivEhpSvX39EPB+j0RcPX7zRoUqrBmyz5RSxDNRUEv9QU+V9QPb5t9yqvSMBdsq9UysdAA/SSt/e0mr8N1f6BmPfyfKx7d06KSJ60TOXlTH/ShrNttimfjigs5u3IuKFTu1/ymNzLO/FjxheajwS/42I+LD4n+3/aJPljz+WF/+wc7YS/5+1xf/nmyxf/AMAAAAAAEDv3DkVEa91+v6vUY7/yf8OL6VHvv8byWfPbd3Tv/9r3O1BMUAH905FvBMR5di/pbb4L4z1FbkD+XiA/nTuQmvuWET8LyKORv9glp9ao4zxw7/1dz3WNv4v27Lyy7GART3uNgcfPWd2ZnFmK9cMrLh3K+LFZqf4T6vtf+rQ/mfvB/PrLGP59Lu/dDv29PgHtsvydxFHOrb/D1euSGuvzzGZ3w9MlncFT/rq0x9/6Fa++IfqZO3/8NrxP5ba1+tZ2HgZX//95xbiv/P9/0A6ky85M1Ds+3JmcfHqVMRA+uDJ/dMbrzPsRWU8lPGSxX/EzY6f/9e6/x/Kz1qfMz+9f7vbMe0/VCeL/9kNtf8bT7z8ybf/dit/fe3/ibxNP1rs0f8Ha1tvgFZdTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FjUiYn+kxsRqutGYmIgYiYjnYrjRurKw+Oq5K19cns2O5b//3yh/6Xd0JZ/K3/8fa8tPP5Y/HhEHI+KbvqE8P3H2Smu26osHAAAAAAAAAAAAAAAAAACAXWKky/z/zF99VdcO2HbN9kx/dfUAdl5z208AdivhDPUl/qG+xD/Ul/iH+hL/UF/iH+pL/EN9iX8AAAAAANhTDr50548UETffHsq3zEBxzExg2NsamzpruOf1AHaeJX6gvgz9gfpKVVcAqNzT3gf2bfpMAAAAAAAAAAAAAKBXjhxa//z/7mOAgWfR5ub/A3tB9/n/VgaAva7z/H93BVAH1vgDzP8HAAAAAAAAAAAAgN1v4dr1izOt1tzVzSYGt3a6hER9EpF6EHE7lKj6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACj9FwAA///iUPFG")
mount$bind(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x44)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r0, 0x0, 0x40)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f0000000000000000020000000000000008000100010000"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)

197.566038ms ago: executing program 1 (id=2638):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000a00)='fib_table_lookup\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc786b409ac930c90ff90f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d858952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09e3187a10d905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367638cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a2d4f12e8e717eaaa2a6d14fee0c15f36c203dbc7c06128bec84231d43e152ef19ce027436fb4ebb9fce431b913f4817597a6f53d1626f9d1cb7b36fb18ac19547a8b20ede70c81a75686cea85dcd34408128da7cab045541bc6b9a0a79f63f2e7646356e04b977c9f47467537015240b974184be9c54b7c628ae4d97ebdb06070344468994afbaac71e5ffac2c61d9af66f9de2760a38e968a781528531c1c936a02065be48f1eee77be878873206d65bd0b1241fab9139abd7f40febe81fed3684e6b59273da01f1743c6a5df300ec59c65e8174fc2d95a62ca7b937289ad14107333007eab833a5849eb19f18ae41743dfb949377e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xfe, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac141416441805034d2f87e5940c05ab845013f2325f1a39010702038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r3}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000200), &(0x7f0000000300)=0x4)
lstat(0x0, &(0x7f0000000100))
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
pivot_root(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='./file0\x00')
setsockopt$sock_int(r5, 0x1, 0x5, &(0x7f0000000080)=0x80, 0x4)
write$binfmt_register(r5, &(0x7f0000000040)={0x3a, 'syz1', 0x3a, 'E', 0x3a, 0x0, 0x3a, '$]#', 0x3a, '#!^)', 0x3a, './file0', 0x3a, [0x43, 0x46, 0x46]}, 0x31)
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f00000000c0)=<r6=>0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xe, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x6, 0x3, 0x0, [{@empty, 0x1}, {@dev={0xac, 0x14, 0x14, 0x30}, 0x3fff}]}, @ssrr={0x89, 0xb, 0xce, [@multicast1, @local]}, @ssrr={0x89, 0x3, 0x15}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10, 0x0, 0x0, 0x400}}}}}}, 0x0)
r7 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0)
ioctl$IMADDTIMER(r7, 0x80044940, &(0x7f0000000080)=0x14)
r8 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r8, 0x29, 0x1e, 0x0, 0xfcd8)
pselect6(0x40, &(0x7f0000000040)={0xc, 0x40000000000, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x81}, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x8, 0xc3, 0x6e, 0x2, 0x0, 0x80000000, 0x2000, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x3, 0x2}, 0xc1, 0x3, 0x4, 0x0, 0x3, 0x0, 0x1, 0x0, 0x3, 0x0, 0x5}, r6, 0x6, r5, 0x9)

135.235229ms ago: executing program 6 (id=2639):
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000240)={'syztnl1\x00', &(0x7f0000000040)={'gre0\x00', <r0=>0x0, 0x10, 0x40, 0x3, 0xf, {{0x5, 0x4, 0x3, 0x31, 0x14, 0x64, 0x0, 0x6, 0x29, 0x0, @empty, @local}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="680000001000000400"/20, @ANYRES32=0x0, @ANYBLOB="0000000012002000480012800b000100697036746e6c00003800028008000100", @ANYRES32=r0, @ANYBLOB="1400030000000000000000000000000000000000080008001f0000000800080001000000060012004e200000"], 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x240440c4}, 0x4000)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
syz_open_dev$sg(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x18)
geteuid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
read(0xffffffffffffffff, &(0x7f0000000780)=""/210, 0xd2)
syz_emit_ethernet(0xfdef, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x38}}, 0x8df48fcf01e6e174)
r4 = socket$netlink(0x10, 0x3, 0x0)
socket$isdn(0x22, 0x3, 0x25)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

116.126759ms ago: executing program 0 (id=2640):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = inotify_init1(0x0)
inotify_add_watch(r4, &(0x7f0000000000)='.\x00', 0x52000775)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r5, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x7, 0x0, 0x3, 0x7, 0x3, 0x3, 0x3, 0x309, 0x38, 0xfffffffc, 0xe, 0x0, 0x20, 0x1, 0x5}, [{0x3, 0x8, 0xf3, 0x7f, 0x4, 0x200004, 0xc, 0x400}]}, 0x58)
close(r5)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@newqdisc={0x4c, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0x3}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x1c, 0x2, [@TCA_CODEL_LIMIT={0x8, 0x2, 0x3}, @TCA_CODEL_ECN={0x8, 0x4, 0x1}, @TCA_CODEL_INTERVAL={0x8, 0x3, 0x4}]}}]}, 0x4c}}, 0x4000)

0s ago: executing program 1 (id=2641):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d0000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)

kernel console output (not intermixed with test programs):

6174] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.859513][T26174] ext4 filesystem being mounted at /439/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.871422][ T3304] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  198.893533][T26194] loop3: detected capacity change from 0 to 128
[  198.902128][T26194] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  198.914538][T26194] ext4 filesystem being mounted at /415/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  198.959529][T26197] loop5: detected capacity change from 0 to 512
[  198.966419][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.966692][T26197] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.005801][T26200] loop1: detected capacity change from 0 to 512
[  199.033542][T26197] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.047063][T26197] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  199.060458][T26210] loop4: detected capacity change from 0 to 512
[  199.067234][T26210] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.088384][T26200] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  199.105936][T26200] EXT4-fs (loop1): orphan cleanup on readonly fs
[  199.114682][T26200] __quota_error: 200 callbacks suppressed
[  199.114699][T26200] Quota error (device loop1): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  199.135208][T26210] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.138025][T26200] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  199.163044][T26210] ext4 filesystem being mounted at /440/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  199.173611][T26200] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  199.181093][T26200] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2091: bg 0: block 40: padding at end of block bitmap is not set
[  199.181981][T26200] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  199.205588][T26200] EXT4-fs (loop1): 1 truncate cleaned up
[  199.211795][T26200] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  199.255778][T26220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2093'.
[  199.266168][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.413901][T26370] loop1: detected capacity change from 0 to 128
[  199.426848][T26370] EXT4-fs: Ignoring removed nobh option
[  199.441344][T26370] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  199.484611][T26473] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2096'.
[  199.502700][T26370] ext4 filesystem being mounted at mnt:[4026532372] supports timestamps until 2038-01-19 (0x7fffffff)
[  199.514626][T26370] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  199.711741][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.769504][T27204] loop1: detected capacity change from 0 to 1024
[  199.794482][T27319] SELinux: syz.5.2098 (27319) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  199.811799][T27204] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.826379][T27319] FAULT_INJECTION: forcing a failure.
[  199.826379][T27319] name failslab, interval 1, probability 0, space 0, times 0
[  199.839507][T27319] CPU: 1 UID: 0 PID: 27319 Comm: syz.5.2098 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  199.839551][T27319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.839567][T27319] Call Trace:
[  199.839575][T27319]  <TASK>
[  199.839634][T27319]  __dump_stack+0x1d/0x30
[  199.839659][T27319]  dump_stack_lvl+0xe8/0x140
[  199.839681][T27319]  dump_stack+0x15/0x1b
[  199.839701][T27319]  should_fail_ex+0x265/0x280
[  199.839729][T27319]  ? __pfx_cond_bools_destroy+0x10/0x10
[  199.839819][T27319]  should_failslab+0x8c/0xb0
[  199.839843][T27319]  __kmalloc_noprof+0xa5/0x3e0
[  199.839870][T27319]  ? hashtab_duplicate+0x55/0x360
[  199.839954][T27319]  ? __pfx_cond_bools_destroy+0x10/0x10
[  199.839980][T27319]  hashtab_duplicate+0x55/0x360
[  199.839998][T27319]  ? __kmalloc_noprof+0x1dd/0x3e0
[  199.840021][T27319]  ? cond_policydb_dup+0xa3/0x4e0
[  199.840107][T27319]  ? __pfx_cond_bools_copy+0x10/0x10
[  199.840244][T27319]  cond_policydb_dup+0xd2/0x4e0
[  199.840315][T27319]  security_set_bools+0xa0/0x340
[  199.840341][T27319]  sel_commit_bools_write+0x1ea/0x270
[  199.840376][T27319]  vfs_writev+0x406/0x8b0
[  199.840404][T27319]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  199.840452][T27319]  ? mutex_lock+0xd/0x30
[  199.840541][T27319]  do_writev+0xe7/0x210
[  199.840631][T27319]  __x64_sys_writev+0x45/0x50
[  199.840689][T27319]  x64_sys_call+0x2006/0x2fb0
[  199.840715][T27319]  do_syscall_64+0xd2/0x200
[  199.840810][T27319]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.840923][T27319]  ? clear_bhb_loop+0x40/0x90
[  199.841020][T27319]  ? clear_bhb_loop+0x40/0x90
[  199.841046][T27319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.841071][T27319] RIP: 0033:0x7fc4a275e929
[  199.841135][T27319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.841157][T27319] RSP: 002b:00007fc4a0dc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  199.841180][T27319] RAX: ffffffffffffffda RBX: 00007fc4a2985fa0 RCX: 00007fc4a275e929
[  199.841247][T27319] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000005
[  199.841262][T27319] RBP: 00007fc4a0dc7090 R08: 0000000000000000 R09: 0000000000000000
[  199.841275][T27319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.841286][T27319] R13: 0000000000000000 R14: 00007fc4a2985fa0 R15: 00007ffe1ee06c78
[  199.841304][T27319]  </TASK>
[  200.097203][T27319] loop5: detected capacity change from 0 to 1024
[  200.151347][T27319] EXT4-fs (loop5): orphan cleanup on readonly fs
[  200.159192][T27319] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5
[  200.168320][T27319] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  200.177753][T27319] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2098: Failed to acquire dquot type 0
[  200.193628][T27319] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  200.213699][T27319] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.2098: corrupted inode contents
[  200.227523][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.227529][T27319] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.2098: mark_inode_dirty error
[  200.227686][T27319] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.2098: corrupted inode contents
[  200.264085][T27319] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.2098: mark_inode_dirty error
[  200.279613][T27319] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.2098: corrupted inode contents
[  200.292037][T27319] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  200.304323][T27319] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.2098: corrupted inode contents
[  200.312781][T28026] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  200.318884][T27319] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.2098: mark_inode_dirty error
[  200.369768][T28026] EXT4-fs (loop1): Remounting filesystem read-only
[  200.376843][T28026] EXT4-fs (loop1): error restoring inline_data for inode -- potential data loss! (inode 15, error -30)
[  200.389261][T27319] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  200.407002][T27319] EXT4-fs (loop5): 1 truncate cleaned up
[  200.413288][T27319] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  200.478789][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.494144][T28545] loop4: detected capacity change from 0 to 1024
[  200.644154][   T29] audit: type=1400 audit(1752379004.169:6799): avc:  denied  { append } for  pid=28156 comm="syz.4.2101" path="/442/file1/cgroup.controllers" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  200.646759][T29379] SELinux:  Context @ is not valid (left unmapped).
[  200.702415][   T29] audit: type=1400 audit(1752379004.209:6800): avc:  denied  { relabelto } for  pid=28156 comm="syz.4.2101" name="cgroup.controllers" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[  200.762496][T28545] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.2101: Allocating blocks 497-513 which overlap fs metadata
[  200.892565][T30074] loop3: detected capacity change from 0 to 512
[  200.912326][T30074] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  200.920884][T30074] EXT4-fs (loop3): orphan cleanup on readonly fs
[  200.927721][T30074] Quota error (device loop3): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  200.938789][T30074] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  200.954627][T30074] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  200.963415][T30074] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2104: bg 0: block 40: padding at end of block bitmap is not set
[  200.977962][   T29] audit: type=1326 audit(1752379004.499:6801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30083 comm="syz.0.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  200.986043][T30088] program syz.5.2105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  201.001611][   T29] audit: type=1326 audit(1752379004.509:6802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30083 comm="syz.0.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  201.034849][   T29] audit: type=1326 audit(1752379004.509:6803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30083 comm="syz.0.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  201.035655][T30074] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  201.058529][   T29] audit: type=1326 audit(1752379004.509:6804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30083 comm="syz.0.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  201.111897][T30074] EXT4-fs (loop3): 1 truncate cleaned up
[  201.166648][T30115] loop3: detected capacity change from 0 to 512
[  201.175294][T30117] loop1: detected capacity change from 0 to 128
[  201.185165][T30121] loop0: detected capacity change from 0 to 512
[  201.191866][T30121] EXT4-fs: Ignoring removed nomblk_io_submit option
[  201.201010][T30117] EXT4-fs: Ignoring removed nobh option
[  201.207634][T30115] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2110: bg 0: block 16: invalid block bitmap
[  201.222284][T30121] ext4 filesystem being mounted at /439/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  201.251997][T28156] EXT4-fs (loop4): pa ffff888106aa4bd0: logic 256, phys. 401, len 7
[  201.254658][T30117] ext4 filesystem being mounted at mnt:[4026532372] supports timestamps until 2038-01-19 (0x7fffffff)
[  201.260115][T28156] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  201.305538][T30115] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  201.383443][T30115] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.2110: attempt to clear invalid blocks 1669132790 len 1
[  201.453945][T30129] netlink: 'syz.5.2112': attribute type 39 has an invalid length.
[  201.482133][T30115] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.2110: invalid indirect mapped block 4294967295 (level 1)
[  201.497407][T30115] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.2110: invalid indirect mapped block 4294967295 (level 2)
[  201.511798][T30115] EXT4-fs (loop3): 1 truncate cleaned up
[  201.945113][T30141] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  201.953673][T30141] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  201.957080][T30145] loop1: detected capacity change from 0 to 128
[  201.971393][T30145] ext4 filesystem being mounted at /431/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  202.011665][T30143] __nla_validate_parse: 1 callbacks suppressed
[  202.011685][T30143] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2113'.
[  202.028060][T30143] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  202.035783][T30143] 0ªî{X¹¦: entered allmulticast mode
[  202.043832][T30143] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  202.655269][T30173] FAULT_INJECTION: forcing a failure.
[  202.655269][T30173] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  202.668712][T30173] CPU: 1 UID: 0 PID: 30173 Comm: syz.0.2121 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  202.668752][T30173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  202.668769][T30173] Call Trace:
[  202.668777][T30173]  <TASK>
[  202.668787][T30173]  __dump_stack+0x1d/0x30
[  202.668813][T30173]  dump_stack_lvl+0xe8/0x140
[  202.668831][T30173]  dump_stack+0x15/0x1b
[  202.668881][T30173]  should_fail_ex+0x265/0x280
[  202.668916][T30173]  should_fail_alloc_page+0xf2/0x100
[  202.668939][T30173]  __alloc_frozen_pages_noprof+0xff/0x360
[  202.669056][T30173]  alloc_pages_mpol+0xb3/0x250
[  202.669169][T30173]  alloc_pages_noprof+0x90/0x130
[  202.669197][T30173]  pte_alloc_one+0x2d/0x120
[  202.669218][T30173]  __pte_alloc+0x32/0x2b0
[  202.669251][T30173]  handle_mm_fault+0x1c16/0x2be0
[  202.669304][T30173]  ? __rcu_read_unlock+0x4f/0x70
[  202.669337][T30173]  do_user_addr_fault+0x3fe/0x1090
[  202.669418][T30173]  exc_page_fault+0x62/0xa0
[  202.669492][T30173]  asm_exc_page_fault+0x26/0x30
[  202.669555][T30173] RIP: 0010:rep_movs_alternative+0x33/0x90
[  202.669581][T30173] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d f1 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  202.669605][T30173] RSP: 0018:ffffc9000ee37e10 EFLAGS: 00050246
[  202.669620][T30173] RAX: 0000000000500019 RBX: 0000000000000008 RCX: 0000000000000008
[  202.669632][T30173] RDX: 0000000000000000 RSI: ffff888117f689b0 RDI: 00002000000000c0
[  202.669644][T30173] RBP: 0000000000005413 R08: 00000000000003af R09: 0000000000000000
[  202.669706][T30173] R10: 0001888117f689b0 R11: 0001888117f689b7 R12: 00002000000000c8
[  202.669719][T30173] R13: 00007ffffffff000 R14: 00002000000000c0 R15: ffff888117f689b0
[  202.669738][T30173]  _copy_to_user+0x7c/0xa0
[  202.669764][T30173]  tiocgwinsz+0x36/0x70
[  202.669798][T30173]  tty_ioctl+0x371/0xb80
[  202.669902][T30173]  ? __pfx_tty_ioctl+0x10/0x10
[  202.669936][T30173]  __se_sys_ioctl+0xcb/0x140
[  202.669972][T30173]  __x64_sys_ioctl+0x43/0x50
[  202.670005][T30173]  x64_sys_call+0x19a8/0x2fb0
[  202.670107][T30173]  do_syscall_64+0xd2/0x200
[  202.670128][T30173]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  202.670161][T30173]  ? clear_bhb_loop+0x40/0x90
[  202.670183][T30173]  ? clear_bhb_loop+0x40/0x90
[  202.670212][T30173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.670233][T30173] RIP: 0033:0x7f73d36be929
[  202.670251][T30173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.670273][T30173] RSP: 002b:00007f73d1d27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.670346][T30173] RAX: ffffffffffffffda RBX: 00007f73d38e5fa0 RCX: 00007f73d36be929
[  202.670361][T30173] RDX: 00002000000000c0 RSI: 0000000000005413 RDI: 0000000000000004
[  202.670376][T30173] RBP: 00007f73d1d27090 R08: 0000000000000000 R09: 0000000000000000
[  202.670428][T30173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.670444][T30173] R13: 0000000000000000 R14: 00007f73d38e5fa0 R15: 00007fff4a3e2988
[  202.670462][T30173]  </TASK>
[  203.135871][T30176] program syz.0.2122 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  203.163289][T30201] netlink: 300 bytes leftover after parsing attributes in process `syz.3.2123'.
[  203.208247][T30207] loop0: detected capacity change from 0 to 128
[  203.209118][T30205] loop1: detected capacity change from 0 to 512
[  203.216139][T30207] EXT4-fs: Ignoring removed nobh option
[  203.236562][T30205] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2124: bg 0: block 16: invalid block bitmap
[  203.240184][T30207] ext4 filesystem being mounted at /446/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  203.255067][T30205] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  203.354652][T30205] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.2124: attempt to clear invalid blocks 1669132790 len 1
[  203.374223][T30205] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2124: invalid indirect mapped block 4294967295 (level 1)
[  203.388916][T30205] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2124: invalid indirect mapped block 4294967295 (level 2)
[  203.415334][T30205] EXT4-fs (loop1): 1 truncate cleaned up
[  203.943065][T30225] netlink: 'syz.0.2128': attribute type 4 has an invalid length.
[  203.952262][T30227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2129'.
[  203.976196][T30228] loop5: detected capacity change from 0 to 1024
[  204.042151][T30238] syz.0.2131 uses obsolete (PF_INET,SOCK_PACKET)
[  204.059481][T30240] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2133'.
[  204.079221][T30237] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2132'.
[  204.115826][ T3379] Process accounting resumed
[  204.169349][T30245] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.207619][T30283] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2135'.
[  204.222609][T30283] loop3: detected capacity change from 0 to 1024
[  204.231276][T30296] loop5: detected capacity change from 0 to 128
[  204.239186][T30245] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.251372][T30296] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  204.288732][T30283] ext4 filesystem being mounted at /421/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.356330][T30245] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.378256][   T29] kauditd_printk_skb: 82 callbacks suppressed
[  204.378276][   T29] audit: type=1326 audit(1752379007.909:6887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.408021][   T29] audit: type=1326 audit(1752379007.909:6888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.431782][   T29] audit: type=1326 audit(1752379007.909:6889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.455536][   T29] audit: type=1326 audit(1752379007.909:6890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.479173][   T29] audit: type=1326 audit(1752379007.909:6891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.502912][   T29] audit: type=1326 audit(1752379007.909:6892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.526500][   T29] audit: type=1326 audit(1752379007.909:6893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.550050][   T29] audit: type=1326 audit(1752379007.909:6894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.576178][   T29] audit: type=1326 audit(1752379008.109:6895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.599779][   T29] audit: type=1326 audit(1752379008.109:6896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30248 comm="syz.3.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f475ee1e929 code=0x7ffc0000
[  204.656952][T30245] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.676745][T30310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2137'.
[  204.696829][T30310] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2137'.
[  204.770971][T30245] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  204.779394][T30341] FAULT_INJECTION: forcing a failure.
[  204.779394][T30341] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.792631][T30341] CPU: 1 UID: 0 PID: 30341 Comm: syz.3.2139 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  204.792661][T30341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  204.792673][T30341] Call Trace:
[  204.792679][T30341]  <TASK>
[  204.792700][T30341]  __dump_stack+0x1d/0x30
[  204.792727][T30341]  dump_stack_lvl+0xe8/0x140
[  204.792751][T30341]  dump_stack+0x15/0x1b
[  204.792768][T30341]  should_fail_ex+0x265/0x280
[  204.792798][T30341]  should_fail+0xb/0x20
[  204.792860][T30341]  should_fail_usercopy+0x1a/0x20
[  204.792911][T30341]  _copy_from_user+0x1c/0xb0
[  204.792931][T30341]  perf_copy_attr+0x145/0x610
[  204.792961][T30341]  __se_sys_perf_event_open+0x67/0x11c0
[  204.792988][T30341]  ? vfs_write+0x75e/0x8e0
[  204.793034][T30341]  ? __rcu_read_unlock+0x4f/0x70
[  204.793093][T30341]  __x64_sys_perf_event_open+0x67/0x80
[  204.793129][T30341]  x64_sys_call+0x27ec/0x2fb0
[  204.793187][T30341]  do_syscall_64+0xd2/0x200
[  204.793204][T30341]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  204.793234][T30341]  ? clear_bhb_loop+0x40/0x90
[  204.793314][T30341]  ? clear_bhb_loop+0x40/0x90
[  204.793356][T30341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.793382][T30341] RIP: 0033:0x7f475ee1e929
[  204.793401][T30341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.793424][T30341] RSP: 002b:00007f475d466038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  204.793447][T30341] RAX: ffffffffffffffda RBX: 00007f475f046080 RCX: 00007f475ee1e929
[  204.793463][T30341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  204.793522][T30341] RBP: 00007f475d466090 R08: 0000000000000000 R09: 0000000000000000
[  204.793534][T30341] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  204.793546][T30341] R13: 0000000000000001 R14: 00007f475f046080 R15: 00007ffcca42f278
[  204.793566][T30341]  </TASK>
[  204.797094][T30245] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  204.829155][T30341] netlink: 404 bytes leftover after parsing attributes in process `syz.3.2139'.
[  205.009588][T30352] loop0: detected capacity change from 0 to 512
[  205.016678][T30352] EXT4-fs: Ignoring removed nomblk_io_submit option
[  205.027591][T30245] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.048020][T30245] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.059314][T30352] ext4 filesystem being mounted at /450/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  205.110047][T30363] netlink: 'syz.1.2141': attribute type 13 has an invalid length.
[  205.147479][T30363] gretap0: refused to change device tx_queue_len
[  205.166128][T30363] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  205.184597][T30369] loop5: detected capacity change from 0 to 128
[  205.192554][T30369] EXT4-fs: Ignoring removed nobh option
[  205.200462][T30369] ext4 filesystem being mounted at /14/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  205.248779][T30378] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2144'.
[  205.329788][T30383] loop1: detected capacity change from 0 to 128
[  205.336558][T30383] EXT4-fs: Ignoring removed nobh option
[  205.343983][T30383] ext4 filesystem being mounted at mnt:[4026532372] supports timestamps until 2038-01-19 (0x7fffffff)
[  205.417096][T30391] loop1: detected capacity change from 0 to 782
[  205.500199][T30405] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  205.581659][T30419] sd 0:0:1:0: device reset
[  205.590546][T30418] loop3: detected capacity change from 0 to 1024
[  205.617906][T30418] ext4 filesystem being mounted at /424/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.710709][T30429] loop0: detected capacity change from 0 to 512
[  205.712550][T30429] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm +}[@: corrupted in-inode xattr: invalid ea_ino
[  205.712717][T30429] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm +}[@: couldn't read orphan inode 15 (err -117)
[  205.714823][T30429] EXT4-fs error (device loop0): htree_dirblock_to_tree:1080: inode #2: block 13: comm +}[@: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  205.715277][T30429] EXT4-fs error (device loop0): htree_dirblock_to_tree:1080: inode #2: block 13: comm +}[@: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  205.828199][T30438] loop0: detected capacity change from 0 to 512
[  206.271380][T30438] EXT4-fs (loop0): 1 orphan inode deleted
[  206.272188][T30438] ext4 filesystem being mounted at /452/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  206.816698][T23105] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:22: Failed to release dquot type 1
[  206.995694][T30489] loop0: detected capacity change from 0 to 1024
[  207.302004][T30522] loop1: detected capacity change from 0 to 512
[  207.353470][T30522] EXT4-fs: Ignoring removed nomblk_io_submit option
[  207.416930][T30522] ext4 filesystem being mounted at /442/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.430672][T30533] __nla_validate_parse: 8 callbacks suppressed
[  207.430703][T30533] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2168'.
[  207.464041][T30536] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2171'.
[  207.484273][T30533] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2168'.
[  207.674229][T30549] loop4: detected capacity change from 0 to 2048
[  207.799532][T30562] netlink: 'syz.5.2177': attribute type 39 has an invalid length.
[  208.267764][T30571] loop5: detected capacity change from 0 to 512
[  208.288225][T30571] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  208.301906][T30571] EXT4-fs (loop5): orphan cleanup on readonly fs
[  208.315494][T30571] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  208.407344][T30576] loop0: detected capacity change from 0 to 1024
[  208.425867][T30576] EXT4-fs: Ignoring removed nobh option
[  208.438766][T30576] EXT4-fs: Ignoring removed bh option
[  208.446189][T30576] EXT4-fs (loop0): stripe (32769) is not aligned with cluster size (16), stripe is disabled
[  208.468501][T30580] program syz.0.2183 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  208.600264][T30571] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  208.629300][T30571] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2182: bg 0: block 40: padding at end of block bitmap is not set
[  208.664009][T30593] loop1: detected capacity change from 0 to 128
[  208.674278][T30590] loop0: detected capacity change from 0 to 512
[  208.688850][T30593] ext4 filesystem being mounted at /443/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  208.705515][T30571] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  208.717781][T30590] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2185: bg 0: block 16: invalid block bitmap
[  208.731270][T30598] FAULT_INJECTION: forcing a failure.
[  208.731270][T30598] name failslab, interval 1, probability 0, space 0, times 0
[  208.744005][T30598] CPU: 1 UID: 0 PID: 30598 Comm: syz.3.2186 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  208.744035][T30598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.744048][T30598] Call Trace:
[  208.744127][T30598]  <TASK>
[  208.744137][T30598]  __dump_stack+0x1d/0x30
[  208.744202][T30598]  dump_stack_lvl+0xe8/0x140
[  208.744223][T30598]  dump_stack+0x15/0x1b
[  208.744244][T30598]  should_fail_ex+0x265/0x280
[  208.744284][T30598]  should_failslab+0x8c/0xb0
[  208.744332][T30598]  kmem_cache_alloc_noprof+0x50/0x310
[  208.744372][T30598]  ? getname_flags+0x80/0x3b0
[  208.744394][T30598]  getname_flags+0x80/0x3b0
[  208.744438][T30598]  user_path_at+0x28/0x130
[  208.744466][T30598]  __se_sys_fspick+0xaa/0x240
[  208.744503][T30598]  __x64_sys_fspick+0x43/0x50
[  208.744521][T30598]  x64_sys_call+0x21bd/0x2fb0
[  208.744542][T30598]  do_syscall_64+0xd2/0x200
[  208.744564][T30598]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  208.744720][T30598]  ? clear_bhb_loop+0x40/0x90
[  208.744747][T30598]  ? clear_bhb_loop+0x40/0x90
[  208.744797][T30598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.744817][T30598] RIP: 0033:0x7f475ee1e929
[  208.744831][T30598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.744849][T30598] RSP: 002b:00007f475d487038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b1
[  208.744927][T30598] RAX: ffffffffffffffda RBX: 00007f475f045fa0 RCX: 00007f475ee1e929
[  208.744944][T30598] RDX: 0000000000000001 RSI: 0000200000000300 RDI: ffffffffffffffff
[  208.744967][T30598] RBP: 00007f475d487090 R08: 0000000000000000 R09: 0000000000000000
[  208.744980][T30598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.744992][T30598] R13: 0000000000000000 R14: 00007f475f045fa0 R15: 00007ffcca42f278
[  208.745010][T30598]  </TASK>
[  208.786025][T30602] loop4: detected capacity change from 0 to 1024
[  208.795488][T30590] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  208.796617][T30571] EXT4-fs (loop5): 1 truncate cleaned up
[  208.805625][T30590] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.2185: attempt to clear invalid blocks 1669132790 len 1
[  208.972131][T30590] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2185: invalid indirect mapped block 4294967295 (level 1)
[  208.986747][T30590] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2185: invalid indirect mapped block 4294967295 (level 2)
[  209.001113][T30590] EXT4-fs (loop0): 1 truncate cleaned up
[  209.015943][T30602] ext4 filesystem being mounted at /455/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.075273][T30602] netlink: 264 bytes leftover after parsing attributes in process `syz.4.2187'.
[  209.084419][T30602] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2187'.
[  209.102309][T30602] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  209.373843][T30643] sd 0:0:1:0: device reset
[  209.572598][T30647] loop0: detected capacity change from 0 to 128
[  209.587191][T30647] ext4 filesystem being mounted at /458/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  209.695456][T30654] loop4: detected capacity change from 0 to 512
[  209.695929][T30654] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.721270][T30654] ext4 filesystem being mounted at /456/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  210.049108][T30663] netlink: 'syz.3.2192': attribute type 39 has an invalid length.
[  210.391984][T30667] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  210.528237][T30669] sd 0:0:1:0: device reset
[  211.018277][   T29] kauditd_printk_skb: 139 callbacks suppressed
[  211.018292][   T29] audit: type=1400 audit(1752379014.549:7034): avc:  denied  { mount } for  pid=30672 comm="syz.1.2194" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  211.022590][T30673] loop1: detected capacity change from 0 to 512
[  211.072210][T30673] ext4 filesystem being mounted at /444/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  211.084780][   T29] audit: type=1400 audit(1752379014.609:7035): avc:  denied  { prog_load } for  pid=30672 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  211.084874][   T29] audit: type=1400 audit(1752379014.609:7036): avc:  denied  { bpf } for  pid=30672 comm="+}[@" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  211.084907][   T29] audit: type=1400 audit(1752379014.609:7037): avc:  denied  { perfmon } for  pid=30672 comm="+}[@" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  211.084935][   T29] audit: type=1400 audit(1752379014.609:7038): avc:  denied  { prog_run } for  pid=30672 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  211.084960][   T29] audit: type=1400 audit(1752379014.609:7039): avc:  denied  { create } for  pid=30672 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  211.084997][   T29] audit: type=1400 audit(1752379014.609:7040): avc:  denied  { write } for  pid=30672 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  211.086288][   T29] audit: type=1400 audit(1752379014.619:7041): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  211.093786][   T29] audit: type=1400 audit(1752379014.619:7042): avc:  denied  { read write } for  pid=30672 comm="+}[@" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  211.093826][   T29] audit: type=1400 audit(1752379014.619:7043): avc:  denied  { open } for  pid=30672 comm="+}[@" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  211.095799][T30673] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm +}[@: corrupted inode contents
[  211.096031][T30673] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm +}[@: mark_inode_dirty error
[  211.096221][T30673] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm +}[@: corrupted inode contents
[  211.096338][T30673] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm +}[@: mark_inode_dirty error
[  211.222200][T30687] loop4: detected capacity change from 0 to 1024
[  211.273936][T30687] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  211.274158][T30687] EXT4-fs (loop4): Remounting filesystem read-only
[  211.274380][T30687] EXT4-fs (loop4): error restoring inline_data for inode -- potential data loss! (inode 15, error -30)
[  211.331874][T30696] 9p: Unknown access argument ‚: -22
[  211.411277][T30703] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2200'.
[  211.516143][T30708] loop0: detected capacity change from 0 to 128
[  211.525443][T30708] ext4 filesystem being mounted at /459/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  211.681458][T30721] loop4: detected capacity change from 0 to 128
[  211.691231][T30721] ext4 filesystem being mounted at /460/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  211.917339][T30732] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  211.986649][T30733] sd 0:0:1:0: device reset
[  212.138753][T30739] netlink: 'syz.5.2208': attribute type 21 has an invalid length.
[  212.138797][T30739] netlink: 'syz.5.2208': attribute type 1 has an invalid length.
[  212.138811][T30739] netlink: 144 bytes leftover after parsing attributes in process `syz.5.2208'.
[  212.283678][T30744] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2209'.
[  212.283698][T30744] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2209'.
[  212.283716][T30744] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2209'.
[  212.283957][T30744] netlink: 'syz.5.2209': attribute type 6 has an invalid length.
[  212.593270][T30750] loop3: detected capacity change from 0 to 512
[  212.630116][T30750] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2211: bg 0: block 16: invalid block bitmap
[  212.665410][T30750] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  212.674454][T30750] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.2211: attempt to clear invalid blocks 1669132790 len 1
[  212.674908][T30750] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.2211: invalid indirect mapped block 4294967295 (level 1)
[  212.675237][T30750] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.2211: invalid indirect mapped block 4294967295 (level 2)
[  212.717355][T30750] EXT4-fs (loop3): 1 truncate cleaned up
[  212.973966][T30775] netlink: 'syz.1.2216': attribute type 4 has an invalid length.
[  212.984202][T30796] __nla_validate_parse: 1 callbacks suppressed
[  212.984272][T30796] netlink: 300 bytes leftover after parsing attributes in process `syz.4.2215'.
[  213.034914][T30801] loop4: detected capacity change from 0 to 512
[  213.047040][T30801] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  213.055380][T30801] EXT4-fs (loop4): orphan cleanup on readonly fs
[  213.062015][T30801] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  213.077656][T30801] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  213.086407][T30801] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2218: bg 0: block 40: padding at end of block bitmap is not set
[  213.101679][T30801] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  213.112045][T30801] EXT4-fs (loop4): 1 truncate cleaned up
[  213.175454][T30817] loop4: detected capacity change from 0 to 512
[  213.216134][T30823] loop1: detected capacity change from 0 to 512
[  213.223247][T30817] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.2222: bg 0: block 16: invalid block bitmap
[  213.239735][T30817] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  213.250301][T30817] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.2222: attempt to clear invalid blocks 1669132790 len 1
[  213.252026][T30827] loop5: detected capacity change from 0 to 512
[  213.266686][T30817] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.2222: invalid indirect mapped block 4294967295 (level 1)
[  213.285244][T30817] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.2222: invalid indirect mapped block 4294967295 (level 2)
[  213.286942][T30823] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  213.300341][T30817] EXT4-fs (loop4): 1 truncate cleaned up
[  213.308710][T30821] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2223'.
[  213.315183][T30823] EXT4-fs (loop1): orphan cleanup on readonly fs
[  213.321918][T30821] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2223'.
[  213.328915][T30823] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  213.353184][T30823] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  213.360353][T30827] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  213.370302][T30827] EXT4-fs (loop5): orphan cleanup on readonly fs
[  213.377407][T30827] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  213.381547][T30823] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2224: bg 0: block 40: padding at end of block bitmap is not set
[  213.393705][T30827] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  213.414986][T30823] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  213.424509][T30823] EXT4-fs (loop1): 1 truncate cleaned up
[  213.430653][T30827] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2225: bg 0: block 40: padding at end of block bitmap is not set
[  213.450929][T30835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2226'.
[  213.466273][T30835] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2226'.
[  213.476144][T30827] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  213.486292][T30827] EXT4-fs (loop5): 1 truncate cleaned up
[  213.580157][T30850] 9pnet_fd: Insufficient options for proto=fd
[  213.611782][T30852] loop4: detected capacity change from 0 to 1024
[  213.620229][T30853] netlink: 300 bytes leftover after parsing attributes in process `syz.1.2228'.
[  213.642050][T30859] FAULT_INJECTION: forcing a failure.
[  213.642050][T30859] name failslab, interval 1, probability 0, space 0, times 0
[  213.654881][T30859] CPU: 1 UID: 0 PID: 30859 Comm: syz.5.2231 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  213.654909][T30859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  213.654921][T30859] Call Trace:
[  213.654927][T30859]  <TASK>
[  213.654940][T30859]  __dump_stack+0x1d/0x30
[  213.654963][T30859]  dump_stack_lvl+0xe8/0x140
[  213.654986][T30859]  dump_stack+0x15/0x1b
[  213.655043][T30859]  should_fail_ex+0x265/0x280
[  213.655083][T30859]  should_failslab+0x8c/0xb0
[  213.655111][T30859]  __kmalloc_noprof+0xa5/0x3e0
[  213.655141][T30859]  ? security_sk_alloc+0x52/0x120
[  213.655217][T30859]  security_sk_alloc+0x52/0x120
[  213.655253][T30859]  sk_prot_alloc+0xc2/0x190
[  213.655292][T30859]  sk_alloc+0x34/0x360
[  213.655329][T30859]  unix_create1+0xa5/0x430
[  213.655441][T30859]  unix_stream_connect+0x1a5/0xa50
[  213.655483][T30859]  ? selinux_netlbl_socket_connect+0x115/0x130
[  213.655605][T30859]  ? selinux_socket_connect+0x57/0x70
[  213.655691][T30859]  ? __pfx_unix_stream_connect+0x10/0x10
[  213.655721][T30859]  __sys_connect+0x1ef/0x2b0
[  213.655756][T30859]  __x64_sys_connect+0x3f/0x50
[  213.655833][T30859]  x64_sys_call+0x1daa/0x2fb0
[  213.655867][T30859]  do_syscall_64+0xd2/0x200
[  213.655889][T30859]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  213.655992][T30859]  ? clear_bhb_loop+0x40/0x90
[  213.656020][T30859]  ? clear_bhb_loop+0x40/0x90
[  213.656043][T30859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.656134][T30859] RIP: 0033:0x7fc4a275e929
[  213.656150][T30859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.656168][T30859] RSP: 002b:00007fc4a0dc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  213.656240][T30859] RAX: ffffffffffffffda RBX: 00007fc4a2985fa0 RCX: 00007fc4a275e929
[  213.656253][T30859] RDX: 000000000000006e RSI: 0000200000000000 RDI: 0000000000000004
[  213.656265][T30859] RBP: 00007fc4a0dc7090 R08: 0000000000000000 R09: 0000000000000000
[  213.656359][T30859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.656371][T30859] R13: 0000000000000000 R14: 00007fc4a2985fa0 R15: 00007ffe1ee06c78
[  213.656392][T30859]  </TASK>
[  213.884179][T30852] ext4 filesystem being mounted at /468/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.909628][T30852] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  213.944513][T30869] loop5: detected capacity change from 0 to 164
[  213.987437][T30870] FAULT_INJECTION: forcing a failure.
[  213.987437][T30870] name failslab, interval 1, probability 0, space 0, times 0
[  213.991561][T30869] /dev/loop5: Can't open blockdev
[  214.000120][T30870] CPU: 0 UID: 0 PID: 30870 Comm: syz.3.2237 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  214.000166][T30870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  214.000185][T30870] Call Trace:
[  214.000195][T30870]  <TASK>
[  214.000207][T30870]  __dump_stack+0x1d/0x30
[  214.000257][T30870]  dump_stack_lvl+0xe8/0x140
[  214.000284][T30870]  dump_stack+0x15/0x1b
[  214.000308][T30870]  should_fail_ex+0x265/0x280
[  214.000351][T30870]  should_failslab+0x8c/0xb0
[  214.000381][T30870]  kmem_cache_alloc_noprof+0x50/0x310
[  214.000481][T30870]  ? skb_clone+0x151/0x1f0
[  214.000507][T30870]  skb_clone+0x151/0x1f0
[  214.000532][T30870]  __netlink_deliver_tap+0x2c9/0x500
[  214.000583][T30870]  netlink_unicast+0x653/0x680
[  214.000642][T30870]  netlink_sendmsg+0x58b/0x6b0
[  214.000671][T30870]  ? __pfx_netlink_sendmsg+0x10/0x10
[  214.000697][T30870]  __sock_sendmsg+0x145/0x180
[  214.000731][T30870]  ____sys_sendmsg+0x31e/0x4e0
[  214.000793][T30870]  ___sys_sendmsg+0x17b/0x1d0
[  214.000857][T30870]  __x64_sys_sendmsg+0xd4/0x160
[  214.000935][T30870]  x64_sys_call+0x2999/0x2fb0
[  214.000965][T30870]  do_syscall_64+0xd2/0x200
[  214.000988][T30870]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  214.001024][T30870]  ? clear_bhb_loop+0x40/0x90
[  214.001052][T30870]  ? clear_bhb_loop+0x40/0x90
[  214.001142][T30870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.001178][T30870] RIP: 0033:0x7f475ee1e929
[  214.001199][T30870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.001224][T30870] RSP: 002b:00007f475d487038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  214.001250][T30870] RAX: ffffffffffffffda RBX: 00007f475f045fa0 RCX: 00007f475ee1e929
[  214.001276][T30870] RDX: 0000000010044050 RSI: 00002000000003c0 RDI: 0000000000000006
[  214.001291][T30870] RBP: 00007f475d487090 R08: 0000000000000000 R09: 0000000000000000
[  214.001308][T30870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.001325][T30870] R13: 0000000000000000 R14: 00007f475f045fa0 R15: 00007ffcca42f278
[  214.001352][T30870]  </TASK>
[  214.107457][T30881] loop1: detected capacity change from 0 to 512
[  214.231937][T30885] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2240'.
[  214.242758][T30885] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2240'.
[  214.252862][T30881] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  214.260983][T30881] EXT4-fs (loop1): orphan cleanup on readonly fs
[  214.267772][T30881] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  214.282735][T30867] loop5: detected capacity change from 0 to 8192
[  214.312585][T30881] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  214.319889][T30881] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2239: bg 0: block 40: padding at end of block bitmap is not set
[  214.335312][T30881] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  214.344474][T30881] EXT4-fs (loop1): 1 truncate cleaned up
[  214.514062][T30903] loop5: detected capacity change from 0 to 128
[  214.594339][T30903] EXT4-fs: Ignoring removed nobh option
[  214.758982][T30903] ext4 filesystem being mounted at /37/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  214.876604][T30915] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2247'.
[  214.916029][T30915] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2247'.
[  214.946454][T30920] loop4: detected capacity change from 0 to 512
[  214.966939][T30920] ext4 filesystem being mounted at /471/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.368140][T23105] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  215.418397][T31553] loop4: detected capacity change from 0 to 1024
[  215.504303][T31553] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  215.520349][T31553] EXT4-fs (loop4): Remounting filesystem read-only
[  215.527544][T31553] EXT4-fs (loop4): error restoring inline_data for inode -- potential data loss! (inode 15, error -30)
[  216.104367][   T29] kauditd_printk_skb: 237 callbacks suppressed
[  216.104384][   T29] audit: type=1400 audit(1752379019.629:7277): avc:  denied  { setopt } for  pid=2335 comm="syz.3.2259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  216.170219][   T29] audit: type=1400 audit(1752379019.669:7278): avc:  denied  { write } for  pid=2335 comm="syz.3.2259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  216.191779][ T2340] loop1: detected capacity change from 0 to 128
[  216.198920][ T2340] EXT4-fs: Ignoring removed nobh option
[  216.220656][   T29] audit: type=1400 audit(1752379019.749:7279): avc:  denied  { read } for  pid=2346 comm="syz.4.2263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  216.241940][ T2340] ext4 filesystem being mounted at /461/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  216.255132][ T2348] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  216.305496][ T2345] netlink: 'syz.0.2257': attribute type 39 has an invalid length.
[  216.322084][   T29] audit: type=1326 audit(1752379019.849:7280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2356 comm="syz.1.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  216.322204][   T29] audit: type=1326 audit(1752379019.849:7281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2356 comm="syz.1.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  216.322329][   T29] audit: type=1326 audit(1752379019.849:7282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2356 comm="syz.1.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  216.425129][ T2360] sd 0:0:1:0: device reset
[  216.447214][   T29] audit: type=1326 audit(1752379019.929:7283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2356 comm="syz.1.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  216.447320][   T29] audit: type=1326 audit(1752379019.929:7284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2356 comm="syz.1.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  216.447362][   T29] audit: type=1326 audit(1752379019.929:7285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2356 comm="syz.1.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  216.447430][   T29] audit: type=1326 audit(1752379019.929:7286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2356 comm="syz.1.2265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  216.522820][ T2363] loop1: detected capacity change from 0 to 1024
[  216.571463][ T2363] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.2266: Allocating blocks 449-513 which overlap fs metadata
[  217.284266][ T2361] EXT4-fs (loop1): pa ffff888106aa4c40: logic 48, phys. 177, len 21
[  217.292450][ T2361] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  217.439373][ T2378] loop5: detected capacity change from 0 to 2048
[  217.517593][ T2405] loop1: detected capacity change from 0 to 512
[  217.563219][ T2405] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2276: bg 0: block 16: invalid block bitmap
[  217.594354][ T2405] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  217.610449][ T2390] loop3: detected capacity change from 0 to 2048
[  217.621651][ T2405] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.2276: attempt to clear invalid blocks 1669132790 len 1
[  217.675398][ T2405] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2276: invalid indirect mapped block 4294967295 (level 1)
[  217.719340][ T2405] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2276: invalid indirect mapped block 4294967295 (level 2)
[  217.789446][ T2405] EXT4-fs (loop1): 1 truncate cleaned up
[  218.078984][ T2427] loop1: detected capacity change from 0 to 1024
[  218.157617][ T2427] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  218.168808][ T2427] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  218.180880][T23105] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.315468][ T2427] JBD2: no valid journal superblock found
[  218.321278][ T2427] EXT4-fs (loop1): Could not load journal inode
[  218.366705][T23105] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.446903][T23105] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.506795][T23105] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.522177][ T2427] infiniband syz2: set down
[  218.526827][ T2427] infiniband syz2: added veth0_to_bond
[  218.556965][ T2427] RDS/IB: syz2: added
[  218.577767][ T2427] smc: adding ib device syz2 with port count 1
[  218.604799][ T2427] smc:    ib device syz2 port 1 has pnetid 
[  218.857202][T23105] bond0 (unregistering): Released all slaves
[  218.895212][ T2466] loop4: detected capacity change from 0 to 512
[  218.918164][ T2466] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  218.926643][ T2466] EXT4-fs (loop4): orphan cleanup on readonly fs
[  218.942259][ T2466] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  218.976998][ T2466] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  218.991881][ T2466] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2282: bg 0: block 40: padding at end of block bitmap is not set
[  219.017029][ T2466] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  219.036085][ T2466] EXT4-fs (loop4): 1 truncate cleaned up
[  219.080834][ T2498] __nla_validate_parse: 8 callbacks suppressed
[  219.080852][ T2498] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2285'.
[  219.101380][ T2498] netlink: 100 bytes leftover after parsing attributes in process `syz.4.2285'.
[  219.146430][ T2438] chnl_net:caif_netlink_parms(): no params data found
[  219.226792][ T2438] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.233965][ T2438] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.262253][ T2438] bridge_slave_0: entered allmulticast mode
[  219.275749][ T2438] bridge_slave_0: entered promiscuous mode
[  219.290994][ T2438] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.298208][ T2438] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.322729][ T2438] bridge_slave_1: entered allmulticast mode
[  219.330797][ T2438] bridge_slave_1: entered promiscuous mode
[  219.337218][ T2644] netlink: 300 bytes leftover after parsing attributes in process `syz.5.2288'.
[  219.352379][ T2640] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2289'.
[  219.361463][ T2640] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2289'.
[  219.370492][ T2640] netlink: 'syz.4.2289': attribute type 5 has an invalid length.
[  219.378278][ T2640] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2289'.
[  219.401736][ T2438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.426338][T23105] hsr_slave_0: left promiscuous mode
[  219.431760][T23105] hsr_slave_1: left promiscuous mode
[  219.437959][T23105] veth1_macvtap: left promiscuous mode
[  219.438066][T23105] veth0_macvtap: left promiscuous mode
[  219.438103][T23105] veth1_vlan: left promiscuous mode
[  219.438197][T23105] veth0_vlan: left promiscuous mode
[  219.468358][ T2682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2290'.
[  219.533349][ T2697] loop4: detected capacity change from 0 to 1024
[  219.551701][ T2701] netlink: 300 bytes leftover after parsing attributes in process `syz.5.2292'.
[  219.553236][ T2703] SELinux: syz.1.2294 (2703) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  219.590976][ T2697] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.2291: Allocating blocks 449-513 which overlap fs metadata
[  219.618009][ T2706] loop5: detected capacity change from 0 to 2048
[  219.642143][ T2706] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2295'.
[  219.642852][ T2438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.683682][ T2438] team0: Port device team_slave_0 added
[  219.693369][ T2438] team0: Port device team_slave_1 added
[  219.713475][ T2438] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.713576][ T2757] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2296'.
[  219.720517][ T2438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.755486][ T2438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.767185][ T2438] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.774275][ T2438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.800333][ T2438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  219.846161][ T2438] hsr_slave_0: entered promiscuous mode
[  219.852739][ T2438] hsr_slave_1: entered promiscuous mode
[  219.860167][ T2438] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  219.868459][ T2438] Cannot create hsr debugfs directory
[  219.976365][ T2438] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  219.981356][ T2879] loop5: detected capacity change from 0 to 1024
[  219.990349][ T2879] EXT4-fs: Ignoring removed nobh option
[  219.996273][ T2879] EXT4-fs: Ignoring removed bh option
[  220.002834][ T2438] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  220.011847][ T2879] EXT4-fs mount: 97 callbacks suppressed
[  220.011863][ T2879] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.033081][ T2438] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  220.045763][ T2438] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  220.057830][T23105] IPVS: stop unused estimator thread 0...
[  220.081476][ T2438] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.088773][ T2438] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.096206][ T2438] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.103342][ T2438] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.132979][ T2438] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.145653][T10868] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.154173][T10868] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.174386][ T2438] 8021q: adding VLAN 0 to HW filter on device team0
[  220.187518][T18095] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.194663][T18095] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.208758][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.216957][ T2438] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  220.228205][ T2438] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  220.241891][T18095] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.249068][T18095] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.264081][ T2899] netlink: 'syz.5.2302': attribute type 21 has an invalid length.
[  220.272628][ T2899] netlink: 'syz.5.2302': attribute type 1 has an invalid length.
[  220.301327][ T2683] EXT4-fs (loop4): pa ffff888106a79ee0: logic 48, phys. 177, len 21
[  220.310266][ T2683] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  220.337229][ T2438] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.366819][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.403297][ T2915] loop5: detected capacity change from 0 to 512
[  220.416583][ T2915] ext4: Unknown parameter 'obj_type'
[  220.422586][ T2918] loop1: detected capacity change from 0 to 1024
[  220.471350][ T2918] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.476091][ T2933] loop4: detected capacity change from 0 to 1024
[  220.492481][ T2918] ext4 filesystem being mounted at /471/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.515895][ T2933] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.531896][ T2933] ext4 filesystem being mounted at /486/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.545663][ T2918] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  220.571805][ T2933] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  220.600175][ T2438] veth0_vlan: entered promiscuous mode
[  220.608693][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.609744][ T2438] veth1_vlan: entered promiscuous mode
[  220.635773][ T2438] veth0_macvtap: entered promiscuous mode
[  220.648697][ T2438] veth1_macvtap: entered promiscuous mode
[  220.660305][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.678855][ T2438] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.696442][ T2438] batman_adv: batadv0: Interface activated: batadv_slave_1
[  220.717036][ T2954] loop4: detected capacity change from 0 to 2048
[  220.736207][ T2438] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.745078][ T2438] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.753021][ T2964] loop1: detected capacity change from 0 to 512
[  220.753800][ T2438] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.768900][ T2438] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  220.771002][ T2954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.787861][ T2964] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.808266][ T2964] ext4 filesystem being mounted at /473/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  220.861079][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.887611][ T2977] loop5: detected capacity change from 0 to 128
[  220.896936][ T2977] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  220.897141][ T2977] ext4 filesystem being mounted at /55/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  221.057523][ T2987] loop4: detected capacity change from 0 to 1024
[  221.058276][ T2987] EXT4-fs (loop4): bad geometry: first data block 0 is beyond end of filesystem (0)
[  221.196005][ T2984] sd 0:0:1:0: device reset
[  221.223012][ T3003] loop4: detected capacity change from 0 to 128
[  221.257289][ T3003] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  221.257528][ T3003] ext4 filesystem being mounted at /492/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  221.258950][ T3003] FAULT_INJECTION: forcing a failure.
[  221.258950][ T3003] name failslab, interval 1, probability 0, space 0, times 0
[  221.292803][ T3003] CPU: 0 UID: 0 PID: 3003 Comm: syz.4.2321 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  221.292834][ T3003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  221.292847][ T3003] Call Trace:
[  221.292854][ T3003]  <TASK>
[  221.292863][ T3003]  __dump_stack+0x1d/0x30
[  221.292887][ T3003]  dump_stack_lvl+0xe8/0x140
[  221.292927][ T3003]  dump_stack+0x15/0x1b
[  221.292950][ T3003]  should_fail_ex+0x265/0x280
[  221.292994][ T3003]  should_failslab+0x8c/0xb0
[  221.293028][ T3003]  __kmalloc_noprof+0xa5/0x3e0
[  221.293127][ T3003]  ? ext4_find_extent+0x16b/0x7a0
[  221.293166][ T3003]  ? blk_mq_submit_bio+0xbaa/0xf50
[  221.293226][ T3003]  ext4_find_extent+0x16b/0x7a0
[  221.293296][ T3003]  ext4_ext_map_blocks+0x11f/0x38a0
[  221.293336][ T3003]  ? xfd_validate_state+0x45/0xf0
[  221.293383][ T3003]  ? save_fpregs_to_fpstate+0x100/0x160
[  221.293449][ T3003]  ? _raw_spin_unlock+0x26/0x50
[  221.293564][ T3003]  ? finish_task_switch+0xad/0x2b0
[  221.293596][ T3003]  ? __schedule+0x6a8/0xb30
[  221.293621][ T3003]  ? css_rstat_updated+0xcd/0x5b0
[  221.293648][ T3003]  ? __rcu_read_unlock+0x4f/0x70
[  221.293669][ T3003]  ext4_map_query_blocks+0xa8/0x480
[  221.293816][ T3003]  ext4_map_blocks+0x3a1/0xd70
[  221.293859][ T3003]  ? css_rstat_updated+0xcd/0x5b0
[  221.293898][ T3003]  ? should_fail_ex+0x30/0x280
[  221.293983][ T3003]  ? xas_load+0x413/0x430
[  221.294037][ T3003]  ? __ext4_journal_start_sb+0x131/0x300
[  221.294061][ T3003]  ? xfd_validate_state+0x45/0xf0
[  221.294098][ T3003]  ext4_iomap_begin+0x93a/0xe00
[  221.294131][ T3003]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  221.294229][ T3003]  iomap_iter+0x338/0x730
[  221.294259][ T3003]  ? should_failslab+0x8c/0xb0
[  221.294293][ T3003]  __iomap_dio_rw+0x708/0x1250
[  221.294334][ T3003]  ? ext4_xattr_security_get+0x32/0x40
[  221.294378][ T3003]  ? __pfx_ext4_xattr_security_get+0x10/0x10
[  221.294430][ T3003]  ? ext4_journal_check_start+0x11a/0x1b0
[  221.294488][ T3003]  iomap_dio_rw+0x40/0x90
[  221.294529][ T3003]  ext4_file_write_iter+0xad9/0xf00
[  221.294623][ T3003]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  221.294651][ T3003]  vfs_write+0x49d/0x8e0
[  221.294705][ T3003]  ksys_write+0xda/0x1a0
[  221.294822][ T3003]  __x64_sys_write+0x40/0x50
[  221.294865][ T3003]  x64_sys_call+0x2cdd/0x2fb0
[  221.294894][ T3003]  do_syscall_64+0xd2/0x200
[  221.294918][ T3003]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  221.295082][ T3003]  ? clear_bhb_loop+0x40/0x90
[  221.295188][ T3003]  ? clear_bhb_loop+0x40/0x90
[  221.295218][ T3003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.295247][ T3003] RIP: 0033:0x7fa88ddbe929
[  221.295328][ T3003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.295352][ T3003] RSP: 002b:00007fa88c427038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  221.295379][ T3003] RAX: ffffffffffffffda RBX: 00007fa88dfe5fa0 RCX: 00007fa88ddbe929
[  221.295397][ T3003] RDX: 0000000000000120 RSI: 0000200000000600 RDI: 0000000000000004
[  221.295414][ T3003] RBP: 00007fa88c427090 R08: 0000000000000000 R09: 0000000000000000
[  221.295480][ T3003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.295496][ T3003] R13: 0000000000000000 R14: 00007fa88dfe5fa0 R15: 00007ffcf5781438
[  221.295522][ T3003]  </TASK>
[  221.334214][ T3313] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  221.559928][ T3026] loop4: detected capacity change from 0 to 128
[  221.573992][ T3026] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  221.574160][ T3026] ext4 filesystem being mounted at /495/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  221.589447][ T3313] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  221.955292][ T3050] FAULT_INJECTION: forcing a failure.
[  221.955292][ T3050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.955328][ T3050] CPU: 1 UID: 0 PID: 3050 Comm: syz.4.2335 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  221.955361][ T3050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  221.955376][ T3050] Call Trace:
[  221.955384][ T3050]  <TASK>
[  221.955393][ T3050]  __dump_stack+0x1d/0x30
[  221.955420][ T3050]  dump_stack_lvl+0xe8/0x140
[  221.955514][ T3050]  dump_stack+0x15/0x1b
[  221.955588][ T3050]  should_fail_ex+0x265/0x280
[  221.955626][ T3050]  should_fail+0xb/0x20
[  221.955655][ T3050]  should_fail_usercopy+0x1a/0x20
[  221.955692][ T3050]  _copy_from_user+0x1c/0xb0
[  221.955779][ T3050]  ___sys_sendmsg+0xc1/0x1d0
[  221.955830][ T3050]  __x64_sys_sendmsg+0xd4/0x160
[  221.955879][ T3050]  x64_sys_call+0x2999/0x2fb0
[  221.955907][ T3050]  do_syscall_64+0xd2/0x200
[  221.956038][ T3050]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  221.956073][ T3050]  ? clear_bhb_loop+0x40/0x90
[  221.956101][ T3050]  ? clear_bhb_loop+0x40/0x90
[  221.956206][ T3050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.956232][ T3050] RIP: 0033:0x7fa88ddbe929
[  221.956246][ T3050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.956267][ T3050] RSP: 002b:00007fa88c427038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.956291][ T3050] RAX: ffffffffffffffda RBX: 00007fa88dfe5fa0 RCX: 00007fa88ddbe929
[  221.956307][ T3050] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000006
[  221.956322][ T3050] RBP: 00007fa88c427090 R08: 0000000000000000 R09: 0000000000000000
[  221.956453][ T3050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.956466][ T3050] R13: 0000000000000000 R14: 00007fa88dfe5fa0 R15: 00007ffcf5781438
[  221.956491][ T3050]  </TASK>
[  222.306109][   T29] kauditd_printk_skb: 278 callbacks suppressed
[  222.306127][   T29] audit: type=1326 audit(1752379025.839:7564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.338973][   T29] audit: type=1326 audit(1752379025.869:7565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.339030][   T29] audit: type=1326 audit(1752379025.869:7566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.341026][   T29] audit: type=1326 audit(1752379025.869:7567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.341060][   T29] audit: type=1326 audit(1752379025.869:7568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.341091][   T29] audit: type=1326 audit(1752379025.869:7569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.341116][   T29] audit: type=1326 audit(1752379025.869:7570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.344098][   T29] audit: type=1326 audit(1752379025.869:7571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.344133][   T29] audit: type=1326 audit(1752379025.869:7572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.346333][   T29] audit: type=1326 audit(1752379025.869:7573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3042 comm="syz.0.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  222.432190][T21671] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  222.652586][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.812113][ T3065] sd 0:0:1:0: device reset
[  222.885934][ T3081] netlink: '’': attribute type 10 has an invalid length.
[  222.887735][ T3081] team0: Port device dummy0 added
[  222.888959][ T3081] netlink: '’': attribute type 10 has an invalid length.
[  222.889406][ T3081] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  222.891547][ T3081] team0: Failed to send options change via netlink (err -105)
[  222.891603][ T3081] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  222.891909][ T3081] team0: Port device dummy0 removed
[  222.894229][ T3081] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  222.906306][ T3081] wireguard0: entered allmulticast mode
[  222.994019][ T3089] loop4: detected capacity change from 0 to 764
[  223.001933][ T3089] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  223.012479][ T3081] xt_policy: neither incoming nor outgoing policy selected
[  223.198272][ T3099] loop4: detected capacity change from 0 to 1024
[  223.206887][ T3101] loop1: detected capacity change from 0 to 128
[  223.207552][ T3101] EXT4-fs: Ignoring removed oldalloc option
[  223.211474][ T3101] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  223.246103][ T3101] ext4 filesystem being mounted at /477/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.292316][ T3110] loop4: detected capacity change from 0 to 128
[  223.304968][ T3110] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  223.327249][ T3303] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  223.346552][ T3119] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  223.445421][ T3123] sd 0:0:1:0: device reset
[  223.487675][ T3121] loop5: detected capacity change from 0 to 2048
[  223.534025][ T3121] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.888009][ T3131] loop6: detected capacity change from 0 to 512
[  223.893563][ T3131] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  223.926775][ T3131] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.2352: invalid indirect mapped block 4294967295 (level 0)
[  223.926917][ T3131] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.2352: invalid indirect mapped block 4294967295 (level 1)
[  223.927430][ T3131] EXT4-fs (loop6): 1 orphan inode deleted
[  223.927459][ T3131] EXT4-fs (loop6): 1 truncate cleaned up
[  223.927948][ T3131] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.954681][ T2438] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.006208][ T3139] loop6: detected capacity change from 0 to 1024
[  224.023347][ T3139] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.023444][ T3139] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.050358][ T3139] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  224.090580][ T2438] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.171108][ T3148] pim6reg1: entered promiscuous mode
[  224.243131][ T3161] __nla_validate_parse: 16 callbacks suppressed
[  224.243149][ T3161] netlink: 300 bytes leftover after parsing attributes in process `syz.6.2355'.
[  224.280317][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.297787][ T3160] dvmrp1: entered allmulticast mode
[  224.302371][ T3160] dvmrp1: left allmulticast mode
[  224.328781][ T3178] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2360'.
[  224.370623][ T3212] loop6: detected capacity change from 0 to 512
[  224.378247][ T3212] EXT4-fs: Ignoring removed nomblk_io_submit option
[  224.388711][ T3379] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  224.389193][ T3379] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  224.391752][ T3215] loop5: detected capacity change from 0 to 1024
[  224.409106][ T3232] loop1: detected capacity change from 0 to 1024
[  224.411273][ T3212] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.411346][ T3212] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  224.421964][ T3232] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.475154][ T3242] netlink: 300 bytes leftover after parsing attributes in process `syz.4.2362'.
[  224.542048][ T3245] loop5: detected capacity change from 0 to 512
[  224.559792][ T3245] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  224.597275][ T3245] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2363: invalid indirect mapped block 4294967295 (level 0)
[  224.618691][ T3245] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2363: invalid indirect mapped block 4294967295 (level 1)
[  224.633119][ T3248] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2364'.
[  224.642689][ T3248] netlink: 312 bytes leftover after parsing attributes in process `syz.4.2364'.
[  224.652295][ T3245] EXT4-fs (loop5): 1 orphan inode deleted
[  224.658141][ T3245] EXT4-fs (loop5): 1 truncate cleaned up
[  224.671067][ T3248] SET target dimension over the limit!
[  224.683543][ T3245] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.723930][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.952717][ T3260] hub 9-0:1.0: USB hub found
[  224.967126][ T3260] hub 9-0:1.0: 8 ports detected
[  225.170448][ T2438] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.179403][ T3267] netlink: 300 bytes leftover after parsing attributes in process `syz.5.2368'.
[  225.204062][ T3271] 9p: Unknown access argument ‚: -22
[  225.212073][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.265880][ T3277] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  225.284964][ T3275] loop5: detected capacity change from 0 to 8192
[  225.326177][ T3275] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  225.344520][ T3286] sd 0:0:1:0: device reset
[  225.428511][ T3289] netlink: 300 bytes leftover after parsing attributes in process `syz.6.2374'.
[  225.594016][ T3297] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 1, id = 0
[  225.595915][ T3275] IPVS: stopping master sync thread 3297 ...
[  225.855089][ T3320] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2379'.
[  225.864601][ T3320] unsupported nlmsg_type 40
[  225.962364][ T3328] loop5: detected capacity change from 0 to 512
[  225.963758][ T3328] EXT4-fs: Ignoring removed nomblk_io_submit option
[  226.102109][ T3328] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.102185][ T3328] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  226.555394][ T3342] loop6: detected capacity change from 0 to 128
[  226.563466][ T3342] FAT-fs (loop6): Directory bread(block 162) failed
[  226.570780][ T3342] FAT-fs (loop6): Directory bread(block 163) failed
[  226.574154][ T3345] 9p: Unknown access argument ‚: -22
[  226.577615][ T3342] FAT-fs (loop6): Directory bread(block 164) failed
[  226.589995][ T3342] FAT-fs (loop6): Directory bread(block 165) failed
[  226.596745][ T3342] FAT-fs (loop6): Directory bread(block 166) failed
[  226.603604][ T3342] FAT-fs (loop6): Directory bread(block 167) failed
[  226.610347][ T3342] FAT-fs (loop6): Directory bread(block 168) failed
[  226.617061][ T3342] FAT-fs (loop6): Directory bread(block 169) failed
[  226.648369][ T3347] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.702076][ T3342] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2383'.
[  226.714299][ T3347] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.722302][ T3342] FAT-fs (loop6): Directory bread(block 162) failed
[  226.735275][ T3342] FAT-fs (loop6): Directory bread(block 163) failed
[  226.753361][ T3342] syz.6.2383: attempt to access beyond end of device
[  226.753361][ T3342] loop6: rw=3, sector=226, nr_sectors = 6 limit=128
[  226.776916][ T3342] syz.6.2383: attempt to access beyond end of device
[  226.776916][ T3342] loop6: rw=2051, sector=232, nr_sectors = 2 limit=128
[  226.779666][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.843158][ T3347] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.857200][ T3396] loop6: detected capacity change from 0 to 128
[  226.867017][ T3396] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  226.878629][ T3415] program syz.0.2386 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  226.888511][ T3396] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  226.922520][ T3347] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.995947][ T3347] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.039268][ T3347] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.063874][ T3442] loop5: detected capacity change from 0 to 512
[  227.070680][ T3444] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  227.086512][ T3442] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  227.107702][ T3347] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.118938][ T3442] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2393: invalid indirect mapped block 4294967295 (level 0)
[  227.119199][ T3442] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2393: invalid indirect mapped block 4294967295 (level 1)
[  227.133708][ T3442] EXT4-fs (loop5): 1 orphan inode deleted
[  227.133731][ T3442] EXT4-fs (loop5): 1 truncate cleaned up
[  227.134130][ T3442] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.176777][ T3347] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.196125][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.239509][ T3464] sd 0:0:1:0: device reset
[  227.250673][ T3466] loop1: detected capacity change from 0 to 128
[  227.253027][ T3466] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  227.253288][ T3466] ext4 filesystem being mounted at /483/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  227.307057][ T3303] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  227.332889][ T3474] loop5: detected capacity change from 0 to 1024
[  227.347210][ T3474] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.352090][ T3474] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  227.379382][ T3479] loop1: detected capacity change from 0 to 4096
[  227.381484][ T3474] EXT4-fs (loop5): Remounting filesystem read-only
[  227.386715][ T3479] ext2: Unknown parameter 'noacl'
[  227.394831][ T3474] EXT4-fs (loop5): error restoring inline_data for inode -- potential data loss! (inode 15, error -30)
[  227.421972][ T3479] loop1: detected capacity change from 0 to 164
[  227.433800][   T29] kauditd_printk_skb: 231 callbacks suppressed
[  227.433816][   T29] audit: type=1400 audit(1752379030.959:7805): avc:  denied  { execute } for  pid=3478 comm="syz.1.2400" dev="tmpfs" ino=1575 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  227.434074][   T29] audit: type=1400 audit(1752379030.959:7806): avc:  denied  { execute_no_trans } for  pid=3478 comm="syz.1.2400" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1575 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  227.435108][ T3479] syz.1.2400: attempt to access beyond end of device
[  227.435108][ T3479] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  227.435206][ T3479] syz.1.2400: attempt to access beyond end of device
[  227.435206][ T3479] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  227.437032][ T3479] iso9660: Corrupted directory entry in block 4 of inode 1792
[  227.475858][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.589414][ T3494] loop5: detected capacity change from 0 to 1024
[  227.919752][ T3665] netlink: 'syz.1.2403': attribute type 39 has an invalid length.
[  227.947020][ T3666] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2404'.
[  229.336388][ T7323] 9p: Unknown access argument ‚: -22
[  229.372776][ T2438] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  229.395684][ T7327] loop6: detected capacity change from 0 to 1024
[  229.396193][ T7327] EXT4-fs: Ignoring removed nobh option
[  229.396221][ T7327] EXT4-fs: Ignoring removed bh option
[  229.417096][ T7327] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.421523][   T29] audit: type=1400 audit(1752379032.949:7807): avc:  denied  { read } for  pid=7328 comm="syz.5.2412" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  229.442738][ T2438] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.462763][ T7334] __nla_validate_parse: 1 callbacks suppressed
[  229.462778][ T7334] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2414'.
[  229.490934][ T7339] syz_tun: entered allmulticast mode
[  229.493675][ T7338] syz_tun: left allmulticast mode
[  229.647410][ T7350] loop5: detected capacity change from 0 to 2048
[  229.680968][ T7350] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.723732][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.768825][   T29] audit: type=1326 audit(1752379033.299:7808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7362 comm="syz.4.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88ddbe929 code=0x7ffc0000
[  229.807723][ T7366] netlink: 300 bytes leftover after parsing attributes in process `syz.1.2413'.
[  229.821860][   T29] audit: type=1326 audit(1752379033.299:7809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7362 comm="syz.4.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa88ddbe929 code=0x7ffc0000
[  229.821936][   T29] audit: type=1326 audit(1752379033.299:7810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7362 comm="syz.4.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88ddbe929 code=0x7ffc0000
[  229.822044][   T29] audit: type=1326 audit(1752379033.299:7811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7362 comm="syz.4.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa88ddbe929 code=0x7ffc0000
[  229.822068][   T29] audit: type=1326 audit(1752379033.299:7812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7362 comm="syz.4.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88ddbe929 code=0x7ffc0000
[  229.822168][   T29] audit: type=1326 audit(1752379033.299:7813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7362 comm="syz.4.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88ddbe929 code=0x7ffc0000
[  229.822244][   T29] audit: type=1326 audit(1752379033.299:7814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7362 comm="syz.4.2421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa88ddbe929 code=0x7ffc0000
[  229.831863][ T7368] loop5: detected capacity change from 0 to 128
[  229.986868][ T7368] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  230.008374][ T7368] ext4 filesystem being mounted at /79/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  230.053469][ T7651] loop1: detected capacity change from 0 to 1024
[  230.064440][ T7651] EXT4-fs: Ignoring removed orlov option
[  230.078914][ T7651] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.518362][ T8959] program syz.6.2425 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  230.921446][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.974332][T10717] netlink: 'syz.1.2426': attribute type 21 has an invalid length.
[  231.083404][T10717] netlink: 'syz.1.2426': attribute type 1 has an invalid length.
[  231.091357][T10717] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2426'.
[  231.166256][T21671] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  231.242557][T11214] xt_hashlimit: max too large, truncated to 1048576
[  231.280801][T11241] netlink: 'syz.6.2436': attribute type 4 has an invalid length.
[  231.301207][T11240] syz_tun: entered allmulticast mode
[  231.307336][T11244] netlink: 300 bytes leftover after parsing attributes in process `syz.0.2434'.
[  231.313886][T11238] syz_tun: left allmulticast mode
[  231.431781][T11403] loop6: detected capacity change from 0 to 128
[  231.440610][T11403] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  231.442505][T11403] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  231.500010][T11458] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2441'.
[  231.787714][T12826] netlink: 'syz.0.2443': attribute type 21 has an invalid length.
[  232.288199][T14712] loop5: detected capacity change from 0 to 512
[  232.337089][T14712] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  232.367208][T14712] EXT4-fs (loop5): orphan cleanup on readonly fs
[  232.387677][T14712] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  232.403717][T14712] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  232.411251][T14712] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2445: bg 0: block 40: padding at end of block bitmap is not set
[  232.424672][T12826] netlink: 'syz.0.2443': attribute type 1 has an invalid length.
[  232.427791][T14712] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  232.433211][T12826] netlink: 144 bytes leftover after parsing attributes in process `syz.0.2443'.
[  232.472230][   T29] kauditd_printk_skb: 43 callbacks suppressed
[  232.472264][   T29] audit: type=1326 audit(1752379035.999:7857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.0.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  232.502060][   T29] audit: type=1326 audit(1752379035.999:7858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12816 comm="syz.0.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  232.502475][T14997] syz_tun: entered allmulticast mode
[  232.542623][T14981] syz_tun: left allmulticast mode
[  232.546397][T14712] EXT4-fs (loop5): 1 truncate cleaned up
[  232.559338][T15088] syz_tun: entered allmulticast mode
[  232.559679][T14712] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  232.566244][T15087] syz_tun: left allmulticast mode
[  232.592830][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.595110][T15086] syz_tun: entered allmulticast mode
[  232.643099][T15085] syz_tun: left allmulticast mode
[  232.684330][T15101] netlink: 'syz.0.2454': attribute type 1 has an invalid length.
[  232.692284][T15101] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2454'.
[  232.728167][T15109] netlink: 300 bytes leftover after parsing attributes in process `syz.5.2450'.
[  232.746825][   T29] audit: type=1400 audit(1752379036.269:7859): avc:  denied  { associate } for  pid=15099 comm="syz.0.2454" name="cgroup" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  232.750317][   T29] audit: type=1400 audit(1752379036.279:7860): avc:  denied  { getopt } for  pid=15099 comm="syz.0.2454" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  232.802729][T15114] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2453'.
[  232.970067][   T29] audit: type=1326 audit(1752379036.499:7861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15128 comm="syz.0.2459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  232.970231][   T29] audit: type=1326 audit(1752379036.499:7862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15128 comm="syz.0.2459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  232.970573][   T29] audit: type=1326 audit(1752379036.499:7863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15128 comm="syz.0.2459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  232.970836][   T29] audit: type=1326 audit(1752379036.499:7864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15128 comm="syz.0.2459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  232.970943][   T29] audit: type=1326 audit(1752379036.499:7865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15128 comm="syz.0.2459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  232.971091][   T29] audit: type=1326 audit(1752379036.499:7866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15128 comm="syz.0.2459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  233.149250][ T2438] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  233.244969][T15136] syz_tun: entered allmulticast mode
[  233.246026][T15135] syz_tun: left allmulticast mode
[  233.562042][T15161] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2462'.
[  233.795776][T15171] loop5: detected capacity change from 0 to 1024
[  233.799432][T15172] syz_tun: entered allmulticast mode
[  233.810357][T15169] syz_tun: left allmulticast mode
[  233.855620][T15171] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.868077][T15171] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  233.891125][T15171] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  233.944658][T21671] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.969037][T15187] loop6: detected capacity change from 0 to 512
[  233.978540][T15192] loop5: detected capacity change from 0 to 128
[  233.997674][T15192] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  234.010623][T15192] ext4 filesystem being mounted at /86/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  234.047120][T15187] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  234.059108][T15200] netlink: 'syz.4.2474': attribute type 4 has an invalid length.
[  234.067501][T15187] EXT4-fs (loop6): orphan cleanup on readonly fs
[  234.174124][T15187] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  234.208036][T15187] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  234.216126][T15187] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2472: bg 0: block 40: padding at end of block bitmap is not set
[  234.233885][T15187] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  234.243423][T15187] EXT4-fs (loop6): 1 truncate cleaned up
[  234.250218][T15187] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  234.276673][ T2438] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.620680][T15210] sd 0:0:1:0: device reset
[  234.843358][T15220] FAULT_INJECTION: forcing a failure.
[  234.843358][T15220] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.856595][T15220] CPU: 0 UID: 0 PID: 15220 Comm: syz.1.2478 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  234.856641][T15220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  234.856658][T15220] Call Trace:
[  234.856666][T15220]  <TASK>
[  234.856738][T15220]  __dump_stack+0x1d/0x30
[  234.856760][T15220]  dump_stack_lvl+0xe8/0x140
[  234.856784][T15220]  dump_stack+0x15/0x1b
[  234.856806][T15220]  should_fail_ex+0x265/0x280
[  234.856848][T15220]  should_fail+0xb/0x20
[  234.856954][T15220]  should_fail_usercopy+0x1a/0x20
[  234.857050][T15220]  _copy_from_user+0x1c/0xb0
[  234.857069][T15220]  __copy_msghdr+0x244/0x300
[  234.857110][T15220]  ___sys_sendmsg+0x109/0x1d0
[  234.857200][T15220]  __sys_sendmmsg+0x178/0x300
[  234.857256][T15220]  __x64_sys_sendmmsg+0x57/0x70
[  234.857301][T15220]  x64_sys_call+0x2f2f/0x2fb0
[  234.857399][T15220]  do_syscall_64+0xd2/0x200
[  234.857421][T15220]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  234.857455][T15220]  ? clear_bhb_loop+0x40/0x90
[  234.857483][T15220]  ? clear_bhb_loop+0x40/0x90
[  234.857585][T15220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.857676][T15220] RIP: 0033:0x7f31d1a0e929
[  234.857692][T15220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.857714][T15220] RSP: 002b:00007f31d0077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  234.857738][T15220] RAX: ffffffffffffffda RBX: 00007f31d1c35fa0 RCX: 00007f31d1a0e929
[  234.857759][T15220] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000006
[  234.857773][T15220] RBP: 00007f31d0077090 R08: 0000000000000000 R09: 0000000000000000
[  234.857787][T15220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.857802][T15220] R13: 0000000000000000 R14: 00007f31d1c35fa0 R15: 00007ffc74d9f1f8
[  234.857827][T15220]  </TASK>
[  234.896708][T21671] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  235.080933][T15225] loop1: detected capacity change from 0 to 2048
[  235.092410][T15225] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.216681][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.319778][T15517] loop5: detected capacity change from 0 to 128
[  235.328303][T15517] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  235.328504][T15517] ext4 filesystem being mounted at /89/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  235.987786][T17432] loop6: detected capacity change from 0 to 128
[  236.006827][T17432] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  236.078794][T17432] ext4 filesystem being mounted at /28/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  236.555746][T15471] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  236.565307][T15471] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  236.703266][T21671] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  236.946563][T19091] loop5: detected capacity change from 0 to 1024
[  236.965438][T19091] EXT4-fs: Ignoring removed nobh option
[  236.971087][T19091] EXT4-fs: Ignoring removed bh option
[  236.986314][T19096] loop1: detected capacity change from 0 to 512
[  237.007683][T19099] 9p: Unknown access argument ‚: -22
[  237.043508][T19096] ext4 filesystem being mounted at /503/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.091962][T19096] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.2498: iget: bad i_size value: 2533274857506816
[  237.132988][T19096] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.2498: iget: bad i_size value: 2533274857506816
[  237.164774][T19096] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.2498: iget: bad i_size value: 2533274857506816
[  237.196959][T19119] loop6: detected capacity change from 0 to 1024
[  237.206344][T19121] netlink: 300 bytes leftover after parsing attributes in process `syz.4.2502'.
[  237.236310][T19119] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.268976][T19264] loop1: detected capacity change from 0 to 128
[  237.283547][T19264] ext4 filesystem being mounted at /504/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  237.289091][T19119] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  237.603898][T19859] program syz.6.2509 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.646797][T20291] netlink: 300 bytes leftover after parsing attributes in process `syz.0.2510'.
[  237.857583][   T29] kauditd_printk_skb: 146 callbacks suppressed
[  237.857601][   T29] audit: type=1326 audit(1752379041.389:8012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  237.920487][   T29] audit: type=1326 audit(1752379041.389:8013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  237.944183][   T29] audit: type=1326 audit(1752379041.389:8014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  237.967790][   T29] audit: type=1326 audit(1752379041.389:8015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  237.991447][   T29] audit: type=1326 audit(1752379041.389:8016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  238.015007][   T29] audit: type=1326 audit(1752379041.389:8017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  238.038542][   T29] audit: type=1326 audit(1752379041.389:8018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  238.062010][   T29] audit: type=1326 audit(1752379041.389:8019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  238.085641][   T29] audit: type=1326 audit(1752379041.389:8020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  238.109276][   T29] audit: type=1326 audit(1752379041.389:8021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20739 comm="syz.0.2512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d36be929 code=0x7ffc0000
[  238.259956][T21181] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2513'.
[  238.867993][T19574] syz_tun: entered allmulticast mode
[  238.873530][T19574] syz_tun: left allmulticast mode
[  239.111497][T23000] loop5: detected capacity change from 0 to 512
[  239.147896][T23000] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  239.159661][T23006] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2520'.
[  239.221632][T23023] loop6: detected capacity change from 0 to 1024
[  239.233780][T23023] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.245955][T23023] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  239.262713][T23029] netlink: 300 bytes leftover after parsing attributes in process `syz.0.2523'.
[  239.898456][T24638] block device autoloading is deprecated and will be removed.
[  240.002025][T24850] siw: device registration error -23
[  240.075493][T24897] loop6: detected capacity change from 0 to 1024
[  240.076491][T24897] EXT4-fs: Ignoring removed nobh option
[  240.076554][T24897] EXT4-fs: Ignoring removed bh option
[  240.757102][T25498] loop0: detected capacity change from 0 to 2048
[  240.948496][T26853] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  241.076730][T26853] sd 0:0:1:0: device reset
[  241.077774][T26926] netlink: 'syz.4.2543': attribute type 21 has an invalid length.
[  241.124156][T26904] loop5: detected capacity change from 0 to 2048
[  241.181204][T26926] netlink: 'syz.4.2543': attribute type 1 has an invalid length.
[  241.189068][T26926] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2543'.
[  241.345489][T26950] loop5: detected capacity change from 0 to 128
[  241.355203][T26950] ext4 filesystem being mounted at /102/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  242.028459][T26996] netlink: 300 bytes leftover after parsing attributes in process `syz.0.2554'.
[  242.076316][T26998] loop6: detected capacity change from 0 to 512
[  242.086572][T26998] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  242.104676][T26998] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.2557: invalid indirect mapped block 4294967295 (level 0)
[  242.119489][T26998] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.2557: invalid indirect mapped block 4294967295 (level 1)
[  242.134830][T26998] EXT4-fs (loop6): 1 orphan inode deleted
[  242.140699][T26998] EXT4-fs (loop6): 1 truncate cleaned up
[  242.154975][T27005] loop0: detected capacity change from 0 to 1024
[  242.161836][T27005] EXT4-fs: Ignoring removed orlov option
[  242.199847][T26998] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2557'.
[  242.401254][T27022] netlink: 300 bytes leftover after parsing attributes in process `syz.4.2565'.
[  242.502161][T27021] loop6: detected capacity change from 0 to 2048
[  242.981532][T27038] netlink: 300 bytes leftover after parsing attributes in process `syz.1.2568'.
[  243.147490][   T29] kauditd_printk_skb: 53 callbacks suppressed
[  243.147508][   T29] audit: type=1326 audit(1752379046.679:8075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.191385][T27045] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  243.203419][   T29] audit: type=1326 audit(1752379046.719:8076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.226416][T27048] netlink: 300 bytes leftover after parsing attributes in process `syz.0.2569'.
[  243.227253][   T29] audit: type=1326 audit(1752379046.719:8077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.260086][   T29] audit: type=1326 audit(1752379046.719:8078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.283713][   T29] audit: type=1326 audit(1752379046.719:8079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.307196][   T29] audit: type=1326 audit(1752379046.719:8080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.331011][   T29] audit: type=1326 audit(1752379046.719:8081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.354830][   T29] audit: type=1326 audit(1752379046.719:8082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.378396][   T29] audit: type=1326 audit(1752379046.719:8083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.402020][   T29] audit: type=1326 audit(1752379046.719:8084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27041 comm="syz.1.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31d1a0e929 code=0x7ffc0000
[  243.428250][T27049] loop1: detected capacity change from 0 to 8192
[  243.547052][T27058] SELinux: failed to load policy
[  243.548238][T27062] netlink: 'syz.6.2575': attribute type 4 has an invalid length.
[  243.568814][T27058] loop5: detected capacity change from 0 to 512
[  243.597093][T27065] loop6: detected capacity change from 0 to 1024
[  243.604674][T27058] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #3: comm syz.5.2576: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  243.627982][T27065] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.642627][T27058] EXT4-fs error (device loop5): ext4_quota_enable:7127: comm syz.5.2576: Bad quota inode: 3, type: 0
[  243.662779][T27058] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  243.679687][T27065] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  243.696113][T27058] EXT4-fs (loop5): mount failed
[  243.714238][T27077] loop1: detected capacity change from 0 to 512
[  243.721167][T27077] EXT4-fs: Ignoring removed nomblk_io_submit option
[  243.739276][T27077] ext4 filesystem being mounted at /514/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  243.772586][T27086] netlink: 'syz.5.2580': attribute type 21 has an invalid length.
[  243.806072][T27086] netlink: 'syz.5.2580': attribute type 1 has an invalid length.
[  243.814056][T27086] netlink: 144 bytes leftover after parsing attributes in process `syz.5.2580'.
[  243.882780][T27091] syz_tun: entered allmulticast mode
[  243.923897][T27090] syz_tun: left allmulticast mode
[  243.988079][T27096] loop5: detected capacity change from 0 to 512
[  243.995123][T27096] EXT4-fs: Ignoring removed nomblk_io_submit option
[  244.007374][T27096] ext4 filesystem being mounted at /107/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  244.423396][T27108] loop0: detected capacity change from 0 to 512
[  244.436102][T27108] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  244.444464][T27108] EXT4-fs (loop0): orphan cleanup on readonly fs
[  244.451615][T27108] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  244.466788][T27108] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  244.474414][T27108] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2586: bg 0: block 40: padding at end of block bitmap is not set
[  244.493135][T27113] netlink: 'syz.4.2587': attribute type 4 has an invalid length.
[  244.504970][T27108] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  244.522634][T27108] EXT4-fs (loop0): 1 truncate cleaned up
[  244.570658][T27127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2591'.
[  244.581862][T27127] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2591'.
[  244.685252][T27138] netlink: 300 bytes leftover after parsing attributes in process `syz.0.2594'.
[  244.753898][T27141] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2596'.
[  244.791867][T27154] loop0: detected capacity change from 0 to 1024
[  244.800235][T27154] EXT4-fs: Ignoring removed nobh option
[  244.805925][T27154] EXT4-fs: Ignoring removed bh option
[  244.852574][T27163] netlink: 'syz.5.2601': attribute type 4 has an invalid length.
[  244.946951][T27187] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  244.955634][T27186] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2605'.
[  244.965267][T27187] vhci_hcd: default hub control req: 0200 v0000 i0000 l31125
[  244.973788][T27188] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  244.983281][T27186] netlink: 100 bytes leftover after parsing attributes in process `syz.5.2605'.
[  244.993547][T27188] vhci_hcd: default hub control req: 0200 v0000 i0000 l31125
[  245.007725][T27187] loop0: detected capacity change from 0 to 512
[  245.028255][T27187] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  245.043719][T27187] EXT4-fs (loop0): mount failed
[  245.063247][T27219] loop5: detected capacity change from 0 to 512
[  245.071405][T27219] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  245.083672][T27219] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2606: invalid indirect mapped block 4294967295 (level 0)
[  245.098942][T27219] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2606: invalid indirect mapped block 4294967295 (level 1)
[  245.127571][T27219] EXT4-fs (loop5): 1 orphan inode deleted
[  245.133407][T27219] EXT4-fs (loop5): 1 truncate cleaned up
[  245.133783][T27223] loop6: detected capacity change from 0 to 512
[  245.159276][T27223] ext4 filesystem being mounted at /48/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  245.815238][T27251] loop1: detected capacity change from 0 to 1024
[  246.030832][T27264] loop0: detected capacity change from 0 to 1024
[  246.060492][T27264] EXT4-fs: Ignoring removed nobh option
[  246.066188][T27264] EXT4-fs: Ignoring removed bh option
[  246.096592][T27273] loop6: detected capacity change from 0 to 512
[  246.130351][T27280] loop1: detected capacity change from 0 to 1024
[  246.141968][T27273] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  246.169218][T27286] loop0: detected capacity change from 0 to 1024
[  246.169939][T27273] EXT4-fs (loop6): 1 truncate cleaned up
[  246.186315][T27273] EXT4-fs error (device loop6): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.6.2621: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  246.189986][T27286] EXT4-fs: Ignoring removed orlov option
[  246.207965][T27280] EXT4-fs: Ignoring removed orlov option
[  246.220972][T27273] EXT4-fs (loop6): Remounting filesystem read-only
[  246.227673][T27273] EXT4-fs warning (device loop6): ext4_rename_delete:3726: inode #2: comm syz.6.2621: Deleting old file: nlink 4, error=-117
[  246.479603][T27273] bond0: (slave bond_slave_0): Releasing backup interface
[  246.495994][T27301] loop5: detected capacity change from 0 to 1024
[  246.539161][T27310] netlink: 'syz.5.2627': attribute type 4 has an invalid length.
[  246.637246][T27320] netlink: 'syz.5.2631': attribute type 21 has an invalid length.
[  246.647907][T27320] netlink: 'syz.5.2631': attribute type 1 has an invalid length.
[  246.687951][T27322] loop6: detected capacity change from 0 to 512
[  246.701982][T27322] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  246.731855][T27322] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.2632: invalid indirect mapped block 4294967295 (level 0)
[  246.748561][T27322] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #16: comm syz.6.2632: invalid indirect mapped block 4294967295 (level 1)
[  246.881561][T27322] EXT4-fs (loop6): 1 orphan inode deleted
[  246.887547][T27322] EXT4-fs (loop6): 1 truncate cleaned up
[  247.018785][T27837] loop6: detected capacity change from 0 to 1024
[  247.131880][T27946] sctp: [Deprecated]: syz.1.2638 (pid 27946) Use of int in max_burst socket option.
[  247.131880][T27946] Use struct sctp_assoc_value instead
[  247.263259][T28674] netlink: 'syz.6.2639': attribute type 4 has an invalid length.
[  247.740441][T10480] ==================================================================
[  247.748582][T10480] BUG: KCSAN: data-race in copy_process / free_pid
[  247.755107][T10480] 
[  247.757443][T10480] read-write to 0xffffffff868608e0 of 4 bytes by task 31067 on cpu 0:
[  247.765607][T10480]  free_pid+0x77/0x180
[  247.769694][T10480]  free_pids+0x7a/0xb0
[  247.773776][T10480]  release_task+0x9a9/0xb60
[  247.778307][T10480]  do_exit+0xd81/0x1590
[  247.782628][T10480]  call_usermodehelper_exec_async+0x247/0x250
[  247.788731][T10480]  ret_from_fork+0xda/0x150
[  247.793266][T10480]  ret_from_fork_asm+0x1a/0x30
[  247.798141][T10480] 
[  247.800477][T10480] read to 0xffffffff868608e0 of 4 bytes by task 10480 on cpu 1:
[  247.808128][T10480]  copy_process+0x1790/0x1f90
[  247.812826][T10480]  kernel_clone+0x16c/0x5b0
[  247.817357][T10480]  user_mode_thread+0x7d/0xb0
[  247.822058][T10480]  call_usermodehelper_exec_work+0x41/0x160
[  247.827981][T10480]  process_scheduled_works+0x4cb/0x9d0
[  247.833471][T10480]  worker_thread+0x582/0x770
[  247.838097][T10480]  kthread+0x489/0x510
[  247.842189][T10480]  ret_from_fork+0xda/0x150
[  247.846740][T10480]  ret_from_fork_asm+0x1a/0x30
[  247.851529][T10480] 
[  247.853870][T10480] value changed: 0x800000f6 -> 0x800000f5
[  247.859598][T10480] 
[  247.861932][T10480] Reported by Kernel Concurrency Sanitizer on:
[  247.868115][T10480] CPU: 1 UID: 0 PID: 10480 Comm: kworker/u8:9 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  247.880827][T10480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  247.890946][T10480] Workqueue: events_unbound call_usermodehelper_exec_work
[  247.898109][T10480] ==================================================================