last executing test programs:

23.4558296s ago: executing program 0 (id=447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
io_uring_setup(0x1500, &(0x7f0000000180)={0x0, 0xe444, 0x8000, 0x1, 0x22f})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@nodioread_nolock}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x6, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
socket(0x10, 0x3, 0x0)
alarm(0xffff)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[], 0xfe37, 0x0)

23.365911878s ago: executing program 0 (id=450):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff00004485"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_flash={0x33, 0xea6, '.\x00'}})

23.322302963s ago: executing program 0 (id=451):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000190a0102"], 0x2c}}, 0x0)

23.306657154s ago: executing program 0 (id=452):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x67)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
io_uring_setup(0x4fd0, &(0x7f0000000200)={0x0, 0x4f, 0x400, 0x1, 0x167, 0x0, r0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10)
signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095", @ANYRES8=0x0], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0xf)
clock_adjtime(0x0, &(0x7f0000000040)={0xd51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xe438, 0x0, 0x3})

23.227915912s ago: executing program 0 (id=453):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
ioprio_get$uid(0x3, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='net/ip_vs\x00')
pread64(r3, 0x0, 0x0, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
getsockopt$PNPIPE_IFINDEX(r3, 0x113, 0x2, &(0x7f0000001280)=<r4=>0x0, &(0x7f00000012c0)=0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001340)={0x3}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r3}, &(0x7f0000001380), &(0x7f00000013c0)=r3}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1a, 0x16, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@call={0x85, 0x0, 0x0, 0x35}, @ldst={0x2, 0x3, 0x6, 0x6, 0x8, 0xfffffffffffffffc, 0x8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x3ff, 0x0, 0x0, 0x40f00, 0x43, '\x00', r4, @fallback=0x15, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3, 0x2, &(0x7f0000001440), &(0x7f0000001480)=[{0x5, 0x2, 0x6, 0xb}, {0x2, 0x3, 0x10, 0x3}], 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pivot_root(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket(0xa, 0x1, 0x401)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
timer_settime(r6, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000002000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

23.030008342s ago: executing program 0 (id=454):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
futimesat(0xffffffffffffffff, &(0x7f0000000500)='./file0\x00', &(0x7f0000000540))

23.008802054s ago: executing program 32 (id=454):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
futimesat(0xffffffffffffffff, &(0x7f0000000500)='./file0\x00', &(0x7f0000000540))

3.949899341s ago: executing program 3 (id=717):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
syz_read_part_table(0x5da, &(0x7f0000000a00)="$eJzs2z9olHcYB/DnoqdFS12cnNShk4viVDyoyt2pKBynWYpDBSWIB4UrFE44COigNyi9IWRMhxC4JX+GkssNGUpCAlkbQoaWQIZMJVkCWXIlvV9ph0ATklCEzweO5+657/t73md4xzf4pPXFH91uNxMR3bOHvHQwor+VL9y/XLpdfhKRiacRceWXLyb3/syk0N+nXu2VX8+k/ujIuc77rXvZ1urj7S+/nWv0/XPoX5/zY+3+49iPkzWem7/w5m21+KGWe7lSrK+/W156NLGZL7cfNpqTD7J3n6fcQqqnI776KX1/Ha/iWVSiEi+ieuT5e7/q68Otteu7l4qt6YFbO4XOx9kbKVc62poHmN/b/4crP37TrN+5NnVx6GZtZrG8caqXqxz26QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H8xnpu/8OZttfihlnu5Uqyvv1teejSxmS+3Hzaakw+yd5+n3EKqp1P9PmrxOl7Fs6hEJV5E9WDjvv75P+YPt9au714qtqYHbu0UOh9nb6Rc6TiW3ce/5/elXrN+59rUxaGbtZnF8sapXq9y9oRuAAAAAAAAAAAAAAAAAAAAACIiX7h/uXS7/CQiE08j4rvPZ6f3+t30vnsm5a6m+lvqj46c67zfupdtrT7eHoi5xu+pP/hZxGBEnB9r9+8z7syJL8Sh/BkAAP//7leRXA==")
socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0xffa8)

3.782599797s ago: executing program 3 (id=721):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, &(0x7f0000000240)=0x9, 0xa, 0x5)
r0 = io_uring_setup(0x22625, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone3(&(0x7f0000001040)={0x20400, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, &(0x7f0000001000)=[0x0], 0x1}, 0x58)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000000580)=""/244, 0xf4}], 0x1)
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
readv(r3, &(0x7f0000000ec0)=[{&(0x7f0000001380)=""/4096, 0x1000}], 0x1)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x10007)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280))
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r4, 0xa, 0x13)
fcntl$setlease(r4, 0x400, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x38, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x44, 0x0, 0x6, 0x6, 0x3, 0x2}, {0x3, 0x2, 0x7, 0x4, 0x0, 0x6}, 0x90000000, 0x82b8ca3e, 0x1d24}}, @TCA_TBF_PRATE64={0xc, 0x5, 0x9b4e7c312ffd1ff5}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003a00)=@deltfilter={0x1650, 0x2d, 0x20, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x4}, {0x6}, {0x4, 0xfff1}}, [@filter_kind_options=@f_bpf={{0x8}, {0x730, 0x2, [@TCA_BPF_CLASSID={0x8, 0x3, {0xfff3, 0x1}}, @TCA_BPF_ACT={0x304, 0x1, [@m_skbmod={0xf4, 0x1c, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_SMAC={0xa, 0x4, @broadcast}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0xe}, @TCA_SKBMOD_SMAC={0xa}, @TCA_SKBMOD_DMAC={0xa, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}]}, {0x9c, 0x6, "c6da7d282e3c55ecdd3faf893a1acd1fe8b2ced6a9915a2270a44835245d0d78297236cd9db5c24d499eec34f60128c557ee068026fa66a80f4e8e004228f8865a388f8366ffc11a2757fd88b0b7e6d7155078115678cc1f4cea6c3f25614efb0a63623ba0b4418a29cfd26d22b4efbd9bffdb595aaa73a17b048bfd3e3b7cc1eae2f5d77cad6da24bd02139d1fc422ffc7df5763748a55a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_bpf={0x74, 0x4, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0xa}]}, {0x42, 0x6, "79c70c368eccfdf0cce1636b65b9bcedd3933c057e2a6d67f5cdfe169533f471336b7cffd71107f5f1dfec5fbfa4b0c1e4acd94291375d00be4d132b2c77"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_tunnel_key={0x114, 0x4, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @mcast2}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @local}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @private=0xa010100}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0xb5, 0x6, "b719652f4a06e57b27e9180bb418b5491b9c22f80920501ad2e8fe463f3292a68ab5d7065116a59a467be39c84c02eaa1474db661c01a67bab0bca3867fbc0621ddbb5d7e2d80755ec6f64bbf2e28c86a1b2106be57b661ff27e8ec338ab140b3d5256def23c9741b8636c3fd43bc90f2d1f9cb170f080d14b2fb9dca974fb421035d3b4f8741f967735106a1d97d43e914b07e3b01fd761abc824d204f5461d2737bf513fa7a2e9560cc5f56d46dbbd7d"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_vlan={0x84, 0x14, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xc2}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}]}, {0x28, 0x6, "21ce783e20530ef8ade741e0358af700ffd870de2acae2e35d9ee886a79c24924df316f7"}, {0xc}, {0xc, 0x8, {0x2}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}, @TCA_BPF_ACT={0x418, 0x1, [@m_xt={0xc0, 0xa, 0x0, 0x0, {{0x7}, {0x14, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0xff}, @TCA_IPT_INDEX={0x8, 0x3, 0x8}]}, {0x88, 0x6, "2634724bbb708016e44e37c7da0556a70cc5534c284bb678c64fbb84ae8404c743abd8bf084267dc75be1574167f83ee4b59ee1313323045f7346ab107aa89ff656bd8b14a74d68f720ddba0b2cf03471a06106f69a3509c01a53ba740c26d2b2856ee3f06e1c7529b79989dedba133af4847af205887733cd5db22b40150416ae6834d1"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_tunnel_key={0xbc, 0x18, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x4}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @loopback}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e21}]}, {0x57, 0x6, "d5d00a7f489750b528604943bc7435c5d840134c074a9c0703ce1a23de0c2d430b07b2e53700e7f271d4da2c235d0770c7ffc61d92bfde6daeafb5899601a1ef6f7ae4147deaefbcf46ad7f27a377b5fa9adb4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_bpf={0xe0, 0x12, 0x0, 0x0, {{0x8}, {0x68, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x2}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x10000, 0x1, 0x6, 0xf, 0x6}}, @TCA_ACT_BPF_OPS={0x4}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x9}, @TCA_ACT_BPF_FD={0x8, 0x5, r6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x2}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x6, 0x6, 0x4, 0x4, 0x5}}]}, {0x52, 0x6, "23e6c19deead65880b89ae9319b4184fe1d781fae6d4753ad4aff184aa5f65508bb9e18cdfe162c5957b9cc9b24a516c4c9fc193d2b017db67c5f48850aed3db5547d1a1857f1fcd1f1c35ff487d"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_gact={0x150, 0x10, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1010, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1bf5, 0x8}}, @TCA_GACT_PARMS={0x18, 0x2, {0x200, 0x1b56, 0x4, 0x8, 0x3}}]}, {0xf3, 0x6, "e592358d93e85583f9595f006861d2558b41fa5348eb6eb084f00df44f2b627a18ed7dc990e3d978b58791fb66c8e9caf2f7e4521f540d1147554a7e41e22d6504818a94646e0192cc5e338202f3dc53905cb93445a9ec04022c44441f0a2bdf97ad627927e2a235db2b500ce6849767322982c2c0719851c91afdfc137df53dfc5016a2f7a22ef7c5f549a60e345096c459c02d876614cf1b4c82ef16fd89c71382b683feadabeac1a906e989a5fbec80be34944ca462cd3687775c9da2fdfe3d287c1322ed0df066f9385fe819bb40b75dc5285d3ff4718d874c78a0d80940cebbb6fe9e1a42183a6c35b4a4959e"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_tunnel_key={0x68, 0x2, 0x0, 0x0, {{0xf}, {0x1c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @rand_addr=0x64010102}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @multicast1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}]}, {0x20, 0x6, "02b2431be0d17b9fda40ff585372af7fcfdfee8b793e1b51bc76e871"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x5}, @filter_kind_options=@f_route={{0xa}, {0xec8, 0x2, [@TCA_ROUTE4_POLICE={0xc34, 0x5, [@TCA_POLICE_AVRATE={0x8, 0x4, 0xdd5}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x7ff, 0xf, 0x2, 0xe1, 0x1, 0x0, 0x4, 0x1, 0x3ff, 0x1, 0x0, 0x5, 0x2, 0x8, 0xdd, 0x47, 0x6b6, 0x7, 0x5, 0x75b, 0x4e4, 0x7, 0x6, 0x6, 0x2, 0x4, 0x7, 0x7, 0x70, 0x3, 0x4, 0x0, 0x5, 0x10000, 0x934, 0x80000001, 0x5, 0x9, 0x3, 0x0, 0x3, 0x3ff, 0xd, 0x39a6, 0x5, 0xad, 0xd, 0x8, 0x2, 0x8, 0x2, 0x12, 0x1, 0x7ff, 0x7, 0x6981aba3, 0xc20, 0x9, 0xd, 0x9, 0x8000, 0x10000, 0x83c, 0x0, 0x4, 0x2, 0x5, 0x3, 0x6, 0x8, 0x1, 0xe0, 0x40, 0x7ff, 0x4, 0x9, 0x7fffffff, 0x3, 0x8, 0x8, 0xe1, 0x8, 0x4047, 0x9, 0x2, 0x5, 0x6, 0x2d, 0x8c, 0x8, 0x3ff, 0x7f, 0xc2, 0x9, 0xffffff4a, 0x5, 0x4, 0x8, 0x8, 0x1, 0x1, 0x7, 0x1, 0x1, 0x800, 0x1ff, 0x5000000, 0x7, 0x4, 0x8ea0, 0x5, 0x7fff, 0x5782, 0x3, 0x0, 0xfffffff7, 0x1, 0x7, 0x3, 0x6, 0x17c8, 0x3, 0x1, 0x3, 0x6, 0xab, 0x1ff, 0x4, 0x7fffffff, 0xfffffff8, 0x7, 0x9, 0x100, 0x7f, 0x3, 0x0, 0x400, 0x1, 0x400, 0x6, 0x0, 0x9, 0x28000000, 0x4, 0x10000, 0x2e49, 0x4, 0x0, 0xd2, 0x400, 0x7, 0x3, 0x4d63, 0x4ac4596c, 0x3, 0xd, 0xf4080000, 0x2, 0x0, 0x5, 0x7f, 0x4, 0x4, 0xa, 0x3420, 0xe2bf, 0x3, 0x2, 0x8, 0x2, 0x9000000, 0x81, 0xffffbc2e, 0x5, 0x1000, 0x9, 0x7, 0x7, 0x3de0, 0x401, 0x1, 0x4, 0x80, 0x1, 0x8, 0x9, 0x400, 0x4, 0x0, 0x8000, 0x101, 0xffffff7f, 0xfffffff8, 0x0, 0xd, 0x500000, 0x0, 0x8, 0x7fff, 0x3, 0x7, 0x0, 0x40, 0x9, 0xfcc, 0x40, 0x4, 0x48e, 0x7, 0x9, 0x4, 0x5, 0x18, 0x10000, 0x6, 0x0, 0x4b, 0xfffffff7, 0x6, 0x2, 0x0, 0x4, 0x400, 0x3ff, 0xaac, 0x9, 0x2, 0x44d7, 0xbb, 0x8000, 0x43d0, 0xf7, 0x3, 0xffffffff, 0x78dbb41d, 0x1ff, 0x9bd, 0xdb18, 0x6, 0xa, 0x12000, 0x8, 0x7, 0x3, 0x0, 0x7, 0x6, 0xfffffffc, 0x8, 0xf6c7, 0x5, 0x800000, 0x160e, 0x9, 0x3]}, @TCA_POLICE_RATE={0x404, 0x2, [0x9, 0x7, 0x1, 0x22be, 0xfffffffa, 0x5, 0x4, 0xfffffff8, 0x80000000, 0x5, 0x5, 0x4, 0xfffeffff, 0xffffffff, 0x7fff, 0x4, 0x6, 0x1, 0x401, 0xbe8, 0x10, 0xfffffff6, 0x6, 0x4e03, 0x5, 0x2, 0x7, 0x7, 0x9, 0xb, 0x9f1, 0x94, 0xfffffff7, 0x8, 0x138, 0x0, 0x81, 0x101, 0xfffff10a, 0x400, 0x3, 0x0, 0x9, 0x2, 0x7f, 0x97, 0x1, 0x9, 0xa, 0x200, 0x6, 0x4, 0x0, 0xc24b21f, 0x1, 0x0, 0x8b78, 0x3, 0x2, 0x0, 0xf5b4, 0x3, 0x200, 0x8, 0xfffffff9, 0xf, 0x2, 0xd, 0x209, 0x1, 0x2, 0x8000, 0x0, 0xd, 0x2, 0x40, 0x401, 0xfffffff9, 0x4e9cd46d, 0x8, 0x400, 0x7, 0x8, 0xef0, 0x8, 0x2, 0x8, 0x6, 0x9, 0x9, 0x9, 0xff, 0x8000000, 0x9, 0xf0, 0x4, 0xe, 0x8, 0x1, 0x4, 0x1, 0x101, 0xa, 0x2, 0x5e36, 0x8, 0x5, 0x6, 0x5, 0xfffffff0, 0x9, 0x4, 0xdd2, 0x2, 0x8, 0xf0, 0xfffffc00, 0xffffffff, 0x0, 0x3, 0x200, 0x2, 0x5, 0x5, 0x6, 0x5, 0x1, 0x5, 0x6, 0x4, 0x4, 0x5, 0x9, 0x0, 0x6, 0x200, 0x7f, 0x6, 0xc415, 0x66d8c658, 0x5, 0x2, 0x648, 0x10000, 0x2, 0x230f, 0xbb3, 0x3, 0x9, 0x2, 0x5, 0x3d8, 0x5, 0x2, 0x7, 0x65, 0xfff, 0x1ef, 0xfff, 0xa, 0x7f, 0x5, 0x2f7, 0x3, 0x8, 0x9e, 0x6, 0x0, 0xfffffffa, 0x101, 0xd, 0x9, 0x9, 0xe20, 0x81, 0x2, 0x8001, 0x7, 0x6, 0x800, 0x5, 0xb7, 0xffff6be9, 0x2, 0x9f7, 0x4, 0x254, 0x100, 0x6, 0x36d, 0x8, 0x111, 0x0, 0xfe7, 0x2, 0x6, 0x4, 0xfff, 0x60, 0x3, 0x7, 0x6, 0x9, 0x8, 0x576, 0x3, 0x4, 0xa, 0x2, 0x6, 0xe415, 0x8001, 0x1, 0x7a85, 0xfffffe00, 0x400, 0xca8c, 0x2, 0x80000000, 0xffffffff, 0x5, 0xca44, 0x6c, 0x0, 0x12, 0x3, 0x3, 0x8, 0x7, 0xa, 0x97cb, 0x5, 0x9ce, 0x2, 0x6, 0xf, 0xdde2, 0xfffffbff, 0xd, 0x4, 0xbf52, 0x6, 0x5, 0x3, 0xd, 0x10, 0x5, 0xa, 0xf6b5, 0x8, 0x6, 0xf, 0xfffffffc, 0x10000, 0x8000, 0x8000]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x4}, @TCA_POLICE_RATE64={0xc, 0x8, 0x5}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x75, 0x0, 0x9, 0x5, 0xff, 0xa, 0x10000, 0x1c1d, 0xce, 0x8000, 0x0, 0x6, 0x0, 0xf0f, 0x5b6f, 0x6, 0xfffffffa, 0xea6, 0x40, 0x4, 0x165, 0x400, 0x8, 0x4, 0x81, 0xe, 0xa, 0x2, 0x2, 0x9, 0x3, 0x3, 0x10, 0x8, 0x8, 0x1, 0xf, 0x7fffffff, 0x2, 0x1, 0x8, 0x800, 0x7, 0x22495cf, 0x0, 0xef, 0x1, 0x0, 0xc, 0x80000000, 0x5, 0xffffff7f, 0x4, 0xffff, 0xfffffffa, 0x2, 0x3a9, 0x2, 0x80000000, 0x6fe, 0xffffffff, 0x4, 0x8, 0x6, 0x8000, 0xe, 0xfffffffe, 0x4, 0x8, 0x8, 0xe1a2, 0x2, 0x3, 0x6, 0x1, 0x1, 0x9, 0xee3, 0x3, 0x8, 0x1, 0x8, 0xc, 0xa, 0x81, 0xe, 0x7, 0x40, 0x5c, 0x12000, 0x858, 0x7, 0x9, 0x38a, 0x0, 0x1, 0x10000, 0x9, 0x4cf, 0x1, 0x718d, 0x3, 0x3c, 0x2, 0x200, 0x1, 0x5, 0x3, 0xfab, 0x3d, 0x1, 0x675, 0xe, 0x0, 0x10040, 0x0, 0x1, 0x38be, 0x7, 0x8ce1, 0xefdc, 0x2, 0x4, 0x1, 0x100, 0xfd1, 0x2, 0xffffffff, 0x8, 0x5, 0x420000, 0xa10, 0x95, 0xac, 0x7, 0x0, 0x5, 0x3a, 0x7, 0x6, 0x8, 0x4, 0x6, 0x3, 0x8, 0x1, 0x8, 0x80, 0x6, 0x7, 0x7fffffff, 0x4, 0x8, 0x8, 0x1c00000, 0x84, 0x4, 0x4, 0x7, 0x2, 0xfff, 0xffc, 0x800, 0x1, 0x61a94bef, 0x2, 0x73f3, 0x400, 0x89, 0x4, 0x2, 0xa, 0x400, 0x6, 0x0, 0x8, 0x2, 0x3, 0x7ff, 0x5, 0x8, 0x24000, 0x3, 0xb594, 0xfffffff7, 0x6, 0x200, 0x8, 0x2, 0x6, 0x3, 0x3ff, 0x47, 0x40197971, 0x81, 0x9, 0x1000, 0x31, 0x4, 0x7, 0x3ff, 0x4, 0x1, 0x9, 0x0, 0x7ff, 0xd4, 0x10001, 0xfffffffa, 0x9, 0x0, 0x0, 0x2, 0x9, 0x4, 0x1, 0x4, 0x4, 0x0, 0x5, 0x10, 0x8, 0x7, 0xa, 0x1, 0x1, 0x262, 0x7, 0x7, 0xffffffa2, 0x4, 0x6, 0x2, 0x80, 0x3, 0x1, 0x8000, 0x5, 0xf, 0x10001, 0x7, 0x4, 0x0, 0x8, 0x8, 0x400, 0xfffffff3, 0x5, 0x5, 0xffffffff, 0xdb06, 0x8000, 0x3, 0x1e, 0x7, 0x6853]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xb1}]}, @TCA_ROUTE4_ACT={0x278, 0x6, [@m_bpf={0x1ac, 0x9, 0x0, 0x0, {{0x8}, {0xac, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_FD={0x8, 0x5, r0}, @TCA_ACT_BPF_OPS={0x34, 0x4, [{0x38d, 0x8c, 0x4, 0x6}, {0xe, 0xc7, 0x80, 0x4}, {0xfff9, 0x2, 0x4, 0x80}, {0x4, 0x3, 0x8e, 0x3}, {0xea, 0x5, 0x4, 0x7}, {0x5, 0x8, 0xff, 0xfffffffa}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x800, 0xa, 0x6, 0xa, 0xffffffff}}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x4}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7ff, 0x1, 0x20000000, 0x2, 0x7}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x3, 0x7, 0x5, 0x2}}, @TCA_ACT_BPF_OPS={0x14, 0x4, [{0x6, 0xa, 0xa}, {0x3, 0x9, 0x3, 0x9f}]}]}, {0xd9, 0x6, "e34fb4d02d3238da187b5295935ba5b8ae08886001d3f339c0877f69d62c9554603ecb09768306453da64361af4d048d875a4703fbb87eacba88af5cc6b10ae09daf31f5bdddb5ddea363935fcb5716fc5fdef98f3d69031444256a353e6b21cf709a003e54543e1677a607e4ddd6d6612910bb02f057fc3a35b86741e73ebe63ad5879fc9819b3dee9d89e00d2bc3c6970b3fe61964168c7e0fe22db885c89770e1f29cbf7fc3b25d35d1ecf4155445ca5f5b346336defb5fbf62e3c309a7194750240b2626ad1d767e67cf96728a41c8ad38f5f5"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x5}}}}, @m_tunnel_key={0x78, 0x1c, 0x0, 0x0, {{0xf}, {0x1c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x6}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e21}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e21}]}, {0x2f, 0x6, "97705208991911a645e0e46b5e803b94bdd04c4ca2bd0f630ed89ac203ef9eba8b8d62dfaf6a71cc067387"}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_sample={0x50, 0x12, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x1, 0xfffffffb, 0x10000006, 0x5, 0x4e38}}]}, {0xa, 0x6, "f763a46db68b"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x74}, @TCA_ROUTE4_TO={0x8, 0x2, 0xcb}, @TCA_ROUTE4_FROM={0x8, 0x3, 0xed}]}}, @TCA_CHAIN={0x8, 0xb, 0x3}, @TCA_RATE={0x6, 0x5, {0x42, 0x9}}, @TCA_RATE={0x6, 0x5, {0xff, 0x6}}]}, 0x1650}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000240)=@v3={0x3000000, [{0xffff4a0c, 0x7}, {0x2}], 0xee01}, 0x18, 0x0)

2.940012001s ago: executing program 4 (id=728):
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
close(0x3)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)='m', 0xffffff4c}])
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000200), &(0x7f0000000240)=r3}, 0x20)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @private=0xa010102}, 0x10, 0x0, 0x0, &(0x7f0000000b40)=[@mask_fadd={0x58, 0x114, 0x8, {{0x401, 0x4}, &(0x7f00000004c0), 0x0, 0x9, 0x80000000, 0x8, 0x8, 0x13, 0x100000001}}, @mask_cswp={0x58, 0x114, 0x9, {{0x8, 0x5}, 0x0, 0x0, 0x402, 0x5, 0x7, 0x200000004, 0x10, 0x7}}], 0xb0}, 0x0)

2.857887209s ago: executing program 3 (id=729):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000190a0102"], 0x2c}}, 0x0)

2.710599343s ago: executing program 3 (id=731):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000680)='fscache_invalidate\x00', r1, 0x0, 0x8}, 0xffffffffffffff3d)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="102d55b69ad68dfe47d9c19226decbd5cf9ef165fb0dff31b63db2810a3eec408f315f5e63ccd3d011b7b98b67ee0ab73a750ad34a43f05c2847ed946d947152d6fbc5cbb33f4343c2f69e88b5c2f2545be5d748452784504d3f9110c33678f3f1"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="c50f00000000000000001100000008000300", @ANYRES32=0x0, @ANYBLOB="08f32a0084210000"], 0x24}}, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x2)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0xffff0000, 0x40)

2.565106187s ago: executing program 3 (id=735):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000b80)=[{0x6}]}, 0x10)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

2.526405141s ago: executing program 3 (id=736):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
msgsnd(0x0, 0x0, 0x2000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbaf, &(0x7f0000002f00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5mm6cwcE38/eHPe97wn8zxPTmfOe2BOA/jHms5+pBGHIuJsEjFZ359GxFC1NxKxWTvu/t3L81lLolJ5+7ckkoi4d/fyfOO1kvp2vD4YiYibryXx749a466ubyzPlcullfr46Nr5S0dX1zdeWTo/d650rnThxOyrJ2ZPzs52sdbbl9774pkf3nj+6vWPZ978/MB3SZyOifpccx3dMh3TW3+TZoWImOt2sJwM1OtprjMp5JgQAAAdpU1ruP/GZAzEw8XbZHz7Y67JAQAAAF1RGYioAAAAAPtc4v4fAAAA9rnG9wDu3b0832j5fiOhv+6ciYipWv2N55trM4XYrG5HYjAixn5Povmx1qT2a09tOov09felrEWPnkPuZPNKRPx/u/OfVOufqj7F3Vp/GhEzXYg//ch4L9V/ugvxn6z+4S5EBICIG2dqF7LW61+6tf6Jba5/hW2uXbuR9/W/sf6737L+e1j/QJv131s7jHH4wUs32801r//e/eTnhSx+tn2qop7AnSsRhwvb1Z9s1Z+0qf/sDmOMz9++1m4uqz+rt9H6XX/lesSR6mqutf6GpNP/T3R0calcmqn93Ob11092jt98/rOWxW/cC/RDdv7HYnfn/9IOY0z979dD7eYeX3/6y1DyTrU3VN/z4dza2sqxiKHk9db9xzvn0jim8RpZ/S8+1/n9v1392WfCZv3vkP3ruVLfZuOrj8QcP3L8q93X31tZ/Qu7PP+f7jDGl99ce7/dXN71AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA3pBExEUla3OqnabEYMR4R/4mxtHxxde3lxYsfXFjI5iKmYjBdXCqXZiJisjZOsvGxav/h+Pgj49mIOBgRn02OVsfF+YvlhbyLBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMt4RExEkhYjIo2IPybTtFjMOysAAACg66byTgAAAADoOff/AAAAsP+13P8X/jIa6WcuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EsHn71xK4mIzVOj1ZYZqs8N5poZ0Gvpzg4b63UeQP8N5J0AkJtCU79SqVRyTAXoM/f4QPKY+ZG2M8NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv68XDt24lUTE5qnRassM1ecGc80M6LU07wSA3Ax0mkweuwPYwwp5JwDkxj0+UFvZP6jUtM6PtP3N4aeOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeMVFtSVqMiLTaT9NiMeJfETEVg8niUrk0ExEHIuKnycHhbHws76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoutX1jeW5crm0oqOj08XOaPQt1mj9zdzmmOH2Ux06OX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQi9X1jeW5crm0spp3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeVtc3lufK5dJKDzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DAAA///6CAm5")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r1 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
pwritev2(r1, &(0x7f0000000080)=[{&(0x7f0000000280)="14", 0x1}], 0x1, 0x9, 0xfffffffc, 0xa0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x53d0, &(0x7f00000001c0)={0x0, 0xc4a8, 0x1, 0x0, 0x100022d8, 0x0, r0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x800000, &(0x7f00000012c0)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d63703737352c696f636861727365743d63703836352c73686f72746e616d653d77696e39352c636f6465706167653d3934392c73686f72746e616d653d77696e6e742c616c6c6f775f7574696d653d30303030303030303030303030303030303137373737372c756e695f786c61747f3d74653d312c696f636861727365743d637034334c2c757466383d302c757466383d302c00"/184], 0x25, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==")
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40000000, 0x0, 0x8, 0x103fb, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x42000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2.23582009s ago: executing program 1 (id=740):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="102d55b69ad68dfe47d9c19226decbd5cf9ef165fb0dff31b63db2810a3eec408f315f5e63ccd3d011b7b98b67ee0ab73a750ad34a43f05c2847ed946d947152d6fbc5cbb33f4343c2f69e88b5c2f2545be5d748452784504d3f9110c33678f3f1"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="c50f00000000000000001100000008000300", @ANYRES32=0x0, @ANYBLOB="08f32a0084210000"], 0x24}}, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x2)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0xffff0000, 0x40)

2.180775725s ago: executing program 1 (id=741):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wg0\x00'})
ioprio_set$pid(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r3, &(0x7f0000000740)=[{&(0x7f0000000280)="581a17919cc77431510e7fc4ed9fb860505f1495ff92f16a44f8a13d58751d926def1f80b315bdc726cdd8b5d1a91f485854af8fc854b0da7a02522fe7b2c21db7a46c48473099d4a4654cfd97a67c9e79afc0d444e6c78b0216d2201b128df9d4ed5b4dbe676fe56a6354f819d997a6acb8595633cff6f77473b2b3abcc65b51cb3d3a30bf9b0b2ce59d568d3a89b49331904da2a37c89ea236f5d5640c32c3ac74e4bde1a62c560cb63836552f881c8a8305d2a13d838a5160a6c06c63decc86", 0xc1}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "00de37d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
readv(r3, &(0x7f0000000e40)=[{&(0x7f0000000f40)=""/250, 0xff1}], 0x1)

1.454105227s ago: executing program 2 (id=743):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x3)
connect$unix(r2, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)

1.453424337s ago: executing program 4 (id=744):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000190a0102"], 0x2c}}, 0x0)

1.415013431s ago: executing program 2 (id=745):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000830b040a0101027f00000100000000001c000000000000000000000008000000"], 0x40}, 0x20000000)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x9)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xffffffffffffffff}}, './file0\x00'})

1.386572954s ago: executing program 4 (id=746):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000a40)={{}, "887a80206f5e34aa1a1ad143c4564c78b8d545ff000f0cbc6439fdd1ea94e28a7f11105fb2b3294e5994d4f469b1e323e53b4a0e9ce69726235db36fc674bcd6005c2a988255ceb418d460fe20107a6fd7d529596866e0d1442d9ebdeaac6274fd85be7a4a111ccb1ba0ba7a2e0bbebfbac043ce517eecfdcdcf366d8be71c1ef2233609fcd0b327a1c4a02f426f2a33e8a57b68546bed76667239d67c278f7901ba4bf3883ad147d12cbb552854ff8f2554386eec32120479ae32675a55d3963665a4b829c7911ae52422fc9aadeaeffbb867da5441850cd89fa29d9a7f628f1909612e64a6ac0606047f188620437d837ce9979209be2695cdde7ad08df4fbe754d915ff3566bcd2264f9f088beb7b69f19f0cbbb69560e03a7311d9a3ee3b466ae1034899c508c96c8a4f724628179e95d704d0e457907c08f8319ce7f6f74386a0ff1478f2ec8ce52fb8a436e094efda8b94b06e1804d6d12cfc6ed8f343c24954ee5a56fdae0c310a9275c71ac8035cb4fbbd2d3398d89ad3ad2f07f0854cbb8528f03d1097860db3ece5e2fa6412006c62db492f4bea5e3fa377705023bf281f1836383e5ab951678834deb0b2b850f3bb91d2b556fdb02252c045236a5a0c209c4e747412acda0dd44bf5dbde75945713b01bc1d7c49cf1d69817037524de49a81004ce63714af60ef334a5ceb2db2e31fe1a50d38a43185b81a3e872883663ef3361d287c24929cd8470a089d4c253cf8eb660cf328adbe45daf74771ff1a1c389e6c93f9c51b071b490e4d0701afd712f434b268ae973ccbd6414d86d89aa40b38d4b87a2de797d516c1a3c7ff2205407c4c1236b84727df41db4690e6ffbfaf2e519321ea814f053bb50ab18084955fd671262e80903f527575299da14bc66aee67c8c2dad8f3d5f132ad5c197c9210f876334f53a7c7961a2b8fac03c99eeb8aafe48204b5c5fb4f1df28f9e881877f16098287570f51359652ad3877cb3eccae9dd1f6b72b515e7f05de2b9ddb721b3a7142e2e34798bb6714ce02ab9e53e46443629c65cc3446c34aec1a9f469e14fe7b34d6aa20723583ada689fecfb66ccf6222ff459941af81320ec7c1a5502246654c35f5b183225707d7ef787b7d9720d045f455867691489f6f3086cbf5050ef2a1df3fef4af11620fdd9d2496117dc49512b0901f9ec01e2985556203c4a71b4e15581584a0a4568029059081f896e80934abb237a09e0991d5bae7cb7b18746fa6d92baed9442f69715fa0c91eec36fdbce7359763b506ff12fb1188d4b0576f99426df2c24550a6e5c6196de9a0173ef1925f220b04236a8d54cd1495dd0afd4194c47cb37a734a2724dd6dcdd7cc515b491ea85194f5f560aec72886b0047766cc9655a584e045299b0c6cbb02cd2f85095cf2d7bb5cb26ce6e0e7a9d14b02dc0dc0843a497e709143ab87cd6525834863d335550e53666f77cba608922265fd322985987d3ec8c1ae85df3c49759122643c9fc78fd367c6c468c2c9858f794e2e52c1f8d95bdc34d7a2fdcfad37163ecd54de27e96e5d3d90704477b68b0d4954465839cd4746aceb946549d1cf9772b7e4edcbaabcf3cc5e42996d5ea3eb31d269f812a7d58b90efc72059e7ac6e24b1d036e7e781267b2126b3bd43aeaf9c5423f17db5029dc7adaf2cc1a968d19d70ea431983f918a617cb59da25b25df748ba2e73e64ab4518d147c32e7703cd7d2e3c9b8688534daabba2d443f0dfae1fb88711dc6be93a6bc652206fe88d7524fb07c46e8324c5e963d2d5531360c732cd0e31cf33b08c63675dc6249b5cd0781d3bbd3484c0e0f296c13793dfd5df8b958e69eca3936eddc2ba870f27f31d17fe73f7d88cb1172af55b792d36d93bf56edb85648ccb38280b9a7090dcbb94f9ae1a72e2d882d863931843da7508480e0d4782652c3c6ed1a8be7017de8aaf1a2e851505cee33b2c7409689a03692f6ddc027034c183beb44061c0b7a5303208a49c31cac9ec8840daf27814901ca6213a68f4859e76eb39fb7483171e8b1603c73b2b18bde87e339b163c3ecf78e39a2f59ae77014222e3699b3f0b22ef709b9806acc7d88206f49488f84b7471705f371cd0dd7d206947b64c9197b3ccad22792ec3614c5c19eb83539d26e6e1219b03282c1a79f280277f416cd7c7037aed24edbe7305dc85d935b1ba97d470761cc0e873656926322ec8739fb459f58a71751aa8b84cfa9e5a504b2687569d60e77d59cc46dddf4bc8f0c10ba5002e29d0c59b563b30b39aa73685378440097b7002f1be0ac9e197121b10ee9632a98e85426298689b9334ea8b0947933d3d5ed2b3880ce8f25bfd248967cefff3168f7236d97a6e6a3ef004416cfa19af39121834c329c7888d3a036fb6ec4c86f4087b6e1ce68b6a7250f33d43f0ebc7f3215a684bd8008d28b73779efb4593847a362e80c135a463d07070d00702949d50d963b1a30291f919103679a27721256bc8e63a69b49f0e4d27bb3f221cb82ad92f0619009138b29d7f3de506e34b3ffb9303f35c16bac0353fddd1de4c8fca677068f0b2c231f4bf45620f8df329aa1eea5585c6ffcb8b6d1edd09db69093071542f887f713a2866564ad70ba0e14cbc15cee42c8506aa3c9ae9ac5141e06c860f6def76a8aebbd170205fdaad3e1118299acbf2643caaad42ed452a3ce6c12352314ab4f3cfc0970f6a512186e875b555c45aa6199990985f37f039504d92e0bfd4ebc3e0739a366fb9eb1fdd6d44332c132a7a6014a60f0cd1bb3916154ce0315c3f18113c8d843f8b1ae5ace76770e50df7d50a7e3c9542b41e189b7c267b480645840d5de05f14768cdb716597cdeb2326de4fa16a8d16bf5dfaeb78fb878f7f6582b3ac0dc1dcdef360a405798b0592b8da9c7fc095c72091a8e3eac9699e989eeacc2adcfe7bc981c2906b86c42100c3cd204a5263f89df184454a30a0125c1293aec1d21fe883a62346a5c41298e71bce94470bb72e9b84a97a0f03667c5841a5d4142ebca49f0069cdb2280b584e49d6a706770964cb3bf947e43572d438220248f69fcd89da17307fcc4f783ab3ebc649b379a63c141cb9a6f0ce742d3b612f03f79e5d176b58aa8953302fed199a5f76fbbd44b9c80d6363de050b334b2f1b170e3e1730cdd0a4ac30be35346785b5a1da6fcc3cf02f941980cd449c1d8ec664202e1eddd930fe17cce52daeb5adec6ab14ce0932b462e7674f6c9412755c346c8850ab4121e12b35ac9833e713dde395ac10cf5b10e021d23379f219a4038e36efb441d561be74c68650f981f59d49f3ffb5d6f4bd094673dcc5027d2a3d66f2963629a624068b56ab609965cb5c722ad1ef9db17a5c2eb617ee318b1e7bd0746d47af5039277f4a9fa966a7fa4686094596e8a867d4cf99829a86459011c08abb5bc7b74593f22e2032fc86a0f11cdd463beaa93a58039a04d93a7c3236d007219cfe1032fcdaae3acd4330167e625be242946c3bc9a9af5d93f9ddc8032fe22cd3d6509a2ba9174f62e95ff4d9347b1ab80f475f81d8b7d6400767f2c798562617f268e21a67c8f362318f6c3a85004c88d56ce12813baabd95028a798e6004e7acaa8e4b138bbaa822dc6ba1c5e7ecc781dc7f4b2437f03b0adf6d895f0ab6eef0881096bae974a42c9d296f5ab71ff43e082b7ea76372e3ad15dda367328f8f1fc3fc2741fa0efba7735ea0e387c9a68a11e85d3be1b0e23578fbdf7963206efbd8de7849c864fc7485d19c742cc7ecab9b96bc8662ce13892f096a70834d92d5380c590db8706c4aa9381631666b0fbe5a6d089e796392257beb0dade3afe44c3250c6fc260db2e67ab381c7a40c39486b75bc99ccbe5a193c84a73bfa546ad8c8473d8a5cb2f1218de7b32749753c31f8a102ea9ed6f7ca66c8018689e78f255b1ba667e9cae59ec45235662cff08ad834347c8a73b03535e8a25d79fee51eff8af789be46bdaaaae9cd9f07a1d499174a7e1bef180c5eb7e0b76b8c41604085fbd23f764e6256f6265233b397a731bf0b7a4b03ba6c9304a1befd38ae53ec2173919967448908262b3ca1e187f60124b1a1a9dc6f0c83cded911f7bc0cc46a9c300b0086ab3420a6b6ca08d4243d64ace6d0957d0ff42e0ed61a7fe3281bfa01b77e08eec7cdaba888ddf9a08e9af21108a0b03b74d0942d5d0e755ac9cdaa109ac5cdf92f6d287231b2204af299cf63e813a26d94f0dba86270990e78872e4c0dfda143b744b498e0ed07c053b2e55f35942712765b657a9ef3cbd2ff21b7a651d025dc91f6c03465d9cf6afd9629c8f09be008376e9d61f7bf45d846cef9b0a300e2bc441f4664b6604b85c41798a3a53a0381bdab68873edfd823475abe9b17527333e7bf5beacb9ebe7a6f97087e47cabf64d8f69bee8eeeb89d9af9a9aa126e214f71c9e2370db44fd84362859029ba553131ed931cec422a12f01c0aa0862da6586f2394a8709ef9e4839ea0e9d7644300b1b6139e3015d4cfb324c57543a1ba0a112c81477e20c19fd7561425706ed17bd274d3894be000892f9e6eee485a9abf272c43e2de40863f0143ef927dd6b77eeb64e61441ab1550a9ee729ddc31dc075a1986ad34e6ad50fb2422b50884507f574073bdf35170556328eaf1b8434ca78ec1049d90c05a26e2bd8c14aef059897ec772ab3203cd7f5f49d88a8fecc1fdcb1dd950f3bf5342018f3a6f6d4cdda1066d5bcb1be26aaff09cdfdfd13f96c682ef39503a66194d6f79535f9e01f14a2ba22613ec5228a5f994f21424bfa48a5a67cafe23f51ba796487cfce1db056c52c5286c5ce5542e2a336b3508c59eb11bdc9c3ff6dcbc476c9180b282451f371e5a91902f29531fe88bee6e0dded93936212878b16b4f4f42df157d29f3dd60d35166ad3741aba6cea96d4d4f06d32a0c54d7974359f87ff941d97908e6119b8763fb2d04c5fc83036bd01f9d8e5d52a31c0bacee5a7f499e0e8b596e61aeec0b78185cb7a4c9c56ce525da330173183d02e8fc9bfcf1fee05549e392687ec17812fe619c061b13e48cde26ea6cf988e69739a45d624eb0091eadb09e324a56fe96c64bc18ccddbd93fdb385d1e8094e5caf63cb823b2be52d5fc157408520d21e869c8440639187f172fa53fc3de9340ebe68bfdbbbd163c235de2b004c7dbe8e7d9b2ad69dd52768ff9200dd487497b9939dedca86b1845b2e7107f1c475c6c8463cb0fcef003921b2ca8150578f6e67a455d3eeda3c2b6f0fa3638bd33a22fc21fa75779f8ea38ec8927db5b435f2ab58874617719ff195439970794481507af71b3d97d7cf89c03e26f96af4e80bf1c0c7bbc0eba8011b455b783d09f1f18b6aa4bb2b32a327e5383defb287bb0189cbf967d7934911b711a9639147d558d108c34ecac76218d4f43823e2d27a5fdbbf5cca222451c67c41f4bfd91ebd4eddcbb8b5f72b2f89e8bac89f27a4994707533fb226eddb8fffbf4e3ccbd8de7d56988f98e387915e74dc7b458b0afd0de3685fa889e2d1bc60b2bce95994d4d5ab397189fbb2b0c5014adedcf820282f9c238cd7200bbeee1a0ff667cdb758db6c76445c137485bb52592b84005d2da4b95d4ae21191c5f7ce57acaaa165f94a90c9e21bf57839d67a9151ee5ed379e19fac033ac73119f22b5e97b02d0b796245321e559b59544327489425ca65553e193ef689095b4d98a2cb664a4a5d65cdb50bc3ba51f2ea30c002253866d09c530313f6ba702026d1183c0bdd2d8895f118f39e"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x0, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="06080000c000000000e6558649371bc330d5e4d7ecece794da56b00700000000000000cac76073507cf24bef1a3d786d515c49548de64fb065563afbb074b4cff01d94dac05ae964a2a2801fc24ddbda95866e7ca98a079635b325d8a7b26f786801d4e963a307896a2534af6f942f724e3df5fdd151d22c756705d98b6fbdd8c1718ff47c4bf45a54c9ed6c9eda37397c544c0664e2ec223b40467321c4430f9774908ae8a662367fdcf85a8e48c49b61d8", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@multicast, @random="bad4f9431624", @val={@val={0x88a8, 0x4, 0x1}, {0x8100, 0x6, 0x1, 0x1}}, {@ipv6={0x86dd, @dccp_packet={0x8, 0x6, "ef0ea7", 0x10, 0x21, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[], {{0x4e21, 0x4e22, 0x4, 0x1, 0xe, 0x0, 0x0, 0x6, 0x5, "a09617", 0x6, "549a6e"}}}}}}}, 0x0)
syz_open_procfs(r1, &(0x7f0000000000)='net/kcm\x00')
syz_clone(0x60100100, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB="000000000072abc8137a77000000000000002012", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/18], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001680)={{r8}, &(0x7f0000001600), &(0x7f0000001640)='%+9llu \x00'}, 0x20)
socket$nl_xfrm(0x10, 0x3, 0x6)

1.354289157s ago: executing program 2 (id=747):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000880)=""/202, 0xca, 0x100000000000000, 0x0)
syz_emit_ethernet(0x44, &(0x7f0000000200)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x2, 0x22, 0x36, 0x66, 0x0, 0x8, 0x1, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x31}}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x3, 0x29, 0x780, 0x64, 0x7ff, 0xc1, 0x1, 0x0, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}}, '*\x00\x00\x00\x00\x00'}}}}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x54}}, 0x24008844)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close(r2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=@newtaction={0x68, 0x30, 0x301, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0x5, 0x1, 0x1, 0x80000000}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0x2400c000)

1.243934808s ago: executing program 1 (id=748):
prlimit64(0x0, 0x6, &(0x7f0000000040)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000400)=ANY=[@ANYRES32=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r4, @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000580)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r7, 0x0, 0x5}, 0x18)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
close_range(r8, 0xffffffffffffffff, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r10, 0x29, 0x20, &(0x7f0000000240)="0bbb268dd6ffa808000000003d5700000000210d0000aaa8fa017242ba9380d42400", 0x22)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r11, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$F2FS_IOC_GET_FEATURES(r3, 0x8004f50c, &(0x7f00000004c0))

1.205805721s ago: executing program 2 (id=749):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
open(&(0x7f0000000240)='./file2\x00', 0x145142, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0x10, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x10)
r4 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2000, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff00000001, 0x1ff}, 0x0, 0x3, 0x0, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r4, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = socket(0x1e, 0x4, 0x0)
r6 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r7 = dup3(r6, r5, 0x0)
recvmmsg(r7, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x240002)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x2b, &(0x7f0000000380)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r8}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

957.484356ms ago: executing program 1 (id=753):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
open(&(0x7f0000000240)='./file2\x00', 0x145142, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0x10, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000000000085"], &(0x7f0000000280)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x10)
r4 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2000, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff00000001, 0x1ff}, 0x0, 0x3, 0x0, 0x0, 0x8, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r4, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = socket(0x1e, 0x4, 0x0)
r6 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r7 = dup3(r6, r5, 0x0)
recvmmsg(r7, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x240002)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x2b, &(0x7f0000000380)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r8}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

871.704764ms ago: executing program 2 (id=754):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000680)={[{@jqfmt_vfsv1}, {@barrier}, {@grpjquota}, {@norecovery}, {@noload}, {@nomblk_io_submit}, {@errors_remount}, {@grpid}, {@journal_path={'journal_path', 0x3d, '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/'}}, {@nodioread_nolock}]}, 0xfc, 0x582, &(0x7f0000001f80)="$eJzs3c9rHFUcAPDvbDbpT20KpagHKfRgpXbTJP6oIFiPosWC3uuSTEPJpluym9LEgu3BXrxIEUQsiH+Ad4/Ff8C794IWipSgBxEis5lNt8nu5keTbtr9fGCS93Zm8ua7M9+X93Z22QD61rHsRyHi5Yj4Jok41LKuGPnKY8vbLT68PpEtSSwtffpXEkn+WHP7JP99IK+8FBG/fhVxsrC23dr8wnS5Ukln8/pIfebKSG1+4dSlmfJUOpVeHhsfP/PW+Ni777y9bbG+fv6f7z+5++GZr48vfvfz/cO3kzgbB/N1rXE8gRutlWPl//LSYJxdteHoNjS2myS9PgC2ZCDP88HI+oBDMZBnPfD8+zIiljopdlsJPPsSKQ59qjkOaM7tt2ke/Mx48MHyBKgR+1Br/MXl10Zib2NutH8xeWxmlM13h7eh/ayNX/68cztbovvrEPvWqQNsyo2bEXG6WFzb/yd5/7d1pxsvHne3uo1++/8DvXQ3G/+80W78V1gZ/0Sb8c+BNrm7Fevnf+H+NjTTUTb+e6/t+Hel6xoeyGsvNMZ8g8nFS5X0dES8GBEnYnBPVu92P+fM4r2lTutax3/ZkrXfHAvmx3G/uOfxfSbL9XJEDD1J3E0Pbka8UmwXf7Jy/pM25z97Ps5vsI2j6Z1XO61bP/6dtfRTxGttz/+jO1pJ9/uTI43rYaR5Vaz1962jv3Vqf+Px78wdtuz87+8e/3DSer+2tvk2ftz7b9pp3Vav/6Hks0a5mQTXyvX67GjEUPLx2sfHHu3brDe3z+I/cbx7/9fu+s8mX59vMP5bR2513LTX138W/+Smzv/mC/c++uKHTu1v7Py/2SidyB/J+7/28mtlowf4pM8fAAAAAAAA7CaFiDgYSaG0Ui4USqXl93ccif2FSrVWP3mxOnd5MhqflR2OwULzTvehlvdDjObvh23Wx1bVxyPicER8O7CvUS9NVCuTvQ4eAAAAAAAAAAAAAAAAAAAAdokDHT7/n/ljoNdHB+y4xhcb7On1UQC9sO5X/j/2LU2/7+ixAE/XuvkPPLfkP/Qv+Q/9S/5D/5L/0L/kP/Qv+Q/9S/4DAAAAAAAAAAAAAAAAAAAAAAAAAADAtjp/7ly2LC0+vD6R1Sevzs9NV6+emkxr06WZuYnSRHX2SmmqWp2qpKWJ6sx6f69SrV4ZHYu5ayP1tFYfqc0vXJipzl2uX7g0U55KL6SDTyUqAAAAAAAAAAAAAAAAAAAAeLbU5hemy5VKOqvQsfB+7IrD2MkAl21p9+JuiUKhQ+Fmfno3t1cPOyUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWOX/AAAA//9yDy9a")
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x10, 0x0, 0x0, 0x0, 0x8, 0x40988, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_bp={&(0x7f00000002c0)}, 0x16088, 0x0, 0x800000, 0x6, 0x2, 0xfffffffe, 0x8, 0x0, 0x73d, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03"], 0x34}, 0x1, 0x0, 0x0, 0x66df5cfbe53006d1}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001bc0)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r1}, 0x20)
chdir(&(0x7f0000000000)='./file0\x00')
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2212410, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x4e24, 0x9, @remote, 0x4}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000000)=0x1, 0x4)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xa6)
close(r5)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000440)=ANY=[])
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r4}, 0x38)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
syz_read_part_table(0x1058, &(0x7f0000001080)="$eJzsz7GpAkEUBdA7O58vG9mCTViIghVYhKkGNmMXJlZgNyIrs+JiBWpwTvDgvnlcmPBVf8n5P8mqtlTu47KMs2bRvcVLTdeW5Rmzb2MY+sPUVafjsrv2x1abPrPX83Cr7WabZN7yetltTh/6JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8tEcAAAD//6rFDAs=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
r7 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r7, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r8 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r8, 0x10f, 0x87, &(0x7f00000008c0), 0x43)

507.14398ms ago: executing program 1 (id=755):
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r2 = gettid()
fcntl$lock(r1, 0x25, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x0, r2})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r3 = semget$private(0x0, 0x6, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x200026, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
semtimedop(r3, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x40000, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x229}, 0x50)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r5, @ANYRES16], 0x4c}}, 0x40000)
sendmmsg(r5, &(0x7f0000000000), 0x4000000000001f2, 0xfc)

468.802564ms ago: executing program 4 (id=757):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000190a0102"], 0x2c}}, 0x0)

427.791508ms ago: executing program 5 (id=758):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x0, &(0x7f0000000780)})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4a, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000002c0))

393.645971ms ago: executing program 5 (id=759):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x0, &(0x7f0000000780)})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4a, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000002c0))

392.590181ms ago: executing program 4 (id=760):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1, 0x0, 0x8}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="102d55b69ad68dfe47d9c19226decbd5cf9ef165fb0dff31b63db2810a3eec408f315f5e63ccd3d011b7b98b67ee0ab73a750ad34a43f05c2847ed946d947152d6fbc5cbb33f4343c2f69e88b5c2f2545be5d748452784504d3f9110c33678f3f1"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="c50f00000000000000001100000008000300", @ANYRES32=0x0, @ANYBLOB="08f32a0084210000"], 0x24}}, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x2)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0xffff0000, 0x40)

324.488388ms ago: executing program 5 (id=761):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="102d55b69ad68dfe47d9c19226decbd5cf9ef165fb0dff31b63db2810a3eec408f315f5e63ccd3d011b7b98b67ee0ab73a750ad34a43f05c2847ed946d947152d6fbc5cbb33f4343c2f69e88b5c2f2545be5d748452784504d3f9110c33678f3f1"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="c50f00000000000000001100000008000300", @ANYRES32=0x0, @ANYBLOB="08f32a0084210000"], 0x24}}, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x2)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0xffff0000, 0x40)

193.803711ms ago: executing program 5 (id=762):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

101.21466ms ago: executing program 5 (id=763):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYRESDEC=r0, @ANYRES32=r0, @ANYRES64=r1, @ANYRES64=0x0, @ANYRES8=r1, @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x371d, &(0x7f0000000440)={0x0, 0x4fff, 0x400, 0xa, 0xffffff}, &(0x7f0000000380), &(0x7f0000000740))
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)

93.63893ms ago: executing program 1 (id=764):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="070000000400000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x6, 0x0, 0x7ffc1ffb}]})
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x3)
connect$unix(r3, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r4, 0x0, 0x0)

65.704943ms ago: executing program 5 (id=765):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYRES8], 0x1, 0x0, 0xfffffffffffffffe)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='configfs\x00', 0x1000016, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081140000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071108500000000001d300500000000004704000001ed00000f030000000000001d44020000000000620a00fe040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a8641aa05a1336b3b4c4becea710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343cccc953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
pread64(r3, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
r4 = socket$kcm(0x2, 0xa, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000040)={@val={0x0, 0x88f7}, @void, @eth={@broadcast, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x66, 0x0, 0xfc, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0x8000, 0x8100, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x5865, @void}}}}}}}}, 0x32)
r5 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000080), 0x18)
utimensat(r5, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x2}, 0x18)
syz_read_part_table(0x5be, &(0x7f00000005c0)="$eJzs2z9o02kYB/An1SAonIuTk3VwOFwURzOoJFFRCNEu4qCgiJgpghC5gKCDzdDSDKVjl1LI0j9T0wwdjpYWOpfSoUehQ5c72qXQpTlK39vb6x8QPh94eXjf95s8v2f4jb/gl9YT/3S73UxEdC8d/9d9rXzhyY3Sg/LLiEy8jojeP3+bOrjJpMR//3oz7dfTfmz0cqd/53G2tfZi99ab+UZPuv+W1pXxdt+Jh+PMTeQWrn7/US0O1HIfV4v1zZ8ry88nt/Pl9rNGc+pp9tG7lFtM9WKqn6MWX+NTvI1KVOJ9VE+p/0hr487+9WJr5sP9vUJncO5uypVOOOdR+3/pHXrVrD+8PX1t+F5tdqm8deEwV/kfbxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdvIrdw9fuPanGglvu4Wqxv/lxZfj65nS+3nzWaU0+zj96l3GKqF1P9HLX4Gp/ibVSiEu+jekr9R1obd/avF1szH+7vFTqDc3dTrnTCOY/a/0vv0Ktm/eHt6WvD92qzS+WtC4e5yqUzegAAAAAAAAAAAAAAAAAAAACIiHzhyY3Sg/LLiEy8jojf//6j5+C8m753z6TczVTX0/nY6OVO/87jbGvtxe6tN/ONv9L5t7SujLf7zn0Yju3fAAAA//8CE5V6")

59.437104ms ago: executing program 4 (id=766):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[@ANYBLOB="00e789da34e04a1ffb124b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d882eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235030000004ed0351cb5b416ba1c57217be5a338392f831617ee8c35bb61f0a9eeed3b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076a893752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855ac250f8f73e16bc593730b88d7a3346b945e276875915040ce4901262cd8ce8191ee84e3ce5526a0a43b707cc711a3311f840cad641a013c6dd783aa895227b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a5c3106aba648f119eeab4747b9b53000475e0a34514ccf397ea6f170e018122a98f135beac48d2ed195e20fdd226c7f5a20000ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6507355cb1112fae6e3456bf8da53e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65ec742443c84e21a440998c8d69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b9bac96b838c98ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b3edd6c44d633b71bde97a3c10a468432ff3d4e63ce3ecfa640d44b70b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d563f8e4ec9a98016b6b58157deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a2993ff038d8099c229bda0801f8b81719d73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14f67beee619b9d9882f7eabfb5000000000000000000003ff8795b5ec2de11479e781396117c84449647684239c9b9475b389a6a76d36c31f39539d928d2c58f188b4bf713d0915df4cc7de48a930935dbb01c9422d604467d209fd1421c7fc503cabde4bb193ff3654377c6e4fb72dcfc835f760bae7447068c2e43433e3d77c6805b559a04f3ebb741a9bbf57274b1da7800000000000000000000000000000000000000001c4f225672f3465b2638e921d80d58dca4ee4592d8cc0c06b2e390b7b1c713a46bc8ece9be25f055a59032576bc00a844c32b46040a607eaeb886ec0cb8e90c5a4075caa8a358ab81e78ad794a20f772b73466a43cd696401521793e54b1c4aa58d506b661f393e7233337473f36c2dbb15ae673afe82ebe45cc6f776162e43b74d9b9ca6f68d6bc8261600b27431e0f6f4f1e0947f69d2d812ebc9d2a8869b14a84dbdcdc5055b97a241e2f707740bb966b6c58408aceb9f6a943f614d2a6093c60c0dfb511b02f191ef6fa6e5a1a86687a44ec6098439a2ef55a4ba07e2b0f62ae86e1458f63f6b8b2d2b9990495f17b6d1052b19472a97d41204a8be48e380be2e6885c7de0807f2c154ad4f25b16027bc4aeb85dc798e7eef25631bfd79c8e0aff725dcd4b91c61bf8d72f74e4dbae"], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0xa, 0x0, 0x1000f4)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES64, @ANYRES8], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0xf1c38fa000000000}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x144, 0x10, 0x1, 0xbffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x40, 0x0}, @in=@local, 0x1, 0x794, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in=@broadcast, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075a, 0x3}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x10)
socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000006c0))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000009c0)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x58, 0x58, 0x4, [@ptr={0x3, 0x0, 0x0, 0x2, 0x5}, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x6, 0x4}, {0xb}, {0x4}, {0xa, 0x3}, {0x9, 0x3}]}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x2, 0x80000001}}]}, {0x0, [0x61, 0x5f]}}, &(0x7f0000000900)=""/137, 0x74, 0x89}, 0x28)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f00000000c0), 0x80880)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0xae6cf2044eafee5a, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)

0s ago: executing program 2 (id=767):
prlimit64(0x0, 0x6, &(0x7f0000000040)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000400)=ANY=[@ANYRES32=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r4, @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000580)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r7, 0x0, 0x5}, 0x18)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
close_range(r8, 0xffffffffffffffff, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r10, 0x29, 0x20, &(0x7f0000000240)="0bbb268dd6ffa808000000003d5700000000210d0000aaa8fa017242ba9380d42400", 0x22)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r11, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$wireguard(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$F2FS_IOC_GET_FEATURES(r3, 0x8004f50c, &(0x7f00000004c0))
sendmsg$WG_CMD_SET_DEVICE(r12, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r13, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x10000}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x10)

kernel console output (not intermixed with test programs):

off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[   36.149926][ T3597] netlink: 'syz.2.38': attribute type 4 has an invalid length.
[   36.157607][ T3597] netlink: 17 bytes leftover after parsing attributes in process `syz.2.38'.
[   36.182668][ T3600] netlink: 'syz.1.35': attribute type 4 has an invalid length.
[   36.190298][ T3600] netlink: 17 bytes leftover after parsing attributes in process `syz.1.35'.
[   36.258276][   T29] kauditd_printk_skb: 355 callbacks suppressed
[   36.258294][   T29] audit: type=1326 audit(1761536116.050:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.288507][   T29] audit: type=1326 audit(1761536116.050:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[   36.311960][   T29] audit: type=1326 audit(1761536116.050:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.335356][   T29] audit: type=1326 audit(1761536116.050:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.359300][   T29] audit: type=1326 audit(1761536116.090:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.382611][   T29] audit: type=1326 audit(1761536116.090:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.405833][   T29] audit: type=1326 audit(1761536116.090:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.429521][   T29] audit: type=1326 audit(1761536116.090:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.453227][   T29] audit: type=1326 audit(1761536116.090:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.476692][   T29] audit: type=1326 audit(1761536116.090:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3594 comm="syz.4.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   36.520508][ T3610] netlink: 8 bytes leftover after parsing attributes in process `syz.4.41'.
[   36.598314][ T3613] loop1: detected capacity change from 0 to 512
[   36.636058][ T3613] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   36.654493][ T3613] EXT4-fs (loop1): orphan cleanup on readonly fs
[   36.672020][ T3613] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.42: corrupted inode contents
[   36.693787][ T3613] EXT4-fs (loop1): Remounting filesystem read-only
[   36.711428][ T3613] EXT4-fs (loop1): 1 truncate cleaned up
[   36.744837][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   36.755653][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   36.766473][   T37] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   36.777326][ T3613] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   36.813960][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.859319][ T3634] loop1: detected capacity change from 0 to 512
[   36.867320][ T3633] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   36.875740][ T3633] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   36.886896][ T3634] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   36.978192][ T3643] Cannot find del_set index 2 as target
[   37.093585][ T3659] loop4: detected capacity change from 0 to 512
[   37.110159][ T3659] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   37.146084][ T3639] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   37.198388][ T3659] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[   37.375150][ T3685] loop4: detected capacity change from 0 to 1024
[   37.392951][ T3685] EXT4-fs: Ignoring removed nobh option
[   37.398591][ T3685] EXT4-fs: Ignoring removed bh option
[   37.433593][ T3685] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   37.459327][ T3692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.58'.
[   37.471023][ T3685] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.492726][ T3685] netlink: 4 bytes leftover after parsing attributes in process `syz.4.57'.
[   37.501546][ T3685] netlink: 7 bytes leftover after parsing attributes in process `syz.4.57'.
[   37.510324][ T3685] netlink: 4 bytes leftover after parsing attributes in process `syz.4.57'.
[   37.519166][ T3685] netlink: 7 bytes leftover after parsing attributes in process `syz.4.57'.
[   38.285978][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.332479][ T3709] syzkaller0: entered promiscuous mode
[   38.338092][ T3709] syzkaller0: entered allmulticast mode
[   38.473148][ T3725] x_tables: duplicate underflow at hook 1
[   38.507682][ T3728] Cannot find del_set index 2 as target
[   38.537362][ T3722] syzkaller0: entered promiscuous mode
[   38.543090][ T3722] syzkaller0: entered allmulticast mode
[   38.557008][ T3730] SELinux:  policydb version 0 does not match my version range 15-35
[   38.561146][ T3732] netlink: 8 bytes leftover after parsing attributes in process `syz.2.70'.
[   38.565270][ T3730] SELinux: failed to load policy
[   38.629525][ T3734] netlink: 8 bytes leftover after parsing attributes in process `syz.3.71'.
[   38.724240][ T3738] loop4: detected capacity change from 0 to 1024
[   38.739491][ T3738] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[   38.819163][ T3745] loop3: detected capacity change from 0 to 512
[   38.848457][ T3745] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   38.864393][    C0] hrtimer: interrupt took 28337 ns
[   38.874751][ T3745] EXT4-fs (loop3): 1 truncate cleaned up
[   38.880975][ T3745] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.917903][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.992012][ T3763] SELinux:  policydb version 0 does not match my version range 15-35
[   38.995465][ T3765] x_tables: duplicate underflow at hook 1
[   39.010368][ T3763] SELinux: failed to load policy
[   39.071572][ T3744] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   39.085718][ T3772] netlink: 8 bytes leftover after parsing attributes in process `syz.0.84'.
[   39.204331][ T3786] msdos: Unknown parameter '�PL'
[   39.246986][ T3789] loop3: detected capacity change from 0 to 512
[   39.256575][ T3787] syzkaller0: entered promiscuous mode
[   39.262232][ T3787] syzkaller0: entered allmulticast mode
[   39.289777][ T3789] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   39.303048][ T3789] EXT4-fs (loop3): 1 truncate cleaned up
[   39.309216][ T3789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.382916][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.404945][ T3797] loop4: detected capacity change from 0 to 512
[   39.441792][ T3797] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   39.443572][ T3800] loop3: detected capacity change from 0 to 513
[   39.450024][ T3797] EXT4-fs (loop4): orphan cleanup on readonly fs
[   39.464878][ T3797] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.92: corrupted inode contents
[   39.477055][ T3797] EXT4-fs (loop4): Remounting filesystem read-only
[   39.484193][ T3797] EXT4-fs (loop4): 1 truncate cleaned up
[   39.496797][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   39.507390][   T52] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   39.527395][   T52] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   39.538269][ T3797] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   39.554593][ T3806] Cannot find del_set index 2 as target
[   39.564572][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.583344][ T3808] SELinux:  policydb version 0 does not match my version range 15-35
[   39.598858][ T3810] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   39.607234][ T3810] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   39.626878][ T3808] SELinux: failed to load policy
[   39.694916][ T3820] netlink: 68 bytes leftover after parsing attributes in process `syz.1.97'.
[   39.742380][ T3819] netlink: 'syz.4.100': attribute type 4 has an invalid length.
[   39.750131][ T3819] netlink: 17 bytes leftover after parsing attributes in process `syz.4.100'.
[   39.761417][ T3821] syzkaller0: entered promiscuous mode
[   39.766909][ T3821] syzkaller0: entered allmulticast mode
[   39.875283][ T3830] loop4: detected capacity change from 0 to 512
[   39.895642][ T3830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.908745][ T3830] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.938252][ T3786] loop0: detected capacity change from 0 to 2048
[   40.012660][ T3786]  loop0: p1 p2 p3
[   40.036291][ T3004]  loop0: p1 p2 p3
[   40.101620][ T3843] Cannot find del_set index 2 as target
[   40.389099][ T3848] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   40.432133][ T3854] SELinux:  policydb version 0 does not match my version range 15-35
[   40.451473][ T3854] SELinux: failed to load policy
[   40.518028][ T3856] netlink: 'syz.1.113': attribute type 4 has an invalid length.
[   40.690862][ T3862] tipc: Started in network mode
[   40.695919][ T3862] tipc: Node identity deefdee73087, cluster identity 4711
[   40.703171][ T3862] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   40.729412][ T3862] tipc: Disabling bearer <eth:syzkaller0>
[   40.751011][ T3863] Falling back ldisc for ttyS3.
[   40.810220][ T3867] loop0: detected capacity change from 0 to 1024
[   40.836515][ T3867] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.852073][ T3867] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.116: Allocating blocks 497-513 which overlap fs metadata
[   40.866636][ T3867] EXT4-fs (loop0): pa ffff8881072340e0: logic 16, phys. 129, len 24
[   40.874740][ T3867] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   40.909667][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.094298][ T3883] SELinux:  policydb version 0 does not match my version range 15-35
[   41.124400][ T3885] netlink: 'syz.2.124': attribute type 4 has an invalid length.
[   41.140804][ T3883] SELinux: failed to load policy
[   41.213288][ T3888] loop2: detected capacity change from 0 to 512
[   41.251468][ T3888] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   41.261300][ T3888] EXT4-fs (loop2): orphan cleanup on readonly fs
[   41.287876][ T3888] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.125: corrupted inode contents
[   41.301990][ T3895] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   41.314538][ T3888] EXT4-fs (loop2): Remounting filesystem read-only
[   41.332941][ T3895] Zero length message leads to an empty skb
[   41.339032][ T3888] EXT4-fs (loop2): 1 truncate cleaned up
[   41.345075][   T37] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   41.355735][   T37] __quota_error: 1000 callbacks suppressed
[   41.355750][   T37] Quota error (device loop2): write_blk: dquota write failed
[   41.369122][   T37] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[   41.379307][   T37] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   41.389879][   T37] Quota error (device loop2): write_blk: dquota write failed
[   41.397367][   T37] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[   41.428669][ T3895] loop3: detected capacity change from 0 to 2048
[   41.437539][   T37] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   41.447898][   T37] Quota error (device loop2): v2_write_file_info: Can't write info structure
[   41.458747][   T37] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   41.469151][ T3888] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.483428][   T29] audit: type=1400 audit(1761536121.280:1435): avc:  denied  { mounton } for  pid=3896 comm="syz.0.128" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   41.507802][ T3897] tmpfs: Bad value for 'mpol'
[   41.515912][ T3895] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.537246][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.550670][   T29] audit: type=1400 audit(1761536121.350:1436): avc:  denied  { read write open } for  pid=3894 comm="syz.3.127" path="/32/file1/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   41.577292][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.704888][   T29] audit: type=1400 audit(1761536121.390:1437): avc:  denied  { setopt } for  pid=3896 comm="syz.0.128" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   41.834500][   T29] audit: type=1400 audit(1761536121.630:1438): avc:  denied  { getopt } for  pid=3916 comm="syz.2.132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   41.908854][ T3927] syzkaller1: entered promiscuous mode
[   41.914413][ T3927] syzkaller1: entered allmulticast mode
[   41.965212][ T3928] xt_recent: Unsupported userspace flags (000000b1)
[   41.980180][ T3930] SELinux:  policydb version 0 does not match my version range 15-35
[   41.988657][ T3930] SELinux: failed to load policy
[   42.502508][ T3938] Cannot find del_set index 2 as target
[   42.788867][ T3953] loop2: detected capacity change from 0 to 2048
[   42.835879][ T3299] Alternate GPT is invalid, using primary GPT.
[   42.842546][ T3299]  loop2: p2 p3 p7
[   42.857020][ T3960] x_tables: duplicate underflow at hook 1
[   42.864169][ T3955] __nla_validate_parse: 5 callbacks suppressed
[   42.864182][ T3955] netlink: 24 bytes leftover after parsing attributes in process `syz.3.144'.
[   42.969964][ T3953] Alternate GPT is invalid, using primary GPT.
[   42.976433][ T3953]  loop2: p2 p3 p7
[   43.041662][ T3962] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   43.182460][ T3501] udevd[3501]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[   43.193094][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   43.204767][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   43.306828][ T3962] tipc: Disabling bearer <eth:syzkaller0>
[   43.321191][ T3977] netlink: 8 bytes leftover after parsing attributes in process `syz.2.147'.
[   43.490757][ T3985] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   43.519361][ T3985] tipc: Disabling bearer <eth:syzkaller0>
[   43.569470][ T3997] netlink: 36 bytes leftover after parsing attributes in process `syz.3.148'.
[   43.587206][ T3995] Cannot find del_set index 2 as target
[   43.866540][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.919248][ T4014] syzkaller0: entered promiscuous mode
[   43.924846][ T4014] syzkaller0: entered allmulticast mode
[   43.945558][ T4016] loop4: detected capacity change from 0 to 1024
[   43.961334][ T4016] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.968001][ T4016] EXT4-fs: Ignoring removed i_version option
[   43.974596][ T4016] ext2: Unknown parameter 'subj_type'
[   44.158814][ T4025] Cannot find set identified by id 0 to match
[   44.266034][ T4033] Cannot find del_set index 2 as target
[   44.311875][ T4032] Falling back ldisc for ttyS3.
[   44.325475][ T4036] tipc: Started in network mode
[   44.330408][ T4036] tipc: Node identity 1eb0ffe9f8fb, cluster identity 4711
[   44.337746][ T4036] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   44.367352][ T4036] tipc: Disabling bearer <eth:syzkaller0>
[   44.420101][ T4037] netlink: 36 bytes leftover after parsing attributes in process `syz.1.164'.
[   44.531736][ T4041] loop1: detected capacity change from 0 to 1024
[   44.592060][ T4041] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.642882][ T4041] FAULT_INJECTION: forcing a failure.
[   44.642882][ T4041] name failslab, interval 1, probability 0, space 0, times 1
[   44.655591][ T4041] CPU: 0 UID: 0 PID: 4041 Comm: syz.1.166 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   44.655620][ T4041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   44.655634][ T4041] Call Trace:
[   44.655642][ T4041]  <TASK>
[   44.655650][ T4041]  __dump_stack+0x1d/0x30
[   44.655736][ T4041]  dump_stack_lvl+0xe8/0x140
[   44.655757][ T4041]  dump_stack+0x15/0x1b
[   44.655775][ T4041]  should_fail_ex+0x265/0x280
[   44.655795][ T4041]  should_failslab+0x8c/0xb0
[   44.655825][ T4041]  __kmalloc_noprof+0xa5/0x570
[   44.655879][ T4041]  ? alloc_pipe_info+0x1c9/0x350
[   44.655908][ T4041]  alloc_pipe_info+0x1c9/0x350
[   44.655965][ T4041]  splice_direct_to_actor+0x592/0x680
[   44.655992][ T4041]  ? _parse_integer+0x27/0x40
[   44.656056][ T4041]  ? kstrtoull+0x111/0x140
[   44.656086][ T4041]  ? __pfx_direct_splice_actor+0x10/0x10
[   44.656111][ T4041]  ? kstrtouint+0x76/0xc0
[   44.656186][ T4041]  do_splice_direct+0xda/0x150
[   44.656209][ T4041]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   44.656263][ T4041]  vfs_copy_file_range+0x9a1/0xf30
[   44.656302][ T4041]  __se_sys_copy_file_range+0x269/0x3b0
[   44.656337][ T4041]  __x64_sys_copy_file_range+0x78/0x90
[   44.656410][ T4041]  x64_sys_call+0x2c38/0x3000
[   44.656433][ T4041]  do_syscall_64+0xd2/0x200
[   44.656452][ T4041]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   44.656481][ T4041]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   44.656517][ T4041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.656539][ T4041] RIP: 0033:0x7f208920efc9
[   44.656555][ T4041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.656573][ T4041] RSP: 002b:00007f2087c77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[   44.656593][ T4041] RAX: ffffffffffffffda RBX: 00007f2089465fa0 RCX: 00007f208920efc9
[   44.656641][ T4041] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000007
[   44.656653][ T4041] RBP: 00007f2087c77090 R08: 0000000000000101 R09: 0200000000000000
[   44.656666][ T4041] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[   44.656679][ T4041] R13: 00007f2089466038 R14: 00007f2089465fa0 R15: 00007ffc2d829cd8
[   44.656762][ T4041]  </TASK>
[   44.657055][ T4046] ipvlan2: entered promiscuous mode
[   44.879613][ T4046] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   44.892014][ T4046] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[   44.902666][ T4046] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[   44.920572][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.988569][ T4059] loop1: detected capacity change from 0 to 1024
[   45.041227][ T4059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.092074][ T4059] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[   45.104419][ T4059] EXT4-fs (loop1): This should not happen!! Data will be lost
[   45.104419][ T4059] 
[   45.114112][ T4059] EXT4-fs (loop1): Total free blocks count 0
[   45.120102][ T4059] EXT4-fs (loop1): Free/Dirty block details
[   45.126046][ T4059] EXT4-fs (loop1): free_blocks=0
[   45.131055][ T4059] EXT4-fs (loop1): dirty_blocks=0
[   45.136091][ T4059] EXT4-fs (loop1): Block reservation details
[   45.142116][ T4059] EXT4-fs (loop1): i_reserved_data_blocks=0
[   45.173540][ T4059] syz.1.169 (4059) used greatest stack depth: 10296 bytes left
[   45.209441][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.251622][ T4074] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   45.259935][ T4074] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   45.386797][ T4079] SELinux:  policydb version 0 does not match my version range 15-35
[   45.414329][ T4079] SELinux: failed to load policy
[   45.545226][ T4083] loop2: detected capacity change from 0 to 512
[   45.592327][ T4083] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   45.642025][ T4083] EXT4-fs (loop2): 1 truncate cleaned up
[   45.675482][ T4083] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.883664][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.098961][ T4092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.182'.
[   46.169205][ T4105] x_tables: duplicate underflow at hook 1
[   46.182281][ T4098] netlink: 24 bytes leftover after parsing attributes in process `syz.2.184'.
[   46.243280][ T4113] x_tables: ip_tables: icmp match: only valid for protocol 1
[   46.340355][ T4126] loop2: detected capacity change from 0 to 512
[   46.361512][ T4126] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   46.381867][ T4126] EXT4-fs (loop2): 1 truncate cleaned up
[   46.387979][ T4126] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.468756][ T4132] SELinux:  policydb version 0 does not match my version range 15-35
[   46.491434][   T29] kauditd_printk_skb: 8153 callbacks suppressed
[   46.491469][   T29] audit: type=1326 audit(1761536126.250:9589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.520857][   T29] audit: type=1326 audit(1761536126.250:9590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.543948][   T29] audit: type=1326 audit(1761536126.250:9591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.551684][ T4132] SELinux: failed to load policy
[   46.567053][   T29] audit: type=1326 audit(1761536126.250:9592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.567086][   T29] audit: type=1326 audit(1761536126.250:9593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.572723][ T4107] netlink: 80 bytes leftover after parsing attributes in process `syz.0.185'.
[   46.595172][   T29] audit: type=1326 audit(1761536126.250:9594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.650136][   T29] audit: type=1326 audit(1761536126.250:9595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.673448][   T29] audit: type=1326 audit(1761536126.250:9596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.696666][   T29] audit: type=1326 audit(1761536126.250:9597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.701746][ T4129] SELinux:  policydb magic number 0x5f737973 does not match expected magic number 0xf97cff8c
[   46.719752][   T29] audit: type=1326 audit(1761536126.250:9598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4015 comm="syz.4.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x50000
[   46.754629][ T4129] SELinux: failed to load policy
[   46.772639][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.835131][ T4137] loop2: detected capacity change from 0 to 512
[   46.862564][ T4137] EXT4-fs (loop2): orphan cleanup on readonly fs
[   46.880503][ T4137] EXT4-fs warning (device loop2): ext4_xattr_inode_get:546: inode #11: comm syz.2.191: ea_inode file size=4 entry size=6
[   46.900757][ T4137] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   46.924293][ T4137] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.191: corrupted inode contents
[   46.970981][ T4137] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm syz.2.191: mark_inode_dirty error
[   47.010942][ T4137] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.191: corrupted inode contents
[   47.063977][ T4137] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.191: mark_inode_dirty error
[   47.155270][ T4149] x_tables: duplicate underflow at hook 1
[   47.163910][ T4149] netlink: 24 bytes leftover after parsing attributes in process `syz.4.196'.
[   47.321009][ T4137] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.191: mark inode dirty (error -117)
[   47.341436][ T4153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.198'.
[   47.372862][ T4151] netlink: 68 bytes leftover after parsing attributes in process `syz.4.197'.
[   47.383836][ T4137] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[   47.410690][ T4137] EXT4-fs (loop2): 1 orphan inode deleted
[   47.441339][ T4137] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   47.575863][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.676860][ T4160] loop1: detected capacity change from 0 to 512
[   47.699047][ T4160] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   47.716139][ T4160] EXT4-fs (loop1): 1 truncate cleaned up
[   47.745508][ T4160] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.773986][ T4169] tipc: Started in network mode
[   47.778908][ T4169] tipc: Node identity 2627e69173ff, cluster identity 4711
[   47.786144][ T4169] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   47.797625][ T4168] tipc: Disabling bearer <eth:syzkaller0>
[   47.823501][ T4173] atomic_op ffff88812f336528 conn xmit_atomic 0000000000000000
[   47.842357][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.962587][ T4178] __nla_validate_parse: 1 callbacks suppressed
[   47.962602][ T4178] netlink: 24 bytes leftover after parsing attributes in process `syz.0.208'.
[   47.970875][ T4184] SELinux:  policydb version 0 does not match my version range 15-35
[   47.986727][ T4184] SELinux: failed to load policy
[   48.063551][ T4192] capability: warning: `syz.3.206' uses deprecated v2 capabilities in a way that may be insecure
[   48.142516][ T4195] loop3: detected capacity change from 0 to 512
[   48.420839][ T4204] msdos: Unknown parameter '�PL'
[   48.433226][ T4207] msdos: Unknown parameter '�PL'
[   48.515236][ T4209] netlink: 68 bytes leftover after parsing attributes in process `syz.2.214'.
[   48.812931][ T4225] loop3: detected capacity change from 0 to 512
[   48.830170][ T4225] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   49.150327][ T4234] tipc: Started in network mode
[   49.155324][ T4234] tipc: Node identity 62ab50f09d6b, cluster identity 4711
[   49.162513][ T4234] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   49.262182][ T4233] tipc: Disabling bearer <eth:syzkaller0>
[   49.406019][ T4225] EXT4-fs (loop3): 1 truncate cleaned up
[   49.412305][ T4225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.537520][ T4239] loop1: detected capacity change from 0 to 512
[   49.571584][ T4239] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   49.582804][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.594269][ T4242] unsupported nla_type 52263
[   49.600813][ T4239] EXT4-fs (loop1): orphan cleanup on readonly fs
[   49.608698][ T4207] loop0: detected capacity change from 0 to 2048
[   49.620068][ T4239] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.223: corrupted inode contents
[   49.659605][ T4239] EXT4-fs (loop1): Remounting filesystem read-only
[   49.671392][ T4239] EXT4-fs (loop1): 1 truncate cleaned up
[   49.677350][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   49.687980][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   49.701245][ T4252] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   49.709393][   T37] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   49.709524][ T4252] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   49.729372][ T3299]  loop0: p1 p2 p3
[   49.739358][ T4207]  loop0: p1 p2 p3
[   49.761641][ T3004]  loop0: p1 p2 p3
[   49.765762][ T4239] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   49.835181][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.849000][ T4255] netlink: 8 bytes leftover after parsing attributes in process `syz.3.227'.
[   49.905760][ T4204] loop4: detected capacity change from 0 to 2048
[   49.949059][ T4255] loop3: detected capacity change from 0 to 2048
[   49.961948][ T4180]  loop4: p1 p2 p3
[   49.974880][ T4204]  loop4: p1 p2 p3
[   50.064628][ T4255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.101019][ T4255] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.259650][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.297913][ T4269] loop3: detected capacity change from 0 to 2048
[   50.339929][ T4274] Cannot find del_set index 2 as target
[   50.363705][ T3299] Alternate GPT is invalid, using primary GPT.
[   50.370038][ T3299]  loop3: p2 p3 p7
[   50.387254][ T4269] Alternate GPT is invalid, using primary GPT.
[   50.393834][ T4269]  loop3: p2 p3 p7
[   50.576235][ T4292] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   50.584550][ T4292] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   50.971627][ T4305] syzkaller0: entered promiscuous mode
[   50.977167][ T4305] syzkaller0: entered allmulticast mode
[   51.221258][ T4317] atomic_op ffff88811b2c1928 conn xmit_atomic 0000000000000000
[   51.395921][ T4327] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   51.404246][ T4327] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   51.437433][ T4325] netlink: 8 bytes leftover after parsing attributes in process `syz.4.250'.
[   51.522553][   T29] kauditd_printk_skb: 887 callbacks suppressed
[   51.522570][   T29] audit: type=1326 audit(1761536131.320:10480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4324 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   51.572703][   T29] audit: type=1326 audit(1761536131.320:10481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4324 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f179761d810 code=0x7ffc0000
[   51.596197][   T29] audit: type=1400 audit(1761536131.320:10482): avc:  denied  { read } for  pid=4324 comm="syz.4.250" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   51.619755][   T29] audit: type=1400 audit(1761536131.320:10483): avc:  denied  { open } for  pid=4324 comm="syz.4.250" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   51.643800][   T29] audit: type=1326 audit(1761536131.320:10484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4324 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   51.667248][   T29] audit: type=1326 audit(1761536131.320:10485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4324 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   51.693414][   T29] audit: type=1400 audit(1761536131.440:10486): avc:  denied  { ioctl } for  pid=4330 comm="syz.1.253" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   51.822617][   T29] audit: type=1400 audit(1761536131.610:10487): avc:  denied  { create } for  pid=4345 comm="syz.1.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   51.842440][   T29] audit: type=1400 audit(1761536131.610:10488): avc:  denied  { getopt } for  pid=4345 comm="syz.1.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   51.862203][   T29] audit: type=1400 audit(1761536131.610:10489): avc:  denied  { read } for  pid=4345 comm="syz.1.257" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   51.906087][ T4351] netlink: 'syz.0.258': attribute type 4 has an invalid length.
[   51.913904][ T4351] netlink: 17 bytes leftover after parsing attributes in process `syz.0.258'.
[   52.281101][ T4362] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   52.289368][ T4362] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   52.451111][ T4366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.265'.
[   52.487133][ T4366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.265'.
[   52.510926][ T4369] netlink: 'syz.2.266': attribute type 12 has an invalid length.
[   52.592474][ T4373] wg1: entered promiscuous mode
[   52.597411][ T4373] wg1: entered allmulticast mode
[   52.628403][ T4373] wg2: entered promiscuous mode
[   52.633506][ T4373] wg2: entered allmulticast mode
[   52.659222][ T4375] loop0: detected capacity change from 0 to 512
[   52.677178][ T4373] syz.2.268 (4373) used greatest stack depth: 10104 bytes left
[   52.694292][ T4377] netlink: 'syz.4.270': attribute type 4 has an invalid length.
[   52.702018][ T4377] netlink: 17 bytes leftover after parsing attributes in process `syz.4.270'.
[   52.718532][ T4379] netlink: 'syz.1.271': attribute type 12 has an invalid length.
[   52.742688][ T4375] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   52.757140][ T4375] EXT4-fs (loop0): orphan cleanup on readonly fs
[   52.761532][ T4379] FAULT_INJECTION: forcing a failure.
[   52.761532][ T4379] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   52.776630][ T4379] CPU: 0 UID: 0 PID: 4379 Comm: syz.1.271 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.776662][ T4379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.776676][ T4379] Call Trace:
[   52.776685][ T4379]  <TASK>
[   52.776693][ T4379]  __dump_stack+0x1d/0x30
[   52.776794][ T4379]  dump_stack_lvl+0xe8/0x140
[   52.776821][ T4379]  dump_stack+0x15/0x1b
[   52.776843][ T4379]  should_fail_ex+0x265/0x280
[   52.776865][ T4379]  should_fail+0xb/0x20
[   52.776954][ T4379]  should_fail_usercopy+0x1a/0x20
[   52.777036][ T4379]  _copy_from_user+0x1c/0xb0
[   52.777068][ T4379]  arp_ioctl+0xac/0x2c0
[   52.777102][ T4379]  inet_ioctl+0x2ad/0x3a0
[   52.777137][ T4379]  sock_do_ioctl+0x73/0x220
[   52.777200][ T4379]  sock_ioctl+0x41b/0x610
[   52.777222][ T4379]  ? __pfx_sock_ioctl+0x10/0x10
[   52.777246][ T4379]  __se_sys_ioctl+0xce/0x140
[   52.777274][ T4379]  __x64_sys_ioctl+0x43/0x50
[   52.777317][ T4379]  x64_sys_call+0x1816/0x3000
[   52.777422][ T4379]  do_syscall_64+0xd2/0x200
[   52.777445][ T4379]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.777476][ T4379]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.777522][ T4379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.777547][ T4379] RIP: 0033:0x7f208920efc9
[   52.777562][ T4379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.777584][ T4379] RSP: 002b:00007f2087c77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   52.777608][ T4379] RAX: ffffffffffffffda RBX: 00007f2089465fa0 RCX: 00007f208920efc9
[   52.777623][ T4379] RDX: 0000200000000180 RSI: 0000000000008953 RDI: 0000000000000005
[   52.777638][ T4379] RBP: 00007f2087c77090 R08: 0000000000000000 R09: 0000000000000000
[   52.777682][ T4379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.777696][ T4379] R13: 00007f2089466038 R14: 00007f2089465fa0 R15: 00007ffc2d829cd8
[   52.777720][ T4379]  </TASK>
[   52.975668][ T4375] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.269: corrupted inode contents
[   53.004308][ T4375] EXT4-fs (loop0): Remounting filesystem read-only
[   53.011420][ T4375] EXT4-fs (loop0): 1 truncate cleaned up
[   53.017179][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.027782][   T52] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   53.045803][   T52] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   53.051032][ T4386] syzkaller0: entered promiscuous mode
[   53.057962][ T4375] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   53.061447][ T4386] syzkaller0: entered allmulticast mode
[   53.084411][ T4389] netlink: 'syz.3.273': attribute type 12 has an invalid length.
[   53.095840][ T4391] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   53.104095][ T4391] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   53.136252][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.400865][ T4415] Falling back ldisc for ttyS3.
[   53.672728][ T4426] netlink: 8 bytes leftover after parsing attributes in process `syz.4.284'.
[   54.221013][ T4476] FAULT_INJECTION: forcing a failure.
[   54.221013][ T4476] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.234211][ T4476] CPU: 0 UID: 0 PID: 4476 Comm: syz.0.296 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.234238][ T4476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   54.234331][ T4476] Call Trace:
[   54.234340][ T4476]  <TASK>
[   54.234350][ T4476]  __dump_stack+0x1d/0x30
[   54.234372][ T4476]  dump_stack_lvl+0xe8/0x140
[   54.234392][ T4476]  dump_stack+0x15/0x1b
[   54.234425][ T4476]  should_fail_ex+0x265/0x280
[   54.234446][ T4476]  should_fail+0xb/0x20
[   54.234461][ T4476]  should_fail_usercopy+0x1a/0x20
[   54.234484][ T4476]  _copy_from_user+0x1c/0xb0
[   54.234516][ T4476]  ___sys_sendmsg+0xc1/0x1d0
[   54.234613][ T4476]  __sys_sendmmsg+0x178/0x300
[   54.234643][ T4476]  __x64_sys_sendmmsg+0x57/0x70
[   54.234661][ T4476]  x64_sys_call+0x1c4a/0x3000
[   54.234682][ T4476]  do_syscall_64+0xd2/0x200
[   54.234778][ T4476]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.234813][ T4476]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   54.234843][ T4476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.234903][ T4476] RIP: 0033:0x7f8273a9efc9
[   54.234921][ T4476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.234938][ T4476] RSP: 002b:00007f8272507038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   54.234959][ T4476] RAX: ffffffffffffffda RBX: 00007f8273cf5fa0 RCX: 00007f8273a9efc9
[   54.234974][ T4476] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004
[   54.235009][ T4476] RBP: 00007f8272507090 R08: 0000000000000000 R09: 0000000000000000
[   54.235024][ T4476] R10: 0000000024008094 R11: 0000000000000246 R12: 0000000000000001
[   54.235045][ T4476] R13: 00007f8273cf6038 R14: 00007f8273cf5fa0 R15: 00007ffc0c15ffa8
[   54.235069][ T4476]  </TASK>
[   54.240986][ T4465] netlink: 24 bytes leftover after parsing attributes in process `syz.3.293'.
[   54.492901][ T4490] SELinux:  policydb version 0 does not match my version range 15-35
[   54.501273][ T4490] SELinux: failed to load policy
[   54.570150][ T4494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.302'.
[   54.612381][ T4494] macvtap0: refused to change device tx_queue_len
[   54.618981][ T3004] udevd[3004]: worker [3299] terminated by signal 33 (Unknown signal 33)
[   54.642011][ T3004] udevd[3004]: worker [3299] failed while handling '/devices/virtual/block/loop2'
[   54.657309][ T4488] loop0: detected capacity change from 0 to 1024
[   54.668271][ T4500] msdos: Unknown parameter '�PL'
[   54.683352][ T4502] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   54.691698][ T4502] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   54.751226][ T4488] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.776461][ T4510] loop2: detected capacity change from 0 to 512
[   54.870577][ T4510] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   54.902324][ T4510] EXT4-fs (loop2): 1 truncate cleaned up
[   54.908532][ T4510] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.942515][ T4517] netlink: 24 bytes leftover after parsing attributes in process `syz.1.310'.
[   54.960799][ T4517] IPVS: Error connecting to the multicast addr
[   55.096135][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.176518][ T3004] udevd[3004]: worker [3304] terminated by signal 33 (Unknown signal 33)
[   55.203947][ T3004] udevd[3004]: worker [3304] failed while handling '/devices/virtual/block/loop2'
[   55.243363][ T4532] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   55.251622][ T4532] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   55.292187][ T4534] netlink: 8 bytes leftover after parsing attributes in process `syz.2.317'.
[   55.411432][ T4536] netlink: 'syz.1.319': attribute type 4 has an invalid length.
[   55.419140][ T4536] netlink: 17 bytes leftover after parsing attributes in process `syz.1.319'.
[   55.429789][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.495299][ T4541] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   55.583582][ T4548] loop1: detected capacity change from 0 to 2048
[   55.632649][ T4500] loop3: detected capacity change from 0 to 2048
[   55.693326][ T4174]  loop3: p1 p2 p3
[   55.702137][ T4556] loop4: detected capacity change from 0 to 512
[   55.724128][ T4556] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   55.746759][ T4500]  loop3: p1 p2 p3
[   55.777936][ T4548] SELinux: failed to load policy
[   55.817994][ T4556] EXT4-fs (loop4): 1 truncate cleaned up
[   55.825100][ T4556] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.944514][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.373472][ T4589] loop3: detected capacity change from 0 to 512
[   56.393929][ T4589] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   56.420743][ T4589] EXT4-fs (loop3): 1 truncate cleaned up
[   56.431164][ T4589] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.497966][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.541738][   T29] kauditd_printk_skb: 336 callbacks suppressed
[   56.541755][   T29] audit: type=1326 audit(1761536136.340:10820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.594690][   T29] audit: type=1326 audit(1761536136.340:10821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.618179][   T29] audit: type=1326 audit(1761536136.340:10822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.641728][   T29] audit: type=1326 audit(1761536136.340:10823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.665377][   T29] audit: type=1326 audit(1761536136.340:10824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.688771][   T29] audit: type=1326 audit(1761536136.340:10825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.712217][   T29] audit: type=1326 audit(1761536136.340:10826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.735750][   T29] audit: type=1326 audit(1761536136.340:10827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.759222][   T29] audit: type=1326 audit(1761536136.340:10828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.782612][   T29] audit: type=1326 audit(1761536136.340:10829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7339efc9 code=0x7ffc0000
[   56.930701][ T4611] lo speed is unknown, defaulting to 1000
[   56.937328][ T4611] lo speed is unknown, defaulting to 1000
[   56.943392][ T4611] lo speed is unknown, defaulting to 1000
[   56.975192][ T4611] infiniband s
z1: set active
[   56.979906][ T4611] infiniband s
z1: added lo
[   56.984518][ T3387] lo speed is unknown, defaulting to 1000
[   57.003875][ T4611] RDS/IB: s
z1: added
[   57.003902][ T4611] smc: adding ib device s
z1 with port count 1
[   57.003918][ T4611] smc:    ib device s
z1 port 1 has no pnetid
[   57.003948][ T3387] lo speed is unknown, defaulting to 1000
[   57.005883][ T4611] lo speed is unknown, defaulting to 1000
[   57.028256][ T4174] udevd[4174]: failed to send result of seq 8842 to main daemon: Connection refused
[   57.075296][ T4620] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.075449][ T4620] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.104615][ T4611] lo speed is unknown, defaulting to 1000
[   57.130006][ T4628] loop0: detected capacity change from 0 to 512
[   57.159190][ T4628] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   57.170609][ T4628] EXT4-fs (loop0): 1 truncate cleaned up
[   57.172493][ T4611] lo speed is unknown, defaulting to 1000
[   57.176705][ T4628] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.215510][ T4611] lo speed is unknown, defaulting to 1000
[   57.223563][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.255226][ T4611] lo speed is unknown, defaulting to 1000
[   57.422766][ T4637] lo speed is unknown, defaulting to 1000
[   57.482009][ T4631] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   57.671072][ T4654] Falling back ldisc for ttyS3.
[   57.715311][ T4663] netlink: 24 bytes leftover after parsing attributes in process `syz.4.365'.
[   57.752940][ T4667] loop1: detected capacity change from 0 to 164
[   57.765006][ T4669] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   57.773259][ T4669] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   57.833453][ T4671] netlink: 24 bytes leftover after parsing attributes in process `syz.1.369'.
[   57.847071][ T4671] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.915304][ T4671] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.955649][ T4680] lo speed is unknown, defaulting to 1000
[   57.975072][ T4671] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.021046][ T4671] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.087599][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.098963][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.116547][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.145222][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.218323][ T4691] loop1: detected capacity change from 0 to 512
[   58.222442][ T4690] loop4: detected capacity change from 0 to 2048
[   58.225972][ T4691] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   58.243142][ T4691] EXT4-fs (loop1): 1 truncate cleaned up
[   58.249281][ T4691] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.278545][ T4690]  loop4: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22
[   58.296185][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.416751][ T4695] netlink: 24 bytes leftover after parsing attributes in process `syz.1.377'.
[   58.473959][ T4701] msdos: Unknown parameter '�PL'
[   58.487022][ T4702] vlan2: entered promiscuous mode
[   58.492170][ T4702] erspan0: entered promiscuous mode
[   58.497549][ T4702] vlan2: entered allmulticast mode
[   58.502807][ T4702] erspan0: entered allmulticast mode
[   58.611284][ T4690] loop4: detected capacity change from 0 to 2048
[   58.646977][ T4690]  loop4: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22
[   58.805777][ T4722] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   58.894700][ T4690] loop4: detected capacity change from 0 to 2048
[   58.951084][ T4690]  loop4: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22
[   59.062840][ T4701] loop0: detected capacity change from 0 to 2048
[   59.204045][ T4701]  loop0: p1 p2 p3
[   59.304170][ T4733] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   59.312502][ T4733] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   59.370143][ T4739] SELinux:  policydb version 0 does not match my version range 15-35
[   59.380347][ T4739] SELinux: failed to load policy
[   59.501980][ T4742] Falling back ldisc for ttyS3.
[   59.517655][ T4750] loop0: detected capacity change from 0 to 512
[   59.529202][ T4750] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   59.539136][ T4750] EXT4-fs (loop0): orphan cleanup on readonly fs
[   59.545653][ T4750] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.395: inode has both inline data and extents flags
[   59.559281][ T4750] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.395: couldn't read orphan inode 15 (err -117)
[   59.573418][ T4750] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   59.602751][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.637236][ T4762] netlink: 8 bytes leftover after parsing attributes in process `syz.4.400'.
[   60.181298][ T4772] loop4: detected capacity change from 0 to 2048
[   60.232100][ T4772]  loop4: p1 p2 p3
[   60.347479][ T4784] netlink: 'syz.2.407': attribute type 1 has an invalid length.
[   60.355310][ T4784] netlink: 224 bytes leftover after parsing attributes in process `syz.2.407'.
[   60.377223][ T4784] FAULT_INJECTION: forcing a failure.
[   60.377223][ T4784] name failslab, interval 1, probability 0, space 0, times 0
[   60.389936][ T4784] CPU: 1 UID: 0 PID: 4784 Comm: syz.2.407 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.389969][ T4784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.389984][ T4784] Call Trace:
[   60.389992][ T4784]  <TASK>
[   60.390002][ T4784]  __dump_stack+0x1d/0x30
[   60.390024][ T4784]  dump_stack_lvl+0xe8/0x140
[   60.390063][ T4784]  dump_stack+0x15/0x1b
[   60.390084][ T4784]  should_fail_ex+0x265/0x280
[   60.390109][ T4784]  should_failslab+0x8c/0xb0
[   60.390144][ T4784]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   60.390209][ T4784]  ? __alloc_skb+0x101/0x320
[   60.390237][ T4784]  ? pollwake+0xce/0x100
[   60.390266][ T4784]  __alloc_skb+0x101/0x320
[   60.390379][ T4784]  inet_ifmcaddr_notify+0x64/0x120
[   60.390414][ T4784]  __ip_mc_dec_group+0x1ac/0x3d0
[   60.390440][ T4784]  ip_mc_down+0x13d/0x1c0
[   60.390472][ T4784]  inetdev_event+0x1b3/0xc10
[   60.390493][ T4784]  ? __rcu_read_unlock+0x4f/0x70
[   60.390545][ T4784]  ? ib_netdevice_event+0x281/0x5f0
[   60.390567][ T4784]  ? __pfx_arp_netdev_event+0x10/0x10
[   60.390595][ T4784]  ? __pfx_inetdev_event+0x10/0x10
[   60.390684][ T4784]  raw_notifier_call_chain+0x6f/0x1b0
[   60.390712][ T4784]  ? call_netdevice_notifiers_info+0x9c/0x100
[   60.390807][ T4784]  call_netdevice_notifiers_info+0xae/0x100
[   60.390834][ T4784]  netif_close_many+0x170/0x240
[   60.390858][ T4784]  unregister_netdevice_many_notify+0x509/0x1690
[   60.390883][ T4784]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[   60.390944][ T4784]  ? flush_workqueue_prep_pwqs+0x299/0x2d0
[   60.390973][ T4784]  unregister_netdevice_queue+0x1f5/0x220
[   60.391068][ T4784]  ieee802154_remove_interfaces+0xe5/0x130
[   60.391100][ T4784]  ieee802154_unregister_hw+0x43/0x90
[   60.391132][ T4784]  hwsim_del+0x1bf/0x1e0
[   60.391180][ T4784]  hwsim_del_radio_nl+0x9e/0xc0
[   60.391255][ T4784]  genl_family_rcv_msg_doit+0x143/0x1b0
[   60.391287][ T4784]  genl_rcv_msg+0x422/0x460
[   60.391364][ T4784]  ? __pfx_hwsim_del_radio_nl+0x10/0x10
[   60.391391][ T4784]  netlink_rcv_skb+0x123/0x220
[   60.391428][ T4784]  ? __pfx_genl_rcv_msg+0x10/0x10
[   60.391456][ T4784]  genl_rcv+0x28/0x40
[   60.391561][ T4784]  netlink_unicast+0x5c0/0x690
[   60.391593][ T4784]  netlink_sendmsg+0x58b/0x6b0
[   60.391615][ T4784]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.391633][ T4784]  __sock_sendmsg+0x145/0x180
[   60.391687][ T4784]  ____sys_sendmsg+0x31e/0x4e0
[   60.391730][ T4784]  ___sys_sendmsg+0x17b/0x1d0
[   60.391857][ T4784]  __x64_sys_sendmsg+0xd4/0x160
[   60.391972][ T4784]  x64_sys_call+0x191e/0x3000
[   60.392007][ T4784]  do_syscall_64+0xd2/0x200
[   60.392099][ T4784]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.392126][ T4784]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.392154][ T4784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.392247][ T4784] RIP: 0033:0x7ff0d45aefc9
[   60.392265][ T4784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.392281][ T4784] RSP: 002b:00007ff0d300f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.392352][ T4784] RAX: ffffffffffffffda RBX: 00007ff0d4805fa0 RCX: 00007ff0d45aefc9
[   60.392367][ T4784] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000007
[   60.392381][ T4784] RBP: 00007ff0d300f090 R08: 0000000000000000 R09: 0000000000000000
[   60.392410][ T4784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.392423][ T4784] R13: 00007ff0d4806038 R14: 00007ff0d4805fa0 R15: 00007fff18a2aa18
[   60.392440][ T4784]  </TASK>
[   60.748638][ T4788] loop4: detected capacity change from 0 to 512
[   60.762156][ T4788] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   60.770333][ T4788] EXT4-fs (loop4): orphan cleanup on readonly fs
[   60.804580][ T4788] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.409: corrupted inode contents
[   60.817365][ T4788] EXT4-fs (loop4): Remounting filesystem read-only
[   60.824104][ T4788] EXT4-fs (loop4): 1 truncate cleaned up
[   60.831008][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   60.841713][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   60.864545][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   60.878056][ T4788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   60.907843][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.922458][ T4797] netlink: 87 bytes leftover after parsing attributes in process `syz.2.410'.
[   60.952673][ T4807] mmap: syz.0.415 (4807) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   60.968102][ T4809] netlink: 24 bytes leftover after parsing attributes in process `syz.4.416'.
[   61.039581][ T4807] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.415'.
[   61.048776][ T4807] netlink: zone id is out of range
[   61.054142][ T4807] netlink: zone id is out of range
[   61.059374][ T4807] netlink: zone id is out of range
[   61.064548][ T4807] netlink: zone id is out of range
[   61.065922][ T4818] netlink: 256 bytes leftover after parsing attributes in process `syz.4.420'.
[   61.078957][ T4807] netlink: set zone limit has 8 unknown bytes
[   61.103833][ T4828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.113559][ T4828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.250206][ T4838] loop4: detected capacity change from 0 to 512
[   61.271475][ T4838] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   61.279596][ T4838] EXT4-fs (loop4): orphan cleanup on readonly fs
[   61.287842][ T4838] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm syz.4.423: corrupted inode contents
[   61.300963][ T4838] EXT4-fs (loop4): Remounting filesystem read-only
[   61.307791][ T4838] EXT4-fs (loop4): 1 truncate cleaned up
[   61.313766][  T297] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.324459][  T297] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.335046][  T297] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   61.345643][ T4838] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   61.369588][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.386879][ T4842] loop9: detected capacity change from 0 to 7
[   61.393264][ T4842] Buffer I/O error on dev loop9, logical block 0, async page read
[   61.401252][ T4842] Buffer I/O error on dev loop9, logical block 0, async page read
[   61.409142][ T4842]  loop9: unable to read partition table
[   61.415061][ T4842] loop_reread_partitions: partition scan of loop9 (�被x������) failed (rc=-5)
[   61.453876][ T4846] loop9: detected capacity change from 0 to 7
[   61.460171][ T4846] Buffer I/O error on dev loop9, logical block 0, async page read
[   61.468131][ T4846] Buffer I/O error on dev loop9, logical block 0, async page read
[   61.475999][ T4846]  loop9: unable to read partition table
[   61.481820][ T4846] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[   61.481820][ T4846] 
) failed (rc=-5)
[   61.526278][ T4850] SELinux:  policydb version 0 does not match my version range 15-35
[   61.534762][ T4850] SELinux: failed to load policy
[   61.568296][ T4854] netlink: 24 bytes leftover after parsing attributes in process `syz.4.430'.
[   61.608223][   T29] kauditd_printk_skb: 225 callbacks suppressed
[   61.608309][   T29] audit: type=1400 audit(1761536141.400:11043): avc:  denied  { mount } for  pid=4860 comm="syz.4.432" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   61.636840][   T29] audit: type=1400 audit(1761536141.410:11044): avc:  denied  { bind } for  pid=4860 comm="syz.4.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   61.656346][   T29] audit: type=1400 audit(1761536141.410:11045): avc:  denied  { listen } for  pid=4860 comm="syz.4.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   61.680938][   T29] audit: type=1326 audit(1761536141.480:11046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   61.688673][ T4864] netlink: 8 bytes leftover after parsing attributes in process `syz.4.433'.
[   61.704474][   T29] audit: type=1326 audit(1761536141.480:11047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   61.704945][   T29] audit: type=1326 audit(1761536141.480:11048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   61.760261][   T29] audit: type=1326 audit(1761536141.480:11049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   61.760295][   T29] audit: type=1326 audit(1761536141.480:11050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   61.760322][   T29] audit: type=1326 audit(1761536141.480:11051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   61.760384][   T29] audit: type=1326 audit(1761536141.480:11052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4863 comm="syz.4.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   61.877212][ T4866] loop1: detected capacity change from 0 to 512
[   61.889203][ T4868] loop2: detected capacity change from 0 to 512
[   61.894651][ T4866] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   61.898068][ T4868] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   61.903972][ T4866] EXT4-fs (loop1): orphan cleanup on readonly fs
[   61.923983][ T4866] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #16: comm syz.1.434: corrupted inode contents
[   61.924105][ T4868] EXT4-fs (loop2): 1 truncate cleaned up
[   61.936209][ T4866] EXT4-fs (loop1): Remounting filesystem read-only
[   61.948537][ T4868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.948636][ T4866] EXT4-fs (loop1): 1 truncate cleaned up
[   61.966912][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.977586][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   61.989502][   T37] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   62.003029][ T4866] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   62.016792][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.018834][ T4875] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   62.034268][ T4875] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   62.064606][ T4877] loop2: detected capacity change from 0 to 512
[   62.076913][ T4877] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   62.087278][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.100029][ T4877] EXT4-fs (loop2): 1 truncate cleaned up
[   62.108841][ T4877] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.136260][ T4886] SELinux:  policydb version 0 does not match my version range 15-35
[   62.151084][ T4889] smc: net device ip_vti0 applied user defined pnetid SYZ0
[   62.157166][ T4886] SELinux: failed to load policy
[   62.185202][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.185788][ T4892] netlink: 24 bytes leftover after parsing attributes in process `syz.0.445'.
[   62.234976][ T4898] loop0: detected capacity change from 0 to 512
[   62.242422][ T4898] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   62.252436][ T4899] netlink: 'syz.4.442': attribute type 1 has an invalid length.
[   62.260090][ T4899] netlink: 224 bytes leftover after parsing attributes in process `syz.4.442'.
[   62.267921][ T4901] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_cmd_wq": -EINTR
[   62.269489][ T4898] EXT4-fs (loop0): 1 truncate cleaned up
[   62.285531][ T4898] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.311748][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.328067][ T4914] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   62.336416][ T4914] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   62.653186][  T312] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.688793][ T4929] SELinux:  policydb version 0 does not match my version range 15-35
[   62.697643][ T4929] SELinux: failed to load policy
[   62.710156][  T312] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.763417][  T312] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.828591][  T312] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.843030][ T4931] lo speed is unknown, defaulting to 1000
[   62.885328][ T4933] lo speed is unknown, defaulting to 1000
[   62.901416][  T312] bridge_slave_1: left allmulticast mode
[   62.907121][  T312] bridge_slave_1: left promiscuous mode
[   62.912912][  T312] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.924341][  T312] bridge_slave_0: left allmulticast mode
[   62.930003][  T312] bridge_slave_0: left promiscuous mode
[   62.935776][  T312] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.023226][  T312] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   63.033594][  T312] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   63.050326][  T312] bond0 (unregistering): Released all slaves
[   63.196623][  T312] tipc: Left network mode
[   63.208793][ T4931] chnl_net:caif_netlink_parms(): no params data found
[   63.241991][  T312] hsr_slave_0: left promiscuous mode
[   63.247748][  T312] hsr_slave_1: left promiscuous mode
[   63.254115][  T312] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   63.261622][  T312] batman_adv: batadv0: Removing interface: batadv_slave_0
[   63.290999][  T312] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   63.298466][  T312] batman_adv: batadv0: Removing interface: batadv_slave_1
[   63.320552][  T312] veth1_macvtap: left promiscuous mode
[   63.330560][  T312] veth0_macvtap: left promiscuous mode
[   63.336629][  T312] veth1_vlan: left promiscuous mode
[   63.345384][  T312] veth0_vlan: left promiscuous mode
[   63.415624][  T312] team0 (unregistering): Port device team_slave_1 removed
[   63.425979][  T312] team0 (unregistering): Port device team_slave_0 removed
[   63.531988][ T4953] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   63.539636][ T4953] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   63.565351][ T4931] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.572530][ T4931] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.579802][ T4931] bridge_slave_0: entered allmulticast mode
[   63.586744][ T4931] bridge_slave_0: entered promiscuous mode
[   63.595645][ T4931] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.602787][ T4931] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.610258][ T4931] bridge_slave_1: entered allmulticast mode
[   63.616762][ T4931] bridge_slave_1: entered promiscuous mode
[   63.623307][ T4973] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   63.654851][ T4931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.665992][ T4931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.692187][ T4931] team0: Port device team_slave_0 added
[   63.698842][ T4931] team0: Port device team_slave_1 added
[   63.721403][ T4931] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.728451][ T4931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.754589][ T4931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.765931][ T4931] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.773060][ T4931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.799048][ T4931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.829577][ T4931] hsr_slave_0: entered promiscuous mode
[   63.835753][ T4931] hsr_slave_1: entered promiscuous mode
[   63.841751][ T4931] debugfs: 'hsr0' already exists in 'hsr'
[   63.847505][ T4931] Cannot create hsr debugfs directory
[   63.933585][ T4931] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   63.944185][ T4931] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   63.961195][ T4931] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   63.977526][ T4931] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   63.999988][ T4931] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.007213][ T4931] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.014663][ T4931] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.021843][ T4931] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.055356][ T5008] tmpfs: Bad value for 'mpol'
[   64.058727][ T4931] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.076047][  T297] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.084413][  T297] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.097350][ T4931] 8021q: adding VLAN 0 to HW filter on device team0
[   64.108142][  T297] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.115665][  T297] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.135068][  T297] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.142327][  T297] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.165438][ T5011] loop4: detected capacity change from 0 to 2048
[   64.229394][ T4931] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.250167][ T5011] Alternate GPT is invalid, using primary GPT.
[   64.256540][ T5011]  loop4: p1 p2 p3
[   64.260325][ T5011] loop4: partition table partially beyond EOD, truncated
[   64.441207][ T5033] loop4: detected capacity change from 0 to 1024
[   64.455077][ T5033] EXT4-fs: Ignoring removed orlov option
[   64.482149][ T5033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.483353][ T4931] veth0_vlan: entered promiscuous mode
[   64.515022][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.517178][ T4931] veth1_vlan: entered promiscuous mode
[   64.557821][ T4931] veth0_macvtap: entered promiscuous mode
[   64.574967][ T4931] veth1_macvtap: entered promiscuous mode
[   64.613425][ T4931] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.628491][ T4931] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.639917][  T297] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.667944][  T297] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.695422][  T297] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.718447][  T297] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.740532][ T5046] __nla_validate_parse: 5 callbacks suppressed
[   64.740547][ T5046] netlink: 24 bytes leftover after parsing attributes in process `syz.4.480'.
[   64.921323][ T5052] lo speed is unknown, defaulting to 1000
[   64.992036][ T5054] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   65.146055][ T5061] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   65.154316][ T5061] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   65.364876][ T5068] syzkaller0: entered promiscuous mode
[   65.370397][ T5068] syzkaller0: entered allmulticast mode
[   65.679589][ T5070] netlink: 'syz.3.487': attribute type 4 has an invalid length.
[   65.687320][ T5070] netlink: 17 bytes leftover after parsing attributes in process `syz.3.487'.
[   66.194684][ T5089] lo speed is unknown, defaulting to 1000
[   66.311550][ T5063] kexec: Could not allocate control_code_buffer
[   66.341599][ T5093] smc: removing ib device s
z1
[   66.425933][ T5096] msdos: Unknown parameter '�'
[   66.460182][ T5098] netlink: 'syz.1.498': attribute type 4 has an invalid length.
[   66.468013][ T5098] netlink: 17 bytes leftover after parsing attributes in process `syz.1.498'.
[   66.579440][ T5100] loop1: detected capacity change from 0 to 1024
[   66.593387][ T5100] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.621196][ T5100] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: comm syz.1.499: inode #808464432: comm syz.1.499: iget: illegal inode #
[   66.641094][ T5100] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.499: error while reading EA inode 808464432 err=-117
[   66.677250][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.708645][   T29] kauditd_printk_skb: 456 callbacks suppressed
[   66.708662][   T29] audit: type=1326 audit(1761536659.502:11503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   66.738393][   T29] audit: type=1326 audit(1761536659.502:11504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   66.762009][   T29] audit: type=1326 audit(1761536659.502:11505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   66.799556][ T5110] loop1: detected capacity change from 0 to 1024
[   66.809061][ T5110] EXT4-fs: Ignoring removed bh option
[   66.814597][ T5110] EXT4-fs: inline encryption not supported
[   66.822353][ T5113] FAULT_INJECTION: forcing a failure.
[   66.822353][ T5113] name failslab, interval 1, probability 0, space 0, times 0
[   66.833190][ T5110] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   66.835023][ T5113] CPU: 1 UID: 0 PID: 5113 Comm: syz.4.502 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.835099][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   66.835116][ T5113] Call Trace:
[   66.835125][ T5113]  <TASK>
[   66.835136][ T5113]  __dump_stack+0x1d/0x30
[   66.835167][ T5113]  dump_stack_lvl+0xe8/0x140
[   66.835196][ T5113]  dump_stack+0x15/0x1b
[   66.835257][ T5113]  should_fail_ex+0x265/0x280
[   66.835284][ T5113]  should_failslab+0x8c/0xb0
[   66.835323][ T5113]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   66.835386][ T5113]  ? __d_alloc+0x3d/0x340
[   66.835430][ T5113]  __d_alloc+0x3d/0x340
[   66.835477][ T5113]  d_alloc_parallel+0x58/0xc70
[   66.835500][ T5113]  ? __d_lookup+0x316/0x340
[   66.835527][ T5113]  ? lookup_noperm_common+0x1be/0x2a0
[   66.835557][ T5113]  ? d_lookup+0xb2/0xd0
[   66.835581][ T5113]  proc_fill_cache+0x158/0x240
[   66.835694][ T5113]  ? __pfx_proc_fd_instantiate+0x10/0x10
[   66.835734][ T5113]  proc_readfd_common+0x28b/0x3c0
[   66.835769][ T5113]  ? __pfx_proc_fd_instantiate+0x10/0x10
[   66.835962][ T5113]  proc_fd_iterate+0x24/0x30
[   66.835993][ T5113]  iterate_dir+0x114/0x330
[   66.836020][ T5113]  ? mutex_lock+0xd/0x30
[   66.836055][ T5113]  __se_sys_getdents64+0x88/0x1b0
[   66.836139][ T5113]  ? __pfx_filldir64+0x10/0x10
[   66.836173][ T5113]  __x64_sys_getdents64+0x43/0x50
[   66.836203][ T5113]  x64_sys_call+0x2dae/0x3000
[   66.836236][ T5113]  do_syscall_64+0xd2/0x200
[   66.836259][ T5113]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.836323][ T5113]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.836372][ T5113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.836409][ T5113] RIP: 0033:0x7f179761efc9
[   66.836429][ T5113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.836454][ T5113] RSP: 002b:00007f179607f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   66.836487][ T5113] RAX: ffffffffffffffda RBX: 00007f1797875fa0 RCX: 00007f179761efc9
[   66.836507][ T5113] RDX: 0000000000000069 RSI: 0000200000000040 RDI: 0000000000000006
[   66.836578][ T5113] RBP: 00007f179607f090 R08: 0000000000000000 R09: 0000000000000000
[   66.836593][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.836610][ T5113] R13: 00007f1797876038 R14: 00007f1797875fa0 R15: 00007ffd06946e18
[   66.836637][ T5113]  </TASK>
[   67.069154][ T5122] netlink: 8 bytes leftover after parsing attributes in process `syz.4.506'.
[   67.076480][   T29] audit: type=1326 audit(1761536659.502:11506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   67.111278][   T29] audit: type=1326 audit(1761536659.502:11507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   67.121116][ T5110] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   67.134734][   T29] audit: type=1326 audit(1761536659.502:11508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   67.144431][ T5110] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.501: lblock 2 mapped to illegal pblock 2 (length 1)
[   67.166380][   T29] audit: type=1326 audit(1761536659.512:11509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   67.166494][   T29] audit: type=1326 audit(1761536659.512:11510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   67.227125][   T29] audit: type=1326 audit(1761536659.512:11511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   67.250543][   T29] audit: type=1326 audit(1761536659.562:11512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5109 comm="syz.1.501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f208920efc9 code=0x7ffc0000
[   67.276585][ T5110] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.501: lblock 0 mapped to illegal pblock 48 (length 1)
[   67.324388][ T5110] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.501: Failed to acquire dquot type 0
[   67.337307][ T5110] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   67.347167][ T5110] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.501: mark_inode_dirty error
[   67.358518][ T5110] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   67.369039][ T5110] EXT4-fs (loop1): 1 orphan inode deleted
[   67.391549][  T312] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[   67.466001][ T5127] netlink: 8 bytes leftover after parsing attributes in process `syz.4.507'.
[   67.551725][ T5110] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   67.552873][  T312] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 0
[   67.571515][ T5110] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #2: block 16: comm syz.1.501: lblock 0 mapped to illegal pblock 16 (length 1)
[   67.634704][ T5110] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #2: block 16: comm syz.1.501: lblock 0 mapped to illegal pblock 16 (length 1)
[   67.680887][ T5110] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #2: block 16: comm syz.1.501: lblock 0 mapped to illegal pblock 16 (length 1)
[   67.685904][ T5096] loop5: detected capacity change from 0 to 2048
[   67.746415][ T3319] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[   67.752527][ T5096]  loop5: p1 p2 p3
[   67.765917][ T3319] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   67.781238][ T3319] EXT4-fs error (device loop1): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[   67.805072][ T5137] netlink: 'syz.1.509': attribute type 4 has an invalid length.
[   67.812817][ T5137] netlink: 17 bytes leftover after parsing attributes in process `syz.1.509'.
[   67.839798][ T5108] loop2: detected capacity change from 0 to 2048
[   67.887887][ T5108]  loop2: p1 p2 p3
[   67.982794][ T5143] loop1: detected capacity change from 0 to 128
[   68.226305][ T5152] syzkaller0: entered promiscuous mode
[   68.231898][ T5152] syzkaller0: entered allmulticast mode
[   68.377541][ T5163] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[   68.385957][ T5163] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[   68.419645][ T5165] Cannot find add_set index 0 as target
[   68.454473][ T5167] loop5: detected capacity change from 0 to 2048
[   68.457127][ T5169] netlink: 8 bytes leftover after parsing attributes in process `syz.2.522'.
[   68.474141][ T5167] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.604652][ T5178] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5178 comm=syz.2.524
[   68.672086][ T5185] netlink: 80 bytes leftover after parsing attributes in process `syz.2.527'.
[   68.683720][ T5185] x_tables: ip_tables: icmp match: only valid for protocol 1
[   68.763992][ T5191] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   68.772311][ T5191] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   68.803085][ T1791] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 345: padding at end of block bitmap is not set
[   68.810381][ T5195] Cannot find add_set index 0 as target
[   68.825153][ T1791] EXT4-fs (loop5): Remounting filesystem read-only
[   68.831996][  T312] EXT4-fs warning (device loop5): ext4_convert_unwritten_extents:4984: inode #15: block 3: len 13: ext4_ext_map_blocks returned -30
[   68.921944][ T5205] loop5: detected capacity change from 0 to 512
[   68.932178][ T5205] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.535: Failed to acquire dquot type 1
[   68.944149][ T5205] EXT4-fs (loop5): 1 truncate cleaned up
[   68.950353][ T5205] EXT4-fs mount: 4 callbacks suppressed
[   68.950364][ T5205] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.968973][ T5205] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.989262][ T4931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.042970][ T5215] netlink: 8 bytes leftover after parsing attributes in process `syz.1.538'.
[   69.284959][ T5221] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   69.393631][ T5227] loop1: detected capacity change from 0 to 1024
[   69.400452][ T5227] EXT4-fs: Ignoring removed nobh option
[   69.410854][ T5227] EXT4-fs: Ignoring removed bh option
[   69.431783][ T5227] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.458817][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.692049][ T5240] --map-set only usable from mangle table
[   69.799685][ T5248] netlink: 24 bytes leftover after parsing attributes in process `syz.4.550'.
[   69.844267][ T5254] netlink: 8 bytes leftover after parsing attributes in process `syz.4.552'.
[   69.938920][ T5258] msdos: Unknown parameter '�'
[   70.374132][ T5265] loop1: detected capacity change from 0 to 2048
[   70.414205][ T5265] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.632317][ T5261] loop5: detected capacity change from 0 to 2048
[   70.682116][ T5261]  loop5: p1 p2 p3
[   70.907762][ T5281] ������: renamed from vlan0 (while UP)
[   70.929492][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.000539][ T5286] netlink: 'syz.3.562': attribute type 4 has an invalid length.
[   71.008279][ T5286] netlink: 17 bytes leftover after parsing attributes in process `syz.3.562'.
[   71.051050][ T5289] msdos: Unknown parameter '�'
[   71.134188][ T5295] loop2: detected capacity change from 0 to 512
[   71.141239][ T5295] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   71.149924][ T5295] EXT4-fs (loop2): invalid journal inode
[   71.155774][ T5295] EXT4-fs (loop2): can't get journal size
[   71.162426][ T5295] EXT4-fs (loop2): 1 truncate cleaned up
[   71.168468][ T5295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.184315][ T5295] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   71.265771][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.485589][ T5289] loop3: detected capacity change from 0 to 2048
[   71.532009][ T5289]  loop3: p1 p2 p3
[   71.771240][ T5310] netlink: 24 bytes leftover after parsing attributes in process `syz.3.568'.
[   71.845083][   T29] kauditd_printk_skb: 462 callbacks suppressed
[   71.845100][   T29] audit: type=1400 audit(1761536664.642:11970): avc:  denied  { create } for  pid=5315 comm="syz.1.571" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.872714][   T29] audit: type=1400 audit(1761536664.642:11971): avc:  denied  { write } for  pid=5315 comm="syz.1.571" name="file0" dev="tmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.895172][   T29] audit: type=1400 audit(1761536664.642:11972): avc:  denied  { open } for  pid=5315 comm="syz.1.571" path="/115/file0" dev="tmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.918224][   T29] audit: type=1400 audit(1761536664.702:11973): avc:  denied  { ioctl } for  pid=5315 comm="syz.1.571" path="/115/file0" dev="tmpfs" ino=629 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   71.952645][   T29] audit: type=1400 audit(1761536664.752:11974): avc:  denied  { unlink } for  pid=3319 comm="syz-executor" name="file0" dev="tmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   72.069903][ T5320] Driver unsupported XDP return value 0 on prog  (id 354) dev N/A, expect packet loss!
[   72.133470][ T5325] netlink: 'syz.5.573': attribute type 4 has an invalid length.
[   72.141281][ T5325] netlink: 17 bytes leftover after parsing attributes in process `syz.5.573'.
[   72.199708][   T29] audit: type=1400 audit(1761536664.992:11975): avc:  denied  { read } for  pid=5323 comm="syz.1.574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   72.224965][ T5332] msdos: Unknown parameter '�'
[   72.552695][   T29] audit: type=1400 audit(1761536665.352:11976): avc:  denied  { bind } for  pid=5340 comm="syz.2.577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   72.573871][   T29] audit: type=1326 audit(1761536665.372:11977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5340 comm="syz.2.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d45aefc9 code=0x7ffc0000
[   72.601041][   T29] audit: type=1326 audit(1761536665.392:11978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5340 comm="syz.2.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff0d45aefc9 code=0x7ffc0000
[   72.624664][   T29] audit: type=1326 audit(1761536665.392:11979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5340 comm="syz.2.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d45aefc9 code=0x7ffc0000
[   72.701293][ T5349] netlink: 24 bytes leftover after parsing attributes in process `syz.3.579'.
[   72.730347][ T5332] loop5: detected capacity change from 0 to 2048
[   72.784933][ T5332]  loop5: p1 p2 p3
[   73.122717][ T5371] netlink: 8 bytes leftover after parsing attributes in process `syz.1.587'.
[   73.343005][ T5377] loop5: detected capacity change from 0 to 512
[   73.759707][ T5388] SELinux: syz.2.591 (5388) set checkreqprot to 1. This is no longer supported.
[   74.104499][ T5399] netlink: 24 bytes leftover after parsing attributes in process `syz.1.595'.
[   74.129810][ T5402] msdos: Unknown parameter '�'
[   74.177397][ T5403] loop5: detected capacity change from 0 to 164
[   74.186156][ T5403] process 'syz.5.592' launched '/dev/fd/7' with NULL argv: empty string added
[   74.195907][ T5403] syz.5.592: attempt to access beyond end of device
[   74.195907][ T5403] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   74.209957][ T5403] syz.5.592: attempt to access beyond end of device
[   74.209957][ T5403] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   74.519394][ T5409] 9pnet_fd: Insufficient options for proto=fd
[   74.548368][ T5402] loop1: detected capacity change from 0 to 2048
[   74.611791][ T5402]  loop1: p1 p2 p3
[   74.846450][ T5415] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   74.857926][ T5426] SELinux:  policydb string  does not match my string SE Linux
[   74.870734][ T5426] SELinux: failed to load policy
[   74.945367][ T5436] netlink: 24 bytes leftover after parsing attributes in process `syz.1.608'.
[   75.517065][ T5454] msdos: Unknown parameter '�PL'
[   75.567297][ T5456] SELinux:  policydb string SE L does not match my string SE Linux
[   75.575515][ T5456] SELinux: failed to load policy
[   75.623035][ T5463] netlink: 24 bytes leftover after parsing attributes in process `syz.4.618'.
[   75.772476][ T5467] netlink: 28 bytes leftover after parsing attributes in process `syz.4.619'.
[   75.781456][ T5467] netlink: 108 bytes leftover after parsing attributes in process `syz.4.619'.
[   75.790861][ T5467] netlink: 28 bytes leftover after parsing attributes in process `syz.4.619'.
[   75.800593][ T5467] netlink: 108 bytes leftover after parsing attributes in process `syz.4.619'.
[   75.809617][ T5467] netlink: 84 bytes leftover after parsing attributes in process `syz.4.619'.
[   75.888762][ T5471] loop4: detected capacity change from 0 to 128
[   75.889083][ T5471] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   75.895606][ T5471] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   76.164679][ T5480] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   76.301361][ T5454] loop3: detected capacity change from 0 to 2048
[   76.351887][ T5454]  loop3: p1 p2 p3
[   76.479323][ T5488] FAULT_INJECTION: forcing a failure.
[   76.479323][ T5488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.479404][ T5488] CPU: 1 UID: 0 PID: 5488 Comm: syz.2.625 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.479428][ T5488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   76.479451][ T5488] Call Trace:
[   76.479458][ T5488]  <TASK>
[   76.479466][ T5488]  __dump_stack+0x1d/0x30
[   76.479498][ T5488]  dump_stack_lvl+0xe8/0x140
[   76.479570][ T5488]  dump_stack+0x15/0x1b
[   76.479592][ T5488]  should_fail_ex+0x265/0x280
[   76.479613][ T5488]  should_fail+0xb/0x20
[   76.479628][ T5488]  should_fail_usercopy+0x1a/0x20
[   76.479647][ T5488]  _copy_from_user+0x1c/0xb0
[   76.479707][ T5488]  dev_ethtool+0x52/0x1670
[   76.479749][ T5488]  ? full_name_hash+0x92/0xe0
[   76.479780][ T5488]  ? strcmp+0x22/0x50
[   76.479812][ T5488]  dev_ioctl+0x2e0/0x960
[   76.479836][ T5488]  sock_do_ioctl+0x197/0x220
[   76.479862][ T5488]  sock_ioctl+0x41b/0x610
[   76.479883][ T5488]  ? __pfx_sock_ioctl+0x10/0x10
[   76.479910][ T5488]  __se_sys_ioctl+0xce/0x140
[   76.479954][ T5488]  __x64_sys_ioctl+0x43/0x50
[   76.479983][ T5488]  x64_sys_call+0x1816/0x3000
[   76.480005][ T5488]  do_syscall_64+0xd2/0x200
[   76.480027][ T5488]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   76.480132][ T5488]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   76.480233][ T5488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.480258][ T5488] RIP: 0033:0x7ff0d45aefc9
[   76.480334][ T5488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.480362][ T5488] RSP: 002b:00007ff0d300f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   76.480385][ T5488] RAX: ffffffffffffffda RBX: 00007ff0d4805fa0 RCX: 00007ff0d45aefc9
[   76.480448][ T5488] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000022
[   76.480460][ T5488] RBP: 00007ff0d300f090 R08: 0000000000000000 R09: 0000000000000000
[   76.480492][ T5488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.480504][ T5488] R13: 00007ff0d4806038 R14: 00007ff0d4805fa0 R15: 00007fff18a2aa18
[   76.480523][ T5488]  </TASK>
[   76.701048][ T5497] syzkaller0: entered promiscuous mode
[   76.795157][ T5497] syzkaller0: entered allmulticast mode
[   76.823650][  T312] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   76.842540][ T5500] netlink: 24 bytes leftover after parsing attributes in process `syz.4.629'.
[   76.903426][   T29] kauditd_printk_skb: 232 callbacks suppressed
[   76.903442][   T29] audit: type=1326 audit(1761536669.702:12212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   76.935536][ T5508] netlink: 'syz.5.633': attribute type 4 has an invalid length.
[   76.943362][ T5508] netlink: 17 bytes leftover after parsing attributes in process `syz.5.633'.
[   76.948725][ T5504] netlink: 8 bytes leftover after parsing attributes in process `syz.4.631'.
[   76.953493][   T29] audit: type=1326 audit(1761536669.742:12213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   76.984710][   T29] audit: type=1326 audit(1761536669.742:12214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   77.008298][   T29] audit: type=1326 audit(1761536669.742:12215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   77.031827][   T29] audit: type=1326 audit(1761536669.742:12216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   77.055269][   T29] audit: type=1326 audit(1761536669.742:12217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179761efc9 code=0x7ffc0000
[   77.078799][   T29] audit: type=1326 audit(1761536669.742:12218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1797620ee7 code=0x7ffc0000
[   77.102269][   T29] audit: type=1326 audit(1761536669.742:12219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f1797620e5c code=0x7ffc0000
[   77.125743][   T29] audit: type=1326 audit(1761536669.742:12220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f1797620d94 code=0x7ffc0000
[   77.149189][   T29] audit: type=1326 audit(1761536669.742:12221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.4.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f1797620d94 code=0x7ffc0000
[   77.269358][ T5521] loop4: detected capacity change from 0 to 2048
[   77.276300][ T5522] SELinux:  policydb string SE Lin does not match my string SE Linux
[   77.287304][ T5522] SELinux: failed to load policy
[   77.386792][ T5534] msdos: Unknown parameter '�PL'
[   77.406003][ T5521] SELinux: failed to load policy
[   77.409698][ T5536] bridge_slave_1: left allmulticast mode
[   77.416738][ T5536] bridge_slave_1: left promiscuous mode
[   77.422508][ T5536] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.431255][ T5536] bridge_slave_0: left allmulticast mode
[   77.437089][ T5536] bridge_slave_0: left promiscuous mode
[   77.442828][ T5536] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.480997][ T5540] loop5: detected capacity change from 0 to 1024
[   77.490213][ T5540] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.645: Failed to acquire dquot type 0
[   77.503494][ T5540] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   77.530740][ T5540] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.645: corrupted inode contents
[   77.552443][ T5546] netlink: 'syz.1.646': attribute type 4 has an invalid length.
[   77.569282][ T5540] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #13: comm syz.5.645: mark_inode_dirty error
[   77.589113][ T5540] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.645: corrupted inode contents
[   77.607637][ T5540] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.645: mark_inode_dirty error
[   77.623168][ T5527] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[   77.681516][ T5550] syzkaller0: entered promiscuous mode
[   77.687054][ T5550] syzkaller0: entered allmulticast mode
[   77.711661][ T5540] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.645: corrupted inode contents
[   77.730330][ T5540] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[   77.767840][ T5540] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.645: corrupted inode contents
[   77.780029][ T5540] EXT4-fs error (device loop5): ext4_truncate:4637: inode #13: comm syz.5.645: mark_inode_dirty error
[   77.791332][ T5540] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[   77.801631][ T5540] EXT4-fs (loop5): 1 truncate cleaned up
[   77.808008][ T5540] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.837967][ T5536] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   77.859049][ T4931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.903043][ T5534] loop2: detected capacity change from 0 to 2048
[   77.933125][ T5564] SELinux:  policydb string SE Lin does not match my string SE Linux
[   77.933304][ T5534]  loop2: p1 p2 p3
[   77.941460][ T5564] SELinux: failed to load policy
[   78.119345][ T5576] gre0: entered promiscuous mode
[   78.151989][ T5576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   78.160746][ T5576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.234642][ T5578] netlink: 'syz.3.658': attribute type 4 has an invalid length.
[   78.333913][ T5583] loop3: detected capacity change from 0 to 1024
[   78.341322][ T5583] EXT4-fs: Ignoring removed bh option
[   78.346908][ T5583] EXT4-fs: inline encryption not supported
[   78.354968][ T5583] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   78.374742][ T5583] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   78.385313][ T5583] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.660: lblock 2 mapped to illegal pblock 2 (length 1)
[   78.399734][ T5583] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.660: lblock 0 mapped to illegal pblock 48 (length 1)
[   78.429659][ T5583] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.660: Failed to acquire dquot type 0
[   78.445494][ T5583] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   78.455411][ T5583] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.660: mark_inode_dirty error
[   78.468410][ T5583] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   78.479126][ T5583] EXT4-fs (loop3): 1 orphan inode deleted
[   78.485874][ T5583] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.499651][  T312] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[   78.514916][  T312] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 0
[   78.528624][ T5583] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   78.538286][ T5583] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 16: comm syz.3.660: lblock 0 mapped to illegal pblock 16 (length 1)
[   78.588840][ T3312] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   78.599913][ T3312] CPU: 1 UID: 0 PID: 3312 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.599996][ T3312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   78.600012][ T3312] Call Trace:
[   78.600020][ T3312]  <TASK>
[   78.600028][ T3312]  __dump_stack+0x1d/0x30
[   78.600056][ T3312]  dump_stack_lvl+0xe8/0x140
[   78.600110][ T3312]  dump_stack+0x15/0x1b
[   78.600133][ T3312]  dump_header+0x81/0x220
[   78.600182][ T3312]  oom_kill_process+0x342/0x400
[   78.600223][ T3312]  out_of_memory+0x979/0xb80
[   78.600289][ T3312]  try_charge_memcg+0x610/0xa10
[   78.600326][ T3312]  charge_memcg+0x51/0xc0
[   78.600354][ T3312]  __mem_cgroup_charge+0x28/0xb0
[   78.600416][ T3312]  filemap_add_folio+0x111/0x360
[   78.600452][ T3312]  __filemap_get_folio+0x31e/0x650
[   78.600484][ T3312]  filemap_fault+0x447/0xb60
[   78.600509][ T3312]  __do_fault+0xbc/0x200
[   78.600560][ T3312]  handle_mm_fault+0xf78/0x2be0
[   78.600593][ T3312]  ? vma_start_read+0x141/0x1f0
[   78.600642][ T3312]  do_user_addr_fault+0x630/0x1080
[   78.600671][ T3312]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.600735][ T3312]  exc_page_fault+0x62/0xa0
[   78.600772][ T3312]  asm_exc_page_fault+0x26/0x30
[   78.600795][ T3312] RIP: 0033:0x7f17974f5ed4
[   78.600813][ T3312] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 c8 f8 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d d9 f7 ea 00 48 01 d1
[   78.600834][ T3312] RSP: 002b:00007ffd069471a0 EFLAGS: 00010202
[   78.600853][ T3312] RAX: 0000001b33a24000 RBX: 0000000000000177 RCX: 00000000000130b0
[   78.600944][ T3312] RDX: 000000000877f294 RSI: 00007ffd06947230 RDI: 0000000000000001
[   78.600955][ T3312] RBP: 00007ffd069471dc R08: 00000000204e1050 R09: 7fffffffffffffff
[   78.600981][ T3312] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[   78.600992][ T3312] R13: 00000000000927c0 R14: 000000000001307d R15: 00007ffd06947230
[   78.601137][ T3312]  </TASK>
[   78.790850][ T3312] memory: usage 307200kB, limit 307200kB, failcnt 9914
[   78.797825][ T3312] memory+swap: usage 307204kB, limit 9007199254740988kB, failcnt 0
[   78.805805][ T3312] kmem: usage 307108kB, limit 9007199254740988kB, failcnt 0
[   78.813138][ T3312] Memory cgroup stats for /syz4:
[   78.818102][ T5587] loop2: detected capacity change from 0 to 1024
[   78.831439][ T3312] cache 0
[   78.834525][ T3312] rss 0
[   78.837439][ T3312] shmem 0
[   78.840423][ T3312] mapped_file 0
[   78.843973][ T3312] dirty 0
[   78.846919][ T3312] writeback 0
[   78.850209][ T3312] workingset_refault_anon 1
[   78.854748][ T3312] workingset_refault_file 0
[   78.859308][ T3312] swap 118784
[   78.862635][ T3312] swapcached 86016
[   78.866355][ T3312] pgpgin 110582
[   78.869890][ T3312] pgpgout 110561
[   78.873533][ T3312] pgfault 106123
[   78.877094][ T3312] pgmajfault 6
[   78.880477][ T3312] inactive_anon 86016
[   78.882378][ T5587] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.884519][ T3312] active_anon 0
[   78.900096][ T3312] inactive_file 0
[   78.903797][ T3312] active_file 0
[   78.907277][ T3312] unevictable 0
[   78.910818][ T3312] hierarchical_memory_limit 314572800
[   78.916306][ T3312] hierarchical_memsw_limit 9223372036854771712
[   78.922716][ T3312] total_cache 0
[   78.926191][ T3312] total_rss 0
[   78.929474][ T3312] total_shmem 0
[   78.933033][ T3312] total_mapped_file 0
[   78.937116][ T3312] total_dirty 0
[   78.940567][ T3312] total_writeback 0
[   78.944411][ T3312] total_workingset_refault_anon 1
[   78.949446][ T3312] total_workingset_refault_file 0
[   78.954512][ T3312] total_swap 118784
[   78.958324][ T3312] total_swapcached 86016
[   78.962608][ T3312] total_pgpgin 110582
[   78.966592][ T3312] total_pgpgout 110561
[   78.970745][ T3312] total_pgfault 106123
[   78.974834][ T3312] total_pgmajfault 6
[   78.978756][ T3312] total_inactive_anon 86016
[   78.983289][ T3312] total_active_anon 0
[   78.987303][ T3312] total_inactive_file 0
[   78.991558][ T3312] total_active_file 0
[   78.995547][ T3312] total_unevictable 0
[   78.999600][ T3312] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.653,pid=5565,uid=0
[   79.014223][ T3312] Memory cgroup out of memory: Killed process 5565 (syz.4.653) total-vm:93824kB, anon-rss:1136kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   79.032655][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.043949][ T3315] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[   79.057671][ T3315] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   79.067790][ T3315] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[   79.218244][ T5566] syz.4.653 (5566) used greatest stack depth: 9528 bytes left
[   79.235783][ T5603] syzkaller0: entered promiscuous mode
[   79.241425][ T5603] syzkaller0: entered allmulticast mode
[   79.258185][ T5608] msdos: Unknown parameter '�PL'
[   79.441054][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.648067][ T5608] loop4: detected capacity change from 0 to 2048
[   79.702085][ T5608]  loop4: p1 p2 p3
[   79.945172][ T5627] loop4: detected capacity change from 0 to 2048
[   80.024374][ T5629] netlink: 'syz.4.676': attribute type 4 has an invalid length.
[   80.032350][ T5629] __nla_validate_parse: 8 callbacks suppressed
[   80.032366][ T5629] netlink: 17 bytes leftover after parsing attributes in process `syz.4.676'.
[   80.080257][ T5631] netlink: 24 bytes leftover after parsing attributes in process `syz.4.677'.
[   80.203542][ T5644] netlink: 24 bytes leftover after parsing attributes in process `syz.4.684'.
[   80.227211][ T5647] netlink: 24 bytes leftover after parsing attributes in process `syz.5.685'.
[   80.239352][ T5645] netlink: 8 bytes leftover after parsing attributes in process `syz.3.683'.
[   80.249881][ T5649] netlink: 4436 bytes leftover after parsing attributes in process `syz.4.686'.
[   80.263849][ T5649] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[   80.278853][ T5651] netlink: 'syz.5.687': attribute type 4 has an invalid length.
[   80.286662][ T5651] netlink: 17 bytes leftover after parsing attributes in process `syz.5.687'.
[   80.399964][ T5658] netlink: 24 bytes leftover after parsing attributes in process `syz.3.689'.
[   80.458817][ T5656] loop4: detected capacity change from 0 to 8192
[   80.485845][ T5664] IPv6: Can't replace route, no match found
[   80.494187][ T5656]  loop4: p1 p2 p3 p4
[   80.498402][ T5664] loop2: detected capacity change from 0 to 164
[   80.498402][ T5656] loop4: p1 size 196608 extends beyond EOD, 
[   80.504712][ T5656] truncated
[   80.514802][ T5656] loop4: p2 start 164919041 is beyond EOD, truncated
[   80.521637][ T5656] loop4: p3 size 66846464 extends beyond EOD, truncated
[   80.529311][ T5656] loop4: p4 size 37048832 extends beyond EOD, truncated
[   80.663745][ T5681] syzkaller0: entered promiscuous mode
[   80.669258][ T5681] syzkaller0: entered allmulticast mode
[   81.131432][ T5698] netlink: 24 bytes leftover after parsing attributes in process `syz.1.702'.
[   81.662198][ T5737] pim6reg: entered allmulticast mode
[   81.701486][ T3387] kernel write not supported for file [eventfd] (pid: 3387 comm: kworker/1:3)
[   81.736451][ T5737] pim6reg: left allmulticast mode
[   81.756955][ T5741] loop3: detected capacity change from 0 to 2048
[   81.818687][ T5744] loop2: detected capacity change from 0 to 256
[   81.840138][ T5744] vfat: Unknown parameter '0xffffffffffffffff����'
[   81.860082][ T5741] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   81.872382][ T5741] SELinux: failed to load policy
[   81.897174][ T5744] loop2: detected capacity change from 0 to 1024
[   81.907013][ T5744] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   81.925988][   T29] kauditd_printk_skb: 543 callbacks suppressed
[   81.926007][   T29] audit: type=1326 audit(1761536674.722:12760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5743 comm="syz.2.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff0d45ad810 code=0x7ffc0000
[   81.955824][   T29] audit: type=1326 audit(1761536674.722:12761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5743 comm="syz.2.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff0d45aebcb code=0x7ffc0000
[   81.979328][   T29] audit: type=1326 audit(1761536674.722:12762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5743 comm="syz.2.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff0d45adc2a code=0x7ffc0000
[   82.005588][   T29] audit: type=1326 audit(1761536674.722:12763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5743 comm="syz.2.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d45aefc9 code=0x7ffc0000
[   82.029230][   T29] audit: type=1326 audit(1761536674.722:12764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5743 comm="syz.2.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d45aefc9 code=0x7ffc0000
[   82.052737][   T29] audit: type=1326 audit(1761536674.722:12765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5743 comm="syz.2.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7ff0d45aefc9 code=0x7ffc0000
[   82.076167][   T29] audit: type=1400 audit(1761536674.722:12766): avc:  denied  { remount } for  pid=5743 comm="syz.2.718" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   82.077491][ T5754] loop5: detected capacity change from 0 to 164
[   82.096125][   T29] audit: type=1326 audit(1761536674.722:12767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5743 comm="syz.2.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d45aefc9 code=0x7ffc0000
[   82.125831][   T29] audit: type=1326 audit(1761536674.722:12768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5743 comm="syz.2.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d45aefc9 code=0x7ffc0000
[   82.146289][ T5752] loop4: detected capacity change from 0 to 164
[   82.179117][ T5746] syz.5.719: attempt to access beyond end of device
[   82.179117][ T5746] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   82.195194][ T5752] syz.4.720: attempt to access beyond end of device
[   82.195194][ T5752] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   82.196137][ T5746] syz.5.719: attempt to access beyond end of device
[   82.196137][ T5746] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   82.212650][ T5752] syz.4.720: attempt to access beyond end of device
[   82.212650][ T5752] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[   82.251377][   T29] audit: type=1400 audit(1761536675.042:12769): avc:  denied  { create } for  pid=5763 comm="syz.1.723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   82.369043][ T5767] loop1: detected capacity change from 0 to 1024
[   82.376363][ T5767] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.395603][ T5767] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.436826][ T5774] loop5: detected capacity change from 0 to 128
[   82.505725][ T5774] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   82.701904][ T5778] netlink: 'syz.5.727': attribute type 1 has an invalid length.
[   82.854711][ T5786] netlink: 24 bytes leftover after parsing attributes in process `syz.3.729'.
[   83.094309][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.277612][ T5805] loop3: detected capacity change from 0 to 4096
[   83.314324][ T5805] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.292992][ T5833] loop5: detected capacity change from 0 to 2048
[   84.496682][ T5845] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   84.533323][ T5845] SELinux: failed to load policy
[   84.832010][ T5858] loop2: detected capacity change from 0 to 1024
[   84.869215][ T5858] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.900098][ T5858] journal_path: Lookup failure for 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/'
[   84.912276][ T5858] EXT4-fs: error: could not find journal device path
[   85.062411][ T5862] loop2: detected capacity change from 0 to 8192
[   85.101999][ T5862]  loop2: p1 p2 p3 p4
[   85.106112][ T5862] loop2: p1 size 196608 extends beyond EOD, truncated
[   85.117457][ T5862] loop2: p2 start 164919041 is beyond EOD, truncated
[   85.124277][ T5862] loop2: p3 size 66846464 extends beyond EOD, truncated
[   85.138898][ T5862] loop2: p4 size 37048832 extends beyond EOD, truncated
[   85.206177][ T5868] __nla_validate_parse: 4 callbacks suppressed
[   85.206195][ T5868] netlink: 24 bytes leftover after parsing attributes in process `syz.4.757'.
[   85.223467][ T5864] loop1: detected capacity change from 0 to 1024
[   85.230591][ T5864] EXT4-fs: Ignoring removed bh option
[   85.253986][ T5864] EXT4-fs: inline encryption not supported
[   85.265987][ T5864] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   85.295768][ T5864] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   85.305459][ T5864] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 2: comm syz.1.755: lblock 2 mapped to illegal pblock 2 (length 1)
[   85.330887][ T5864] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 48: comm syz.1.755: lblock 0 mapped to illegal pblock 48 (length 1)
[   85.354657][ T5875] netlink: 8 bytes leftover after parsing attributes in process `syz.4.760'.
[   85.371004][ T5877] netlink: 8 bytes leftover after parsing attributes in process `syz.5.761'.
[   85.385923][ T5864] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.755: Failed to acquire dquot type 0
[   85.421877][ T5864] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   85.431981][ T5864] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.755: mark_inode_dirty error
[   85.443524][ T5864] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   85.471880][ T5864] EXT4-fs (loop1): 1 orphan inode deleted
[   85.479618][ T5864] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.492258][   T12] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[   85.511981][ T5864] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   85.525240][ T5864] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #2: block 16: comm syz.1.755: lblock 0 mapped to illegal pblock 16 (length 1)
[   85.544308][   T12] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 0
[   85.583437][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.615873][ T5884] msdos: Unknown parameter '�PL'
[   85.620896][ T3319] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[   85.660823][ T3319] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   85.680943][ T3319] EXT4-fs error (device loop1): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[   85.697323][ T5886] loop4: detected capacity change from 0 to 8192
[   85.721371][ T3319] ==================================================================
[   85.729523][ T3319] BUG: KCSAN: data-race in __lru_add_drain_all / folio_add_lru
[   85.737085][ T3319] 
[   85.739430][ T3319] read-write to 0xffff888237d25ee8 of 1 bytes by task 5889 on cpu 1:
[   85.747601][ T3319]  folio_add_lru+0xa5/0x1f0
[   85.752129][ T3319]  shmem_get_folio_gfp+0x7ab/0xd60
[   85.757368][ T3319]  shmem_fault+0xf6/0x250
[   85.761727][ T3319]  __do_fault+0xbc/0x200
[   85.765986][ T3319]  handle_mm_fault+0xf78/0x2be0
[   85.770852][ T3319]  __get_user_pages+0x102a/0x1ed0
[   85.775990][ T3319]  __mm_populate+0x243/0x3a0
[   85.780614][ T3319]  vm_mmap_pgoff+0x232/0x2e0
[   85.785238][ T3319]  ksys_mmap_pgoff+0xc2/0x310
[   85.790017][ T3319]  x64_sys_call+0x14a3/0x3000
[   85.794729][ T3319]  do_syscall_64+0xd2/0x200
[   85.799246][ T3319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.805165][ T3319] 
[   85.807499][ T3319] read to 0xffff888237d25ee8 of 1 bytes by task 3319 on cpu 0:
[   85.815054][ T3319]  __lru_add_drain_all+0x17e/0x450
[   85.820185][ T3319]  lru_add_drain_all+0x10/0x20
[   85.825003][ T3319]  invalidate_bdev+0x47/0x70
[   85.829703][ T3319]  ext4_put_super+0x624/0x7d0
[   85.834408][ T3319]  generic_shutdown_super+0xe6/0x210
[   85.839707][ T3319]  kill_block_super+0x2a/0x70
[   85.844422][ T3319]  ext4_kill_sb+0x42/0x80
[   85.848767][ T3319]  deactivate_locked_super+0x75/0x1c0
[   85.854164][ T3319]  deactivate_super+0x97/0xa0
[   85.858877][ T3319]  cleanup_mnt+0x269/0x2e0
[   85.863313][ T3319]  __cleanup_mnt+0x19/0x20
[   85.867752][ T3319]  task_work_run+0x131/0x1a0
[   85.872379][ T3319]  exit_to_user_mode_loop+0xed/0x110
[   85.877692][ T3319]  do_syscall_64+0x1d6/0x200
[   85.882294][ T3319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.888205][ T3319] 
[   85.890541][ T3319] value changed: 0x13 -> 0x16
[   85.895231][ T3319] 
[   85.897567][ T3319] Reported by Kernel Concurrency Sanitizer on:
[   85.903724][ T3319] CPU: 0 UID: 0 PID: 3319 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.913667][ T3319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   85.923747][ T3319] ==================================================================
[   86.402037][ T5884] loop5: detected capacity change from 0 to 2048
[   86.442187][ T5884]  loop5: p1 p2 p3
[   86.621817][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.