last executing test programs:

2.919656676s ago: executing program 1 (id=3865):
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r2, 0x0, 0x415}, 0x18)
unshare(0x64000600)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000)
r5 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x1269041, &(0x7f0000000280)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYBLOB="b9f93e4d055ce5c5e3cc332e42037be6fd69a7af956e0b506164273ac1df1b3de0bbd1e525b3b6c216d422086911a0142a24b4ed15dc5b3de7a2e63b61db257e846aca826eb5f4bf76f2625bb0f34b5df1bd6d76e881a8e187f0cf88dab3a058121601002fd03131a73e215bebe5d006a598d0edffeb6a3d125da954dd3c08dda220", @ANYRES16=0x0, @ANYBLOB="aefc15ad26c8ecebe6d97be923675b74b262637894972a5c10d63bc86c9955875b48a991e09a91d338a7020db88a44bc03af2c122e9755b985e73e61b37854e6af5ece69956f03a1b3a20524d76ef9271a04cc151defe4dc24824cd88cdd7e3e41ea1f7fdce4a01165461ce93964fee1c569f2c8671c6f90d7b022d4d4dcef2bf96471b50b94c2ec04fc495bd2475435f975defe9731afab0b3fe36eb8dd87d291f31a4279d18689a152802993ba106ae6b3533f17dc612b9414bb9bd4e6659e2457b71b0a9518d3fe91fa4bd492220c5b8e25342cd3929722cdf460396ea00900b6d328910d792ccf5222d9b0f2898c41df6364462c19d8dd3e1e37c08097a328e592656ff77d50969e01f0c38c4ed0a29e08b1664e6ac4a558d3989c8e8746c6d156f580d2305dfc74f90c35a772a855cf02db1e4fab15b5cae3908ca3adb69d5af369e6db2861a97aa2a31ca90aa0c5e6d12956377fcdcdfbaba69160f32209b14bf46529bfe67caf53a2fe53ffec75e6d50ce612431a0815a12d5528a4dc706f5eb09975846264581f451cfdc861cfb2438241791a33db94f1cb4ebaa039d2bb4f87d46794788d753bc00e22909ae1b6b0d7583384feb4676ba66d898377c1fbf88ca5bde78f3215f0978723b292e1828a5527a8da57998a05e6a1b2a2d296af6a08e355f7ea52286177b7e2f122f86fe814a1320490ee268bf29fadd27ea7df8708c21bb7b27bb8078ee4a6e7b9ddf6c5c4be28711682a405d010c93357d297b327f13684ce1bfcc88484050897493b39daa4b2559319d18008be814e0127806282b39bdc61a1c744292e18745ad9751cdffe950368551b0b1405599cb99cdb93f7f2422365a649e5cf0eecd5a6856d2ae08b8f85d0bcb778c03c54da5a341f78b6a777e67cc10a2359b899e5a78b9c818c48ee2e094aa2bad2be70e378c09e1cd9f2451aced6e1b8c93947e1ba3d9fd06d77b843b8fada4dc89d8c61d18401358dbcf844e945d150a50a6c6b49e1b3c35fa9154dbe4054e9c574774facf7523796eaea94de53e2e6d72df5e89b4875ae023992010329369619553fb4831512b161e527bba5e36e4f1eacb017b831fa1f9ee423474bc73753db7549450c109411d05ad7fb6fa87defda6232d58ee6f7cbe0fb83cea79b105d02f3240e084d1d63cbe81dde24e63bab30fa470e90e08be4a8afcd74baa0bfff05aac6bb9d3f6cdb8bd67ce59a07560ccfa154293f57a58cfa465c07c8be7ae1815e95339c77db63aab2bced8144b6c4ad67aefc302a36fa9705528d9b47a49baffd655083027f0667687050d884ed45d67bc911a95e92c772107112e7c982884a2a2d6aeb6b88943696369ebf684e7d4c1c9d78d6b75a0d1ba000124cffe6fea5ceae49dbb840645dd52d77b1175f9a06c23dd91f5e3ad5780f051e6f7345ae3492cd2eba5798fc8269ce0b8f7965f6a43ce5d99639c6ea09946926700c4e15bda83027d8b32987c55bcbb37961b8cedaff27dc268e9bea3978342e95faad63918d05056c3d5000af36f36e20cffd8715e5e5460677353105fdecaecd4b712e4addccc6b5706893a7c36680f072a74ee3ab927f999405319ab34892673f0c261c98d4acfbd60bcd7e30ca2a22c586fe6686662d7cd8b1b6075c07500653c4be822fb5b024b18cb9ae32e2b42e638bcec9c771c02af81e5e04fc6cd9a5f48f014b2f1882ad85f28ab9b533d7b930af519636ffd3ef58956920c51c065b77e00eb9a0f7f8acf53011b593867cd456223fb73fb356d57839cdac4b0437c153d1325876a6b599bd7a14c7bd29d3f4512c0ee87c74886c5a2805733bac860669c72e94319db65e976e54a602d8536b415cf4202a1379098c768930daa98af3cd4a7d42514ed3d379c531d5230c138277e185908675a04ee1ec52394237f798566616dc5499685c192997172cb991913c9b90dbfbf584f8af8f0677cb0ab14727c683c32df19e8f2da5d68b71afb83be42ee7894f6e6292f3a2ebc802ff71c6322389f28b946e7a9a3c7c9e253b2c3641fef5b8ca3d4691af9635697ba69d54ee6290798f830fff96d4a93581e106e0fb005ea29f5957da5312ecd016bcfc95331230af2b699b4bcbbb401bdcb39d4a123b8e76679d2722e3f0c716082022c379f2d13d1d903758547ea1351c9bdcbbaf99a8ad218850142b84ed2539d0119d76d9763815e65ff3f5ee5e9caada6bef54e6134a31a9736eb8a58af4a7152453524002c2ce74ef3149f1d45f5e515aa25268513f7f2a6e320e4e3e40da427c87c72615185eb530f8e6de6ebb084dc770fd4c0b53c12e30a12304332b81522a9edf5158390b23ce3722375462437e831300f5a082eb09182d2b18df4ec0a044b3e948bf758e55daa0e3f35221bc701f41c4ba386ed7d29be6b0cb417a8ad30877a86f49d38490f2b6f9433df8cffc970ffc3c463c0b0f1ca305c86e5d7e134946ec221df7774b552ee520901d9a41dec11c3279b61558e673fc81c39c232cb9f00fd0bdbd2c17c1d9af9d9efaf9bc4f864f48bb99aeddba2f76b3839da2f541d04bb0e4d8c5a435d506b63ea2581189424dc76fad38e9d6b8895e0e24b8b035e3d0639fb4412a56699ec95b1e7a23ea7b7692f841762549676b169d20639513ae7484c1c7e635c42bad2316fc6aae36cdb3d60e928ce6218a20ec51aa688f5330372be13cf0788cc81077ab3604d4be6cfbd371834d842c5baeab672e0bce72515d7d38f2d1bfdd91f25ced035bd322bc946ed846ea2ea3bc8c362d9459b30876a7db978d083f2fb51047e26d331c644412394a44c90888a245ffbb08038143bed67f00732eaa9f4a49db53df0d374e2e75d4ab6c65d9de48d0d1e9921c0c0811e4a624044b84d380af7820e8d75063faef058888fa72a8716fe40619a196113de9e0c14b1cbddd510320e9047fa9d53cd1a95384311d7e89e7f386555e54a6bd547d779b17d334a174c979ebd756fb471e5eda0752694d3a5966e0633f9de7636d48cf15d2ad7d9ee60c4cbabc3f51c3471c32e24f3649f0b09a484fcc7c4cada72a0f2479ecd916787f89fc84d47ea8174b7613e664e6456d9a6b524b292711acfd9640f73cb6764c820bc6806670c4baaebdb81d3ff1ecdf319dc845d85aeae2aa8736fb1b27899afbf235e1202406c2b22e59bc38e152b9437363c05dbb44966b7256679740aad99a61ff87879443b47601eb7c46d7ca62282a147f52ea3776344939c1407ac13c22f3a5033c4ecccc1c14fcd7e66a844cf0f2abbce0c70b6a38d80d18ed28a1b5acddd51538a60e7a2f1dcd5a3961e219727e6818c9efc25eeea1cad0864b64aa781120963d16c3efce348cf4fd46302337669d1790470b18dc1c061e1442fcd7f760da208e2337ab29e17ef28cddf35269aaefb0fd109c732cf4f887850b50a6ee3da06056be997516d7470e4fa4637487a442adbab74e0cb700b73d3dcd840ec9b8e67535a59da3a53f0c6540a4218de9a26e5c9414e4497b76a3eee16a9e0ff62d08777ca60ec1f13c131c1ca54876eca55ac435515c32a4ef1ed14900f1c9647978387fc9b61807eebfdb94f2ee5641c96ccdf9d9f2c1ed69d3ab5ad7ca27502b86e8a20e7ea64f7b346865fd07f86ab64c590cb2f5a763aa1d3c069b7acc2e5d26c72025da44b57da116a18f6ea170b5e15759f67c8d7aa24b77f983aabd6d518b9f67f864970a5a07a4aecf1b35930b2e2d9e4efa6a14d27f10c87ef6a9431f3eed7a8b3610a1641678c785b1e1dd11017032cb0d176d74fe3ccfdde1143b6e2a988639e146c6b12515050ff3432c449cf507131317ecb2ef1b42f1182dee727b98a902d5ade6be52218a7727ebef2cf7845d9912e672ba11b9e2df8a2edaa45eaead575c017c5ec6d937d11a395745fa84c3294d39d016b500f6331ec8ffe82a2e43de69a7a8b7d582b78e6e8c35b7c5a1609076b4af48e6fc910b3e7161074ad33ebe93a17ea686129c46b7fbc418705e438df1282d8676508fef9703ea9f986d7d1275a8d6bc66561d5855be40921e838265bb46b70be539564c6908026f3d68ec9dabf38f661f914fc3e6d2e881d1de899f6e99e1431c471e700c3e29390f6a7b6b1a177e11a9667b4ccae69befdb1eb586f66fe9ae7c04a1693a5ebeb327391740453c343acf379db2f75393a486f3874998cfe79081ac616ab96c554ddad90bcb03e14b79a7ed62731550938c8a0cdfb41ab1c9eddd6664874f1e4bc94d86a794443cc7f1ad9e97d631f3d8c9545cbe4acb89f575e54ce588780976f8a650425d9f6410182405a45aa8a56c4196e4e591eb20a860f412503c9d37441b2dfb46fe331bf3bbad26a0b3982814d063dee723080e182294677d3b55ad29cd8fec04514fe26541a293f6d86584a94464cebfd9441997f48eaf570f21ba38b8ca9d4d397ec23576e6792b45a3aad16f3d3641de5f985c6311796819ea36fe6e6974ec0745be1416ab8245266876f575931b1c71137ec19c4daf02f619f944c1b6fc4390caabed8bc51e940f0aab149f0b813094cec0de80b2c8ba477064a41e43edebece0a22aee352f7c7ca04c78837a7928053518b3cb8a6f6b581c5970d179049816c5bb16e065a5ec15682d304c3a8052b5acb2b1c52d7c7c78eb6d610261db959f90923a1b8beb5bd9cca44d13edae6455748b17ff3366f7bd879618e7da3fe6bb3fd1dffa817f8a77278c643c9f8a9459e4a6d6057590052ae172cd727e11364424846cdffbcc399874acf223515316528a20f91b4199c614a0656cd373a8ac2881edd06d77463ec59b5771fe592a2dc4ed2d0a1b7378846ab604b21b427cf5d480de3ee275adbf1f15af4f6fccad02dd3073448b663b71dc2953168ee3112d9119e93b28f26b0858b5598b63453962fed682b7d2c41b6afd180d1b5108f71fdb885e26fe11018ca01a58e676fdcc8c5a85c2e6473653a089bbc98687edf6e4421db4295d3205bc363fb7484bf02e8b8e85ae6a93e4070e277427e1578651c098f1e1ec80fcca2f73cb7e11e8f6e9242e6f7723bbc7ec55154621f228ecf9796836bf05beed95d90c0d1b22a2f4baf3016d08bebd61e507d9967355b1c2471fd995ab9783a40c67361eb93c21ce3c5b02cd19fa522be154b1a2eba4997494b0b5b69b381d20e6f46eba0ca702b859399749294dc580c782dbfde0729ef9a02961e0e1e8b841132c1d93cad516fa2a9ffde39800d34af3e915cd3e7cde5cd1fe51c095b5e71e5c13d760d3987b5ca2ea72abb1ddc9d8497a2a12ed1156009373e0c10bf89e4cf0600da8ea7c598849d57e74e4c13777791b77d718c650ebe9d4d2199ad891c97b7a09ffb13f19a20967f7c1df50760d34fcd6308479ff4833be563a72392fb1781718d289c6ecd8b7e68f58d0619e49b7129fd86f9d54d5e1d604d1996658eb4469f661bea46ca114ffaf80ea8b8f2d58eef6657ded9ca78cd0b8bc83e824624dfb7006c6bf8f3114fccc8b4771c5ff208452a380bc9dfd64dceb940734853d87bb2056f0fe9247d9ea2541ce9b6c8417a37c05d2f481419e1478692824cf450a3faa67611c12298df90d08b6e75e49473e0d90603d5328316fc4825077fc9f848c5dc2c062ce3272238971b9b0f781e571b33ccda60b2309cb6c5f7b1f550f160f168184eb6b812e58600ecc276b17d15b17125b06bfd57d1e555cb3c737e537993027268793fdedc704465d263fcd3b58a35c163f222acf9b81e1fc0743e2158cb12fbbe7bf38ab3295d8f244fe4b1c762f25"], 0x1, 0x1237, &(0x7f0000001900)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==")

1.98106372s ago: executing program 2 (id=3874):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000038000000030a01040000000000000000010f00010900030073797a32000000000c00024000000000000000010900010073797a30"], 0xac}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES64=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x20048005)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x4000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000001000010400004000fedbdf2501f80000", @ANYRES32=0x0, @ANYBLOB="01020400000000002800128008000100736974001c00028008000200c6120001060008001900000005000a00fd00"], 0x58}}, 0x0)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
sendmsg$NFC_CMD_DEP_LINK_UP(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0))
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r7)
sendmsg$NFC_CMD_SE_IO(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="08000000c7bc084f2c22a8e7f86fa0a74aff6c206c52ac176d4fc4eaf811adeb336ef83b14f4c0fff1d54be4c4c7d94b23bf", @ANYRES16=r8, @ANYBLOB="01002bbd7000ffdbdf251b00000005001900dc00000008001500c000000008000100", @ANYRES16=r2, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080))
r9 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r10 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r10, &(0x7f0000000b80)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0xc4, @private0, 0xfffffffe}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000740)="1e25974b07b05271c4f8f10e450607c0dc55964bc0b4c1fbe8f9bc7eec87c780759812c206004c24374efd337cf61473512dc5bbd7", 0x35}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e21, 0xd7d, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0xffffffff}, 0x1c, &(0x7f0000000ac0)=[{&(0x7f00000006c0)='w', 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r10, 0x1)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r10, 0x84, 0x18, &(0x7f0000000040)={0x0, 0x400}, 0x8)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r11)
ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0))

1.972081s ago: executing program 1 (id=3875):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x4000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x2, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0xe}, @IFLA_BR_GROUP_FWD_MASK={0x6, 0x9, 0x8b}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
unshare(0x20040600)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8e600000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket$inet_icmp(0x2, 0x2, 0x1)

1.925210071s ago: executing program 3 (id=3876):
creat(&(0x7f0000000040)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioprio_get$pid(0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1, 0x0, 0x400000000}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x515002, 0xc6)
getdents(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000900)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x6, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000adf00000000000005a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500fc2700000000000000000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xff}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @void, @value}, 0x94)

1.817999262s ago: executing program 3 (id=3877):
syz_open_dev$usbfs(0x0, 0x77, 0x41341)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x1269041, &(0x7f0000000280)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYBLOB="b9f93e4d055ce5c5e3cc332e42037be6fd69a7af956e0b506164273ac1df1b3de0bbd1e525b3b6c216d422086911a0142a24b4ed15dc5b3de7a2e63b61db257e846aca826eb5f4bf76f2625bb0f34b5df1bd6d76e881a8e187f0cf88dab3a058121601002fd03131a73e215bebe5d006a598d0edffeb6a3d125da954dd3c08dda220", @ANYRES16=0x0, @ANYBLOB="aefc15ad26c8ecebe6d97be923675b74b262637894972a5c10d63bc86c9955875b48a991e09a91d338a7020db88a44bc03af2c122e9755b985e73e61b37854e6af5ece69956f03a1b3a20524d76ef9271a04cc151defe4dc24824cd88cdd7e3e41ea1f7fdce4a01165461ce93964fee1c569f2c8671c6f90d7b022d4d4dcef2bf96471b50b94c2ec04fc495bd2475435f975defe9731afab0b3fe36eb8dd87d291f31a4279d18689a152802993ba106ae6b3533f17dc612b9414bb9bd4e6659e2457b71b0a9518d3fe91fa4bd492220c5b8e25342cd3929722cdf460396ea00900b6d328910d792ccf5222d9b0f2898c41df6364462c19d8dd3e1e37c08097a328e592656ff77d50969e01f0c38c4ed0a29e08b1664e6ac4a558d3989c8e8746c6d156f580d2305dfc74f90c35a772a855cf02db1e4fab15b5cae3908ca3adb69d5af369e6db2861a97aa2a31ca90aa0c5e6d12956377fcdcdfbaba69160f32209b14bf46529bfe67caf53a2fe53ffec75e6d50ce612431a0815a12d5528a4dc706f5eb09975846264581f451cfdc861cfb2438241791a33db94f1cb4ebaa039d2bb4f87d46794788d753bc00e22909ae1b6b0d7583384feb4676ba66d898377c1fbf88ca5bde78f3215f0978723b292e1828a5527a8da57998a05e6a1b2a2d296af6a08e355f7ea52286177b7e2f122f86fe814a1320490ee268bf29fadd27ea7df8708c21bb7b27bb8078ee4a6e7b9ddf6c5c4be28711682a405d010c93357d297b327f13684ce1bfcc88484050897493b39daa4b2559319d18008be814e0127806282b39bdc61a1c744292e18745ad9751cdffe950368551b0b1405599cb99cdb93f7f2422365a649e5cf0eecd5a6856d2ae08b8f85d0bcb778c03c54da5a341f78b6a777e67cc10a2359b899e5a78b9c818c48ee2e094aa2bad2be70e378c09e1cd9f2451aced6e1b8c93947e1ba3d9fd06d77b843b8fada4dc89d8c61d18401358dbcf844e945d150a50a6c6b49e1b3c35fa9154dbe4054e9c574774facf7523796eaea94de53e2e6d72df5e89b4875ae023992010329369619553fb4831512b161e527bba5e36e4f1eacb017b831fa1f9ee423474bc73753db7549450c109411d05ad7fb6fa87defda6232d58ee6f7cbe0fb83cea79b105d02f3240e084d1d63cbe81dde24e63bab30fa470e90e08be4a8afcd74baa0bfff05aac6bb9d3f6cdb8bd67ce59a07560ccfa154293f57a58cfa465c07c8be7ae1815e95339c77db63aab2bced8144b6c4ad67aefc302a36fa9705528d9b47a49baffd655083027f0667687050d884ed45d67bc911a95e92c772107112e7c982884a2a2d6aeb6b88943696369ebf684e7d4c1c9d78d6b75a0d1ba000124cffe6fea5ceae49dbb840645dd52d77b1175f9a06c23dd91f5e3ad5780f051e6f7345ae3492cd2eba5798fc8269ce0b8f7965f6a43ce5d99639c6ea09946926700c4e15bda83027d8b32987c55bcbb37961b8cedaff27dc268e9bea3978342e95faad63918d05056c3d5000af36f36e20cffd8715e5e5460677353105fdecaecd4b712e4addccc6b5706893a7c36680f072a74ee3ab927f999405319ab34892673f0c261c98d4acfbd60bcd7e30ca2a22c586fe6686662d7cd8b1b6075c07500653c4be822fb5b024b18cb9ae32e2b42e638bcec9c771c02af81e5e04fc6cd9a5f48f014b2f1882ad85f28ab9b533d7b930af519636ffd3ef58956920c51c065b77e00eb9a0f7f8acf53011b593867cd456223fb73fb356d57839cdac4b0437c153d1325876a6b599bd7a14c7bd29d3f4512c0ee87c74886c5a2805733bac860669c72e94319db65e976e54a602d8536b415cf4202a1379098c768930daa98af3cd4a7d42514ed3d379c531d5230c138277e185908675a04ee1ec52394237f798566616dc5499685c192997172cb991913c9b90dbfbf584f8af8f0677cb0ab14727c683c32df19e8f2da5d68b71afb83be42ee7894f6e6292f3a2ebc802ff71c6322389f28b946e7a9a3c7c9e253b2c3641fef5b8ca3d4691af9635697ba69d54ee6290798f830fff96d4a93581e106e0fb005ea29f5957da5312ecd016bcfc95331230af2b699b4bcbbb401bdcb39d4a123b8e76679d2722e3f0c716082022c379f2d13d1d903758547ea1351c9bdcbbaf99a8ad218850142b84ed2539d0119d76d9763815e65ff3f5ee5e9caada6bef54e6134a31a9736eb8a58af4a7152453524002c2ce74ef3149f1d45f5e515aa25268513f7f2a6e320e4e3e40da427c87c72615185eb530f8e6de6ebb084dc770fd4c0b53c12e30a12304332b81522a9edf5158390b23ce3722375462437e831300f5a082eb09182d2b18df4ec0a044b3e948bf758e55daa0e3f35221bc701f41c4ba386ed7d29be6b0cb417a8ad30877a86f49d38490f2b6f9433df8cffc970ffc3c463c0b0f1ca305c86e5d7e134946ec221df7774b552ee520901d9a41dec11c3279b61558e673fc81c39c232cb9f00fd0bdbd2c17c1d9af9d9efaf9bc4f864f48bb99aeddba2f76b3839da2f541d04bb0e4d8c5a435d506b63ea2581189424dc76fad38e9d6b8895e0e24b8b035e3d0639fb4412a56699ec95b1e7a23ea7b7692f841762549676b169d20639513ae7484c1c7e635c42bad2316fc6aae36cdb3d60e928ce6218a20ec51aa688f5330372be13cf0788cc81077ab3604d4be6cfbd371834d842c5baeab672e0bce72515d7d38f2d1bfdd91f25ced035bd322bc946ed846ea2ea3bc8c362d9459b30876a7db978d083f2fb51047e26d331c644412394a44c90888a245ffbb08038143bed67f00732eaa9f4a49db53df0d374e2e75d4ab6c65d9de48d0d1e9921c0c0811e4a624044b84d380af7820e8d75063faef058888fa72a8716fe40619a196113de9e0c14b1cbddd510320e9047fa9d53cd1a95384311d7e89e7f386555e54a6bd547d779b17d334a174c979ebd756fb471e5eda0752694d3a5966e0633f9de7636d48cf15d2ad7d9ee60c4cbabc3f51c3471c32e24f3649f0b09a484fcc7c4cada72a0f2479ecd916787f89fc84d47ea8174b7613e664e6456d9a6b524b292711acfd9640f73cb6764c820bc6806670c4baaebdb81d3ff1ecdf319dc845d85aeae2aa8736fb1b27899afbf235e1202406c2b22e59bc38e152b9437363c05dbb44966b7256679740aad99a61ff87879443b47601eb7c46d7ca62282a147f52ea3776344939c1407ac13c22f3a5033c4ecccc1c14fcd7e66a844cf0f2abbce0c70b6a38d80d18ed28a1b5acddd51538a60e7a2f1dcd5a3961e219727e6818c9efc25eeea1cad0864b64aa781120963d16c3efce348cf4fd46302337669d1790470b18dc1c061e1442fcd7f760da208e2337ab29e17ef28cddf35269aaefb0fd109c732cf4f887850b50a6ee3da06056be997516d7470e4fa4637487a442adbab74e0cb700b73d3dcd840ec9b8e67535a59da3a53f0c6540a4218de9a26e5c9414e4497b76a3eee16a9e0ff62d08777ca60ec1f13c131c1ca54876eca55ac435515c32a4ef1ed14900f1c9647978387fc9b61807eebfdb94f2ee5641c96ccdf9d9f2c1ed69d3ab5ad7ca27502b86e8a20e7ea64f7b346865fd07f86ab64c590cb2f5a763aa1d3c069b7acc2e5d26c72025da44b57da116a18f6ea170b5e15759f67c8d7aa24b77f983aabd6d518b9f67f864970a5a07a4aecf1b35930b2e2d9e4efa6a14d27f10c87ef6a9431f3eed7a8b3610a1641678c785b1e1dd11017032cb0d176d74fe3ccfdde1143b6e2a988639e146c6b12515050ff3432c449cf507131317ecb2ef1b42f1182dee727b98a902d5ade6be52218a7727ebef2cf7845d9912e672ba11b9e2df8a2edaa45eaead575c017c5ec6d937d11a395745fa84c3294d39d016b500f6331ec8ffe82a2e43de69a7a8b7d582b78e6e8c35b7c5a1609076b4af48e6fc910b3e7161074ad33ebe93a17ea686129c46b7fbc418705e438df1282d8676508fef9703ea9f986d7d1275a8d6bc66561d5855be40921e838265bb46b70be539564c6908026f3d68ec9dabf38f661f914fc3e6d2e881d1de899f6e99e1431c471e700c3e29390f6a7b6b1a177e11a9667b4ccae69befdb1eb586f66fe9ae7c04a1693a5ebeb327391740453c343acf379db2f75393a486f3874998cfe79081ac616ab96c554ddad90bcb03e14b79a7ed62731550938c8a0cdfb41ab1c9eddd6664874f1e4bc94d86a794443cc7f1ad9e97d631f3d8c9545cbe4acb89f575e54ce588780976f8a650425d9f6410182405a45aa8a56c4196e4e591eb20a860f412503c9d37441b2dfb46fe331bf3bbad26a0b3982814d063dee723080e182294677d3b55ad29cd8fec04514fe26541a293f6d86584a94464cebfd9441997f48eaf570f21ba38b8ca9d4d397ec23576e6792b45a3aad16f3d3641de5f985c6311796819ea36fe6e6974ec0745be1416ab8245266876f575931b1c71137ec19c4daf02f619f944c1b6fc4390caabed8bc51e940f0aab149f0b813094cec0de80b2c8ba477064a41e43edebece0a22aee352f7c7ca04c78837a7928053518b3cb8a6f6b581c5970d179049816c5bb16e065a5ec15682d304c3a8052b5acb2b1c52d7c7c78eb6d610261db959f90923a1b8beb5bd9cca44d13edae6455748b17ff3366f7bd879618e7da3fe6bb3fd1dffa817f8a77278c643c9f8a9459e4a6d6057590052ae172cd727e11364424846cdffbcc399874acf223515316528a20f91b4199c614a0656cd373a8ac2881edd06d77463ec59b5771fe592a2dc4ed2d0a1b7378846ab604b21b427cf5d480de3ee275adbf1f15af4f6fccad02dd3073448b663b71dc2953168ee3112d9119e93b28f26b0858b5598b63453962fed682b7d2c41b6afd180d1b5108f71fdb885e26fe11018ca01a58e676fdcc8c5a85c2e6473653a089bbc98687edf6e4421db4295d3205bc363fb7484bf02e8b8e85ae6a93e4070e277427e1578651c098f1e1ec80fcca2f73cb7e11e8f6e9242e6f7723bbc7ec55154621f228ecf9796836bf05beed95d90c0d1b22a2f4baf3016d08bebd61e507d9967355b1c2471fd995ab9783a40c67361eb93c21ce3c5b02cd19fa522be154b1a2eba4997494b0b5b69b381d20e6f46eba0ca702b859399749294dc580c782dbfde0729ef9a02961e0e1e8b841132c1d93cad516fa2a9ffde39800d34af3e915cd3e7cde5cd1fe51c095b5e71e5c13d760d3987b5ca2ea72abb1ddc9d8497a2a12ed1156009373e0c10bf89e4cf0600da8ea7c598849d57e74e4c13777791b77d718c650ebe9d4d2199ad891c97b7a09ffb13f19a20967f7c1df50760d34fcd6308479ff4833be563a72392fb1781718d289c6ecd8b7e68f58d0619e49b7129fd86f9d54d5e1d604d1996658eb4469f661bea46ca114ffaf80ea8b8f2d58eef6657ded9ca78cd0b8bc83e824624dfb7006c6bf8f3114fccc8b4771c5ff208452a380bc9dfd64dceb940734853d87bb2056f0fe9247d9ea2541ce9b6c8417a37c05d2f481419e1478692824cf450a3faa67611c12298df90d08b6e75e49473e0d90603d5328316fc4825077fc9f848c5dc2c062ce3272238971b9b0f781e571b33ccda60b2309cb6c5f7b1f550f160f168184eb6b812e58600ecc276b17d15b17125b06bfd57d1e555cb3c737e537993027268793fdedc704465d263fcd3b58a35c163f222acf9b81e1fc0743e2158cb12fbbe7bf38ab3295d8f244fe4b1c762f25"], 0x1, 0x1237, &(0x7f0000001900)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==")

1.31296556s ago: executing program 2 (id=3878):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1}, 0x38)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
fsopen(&(0x7f0000000300)='tracefs\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x20)
open(&(0x7f0000000040)='./file0\x00', 0x551083, 0x40)

1.28467308s ago: executing program 1 (id=3880):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x0, 0x0, 0x19e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000009000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400dd94b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1000000, &(0x7f00000007c0)={[{@mblk_io_submit}]}, 0xfe, 0x52c, &(0x7f0000000d40)="$eJzs3U9vG2kZAPBnJnY2abPrLHBYVmJ3xS5KIqjTbOhuhNACEoLTSgvlHkLiRlGcuIqdtokqSMUHQEIIkLjAiQsSHwAJ9SMgpEpwR4BAFbRw4FAYZHuchtROU+LY3eT3k97MO//8PK/jGc87M/IEcG69ERHTEZFlWTYTEaV8epqX2GuX5nIPH9xebpYksuzq35JI8mmd13ohH17MVxuLiK9/NeJbyZNx6zu760vVamUrH59tbCSPsmz30trG0mpltbI5/1K8s/DuwpWFy31p52REvPflP//wez//ynu//szNPyz+dfrb7Qa2HWxHP7WbXmy9Fx2FiNg6jWBDUmi1sO3KkHMBAOBozeP9j0TEJyNiJkox0jqaa5kZbmYAAABAv2RfmIhHSfv6HwAAAHA2pRExER+MlvP7fSciTcvl9j28H4sLabVWb3w6K+2fL5iMYnptrVq5nN87MBnFpDk+l99j2xl/+9D4fES8HBE/KI23xsvLterKUM98AAAAwPlxsdXnT9JO//+fpXb/HwAAADhjJoedAAAAAHDq9P8BAADg7NP/BwAAgDPtg/ffb5as8/zrlRs72+u1G5dWKvX18sb2cnm5tnW9vFqrrd4vRNQ2nvZ61Vrt+mdjc/vWbKNSb8zWd3YXN2rbm43Ftf95BDYAAAAwQC+/fvf3SUTsfW48jYgsOTCvGJGNHFy4MPj8gNOTPsvCfzq9PIDBGxl2AsDQOKSH86s47ASAoXvafqDnzTu/6X8uAADA6Zj6+P71/1ZpGs3nJd1X2RtcdsBpyq//Jz22deAMc/0fzq/OeX/3AcD5UzzqCECnAM689Bib+smv/2fZMyUFAAD03USrJGk57wdMRJqWyxEvth4L8Pis4EsR8btS8YVra9XKXGtK4vQAAAAAAAAAAAAAAAAAAAAAAAAAABxTliWR9dB+GmCM9poPAAAAfDhEpH9J8ud/TZXemjh8fmA0+VepNYyImz+5+qNbS43G1lxz+t/3pzd+nE9/e+CnLwAAAIAuOv30Tj8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrp4YPby50yyLj3vxQRk93iF2KsNRyLYkRc+EcShQPrJREx0of4e3ci4pVu8ZNmWjGZZ3E4fhoR40OOf7EP8eE8u9vc/3yx2/aXxhutYfftr5CXk2rv/0a6xu/s/0Z67P9e7PaC6ZOTXr33y9me8e9EvFrovv/pxE/yN6FwIHazvHnMNn7zG7u7veZlP4uY6vr9k+wv06zNJoXrs/Wd3UtrG0urldXK5vz83DsL7y5cWbg8e22tWsn/do3x/U/86j9Htf9Cj/iTj9vf9f1/65jt//e9Ww8+2q4WD80qxk+zbPrN7p+/V9rxP794KH7nu+9T+b+7OT7Vqe+16we99ovfvvb6Ee1f6dH+sae0f/qY7Z/52nf/eMxFAYABqO/sri9Vq5WtZ6skEXsnWP0ElcgPPgYadHCV8Xgu0uhzZTwGGHTpyM9G5yB2APl8Jw/1XPwL/q8NDQAAOEuS/YP+YWcCAAAAAAAAAAAAAAAAAAAA51d9Z/TI3yc75s/RPczaui5zOObecJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCk/wYAAP//2f7FUg==")
truncate(&(0x7f0000000080)='./file2\x00', 0x1ff)

1.270658451s ago: executing program 2 (id=3881):
syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
socket$rxrpc(0x21, 0x2, 0xa)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x2, 0x80000000000004, 0x6}, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) (fail_nth: 6)

1.082560323s ago: executing program 2 (id=3883):
perf_event_open(&(0x7f0000000140)={0x2, 0x58, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x2, 0x0, 0x7, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)}], 0x1}, 0x20008800)

886.754106ms ago: executing program 4 (id=3885):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r1, @ANYBLOB="000000000000000000000000000000027b8af80800000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000008000a4000000000"], 0xb4}}, 0x20050800)
unshare(0x40020000)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r4 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
ioctl$SG_BLKTRACETEARDOWN(r4, 0x1276, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073f97a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f50000000000000000020000000900"], 0x34}}, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="2000000004000000020000000000000001020000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ffffffff00"/28], 0x9d)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r10 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r10], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)

770.040068ms ago: executing program 2 (id=3887):
creat(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioprio_get$pid(0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x515002, 0xc6)
getdents(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x6, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000adf00000000000005a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500fc2700000000000000000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xff}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @void, @value}, 0x94)

765.053648ms ago: executing program 2 (id=3888):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r0)
syz_open_dev$loop(&(0x7f0000000080), 0x400, 0x4000)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000181200000000000000", @ANYRES32=r4, @ANYBLOB="0000000000010000b703000000000000850000001b000000b708000007000000950000000000007f5ab37252e8491d0536af57419ce87200"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
syz_emit_ethernet(0xfffffffffffffdcf, &(0x7f0000000440)={@empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@generic={0x201, "6245814707f999284ee8fe4ef5e9c8ce99e9bd6f1f0c73ff29c51a8621a9830fedc0a3faa3e899409615d7c25ba0baf405df1ab345a3334517bd4f7b7a04e65426dcc730bd8f1d18b5a6314bc7f1d53e2f804e8c04d7e58cb367fe4e4d6ee7418726cbd37b33b4929ec0fa8e1f1f7bbc6510bbeef5def4af76cd3efe346a97f1c918428b536a8b40251baad34bf143014edfc9a5a0e16cabaf11cd1ac41b3c16353d6c2ff4128d75c16ecda90c56e5c20051082ac7f4deb50041f12d93f1774b95739e69fe76573e80729e715c91e4d63a0fae120278ac0b8fd8e87933d917fc2905f6d51bd6f8360000000000000000"}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r9 = epoll_create(0x3ff)
r10 = epoll_create1(0x80000)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70800000000504c00007b8af8ff00000000bfa200000000050007020000f8ffffffb703000008000000b7040000000000008500000003000000950000bff7e0b00000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r12}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r10, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r9, 0x3, r10, &(0x7f0000000280)={0x2000000})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r13}, 0x10)

573.057561ms ago: executing program 4 (id=3891):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x4000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x2, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0xe}, @IFLA_BR_GROUP_FWD_MASK={0x6, 0x9, 0x8b}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
unshare(0x20040600)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8e600000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket$inet_icmp(0x2, 0x2, 0x1)

536.787312ms ago: executing program 3 (id=3893):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000008c0), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1a000000040000000f000000d900000000000000", @ANYRES32, @ANYBLOB="40000000000000bca7aa6e000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r5, 0xffffffffffffffff, 0x0)
unshare(0x26000400)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+cKJzzqvoeV/Zz+uj97xHJ4DUOlf7JxMxHBHvRMSx+ubWJ5yrP6w/vj1TWzJRrV75KJM8r7bdfGrz/x2JiLWIGIyIP/424m+ZnXHLK6vz08ViYamxna8sLObLK6sXry9MzxXmCjfGJi9NTU2OToxP7Vlb7/7nH3cvv/H7gdc/+/fD+/99681atYYbZZvbsZfqTe+PE5v29UXEr/YjWA/kGu0Z6nVF+EZqP7/vRsT5JP+PRS75aXbmyb7WDNhv1Wq1+mX1ULvitSpwYGWTY+BMdiQi6uvZ7MhI/Rj+e3E4WyyVKz+7Vlq+MVs/Vj4e/dlr14uF0cZnhePRn6ltjyXrT7fHt21PRCTHwP/LDSXbIzOl4mx3uzpgmyPb8v/TXD3/gZTo/CM/cNDIf0gv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5DerXK/6M9qAfQfbv9/R/oYj2ArvrD5cu1pdq8/n325sryfOnmxdlCeX5kYXlmZKa0tDgyVyrNJdfsLDzr9Yql0uLYz2P5Vr5SKFfy5ZXVqwul5RuVq8l1/VcL/V1pFdCJE2fvvZeJiLVfDCVLbPqTL1fhYKtWM9Hra5CB3sj1ugMCesapP0ivr/EZv+2XhAEvthZf0bth8Ejbol/H4r5UB+iC7G6FTx50ryJA11047fwfpJXxf0gv4/+QXo7xgd3G/6NxL7+WjP/DC2vX8X/gQBtuc/+vo5vu3TUaEd+JiHdz/Yea9/oCDoLsh5nG8f+FYz8a3l46kPk8OUUwEBH/fOXKS7emK5Wlsdr+jzf2V15u7B/vRf2B9raO8DXztJnHAEB6rT++PdNcuhn30W/qkxB2xu9rjE0OJkcwh9czW+YqZPZo7sLanYg41Sp+pnG/8/qZj8PruR3xTzYeM/WXSOrbl9w3vTvxT2+K/8NN8c9863cF0uFerf8ZbZV/2SSnYyP/tvY/w3s0d6LZ/zXnXG+O3+z/cm36v7Mdxvj7q/9qdXo3mez96E7EmZb9bzPeYBJre/xa3S50GP/hX/70/XZl1dfqr9MqflNtLV9ZWMyXV1YvXm/WYvLS1NTk6MT4VD4Zo843R6p3+uWpt++3i19rf0Ob9r+/o/1DjTr9pMP2f/GDB38+t0v8H59v/ft3Mnnc9v5Xqxt1+GmH8T8Z/+Cv7cpq8WfbvP/ZVvGjWRox0WH88v9/59phAHiOlFdW56eLxcKSFStWnu+Vvuhi0Gf1HGvd6aCAffM06XtdEwAAAAAAAAAAAKBT7Wb/3tvD6cS9biMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEHwVQAAAP//QUvQlg==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
process_madvise(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000000)='8', 0x1}], 0x20, 0x14, 0x0)

488.776623ms ago: executing program 1 (id=3894):
unshare(0x22020600)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x0, 0x3, 0x8002ae}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x109880})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

401.284174ms ago: executing program 3 (id=3896):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a2c000000180a05000000000000000000020000000900020073797a30000000000900010073797a3000000000140000001100"], 0x54}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)
r3 = inotify_init1(0x80000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
inotify_add_watch(r3, &(0x7f00000002c0)='./file0\x00', 0x500082c)
dup2(r3, r6)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)

390.358484ms ago: executing program 4 (id=3897):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfdb, 0x1, 0xffffffffdffffffa}}, @TCA_CT_MARK={0x8, 0x10}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004000}, 0x10000000)
syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
socket$rxrpc(0x21, 0x2, 0xa)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x2, 0x80000000000004, 0x6}, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

313.092455ms ago: executing program 3 (id=3899):
creat(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioprio_get$pid(0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x515002, 0xc6)
getdents(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000900)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x6, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000adf00000000000005a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500fc2700000000000000000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xff}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @void, @value}, 0x94)

272.106406ms ago: executing program 3 (id=3901):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480), 0xa}, 0x0, 0xc8, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1)
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0xa8, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x78, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0x1}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1], 0x0, [0x8, 0x6, 0x3c, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa8}}, 0x0)
syz_clone(0x40000000, &(0x7f0000000280)="2a30053e1c3176348270ca8b9180188fc835645c38b5c342fa86e88edfa65351a46a96741fb8b2", 0x27, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f0000000400e8938ec5", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="183507a6450572850000002f0000009500000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000c00)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x602e, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1, 0x0, 0x0, 0x803e0000}, 0x3)
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
r4 = socket(0x10, 0x3, 0x0)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r4, &(0x7f0000000500)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000bc0)=@newtaction={0x158, 0x30, 0x829, 0x70bd29, 0x0, {}, [{0x144, 0x1, [@m_tunnel_key={0x140, 0x4, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @private=0xa010101}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @empty}]}, {0xf4, 0x6, "fc8a013a7896b77a1db602af55d74851be6858de4951dae718e7b4872f95be9529d84d9d20198d21e46089c6d4997bd4a91ce495c6f6222bb4aebc5d312c23145ba68f2b5fabbf3cd1413947c7ad964e56761c5b4a347ff3f6797cab32d4ad95370d6182a604b29506b0a67a20ce5a49c556aefea756d2736a513b246e24fae7046781a78b2b64e4ab6affa0033bce7f02a991870eda777a5da08755e634772d0a9b98e80e872a5ac61ac80be3d5d583df9c183bd14e5ef101c3f2438878372816e6bfc32f1128a3cec68378c1670ec32091e92e5abe66d1db71e2e425edb20cc30995539996bbf4af4974ab5cb142a1"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x158}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kfree\x00', r7}, 0x18)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r5)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180)=0x63)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)

259.832246ms ago: executing program 1 (id=3902):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001600)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0300000004000000040000000a13000000000000", @ANYRES32=0x1, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="040000000300"/28], 0x50)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001280)={&(0x7f0000001200)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="080029bd7000fbdbdf250e0000000800040002000000080006000900000008000600070000003800028006000b000200000006000e004e23000006000e004e220000080007000100000014000100000000000000000000000000000000011800038014f80600fc0100"/118], 0x7c}, 0x1, 0x0, 0x0, 0x240000a0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="ec08d02f4464750000030100"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000001380)=ANY=[@ANYBLOB="4e07f5c1a76520194f4229042629b97b00", @ANYRES16=r4, @ANYBLOB="0308000000000000000009000000240004800400078008000500000000001300010062726f6164636173742d6c696e6b0000"], 0x38}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001500)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000300)={'bond0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0xa4, 0x24, 0x1, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r9 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r9, &(0x7f00000010c0)={'#! ', './file0', [{0x20, ',\x04T\x0fB\xddN\xeb\x9a\x8e\xf5\xf22\xcc\x8b\x9ezU\x86m\xb9q\xa7\x8b\xc6*\x11\xf8\xc1\x83I\xc7#\x94\x8b\xa2\x1a$,\xe3T\x01\xaf\t\xa0m\xb8\x9e\xc3\xff\xd4\xe9i\xe6Y\xbb\x8b\xd3\xeb\x05\f\xe6\x81\xe3\x82:\xc6\xd8\xd90w\x96\xc4)\xa8\x97\xb9\xf6,\x17\xd3\'t/\xbeU\'\r\xa2v}\xdc\xbd\xdbe+\xc0.\x80 6G0\x18\'\xc7\x8e\xb1\xb0tJK\xd7V\xd7l4x@ 2p\xfd\x1e\xe9\x95\xd6G\xc8\xd97,\x9dy\x8b\xd3p\x98\xee\xd8\xa8\xd5\xe8e\t1\x82\xa5\xfc\x1e,\xbb\xa4\x80m\xd0\xf9\xcdi\xc4te$]\xb1\x19\xa2\xdf\x00P\xdc_\x9b\xbe\xeb\x14\x01\x89\xe5U\xb3\xb7\xfc\xce7\x99\xbb\xe5%\xd1c\xbeX\xeb<\xa9X4\xbc3\x98<\x10S\x81\xe8'}]}, 0xda)
close(r9)
execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000002200)={[&(0x7f0000000340)='^-%-\\x\\$})\'!&}*', &(0x7f0000001300)='R]\xd6\x1d_\x90N\x16\x10P=!S{\xe4\n\r\xc0\xbf]\xc9\xea\x9a\xad8\xbd\x13\b\xf7\xec|\xbb\xde\xfbr\x86\r\xe7\xce\xd04a\x8e\x16!V]\x03%g0W\xb9H']}, 0x0)
sendmsg$nl_route(r6, 0x0, 0x4004001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x80)
pread64(r0, &(0x7f0000000340)=""/68, 0x44, 0x100000001)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newsa={0x13c, 0x10, 0x413, 0x70bd29, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x21}, {@in=@multicast1, 0x0, 0x3c}, @in6=@loopback={0x100000000000000}, {0x3, 0x0, 0xfffffffffffffffc, 0x0, 0x8, 0x80000, 0x9}, {0x0, 0x5, 0x4, 0x4000006}, {0x0, 0xfffffff9, 0x80000}, 0x0, 0x0, 0x2, 0x1, 0x81, 0x68}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x80}}]}, 0x13c}, 0x1, 0x0, 0x0, 0x612fc0b6c779297b}, 0x20000080)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x6, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

259.249326ms ago: executing program 4 (id=3903):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r1, @ANYBLOB="000000000000000000000000000000027b8af80800000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000008000a4000000000"], 0xb4}}, 0x20050800)
unshare(0x40020000)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r4 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
ioctl$SG_BLKTRACETEARDOWN(r4, 0x1276, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073f97a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f50000000000000000020000000900"], 0x34}}, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="2000000004000000020000000000000001020000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ffffffff00"/28], 0x9d)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r10 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r10], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)

202.152137ms ago: executing program 0 (id=3904):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

201.615647ms ago: executing program 0 (id=3905):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000780)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020a06000300000028bd"], 0x18}}, 0x40)

169.622517ms ago: executing program 0 (id=3906):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x3, 0x3c)
r3 = socket$l2tp(0x2, 0x2, 0x73)
sendto$l2tp(r3, &(0x7f00000002c0)="0c38d05085ca50900eb64493e6c75d26d9f66f535eb37ab643db6be9589d6dae37a8bd910f9119b543be30b375da93f4e810406d0cea0c978cdb5782a0ecc1e3ffe4f3d78beff34d266e85fb62b47e7ae77e6789e64cd15e53c846974c9a1f383eb0538f25f39e9254", 0x69, 0x4044, &(0x7f0000000340)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="0002020100000008ff"], 0x18)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)
syz_genetlink_get_family_id$batadv(&(0x7f0000000440), 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x95}, 0x4008000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r5=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'ip6gretap0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x5}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x80000000}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x48}}, 0x0)

144.671748ms ago: executing program 0 (id=3907):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open$cgroup(&(0x7f0000000000)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair(0x28, 0x2, 0x28, &(0x7f0000000040))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})

61.738479ms ago: executing program 1 (id=3908):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x4000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x2, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0xe}, @IFLA_BR_GROUP_FWD_MASK={0x6, 0x9, 0x8b}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
unshare(0x20040600)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8e600000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket$inet_icmp(0x2, 0x2, 0x1)

42.034509ms ago: executing program 0 (id=3909):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000680)=@delsa={0x34, 0x11, 0x1, 0x70bd28, 0x25dfdbfb, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d4, 0x2, 0xff}, [@mark={0xc, 0x15, {0x35075a, 0x80}}]}, 0x34}}, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
accept$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000080)=0x1c)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r8, 0xb, &(0x7f0000000500), 0x66)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000240)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x4080)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000640)=0x14)
write$selinux_access(r9, &(0x7f0000000a00)={'system_u:object_r:auditd_unit_file_t:s0', 0x20, '/usr/sbin/cupsd', 0x20, 0x9}, 0x4d)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000006c0)=0xffffffffffffffff, 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000800)={{0xffffffffffffffff, <r13=>0xffffffffffffffff}, &(0x7f0000000780), &(0x7f00000007c0)='%ps    \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x20, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000006000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000003d7202000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018180000", @ANYRES32=r4, @ANYBLOB="00000000000000008520000003000094399fcb00", @ANYRES32=r10, @ANYBLOB="000000000000000018490000000000000000000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x2, 0xe5, &(0x7f0000000500)=""/229, 0x0, 0x2, '\x00', r11, 0x0, r12, 0x8, &(0x7f0000000700)={0xa, 0x5}, 0x8, 0x10, &(0x7f00000009c0)={0x3, 0x0, 0x8, 0xd}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000840)=[r13], &(0x7f0000000880)=[{0x5, 0x5, 0xf, 0x9}, {0x3, 0x1, 0x2000000b, 0x6}, {0x5, 0x3, 0x2, 0x8}, {0x0, 0x2, 0xa, 0x4}, {0x0, 0x5, 0xa}, {0x4, 0x1, 0x2, 0x1}, {0x2, 0x1, 0x8, 0x8}, {0x2, 0x3, 0x10, 0x4}], 0x10, 0x9, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x1, 0x0, 0x3}, {0x0, 0x3, 0x2, 0xa}, {0x0, 0x4, 0x10007, 0x8}], 0x10, 0x0, @void, @value}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r14 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r14, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe000032"], 0xfe33)
write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

41.166169ms ago: executing program 4 (id=3910):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a2c000000180a05000000000000000000020000000900020073797a30000000000900010073797a3000000000140000001100"], 0x54}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)
r3 = inotify_init1(0x80000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
inotify_add_watch(r3, &(0x7f00000002c0)='./file0\x00', 0x500082c)
dup2(r3, r6)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)

10.79089ms ago: executing program 4 (id=3911):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r2 = socket$inet6(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}, @TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x7fff, '\x00', r7, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r4}, 0x10)
sendto$inet6(r2, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @private=0xa010101}]}}}]}, 0x3c}}, 0x0)

0s ago: executing program 0 (id=3912):
creat(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioprio_get$pid(0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x515002, 0xc6)
getdents(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000900)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x6, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000adf00000000000005a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500fc2700000000000000000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xff}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

T29] audit: type=1326 audit(2000000239.133:8600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13733 comm="syz.3.3276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  309.066577][T13754] loop0: detected capacity change from 0 to 512
[  309.150734][T13754] EXT4-fs (loop0): 1 orphan inode deleted
[  309.156906][T13754] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.169997][ T9251] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:15: Failed to release dquot type 1
[  309.193885][T13754] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.366806][T13768] 9pnet: p9_errstr2errno: server reported unknown error 
[  309.391431][T13777] Invalid ELF header type: 3 != 1
[  309.540924][T13793] Invalid ELF header type: 3 != 1
[  309.652615][T13799] ªªªªªª: renamed from vlan0 (while UP)
[  309.669206][T13788] vhci_hcd: invalid port number 96
[  309.674874][T13788] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  309.675069][T13764] loop1: detected capacity change from 0 to 8192
[  309.779034][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.922831][T13812] loop0: detected capacity change from 0 to 512
[  309.964715][T13813] loop3: detected capacity change from 0 to 8192
[  310.002962][T13817] netlink: 'syz.4.3295': attribute type 13 has an invalid length.
[  310.028041][T13812] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.058525][T13812] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.189232][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.290410][T13826] Invalid ELF header type: 3 != 1
[  310.389332][T13829] loop2: detected capacity change from 0 to 512
[  310.429773][T13829] EXT4-fs (loop2): 1 orphan inode deleted
[  310.444839][T13829] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.466168][   T51] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  310.479246][T13829] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.727230][T13835] netlink: 'syz.1.3302': attribute type 10 has an invalid length.
[  310.742695][T13839] netlink: 'syz.0.3304': attribute type 12 has an invalid length.
[  310.761447][T13835] ipvlan0: entered allmulticast mode
[  310.766810][T13835] veth0_vlan: entered allmulticast mode
[  310.791923][T13835] team0: Device ipvlan0 failed to register rx_handler
[  310.814679][T13840] loop4: detected capacity change from 0 to 512
[  310.822449][T13841] netlink: 'syz.0.3304': attribute type 10 has an invalid length.
[  310.839358][T13841] ipvlan0: entered allmulticast mode
[  310.844722][T13841] veth0_vlan: entered allmulticast mode
[  310.861185][T13840] EXT4-fs (loop4): 1 orphan inode deleted
[  310.867481][T13840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.883840][ T9246] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:11: Failed to release dquot type 1
[  310.915215][T13841] team0: Device ipvlan0 failed to register rx_handler
[  310.924578][T13840] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.112348][T13848] loop3: detected capacity change from 0 to 512
[  311.119041][T13848] EXT4-fs: Ignoring removed bh option
[  311.124570][T13848] ext3: Unknown parameter 'appraise'
[  311.175630][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.201263][T13857] loop2: detected capacity change from 0 to 512
[  311.220181][T13857] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.233049][T13857] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.255687][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.581725][T13877] loop2: detected capacity change from 0 to 164
[  311.596083][T13877] iso9660: Unknown parameter '<port1'
[  311.633350][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.814605][T13885] loop4: detected capacity change from 0 to 1024
[  311.879474][T13885] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.894606][T13878] loop1: detected capacity change from 0 to 8192
[  311.938987][T13885] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 402653209 free clusters
[  311.946033][T13893] netlink: 'syz.0.3319': attribute type 30 has an invalid length.
[  312.337364][T13903] __nla_validate_parse: 17 callbacks suppressed
[  312.337383][T13903] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3324'.
[  312.391334][T13905] loop3: detected capacity change from 0 to 512
[  312.451272][T13908] netlink: 208380 bytes leftover after parsing attributes in process `syz.2.3326'.
[  312.463054][T13905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.477783][T13905] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.524337][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.610655][T13914] loop2: detected capacity change from 0 to 164
[  312.695587][T13914] iso9660: Unknown parameter '<port1'
[  312.755535][T13919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3332'.
[  312.764872][T13919] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3332'.
[  312.798289][   T29] kauditd_printk_skb: 324 callbacks suppressed
[  312.798339][   T29] audit: type=1326 audit(2000000243.043:8922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  312.859870][T13919] bond1: entered promiscuous mode
[  312.864977][T13919] bond1: entered allmulticast mode
[  312.870417][   T29] audit: type=1326 audit(2000000243.043:8923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  312.898844][   T29] audit: type=1326 audit(2000000243.043:8924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  312.899702][T13919] 8021q: adding VLAN 0 to HW filter on device bond1
[  312.924476][   T29] audit: type=1326 audit(2000000243.043:8925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  312.924513][   T29] audit: type=1326 audit(2000000243.043:8926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  312.924540][   T29] audit: type=1326 audit(2000000243.043:8927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  313.002654][   T29] audit: type=1326 audit(2000000243.043:8928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  313.026549][   T29] audit: type=1326 audit(2000000243.043:8929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  313.050203][   T29] audit: type=1326 audit(2000000243.043:8930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  313.073873][   T29] audit: type=1326 audit(2000000243.043:8931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13923 comm="syz.4.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  313.141599][T13927] ªªªªªª: renamed from vlan0 (while UP)
[  313.193095][T13932] Invalid ELF header type: 3 != 1
[  313.712111][T13956] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3346'.
[  313.785745][T13957] loop2: detected capacity change from 0 to 512
[  313.812712][T13959] netlink: 'syz.0.3347': attribute type 10 has an invalid length.
[  313.820720][T13959] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3347'.
[  313.855253][T13957] EXT4-fs (loop2): 1 orphan inode deleted
[  313.882566][T13966] Invalid ELF header type: 3 != 1
[  313.890120][ T9246] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:11: Failed to release dquot type 1
[  313.920441][T13957] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.133034][T13968] loop0: detected capacity change from 0 to 512
[  314.176355][T13968] EXT4-fs: Ignoring removed i_version option
[  314.184262][T13968] EXT4-fs: Ignoring removed mblk_io_submit option
[  314.256532][T13968] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  314.294569][T13970] loop1: detected capacity change from 0 to 8192
[  314.306917][T13981] loop4: detected capacity change from 0 to 512
[  314.321454][T13968] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  314.340581][T13981] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  314.362298][T13981] EXT4-fs (loop4): orphan cleanup on readonly fs
[  314.369446][T13981] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3354: Failed to acquire dquot type 1
[  314.382571][T13981] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3354: bg 0: block 40: padding at end of block bitmap is not set
[  314.414706][T13981] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  314.492215][T13981] EXT4-fs (loop4): 1 truncate cleaned up
[  314.506307][T13981] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #16: comm syz.4.3354: corrupted xattr block 31: invalid header
[  314.550119][T13981] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  314.575774][T13981] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #16: comm syz.4.3354: corrupted xattr block 31: invalid header
[  314.628158][T13981] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  314.637753][T13981] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz.4.3354: bad symlink.
[  314.671375][T13145] EXT4-fs unmount: 3 callbacks suppressed
[  314.671392][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.696078][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.997078][T13998] loop4: detected capacity change from 0 to 1024
[  315.014428][T13998] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  315.025520][T13998] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  315.055689][T13998] JBD2: no valid journal superblock found
[  315.061596][T13998] EXT4-fs (loop4): Could not load journal inode
[  315.145747][T14003] netlink: 'syz.0.3357': attribute type 30 has an invalid length.
[  315.304458][T14007] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3363'.
[  315.421485][T14017] loop1: detected capacity change from 0 to 512
[  315.466378][T14018] loop3: detected capacity change from 0 to 512
[  315.474653][T14017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.523446][T14018] EXT4-fs (loop3): 1 orphan inode deleted
[  315.543127][T14017] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  315.555243][ T9249] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 1
[  315.596631][T14018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.634064][T14018] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  315.656033][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.777502][T14028] netlink: 'syz.2.3356': attribute type 30 has an invalid length.
[  315.785558][T14028] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  315.795118][T14028] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  316.222551][T14039] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3373'.
[  316.244451][T14039] bond1: entered promiscuous mode
[  316.249802][T14039] bond1: entered allmulticast mode
[  316.293143][T14039] 8021q: adding VLAN 0 to HW filter on device bond1
[  316.367282][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.490458][T14049] netlink: 'syz.2.3376': attribute type 10 has an invalid length.
[  316.498995][T14049] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3376'.
[  316.756181][T14053] loop4: detected capacity change from 0 to 512
[  316.763413][T14053] EXT4-fs: Ignoring removed bh option
[  316.768979][T14053] ext3: Unknown parameter 'appraise'
[  316.775395][T14059] loop2: detected capacity change from 0 to 512
[  316.838360][T14059] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.903587][T14065] Invalid ELF header type: 3 != 1
[  316.914663][T14059] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  316.951915][T14066] loop3: detected capacity change from 0 to 1024
[  316.959336][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.981503][T14066] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  316.992851][T14066] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  317.023997][T14066] JBD2: no valid journal superblock found
[  317.029946][T14066] EXT4-fs (loop3): Could not load journal inode
[  317.045276][T14070] netlink: 'syz.2.3382': attribute type 10 has an invalid length.
[  317.053251][T14070] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3382'.
[  317.126872][T14075] loop0: detected capacity change from 0 to 512
[  317.155343][T14075] EXT4-fs (loop0): 1 orphan inode deleted
[  317.167911][ T9246] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:11: Failed to release dquot type 1
[  317.175337][T14075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.201367][T14075] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.214900][T14081] loop2: detected capacity change from 0 to 164
[  317.223088][T14081] iso9660: Unknown parameter '<port1'
[  317.491292][T14092] loop1: detected capacity change from 0 to 512
[  317.511207][T14092] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.514226][T14094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3392'.
[  317.525228][T14092] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.535009][T14094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3392'.
[  317.567993][T14094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3392'.
[  317.577353][T14094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3392'.
[  317.598852][T14089] loop2: detected capacity change from 0 to 512
[  317.605666][T14089] EXT4-fs: Ignoring removed bh option
[  317.611404][T14089] ext3: Unknown parameter 'appraise'
[  317.630069][T14101] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3391'.
[  317.641742][T14094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3392'.
[  317.658107][T14094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3392'.
[  317.730268][T14094] vhci_hcd: invalid port number 96
[  317.735508][T14094] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  317.739879][T14105] Invalid ELF header type: 3 != 1
[  317.758460][T14094] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3392'.
[  317.772071][T14094] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3392'.
[  317.789378][T14107] loop3: detected capacity change from 0 to 512
[  317.809133][T14107] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  317.818454][T14107] EXT4-fs (loop3): orphan cleanup on readonly fs
[  317.840457][T14107] __quota_error: 172 callbacks suppressed
[  317.840472][T14107] Quota error (device loop3): find_block_dqentry: Quota for id 0 referenced but not present
[  317.861557][T14107] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  317.864592][T14110] netlink: 'syz.4.3395': attribute type 10 has an invalid length.
[  317.873986][T14107] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3394: Failed to acquire dquot type 1
[  317.886633][T14107] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3394: bg 0: block 40: padding at end of block bitmap is not set
[  317.896628][T14110] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3395'.
[  317.923820][T14107] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  317.934014][T14107] EXT4-fs (loop3): 1 truncate cleaned up
[  317.941749][T14107] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  317.956718][T14107] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #16: comm syz.3.3394: corrupted xattr block 31: invalid header
[  317.973296][T14107] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=16
[  317.982790][T14107] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #16: comm syz.3.3394: corrupted xattr block 31: invalid header
[  318.001103][T14107] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=16
[  318.010493][T14107] EXT4-fs error (device loop3): ext4_get_link:106: inode #16: comm syz.3.3394: bad symlink.
[  318.025164][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.077611][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.090841][T14114] netlink: 'syz.0.3396': attribute type 10 has an invalid length.
[  318.121616][T14117] netlink: 'syz.3.3398': attribute type 12 has an invalid length.
[  318.152520][T14115] loop4: detected capacity change from 0 to 512
[  318.166902][T14115] EXT4-fs: Ignoring removed i_version option
[  318.174603][T14115] EXT4-fs: Ignoring removed mblk_io_submit option
[  318.197253][T14115] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  318.217270][T14115] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal
[  318.280323][T14125] loop2: detected capacity change from 0 to 2048
[  318.303063][T14125] EXT4-fs: Ignoring removed mblk_io_submit option
[  318.345321][T14125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.366171][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.377512][T14125] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3401: bg 0: block 234: padding at end of block bitmap is not set
[  318.401644][T14125] EXT4-fs (loop2): Remounting filesystem read-only
[  318.415824][T14133] bridge0: port 3(syz_tun) entered blocking state
[  318.422499][T14133] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  318.430861][T14133] bridge0: port 3(syz_tun) entered disabled state
[  318.440950][T14133] syz_tun: entered allmulticast mode
[  318.446977][T14133] syz_tun: entered promiscuous mode
[  318.464193][T14138] loop0: detected capacity change from 0 to 164
[  318.465457][T14133] bridge0: port 3(syz_tun) entered blocking state
[  318.475520][T14138] iso9660: Unknown parameter '<port1'
[  318.477095][T14133] bridge0: port 3(syz_tun) entered forwarding state
[  318.494064][T14125] Illegal XDP return value 4294967274 on prog  (id 1962) dev N/A, expect packet loss!
[  318.532957][   T29] audit: type=1400 audit(2000000248.763:9097): avc:  denied  { read } for  pid=14134 comm="syz.4.3404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  318.558691][T14143] random: crng reseeded on system resumption
[  318.569641][   T29] audit: type=1400 audit(2000000248.803:9098): avc:  denied  { append } for  pid=14124 comm="syz.2.3401" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  318.598850][   T29] audit: type=1400 audit(2000000248.803:9099): avc:  denied  { open } for  pid=14124 comm="syz.2.3401" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  318.612041][T14144] loop0: detected capacity change from 0 to 512
[  318.657622][T14148] loop1: detected capacity change from 0 to 512
[  318.670872][T14144] EXT4-fs (loop0): 1 orphan inode deleted
[  318.677479][T14144] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.690705][ T3868] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  318.700648][ T3868] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[  318.714602][T14148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.729744][T14144] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.731029][T14148] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.788949][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.088930][T14164] netlink: 'syz.3.3412': attribute type 10 has an invalid length.
[  319.099705][T14162] loop4: detected capacity change from 0 to 512
[  319.106434][T14162] EXT4-fs: Ignoring removed bh option
[  319.112168][T14162] ext3: Unknown parameter 'appraise'
[  319.190875][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.205776][T14166] Invalid ELF header type: 3 != 1
[  319.394854][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.237683][T14180] netlink: 'syz.1.3417': attribute type 30 has an invalid length.
[  320.245817][T14180] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  320.255342][T14180] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  320.719054][T14184] loop2: detected capacity change from 0 to 512
[  320.760335][T14187] loop4: detected capacity change from 0 to 512
[  320.801759][T14184] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.821449][T14187] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.827708][T14184] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.852728][T14187] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.950094][   T29] audit: type=1326 audit(2000000251.174:9100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14186 comm="syz.4.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  320.974097][   T29] audit: type=1326 audit(2000000251.174:9101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14186 comm="syz.4.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  320.998498][   T29] audit: type=1326 audit(2000000251.174:9102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14186 comm="syz.4.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  321.022918][   T29] audit: type=1326 audit(2000000251.174:9103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14186 comm="syz.4.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  321.079548][T14206] loop1: detected capacity change from 0 to 1024
[  321.096211][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.105757][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.117795][T14206] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  321.128841][T14206] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  321.153993][T14206] JBD2: no valid journal superblock found
[  321.160014][T14206] EXT4-fs (loop1): Could not load journal inode
[  321.209197][T14220] loop2: detected capacity change from 0 to 164
[  321.234446][T14221] netlink: 'syz.4.3425': attribute type 10 has an invalid length.
[  321.245680][T14220] iso9660: Unknown parameter '<port1'
[  321.259117][T14212] tc_dump_action: action bad kind
[  321.280453][T14224] loop3: detected capacity change from 0 to 512
[  321.323335][T14224] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.371397][T14224] ext4 filesystem being mounted at /94/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  321.431396][T14224] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3429: corrupted inode contents
[  321.461550][T14224] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3429: mark_inode_dirty error
[  321.538927][T14224] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3429: corrupted inode contents
[  321.581849][T14241] loop4: detected capacity change from 0 to 512
[  321.601522][T14249] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3429: corrupted inode contents
[  321.627210][T14241] EXT4-fs: Ignoring removed i_version option
[  321.634867][T14241] EXT4-fs: Ignoring removed mblk_io_submit option
[  321.648875][T14249] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3429: mark_inode_dirty error
[  321.668268][T14249] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3429: corrupted inode contents
[  321.689514][T14241] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  321.708687][T14253] Invalid ELF header type: 3 != 1
[  321.715761][T14241] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal
[  321.738484][T14249] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.3429: mark_inode_dirty error
[  321.751542][T14249] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3429: corrupted inode contents
[  321.772470][T14249] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3429: mark_inode_dirty error
[  321.888891][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.933754][T14264] loop2: detected capacity change from 0 to 512
[  321.981478][T14264] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.009099][T14264] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.108545][T14273] bond4: entered promiscuous mode
[  322.114796][T14273] bond4: entered allmulticast mode
[  322.149659][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.152096][T14273] 8021q: adding VLAN 0 to HW filter on device bond4
[  322.213307][T14280] netlink: 'syz.2.3443': attribute type 3 has an invalid length.
[  322.354782][T14284] loop1: detected capacity change from 0 to 8192
[  322.420961][T14289] netlink: 'syz.2.3446': attribute type 10 has an invalid length.
[  322.429947][T14290] loop0: detected capacity change from 0 to 512
[  322.438006][T14288] netlink: 'syz.4.3447': attribute type 10 has an invalid length.
[  322.557750][T14294] netlink: 'syz.2.3449': attribute type 12 has an invalid length.
[  322.619059][T14290] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  322.633153][T14290] EXT4-fs (loop0): orphan cleanup on readonly fs
[  322.650429][T14290] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3445: Failed to acquire dquot type 1
[  322.652839][T14300] netlink: 'syz.2.3449': attribute type 10 has an invalid length.
[  322.686608][T14290] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3445: bg 0: block 40: padding at end of block bitmap is not set
[  322.701652][T14300] ipvlan0: entered allmulticast mode
[  322.707072][T14300] veth0_vlan: entered allmulticast mode
[  322.716719][T14290] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  322.729807][T14290] EXT4-fs (loop0): 1 truncate cleaned up
[  322.737116][T14300] team0: Device ipvlan0 failed to register rx_handler
[  322.782785][T14290] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  322.799435][T14290] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3445: corrupted xattr block 31: invalid header
[  322.799532][T14306] loop3: detected capacity change from 0 to 512
[  322.818509][T14290] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  322.832342][T14290] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3445: corrupted xattr block 31: invalid header
[  322.894139][T14290] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  323.078327][T14306] EXT4-fs (loop3): 1 orphan inode deleted
[  323.097872][ T9251] __quota_error: 36 callbacks suppressed
[  323.097890][ T9251] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  323.113634][ T9251] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:15: Failed to release dquot type 1
[  323.135844][T14290] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.3445: bad symlink.
[  323.150612][   T29] audit: type=1326 audit(2000000253.394:9138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.175493][   T29] audit: type=1326 audit(2000000253.394:9139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.199464][   T29] audit: type=1326 audit(2000000253.394:9140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.224501][   T29] audit: type=1326 audit(2000000253.394:9141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.250619][   T29] audit: type=1326 audit(2000000253.394:9142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.273553][T14306] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.296541][   T29] audit: type=1326 audit(2000000253.514:9143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.321608][   T29] audit: type=1326 audit(2000000253.514:9144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.346754][   T29] audit: type=1326 audit(2000000253.514:9145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.371375][   T29] audit: type=1326 audit(2000000253.514:9146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14311 comm="syz.1.3454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07fd30e929 code=0x7ffc0000
[  323.371752][T14306] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  323.431505][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.450936][T14315] netlink: 'syz.2.3456': attribute type 12 has an invalid length.
[  323.524891][T14320] netlink: 'syz.2.3456': attribute type 10 has an invalid length.
[  323.545999][T14320] team0: Device ipvlan0 failed to register rx_handler
[  323.582930][T14323] netlink: 'syz.1.3457': attribute type 10 has an invalid length.
[  323.590982][T14323] __nla_validate_parse: 8 callbacks suppressed
[  323.590995][T14323] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3457'.
[  323.621447][T14323] team0: entered promiscuous mode
[  323.677920][T14323] team_slave_0: entered promiscuous mode
[  323.683796][T14323] team_slave_1: entered promiscuous mode
[  323.725548][T14323] bridge0: port 4(team0) entered blocking state
[  323.732865][T14323] bridge0: port 4(team0) entered disabled state
[  323.745461][T14323] team0: entered allmulticast mode
[  323.750810][T14323] team_slave_0: entered allmulticast mode
[  323.756667][T14323] team_slave_1: entered allmulticast mode
[  323.771530][T14323] bridge0: port 4(team0) entered blocking state
[  323.777920][T14323] bridge0: port 4(team0) entered forwarding state
[  323.796104][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.829239][T14332] Invalid ELF header type: 3 != 1
[  324.016632][T14345] tipc: Started in network mode
[  324.021825][T14345] tipc: Node identity 22f401206d47, cluster identity 4711
[  324.029489][T14345] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  324.079014][T14345] syzkaller0: MTU too low for tipc bearer
[  324.085560][T14345] tipc: Disabling bearer <eth:syzkaller0>
[  324.623394][T14374] loop0: detected capacity change from 0 to 512
[  324.759711][T14374] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  324.822385][T14374] EXT4-fs (loop0): orphan cleanup on readonly fs
[  324.836029][T14374] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3471: Failed to acquire dquot type 1
[  324.851992][T14372] vcan0: entered allmulticast mode
[  324.857666][T14370] vcan0: left allmulticast mode
[  324.865128][T14374] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3471: bg 0: block 40: padding at end of block bitmap is not set
[  324.900619][T14374] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  324.943884][T14374] EXT4-fs (loop0): 1 truncate cleaned up
[  325.036433][T14374] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  325.070675][T14374] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3471: corrupted xattr block 31: invalid header
[  325.137502][T14374] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  325.191156][T14374] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3471: corrupted xattr block 31: invalid header
[  325.204684][T14398] loop4: detected capacity change from 0 to 512
[  325.211570][T14398] EXT4-fs: Ignoring removed bh option
[  325.217183][T14398] ext3: Unknown parameter 'appraise'
[  325.232853][T14374] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  325.277372][T14374] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.3471: bad symlink.
[  325.334495][T14393] loop1: detected capacity change from 0 to 8192
[  325.427193][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.450775][T14406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3476'.
[  325.483087][T14406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3476'.
[  325.528468][T14413] netlink: 'syz.0.3477': attribute type 10 has an invalid length.
[  325.536635][T14413] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3477'.
[  325.587499][T14406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3476'.
[  325.637587][T14406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3476'.
[  325.766871][T14414] vhci_hcd: invalid port number 96
[  325.772221][T14414] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  325.843031][T14414] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3476'.
[  325.891034][T14406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3476'.
[  325.894449][T14414] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3476'.
[  325.982552][T14434] netlink: 'syz.0.3483': attribute type 10 has an invalid length.
[  325.990633][T14434] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3483'.
[  326.057760][T14442] team0: Device ipvlan0 failed to register rx_handler
[  326.831955][T14476] team0: Device ipvlan0 failed to register rx_handler
[  327.006949][T14479] loop2: detected capacity change from 0 to 8192
[  327.490705][T14494] loop0: detected capacity change from 0 to 512
[  327.708622][T14494] EXT4-fs (loop0): 1 orphan inode deleted
[  327.729113][ T9246] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:11: Failed to release dquot type 1
[  327.759016][T14494] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.788945][T14494] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  327.883875][T14492] loop1: detected capacity change from 0 to 8192
[  327.967732][T14487] loop4: detected capacity change from 0 to 8192
[  328.364422][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.431393][T14517] validate_nla: 3 callbacks suppressed
[  328.431411][T14517] netlink: 'syz.0.3510': attribute type 10 has an invalid length.
[  328.625020][T14522] loop2: detected capacity change from 0 to 512
[  328.667493][T14524] netlink: 'syz.0.3513': attribute type 10 has an invalid length.
[  328.688531][T14524] team0: Device ipvlan0 failed to register rx_handler
[  328.712467][T14522] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.830864][T14522] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  328.905224][T14522] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3512: corrupted inode contents
[  328.965398][T14522] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.3512: mark_inode_dirty error
[  329.009289][T14522] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3512: corrupted inode contents
[  329.099639][T14531] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3512: corrupted inode contents
[  329.182948][T14531] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.3512: mark_inode_dirty error
[  329.628363][T14531] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3512: corrupted inode contents
[  329.643078][T14531] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.3512: mark_inode_dirty error
[  329.794096][T14539] loop3: detected capacity change from 0 to 512
[  329.801691][T14539] EXT4-fs: Ignoring removed bh option
[  329.807180][T14539] ext3: Unknown parameter 'appraise'
[  329.814514][T14531] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3512: corrupted inode contents
[  329.881936][T14531] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.3512: mark_inode_dirty error
[  329.912205][T14541] __nla_validate_parse: 10 callbacks suppressed
[  329.912222][T14541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3517'.
[  329.929964][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.970576][T14541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3517'.
[  329.991533][T14543] netlink: 'syz.2.3518': attribute type 10 has an invalid length.
[  329.999442][T14543] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3518'.
[  330.040586][T14541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3517'.
[  330.107421][T14541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3517'.
[  330.240308][T14541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3517'.
[  330.306495][T14541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3517'.
[  330.393096][T14558] loop4: detected capacity change from 0 to 512
[  330.402576][   T29] kauditd_printk_skb: 147 callbacks suppressed
[  330.402649][   T29] audit: type=1326 audit(2000000260.644:9291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14554 comm="syz.3.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  330.436937][T14561] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3522'.
[  330.451469][T14545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3517'.
[  330.497626][T14541] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3517'.
[  330.533219][T14558] EXT4-fs (loop4): 1 orphan inode deleted
[  330.552949][T14558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.608208][   T29] audit: type=1326 audit(2000000260.674:9292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14554 comm="syz.3.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  330.628652][T14558] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.631791][   T29] audit: type=1326 audit(2000000260.674:9293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14554 comm="syz.3.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  330.665867][   T29] audit: type=1326 audit(2000000260.674:9294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14554 comm="syz.3.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  330.699938][ T9251] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  330.710090][ T9251] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:15: Failed to release dquot type 1
[  330.745722][T14562] vhci_hcd: invalid port number 96
[  330.751136][T14562] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  330.809737][T14576] loop0: detected capacity change from 0 to 512
[  330.831936][T14576] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.845086][T14576] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.858390][   T29] audit: type=1326 audit(2000000261.104:9295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14575 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  330.885092][   T29] audit: type=1326 audit(2000000261.104:9296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14575 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  330.909808][   T29] audit: type=1326 audit(2000000261.104:9297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14575 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  330.934911][   T29] audit: type=1326 audit(2000000261.104:9298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14575 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  330.958551][   T29] audit: type=1326 audit(2000000261.104:9299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14575 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  330.987368][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.033952][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.180907][T14587] tc_dump_action: action bad kind
[  331.253115][T14600] netlink: 'syz.2.3534': attribute type 10 has an invalid length.
[  331.297682][T14600] team0: Device ipvlan0 failed to register rx_handler
[  331.337802][T14604] loop1: detected capacity change from 0 to 512
[  331.354774][T14604] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.379171][T14604] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  331.385445][T14607] netlink: 'syz.4.3535': attribute type 10 has an invalid length.
[  331.407328][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.476070][T14591] vhci_hcd: invalid port number 96
[  331.481351][T14591] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  331.487741][T14617] FAULT_INJECTION: forcing a failure.
[  331.487741][T14617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  331.501679][T14617] CPU: 1 UID: 0 PID: 14617 Comm: syz.0.3538 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  331.501712][T14617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  331.501750][T14617] Call Trace:
[  331.501756][T14617]  <TASK>
[  331.501763][T14617]  __dump_stack+0x1d/0x30
[  331.501788][T14617]  dump_stack_lvl+0xe8/0x140
[  331.501807][T14617]  dump_stack+0x15/0x1b
[  331.501839][T14617]  should_fail_ex+0x265/0x280
[  331.501917][T14617]  should_fail+0xb/0x20
[  331.501955][T14617]  should_fail_usercopy+0x1a/0x20
[  331.501995][T14617]  _copy_from_iter+0xcf/0xe40
[  331.502095][T14617]  ? __build_skb_around+0x1a0/0x200
[  331.502135][T14617]  ? __alloc_skb+0x223/0x320
[  331.502176][T14617]  netlink_sendmsg+0x471/0x6b0
[  331.502203][T14617]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.502232][T14617]  __sock_sendmsg+0x142/0x180
[  331.502264][T14617]  ____sys_sendmsg+0x31e/0x4e0
[  331.502335][T14617]  ___sys_sendmsg+0x17b/0x1d0
[  331.502435][T14617]  __x64_sys_sendmsg+0xd4/0x160
[  331.502482][T14617]  x64_sys_call+0x2999/0x2fb0
[  331.502511][T14617]  do_syscall_64+0xd2/0x200
[  331.502534][T14617]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  331.502628][T14617]  ? clear_bhb_loop+0x40/0x90
[  331.502656][T14617]  ? clear_bhb_loop+0x40/0x90
[  331.502686][T14617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.502712][T14617] RIP: 0033:0x7faad074e929
[  331.502730][T14617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.502817][T14617] RSP: 002b:00007faacedb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.502836][T14617] RAX: ffffffffffffffda RBX: 00007faad0975fa0 RCX: 00007faad074e929
[  331.502848][T14617] RDX: 0000000000008040 RSI: 0000200000000180 RDI: 0000000000000004
[  331.502860][T14617] RBP: 00007faacedb7090 R08: 0000000000000000 R09: 0000000000000000
[  331.502873][T14617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.502888][T14617] R13: 0000000000000000 R14: 00007faad0975fa0 R15: 00007fff7eefedd8
[  331.502948][T14617]  </TASK>
[  331.762027][T14621] loop4: detected capacity change from 0 to 1024
[  331.803441][T14625] loop0: detected capacity change from 0 to 512
[  331.810644][T14625] EXT4-fs: Ignoring removed mblk_io_submit option
[  331.862982][T14621] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.881331][T14611] vhci_hcd: invalid port number 96
[  331.886988][T14611] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  331.907658][T14625] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  331.935978][T14625] EXT4-fs (loop0): orphan cleanup on readonly fs
[  331.972022][T14625] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  332.001493][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.012314][T14625] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  332.033414][T14625] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3541: bg 0: block 40: padding at end of block bitmap is not set
[  332.072919][T14625] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  332.093772][T14625] EXT4-fs (loop0): 1 truncate cleaned up
[  332.112295][T14641] loop4: detected capacity change from 0 to 512
[  332.112791][T14625] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  332.152842][T14641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.172804][T14641] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  332.186803][T14641] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3545: corrupted inode contents
[  332.234254][T14645] loop3: detected capacity change from 0 to 8192
[  332.245160][T14641] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.3545: mark_inode_dirty error
[  332.281877][T14625] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3541: corrupted xattr block 31: invalid header
[  332.305041][T14647] netlink: 'syz.1.3547': attribute type 6 has an invalid length.
[  332.316203][T14625] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  332.327710][T14641] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3545: corrupted inode contents
[  332.341830][T14625] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3541: corrupted xattr block 31: invalid header
[  332.356692][T14641] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.3545: mark_inode_dirty error
[  332.378871][T14625] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  332.393739][T14625] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.3541: bad symlink.
[  332.452133][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.474744][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.535844][T14652] loop0: detected capacity change from 0 to 512
[  332.550053][T14652] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.562930][T14652] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.597956][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.621541][T14655] loop4: detected capacity change from 0 to 512
[  332.630976][T14655] EXT4-fs: Ignoring removed bh option
[  332.638597][T14655] ext3: Unknown parameter 'appraise'
[  332.643826][T14657] loop0: detected capacity change from 0 to 512
[  332.659424][T14657] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.680879][T14657] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.731327][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.764440][T14661] loop2: detected capacity change from 0 to 164
[  332.785515][T14661] iso9660: Unknown parameter '<port1'
[  332.971261][T14679] netlink: 'syz.2.3559': attribute type 10 has an invalid length.
[  333.096136][T14684] Invalid ELF header type: 3 != 1
[  333.277947][T14685] netlink: 'syz.0.3553': attribute type 30 has an invalid length.
[  333.465084][T14690] loop1: detected capacity change from 0 to 512
[  333.502087][T14685] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  333.511478][T14685] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  333.728295][T14690] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.891947][T14699] loop2: detected capacity change from 0 to 164
[  333.907456][T14699] iso9660: Unknown parameter '<port1'
[  333.917016][T14690] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  333.962808][T14690] 9pnet_virtio: no channels available for device 127.0.0.1
[  333.991574][T14706] net_ratelimit: 243 callbacks suppressed
[  333.991591][T14706] netlink: zone id is out of range
[  334.002871][T14706] netlink: zone id is out of range
[  334.008248][T14706] netlink: zone id is out of range
[  334.026912][T14706] netlink: zone id is out of range
[  334.032689][T14706] netlink: zone id is out of range
[  334.035862][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.042704][T14706] netlink: zone id is out of range
[  334.054560][T14706] netlink: zone id is out of range
[  334.060143][T14706] netlink: zone id is out of range
[  334.065744][T14706] netlink: zone id is out of range
[  334.070991][T14706] netlink: zone id is out of range
[  334.204485][T14720] Invalid ELF header type: 3 != 1
[  334.236758][T14725] loop1: detected capacity change from 0 to 1024
[  334.250417][T14723] loop3: detected capacity change from 0 to 512
[  334.257172][T14723] EXT4-fs: Ignoring removed bh option
[  334.262358][T14725] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  334.262833][T14723] ext3: Unknown parameter 'appraise'
[  334.274148][T14725] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  334.321850][T14725] JBD2: no valid journal superblock found
[  334.328613][T14725] EXT4-fs (loop1): Could not load journal inode
[  334.439363][T14734] loop2: detected capacity change from 0 to 164
[  334.464192][T14734] iso9660: Unknown parameter '<port1'
[  334.565116][T14743] loop2: detected capacity change from 0 to 512
[  334.605786][T14743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.627255][T14743] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.733808][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.869191][T14752] tc_dump_action: action bad kind
[  335.720607][T14771] loop2: detected capacity change from 0 to 8192
[  336.019152][T14773] loop3: detected capacity change from 0 to 8192
[  336.146556][   T29] kauditd_printk_skb: 115 callbacks suppressed
[  336.146573][   T29] audit: type=1326 audit(2000000266.384:9414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14783 comm="syz.0.3598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.168853][T14781] tipc: Started in network mode
[  336.178913][   T29] audit: type=1326 audit(2000000266.394:9415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14783 comm="syz.0.3598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.181475][T14781] tipc: Node identity a227001cbb13, cluster identity 4711
[  336.205162][   T29] audit: type=1326 audit(2000000266.394:9416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14783 comm="syz.0.3598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.212191][T14781] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  336.235728][   T29] audit: type=1326 audit(2000000266.394:9417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14783 comm="syz.0.3598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.266033][   T29] audit: type=1326 audit(2000000266.394:9418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14783 comm="syz.0.3598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.364732][T14788] loop0: detected capacity change from 0 to 164
[  336.372722][T14788] iso9660: Unknown parameter '<port1'
[  336.398890][T14780] tipc: Disabling bearer <eth:syzkaller0>
[  336.425069][T14787] __nla_validate_parse: 33 callbacks suppressed
[  336.425088][T14787] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.3600'.
[  336.441218][T14787] tc_dump_action: action bad kind
[  336.534225][   T29] audit: type=1326 audit(2000000266.764:9419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.557877][   T29] audit: type=1326 audit(2000000266.764:9420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.581583][   T29] audit: type=1326 audit(2000000266.764:9421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.605991][   T29] audit: type=1326 audit(2000000266.764:9422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.630001][   T29] audit: type=1326 audit(2000000266.764:9423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14791 comm="syz.0.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad074e929 code=0x7ffc0000
[  336.718243][T14798] loop1: detected capacity change from 0 to 512
[  336.726335][T14790] netem: change failed
[  336.897053][T14798] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.937134][T14798] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.187618][T14798] 9pnet_virtio: no channels available for device 127.0.0.1
[  337.508385][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.648465][T14819] loop4: detected capacity change from 0 to 164
[  337.655120][T14819] iso9660: Unknown parameter '<port1'
[  337.924907][T14837] loop4: detected capacity change from 0 to 512
[  337.965214][T14837] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.969251][T14840] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.3620'.
[  337.987355][T14840] tc_dump_action: action bad kind
[  338.046078][T14843] netlink: 'syz.0.3618': attribute type 30 has an invalid length.
[  338.058204][T14820] netlink: 'syz.2.3610': attribute type 30 has an invalid length.
[  338.177542][T14820] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  338.187361][T14820] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  338.415889][T14837] ext4 filesystem being mounted at /123/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  338.478429][T14852] vhci_hcd: invalid port number 96
[  338.483704][T14852] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  338.497524][T14837] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3619: corrupted inode contents
[  338.511109][T14852] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3621'.
[  338.520597][T14837] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.3619: mark_inode_dirty error
[  338.536890][T14837] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3619: corrupted inode contents
[  338.554055][T14854] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3619: corrupted inode contents
[  338.566183][T14849] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3621'.
[  338.578820][T14854] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.3619: mark_inode_dirty error
[  338.598716][T14854] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3619: corrupted inode contents
[  338.625574][T14854] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.3619: mark_inode_dirty error
[  338.637523][T14854] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3619: corrupted inode contents
[  338.651323][T14854] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.3619: mark_inode_dirty error
[  338.685724][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.146078][T14878] netlink: 'syz.4.3629': attribute type 10 has an invalid length.
[  339.215697][T14878] team0: Device ipvlan0 failed to register rx_handler
[  339.909532][T14894] loop2: detected capacity change from 0 to 512
[  339.919949][T14888] netlink: 61967 bytes leftover after parsing attributes in process `syz.3.3632'.
[  339.929417][T14888] tc_dump_action: action bad kind
[  340.013701][T14894] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.093320][T14894] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  340.138987][T14901] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3636'.
[  340.148329][T14894] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3634: corrupted inode contents
[  340.177925][T14894] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.3634: mark_inode_dirty error
[  340.216906][T14894] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3634: corrupted inode contents
[  340.240257][T14904] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3634: corrupted inode contents
[  340.267729][T14904] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.3634: mark_inode_dirty error
[  340.280560][T14904] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3634: corrupted inode contents
[  340.294253][T14904] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.3634: mark_inode_dirty error
[  340.318322][T14904] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.3634: corrupted inode contents
[  340.334901][T14903] loop3: detected capacity change from 0 to 512
[  340.353361][T14904] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.3634: mark_inode_dirty error
[  340.374562][T14903] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  340.407230][T14903] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  340.429900][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.482567][T14903] EXT4-fs (loop3): orphan cleanup on readonly fs
[  340.518583][T14903] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.3637: attempt to clear invalid blocks 1024 len 1
[  340.593300][T14903] EXT4-fs (loop3): Remounting filesystem read-only
[  340.622151][T14903] EXT4-fs (loop3): 1 truncate cleaned up
[  340.704196][T14920] loop1: detected capacity change from 0 to 8192
[  340.814436][T14930] loop4: detected capacity change from 0 to 8192
[  340.994992][T14933] loop0: detected capacity change from 0 to 512
[  341.081000][T14938] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3648'.
[  341.152205][   T29] kauditd_printk_skb: 98 callbacks suppressed
[  341.152224][   T29] audit: type=1400 audit(2000000271.395:9522): avc:  denied  { bind } for  pid=14923 comm="syz.2.3643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  341.243929][   T29] audit: type=1400 audit(2000000271.405:9523): avc:  denied  { setopt } for  pid=14940 comm="syz.0.3649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  341.264852][   T29] audit: type=1400 audit(2000000271.405:9524): avc:  denied  { write } for  pid=14940 comm="syz.0.3649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  341.389836][T14943] loop3: detected capacity change from 0 to 512
[  341.415110][T14943] EXT4-fs (loop3): 1 orphan inode deleted
[  341.426534][ T9249] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  341.436518][ T9249] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 1
[  341.450478][T14943] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  341.474246][T14947] netlink: 208356 bytes leftover after parsing attributes in process `syz.0.3651'.
[  341.486168][T14947] net_ratelimit: 162 callbacks suppressed
[  341.486185][T14947] netlink: zone id is out of range
[  341.497180][T14947] netlink: zone id is out of range
[  341.502319][T14947] netlink: zone id is out of range
[  341.509428][T14947] netlink: zone id is out of range
[  341.514767][T14947] netlink: zone id is out of range
[  341.520223][T14947] netlink: zone id is out of range
[  341.525386][T14947] netlink: zone id is out of range
[  341.530654][T14947] netlink: zone id is out of range
[  341.535864][T14947] netlink: zone id is out of range
[  341.541066][T14947] netlink: zone id is out of range
[  341.566596][   T29] audit: type=1400 audit(2000000271.805:9525): avc:  denied  { create } for  pid=14948 comm="syz.3.3650" name="core" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  341.587704][   T29] audit: type=1400 audit(2000000271.805:9526): avc:  denied  { write open } for  pid=14948 comm="syz.3.3650" path="/131/file1/core" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  341.734358][   T29] audit: type=1400 audit(2000000271.815:9527): avc:  denied  { ioctl } for  pid=14946 comm="syz.0.3651" path="socket:[49990]" dev="sockfs" ino=49990 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  341.760899][   T29] audit: type=1400 audit(2000000271.815:9528): avc:  denied  { read } for  pid=14946 comm="syz.0.3651" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  341.784324][   T29] audit: type=1400 audit(2000000271.815:9529): avc:  denied  { open } for  pid=14946 comm="syz.0.3651" path="/dev/input/event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  341.806831][T14957] FAULT_INJECTION: forcing a failure.
[  341.806831][T14957] name failslab, interval 1, probability 0, space 0, times 0
[  341.809946][   T29] audit: type=1400 audit(2000000271.815:9530): avc:  denied  { ioctl } for  pid=14946 comm="syz.0.3651" path="/dev/input/event2" dev="devtmpfs" ino=245 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  341.822424][T14957] CPU: 1 UID: 0 PID: 14957 Comm: syz.3.3654 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  341.822516][T14957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  341.822533][T14957] Call Trace:
[  341.822569][T14957]  <TASK>
[  341.822580][T14957]  __dump_stack+0x1d/0x30
[  341.822613][T14957]  dump_stack_lvl+0xe8/0x140
[  341.822644][T14957]  dump_stack+0x15/0x1b
[  341.822669][T14957]  should_fail_ex+0x265/0x280
[  341.822741][T14957]  should_failslab+0x8c/0xb0
[  341.822774][T14957]  kmem_cache_alloc_node_noprof+0x57/0x320
[  341.822815][T14957]  ? __alloc_skb+0x101/0x320
[  341.822920][T14957]  __alloc_skb+0x101/0x320
[  341.822962][T14957]  netlink_alloc_large_skb+0xba/0xf0
[  341.823028][T14957]  netlink_sendmsg+0x3cf/0x6b0
[  341.823058][T14957]  ? __pfx_netlink_sendmsg+0x10/0x10
[  341.823117][T14957]  __sock_sendmsg+0x142/0x180
[  341.823153][T14957]  ____sys_sendmsg+0x31e/0x4e0
[  341.823206][T14957]  ___sys_sendmsg+0x17b/0x1d0
[  341.823332][T14957]  __x64_sys_sendmsg+0xd4/0x160
[  341.823386][T14957]  x64_sys_call+0x2999/0x2fb0
[  341.823419][T14957]  do_syscall_64+0xd2/0x200
[  341.823445][T14957]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  341.823526][T14957]  ? clear_bhb_loop+0x40/0x90
[  341.823635][T14957]  ? clear_bhb_loop+0x40/0x90
[  341.823666][T14957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.823698][T14957] RIP: 0033:0x7f818e6ee929
[  341.823725][T14957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.823752][T14957] RSP: 002b:00007f818cd57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  341.823780][T14957] RAX: ffffffffffffffda RBX: 00007f818e915fa0 RCX: 00007f818e6ee929
[  341.823849][T14957] RDX: 0000000000000004 RSI: 00002000000004c0 RDI: 0000000000000003
[  341.823868][T14957] RBP: 00007f818cd57090 R08: 0000000000000000 R09: 0000000000000000
[  341.823886][T14957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  341.823903][T14957] R13: 0000000000000000 R14: 00007f818e915fa0 R15: 00007ffd5b90d848
[  341.823931][T14957]  </TASK>
[  341.886917][T14960] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.3656'.
[  342.068297][T14960] tc_dump_action: action bad kind
[  342.171226][T14971] netlink: 'syz.4.3661': attribute type 10 has an invalid length.
[  342.179464][T14971] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3661'.
[  342.775403][T14993] loop1: detected capacity change from 0 to 512
[  342.846121][T14993] EXT4-fs: Ignoring removed bh option
[  342.895243][T14993] ext3: Unknown parameter 'appraise'
[  343.294732][T15003] netlink: 61967 bytes leftover after parsing attributes in process `syz.2.3669'.
[  343.304172][T15003] tc_dump_action: action bad kind
[  343.321120][T15006] loop4: detected capacity change from 0 to 512
[  343.411835][T15006] EXT4-fs (loop4): too many log groups per flexible block group
[  343.419628][T15006] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  343.456371][T15006] EXT4-fs (loop4): mount failed
[  343.722433][T15006] loop4: detected capacity change from 0 to 512
[  343.775063][T15025] loop0: detected capacity change from 0 to 512
[  343.793133][T15006] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  343.868623][T15025] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  343.943608][T15006] EXT4-fs (loop4): 1 truncate cleaned up
[  343.988550][T15025] EXT4-fs (loop0): orphan cleanup on readonly fs
[  344.044042][T15025] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3675: Failed to acquire dquot type 1
[  344.059406][T15034] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3677'.
[  344.120136][T15025] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3675: bg 0: block 40: padding at end of block bitmap is not set
[  344.142601][T15025] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  344.152165][T15025] EXT4-fs (loop0): 1 truncate cleaned up
[  344.223353][T15025] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3675: corrupted xattr block 31: invalid header
[  344.276788][T15025] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  344.294677][T15025] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3675: corrupted xattr block 31: invalid header
[  344.336791][T15025] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  344.359320][T15027] loop1: detected capacity change from 0 to 1024
[  344.365703][T15025] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.3675: bad symlink.
[  344.394682][T15027] EXT4-fs: Ignoring removed nobh option
[  344.400397][T15027] EXT4-fs: Ignoring removed bh option
[  344.571697][T15060] netlink: 208356 bytes leftover after parsing attributes in process `syz.2.3687'.
[  344.667621][T15065] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3689'.
[  344.776642][T15068] loop1: detected capacity change from 0 to 164
[  344.802184][T15068] iso9660: Unknown parameter '<port1'
[  344.884406][T15077] netlink: 'syz.3.3694': attribute type 10 has an invalid length.
[  344.940999][T15082] loop1: detected capacity change from 0 to 512
[  344.973631][T15077] ipvlan0: entered allmulticast mode
[  344.979135][T15077] veth0_vlan: entered allmulticast mode
[  344.987925][T15082] EXT4-fs (loop1): 1 orphan inode deleted
[  344.994267][T15082] EXT4-fs mount: 10 callbacks suppressed
[  344.994288][T15082] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.012698][ T9251] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:15: Failed to release dquot type 1
[  345.015451][T15082] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.073559][T15077] team0: Device ipvlan0 failed to register rx_handler
[  345.276008][T15096] loop2: detected capacity change from 0 to 8192
[  345.354397][T15102] loop3: detected capacity change from 0 to 512
[  345.592659][T15102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.731436][T15102] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.777886][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.889267][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.937544][T15115] loop3: detected capacity change from 0 to 164
[  345.954255][T15115] iso9660: Unknown parameter '<port1'
[  346.179361][T15128] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3710'.
[  346.200755][T15132] netlink: 160 bytes leftover after parsing attributes in process `syz.1.3712'.
[  346.200979][T15128] loop0: detected capacity change from 0 to 2048
[  346.242235][T15133] netlink: 'syz.3.3711': attribute type 10 has an invalid length.
[  346.267220][ T7718]  loop0: p1 < > p4
[  346.279324][T15133] team0: Device ipvlan0 failed to register rx_handler
[  346.296695][ T7718] loop0: p4 size 8388608 extends beyond EOD, truncated
[  346.325702][T15128]  loop0: p1 < > p4
[  346.336844][T15137] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3714'.
[  346.337025][T15128] loop0: p4 size 8388608 extends beyond EOD, truncated
[  346.455982][ T7718] udevd[7718]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  346.458784][ T3473] udevd[3473]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  346.494140][T15144] loop3: detected capacity change from 0 to 164
[  346.514578][T15144] iso9660: Unknown parameter '<port1'
[  346.625362][T15145] tipc: Started in network mode
[  346.630425][T15145] tipc: Node identity c64be8e055ea, cluster identity 4711
[  346.637778][T15145] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  346.671919][T15142] tipc: Disabling bearer <eth:syzkaller0>
[  346.696020][T15151] netlink: 'syz.2.3720': attribute type 10 has an invalid length.
[  346.703991][T15151] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3720'.
[  346.746588][T15152] loop1: detected capacity change from 0 to 8192
[  346.772168][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  346.772186][   T29] audit: type=1400 audit(2000000277.015:9718): avc:  denied  { create } for  pid=15147 comm="syz.3.3719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  346.807381][   T29] audit: type=1400 audit(2000000277.045:9719): avc:  denied  { write } for  pid=15147 comm="syz.3.3719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  346.910839][T15161] netlink: 'syz.2.3724': attribute type 10 has an invalid length.
[  346.918840][T15161] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3724'.
[  347.886451][T15182] loop3: detected capacity change from 0 to 512
[  347.893320][T15182] EXT4-fs: Ignoring removed bh option
[  347.898805][T15182] ext3: Unknown parameter 'appraise'
[  348.063678][T15191] netlink: 'syz.2.3733': attribute type 10 has an invalid length.
[  348.071710][T15191] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3733'.
[  348.144534][T15194] netlink: 'syz.0.3730': attribute type 30 has an invalid length.
[  348.574424][T15203] loop3: detected capacity change from 0 to 512
[  348.611413][T15203] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.626331][T15203] ext4 filesystem being mounted at /151/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  348.678235][T15203] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3736: corrupted inode contents
[  348.723888][   T29] audit: type=1400 audit(2000000278.935:9720): avc:  denied  { create } for  pid=15211 comm="syz.1.3739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  348.797783][   T29] audit: type=1326 audit(2000000279.045:9721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15216 comm="syz.4.3740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  348.821432][   T29] audit: type=1326 audit(2000000279.045:9722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15216 comm="syz.4.3740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  348.845186][   T29] audit: type=1326 audit(2000000279.045:9723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15216 comm="syz.4.3740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  348.852758][T15212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3739'.
[  348.868949][   T29] audit: type=1326 audit(2000000279.045:9724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15216 comm="syz.4.3740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  348.877712][T15203] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3736: mark_inode_dirty error
[  348.888266][T15203] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3736: corrupted inode contents
[  348.901792][   T29] audit: type=1326 audit(2000000279.045:9725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15216 comm="syz.4.3740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  348.956578][T15212] team0: left allmulticast mode
[  348.961742][T15212] team_slave_0: left allmulticast mode
[  348.967360][T15212] team_slave_1: left allmulticast mode
[  348.973108][T15212] bridge0: port 4(team0) entered disabled state
[  348.995625][   T29] audit: type=1400 audit(2000000279.095:9726): avc:  denied  { ioctl } for  pid=15211 comm="syz.1.3739" path="socket:[50881]" dev="sockfs" ino=50881 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  349.020652][   T29] audit: type=1326 audit(2000000279.185:9727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15218 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc74d2ee929 code=0x7ffc0000
[  349.076416][T15221] loop1: detected capacity change from 0 to 512
[  349.083554][T15221] ext4: Unknown parameter 'mask'
[  349.132878][T15215] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3736: corrupted inode contents
[  349.228931][T15212] syz_tun: left allmulticast mode
[  349.234203][T15212] syz_tun: left promiscuous mode
[  349.239417][T15212] bridge0: port 3(syz_tun) entered disabled state
[  349.337251][T15229] netlink: 208444 bytes leftover after parsing attributes in process `syz.0.3743'.
[  349.360132][T15212] bridge_slave_1: left allmulticast mode
[  349.366181][T15212] bridge_slave_1: left promiscuous mode
[  349.372069][T15212] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.417964][T15229] net_ratelimit: 158 callbacks suppressed
[  349.417987][T15229] netlink: zone id is out of range
[  349.428945][T15229] netlink: zone id is out of range
[  349.434100][T15229] netlink: zone id is out of range
[  349.439476][T15229] netlink: zone id is out of range
[  349.444614][T15229] netlink: zone id is out of range
[  349.446963][T15215] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3736: mark_inode_dirty error
[  349.449809][T15229] netlink: zone id is out of range
[  349.463109][T15215] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3736: corrupted inode contents
[  349.466401][T15229] netlink: zone id is out of range
[  349.482821][T15215] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.3736: mark_inode_dirty error
[  349.483701][T15229] netlink: zone id is out of range
[  349.483712][T15229] netlink: zone id is out of range
[  349.483720][T15229] netlink: zone id is out of range
[  349.512441][T15212] bridge_slave_0: left allmulticast mode
[  349.518902][T15212] bridge_slave_0: left promiscuous mode
[  349.524940][T15212] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.555392][T15215] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3736: corrupted inode contents
[  349.569964][T15215] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3736: mark_inode_dirty error
[  349.594918][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.622377][T15223] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.3742'.
[  349.631757][T15223] tc_dump_action: action bad kind
[  350.043610][T15259] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3752'.
[  350.067612][T15247] loop3: detected capacity change from 0 to 512
[  350.074246][T15247] EXT4-fs: Ignoring removed bh option
[  350.084445][T15247] ext3: Unknown parameter 'appraise'
[  350.096088][T15262] netlink: 'syz.0.3755': attribute type 10 has an invalid length.
[  350.104314][T15262] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3755'.
[  350.141634][T15264] netlink: 'syz.1.3757': attribute type 10 has an invalid length.
[  350.149706][T15264] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3757'.
[  350.532634][T15271] netlink: 208444 bytes leftover after parsing attributes in process `syz.0.3758'.
[  350.560975][T15273] loop1: detected capacity change from 0 to 512
[  350.579742][T15273] EXT4-fs: Ignoring removed mblk_io_submit option
[  350.586427][T15273] EXT4-fs: Ignoring removed bh option
[  350.613970][T15273] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  350.639328][T15273] EXT4-fs (loop1): 1 truncate cleaned up
[  350.669709][T15273] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.733443][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.847352][T15296] netlink: 'syz.1.3763': attribute type 10 has an invalid length.
[  350.913421][T15297] FAULT_INJECTION: forcing a failure.
[  350.913421][T15297] name failslab, interval 1, probability 0, space 0, times 0
[  350.916874][T15301] FAULT_INJECTION: forcing a failure.
[  350.916874][T15301] name failslab, interval 1, probability 0, space 0, times 0
[  350.926240][T15297] CPU: 0 UID: 0 PID: 15297 Comm: syz.2.3765 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  350.926278][T15297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  350.926300][T15297] Call Trace:
[  350.926312][T15297]  <TASK>
[  350.926323][T15297]  __dump_stack+0x1d/0x30
[  350.926354][T15297]  dump_stack_lvl+0xe8/0x140
[  350.926383][T15297]  dump_stack+0x15/0x1b
[  350.926447][T15297]  should_fail_ex+0x265/0x280
[  350.926492][T15297]  ? __hw_addr_add_ex+0x162/0x440
[  350.926535][T15297]  should_failslab+0x8c/0xb0
[  350.926598][T15297]  __kmalloc_cache_noprof+0x4c/0x320
[  350.926708][T15297]  __hw_addr_add_ex+0x162/0x440
[  350.926753][T15297]  dev_addr_init+0xb1/0x120
[  350.926796][T15297]  alloc_netdev_mqs+0x212/0xab0
[  350.926869][T15297]  ? __pfx_sl_setup+0x10/0x10
[  350.926984][T15297]  slip_open+0x2d1/0x920
[  350.927017][T15297]  ? vfree+0x295/0x3a0
[  350.927059][T15297]  ? up_write+0x18/0x60
[  350.927091][T15297]  tty_ldisc_open+0x5a/0xb0
[  350.927146][T15297]  tty_set_ldisc+0x1db/0x380
[  350.927189][T15297]  tiocsetd+0x51/0x60
[  350.927242][T15297]  tty_ioctl+0xa7f/0xb80
[  350.927284][T15297]  ? __pfx_tty_ioctl+0x10/0x10
[  350.927327][T15297]  __se_sys_ioctl+0xce/0x140
[  350.927418][T15297]  __x64_sys_ioctl+0x43/0x50
[  350.927460][T15297]  x64_sys_call+0x19a8/0x2fb0
[  350.927563][T15297]  do_syscall_64+0xd2/0x200
[  350.927589][T15297]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  350.927688][T15297]  ? clear_bhb_loop+0x40/0x90
[  350.927720][T15297]  ? clear_bhb_loop+0x40/0x90
[  350.927771][T15297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.927803][T15297] RIP: 0033:0x7f92a1b5e929
[  350.927826][T15297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.927854][T15297] RSP: 002b:00007f92a01c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  350.927882][T15297] RAX: ffffffffffffffda RBX: 00007f92a1d85fa0 RCX: 00007f92a1b5e929
[  350.927940][T15297] RDX: 00002000000002c0 RSI: 0000000000005423 RDI: 0000000000000004
[  350.927958][T15297] RBP: 00007f92a01c7090 R08: 0000000000000000 R09: 0000000000000000
[  350.927976][T15297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.927994][T15297] R13: 0000000000000000 R14: 00007f92a1d85fa0 R15: 00007ffe71c13d78
[  350.928020][T15297]  </TASK>
[  351.175214][T15301] CPU: 1 UID: 0 PID: 15301 Comm: syz.1.3769 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  351.175323][T15301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  351.175337][T15301] Call Trace:
[  351.175345][T15301]  <TASK>
[  351.175355][T15301]  __dump_stack+0x1d/0x30
[  351.175382][T15301]  dump_stack_lvl+0xe8/0x140
[  351.175408][T15301]  dump_stack+0x15/0x1b
[  351.175431][T15301]  should_fail_ex+0x265/0x280
[  351.175521][T15301]  should_failslab+0x8c/0xb0
[  351.175546][T15301]  __kmalloc_noprof+0xa5/0x3e0
[  351.175577][T15301]  ? io_cache_alloc_new+0x2a/0xb0
[  351.175618][T15301]  io_cache_alloc_new+0x2a/0xb0
[  351.175641][T15301]  io_send_zc_prep+0x31c/0x7e0
[  351.175667][T15301]  io_submit_sqes+0x5e5/0xfd0
[  351.175721][T15301]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  351.175757][T15301]  ? 0xffffffff81000000
[  351.175775][T15301]  ? __rcu_read_unlock+0x4f/0x70
[  351.175805][T15301]  ? get_pid_task+0x96/0xd0
[  351.175870][T15301]  ? proc_fail_nth_write+0x12d/0x160
[  351.175976][T15301]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  351.176029][T15301]  ? vfs_write+0x75e/0x8e0
[  351.176072][T15301]  ? __rcu_read_unlock+0x4f/0x70
[  351.176110][T15301]  ? __fget_files+0x184/0x1c0
[  351.176138][T15301]  ? fput+0x8f/0xc0
[  351.176170][T15301]  __x64_sys_io_uring_enter+0x78/0x90
[  351.176262][T15301]  x64_sys_call+0x28c8/0x2fb0
[  351.176288][T15301]  do_syscall_64+0xd2/0x200
[  351.176306][T15301]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  351.176338][T15301]  ? clear_bhb_loop+0x40/0x90
[  351.176386][T15301]  ? clear_bhb_loop+0x40/0x90
[  351.176461][T15301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.176487][T15301] RIP: 0033:0x7f07fd30e929
[  351.176505][T15301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.176529][T15301] RSP: 002b:00007f07fb977038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  351.176552][T15301] RAX: ffffffffffffffda RBX: 00007f07fd535fa0 RCX: 00007f07fd30e929
[  351.176569][T15301] RDX: 0000000000000004 RSI: 000000000000749f RDI: 0000000000000003
[  351.176653][T15301] RBP: 00007f07fb977090 R08: 0000000000000000 R09: fffffffffffffef5
[  351.176670][T15301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.176687][T15301] R13: 0000000000000000 R14: 00007f07fd535fa0 R15: 00007ffcfa9fb468
[  351.176768][T15301]  </TASK>
[  351.704547][T15338] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[  351.732975][T15338] SELinux: failed to load policy
[  351.780368][   T29] kauditd_printk_skb: 103 callbacks suppressed
[  351.780469][   T29] audit: type=1400 audit(2000000282.025:9831): avc:  denied  { create } for  pid=15318 comm="syz.3.3775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  352.027746][T15346] loop4: detected capacity change from 0 to 512
[  352.051519][T15310] loop2: detected capacity change from 0 to 8192
[  352.139478][T15346] EXT4-fs: Ignoring removed mblk_io_submit option
[  352.270267][T15346] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  352.318282][T15346] EXT4-fs (loop4): orphan cleanup on readonly fs
[  352.343181][   T29] audit: type=1326 audit(2000000282.585:9832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.367107][   T29] audit: type=1326 audit(2000000282.585:9833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.390728][   T29] audit: type=1326 audit(2000000282.585:9834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.414396][   T29] audit: type=1326 audit(2000000282.585:9835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.438280][   T29] audit: type=1326 audit(2000000282.585:9836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.461986][   T29] audit: type=1326 audit(2000000282.585:9837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.485581][   T29] audit: type=1326 audit(2000000282.585:9838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.509305][   T29] audit: type=1326 audit(2000000282.585:9839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.532889][   T29] audit: type=1326 audit(2000000282.585:9840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15353 comm="syz.3.3785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  352.595897][T15346] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  352.664579][T15346] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  352.681850][T15346] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3782: bg 0: block 40: padding at end of block bitmap is not set
[  352.698291][T15346] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  352.710416][T15346] EXT4-fs (loop4): 1 truncate cleaned up
[  352.724888][T15346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  352.756647][T15358] __nla_validate_parse: 1 callbacks suppressed
[  352.756666][T15358] netlink: 208360 bytes leftover after parsing attributes in process `syz.3.3787'.
[  352.834571][T15346] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #16: comm syz.4.3782: corrupted xattr block 31: invalid header
[  352.866508][T15372] loop0: detected capacity change from 0 to 512
[  352.888953][T15346] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  352.912934][T15372] EXT4-fs: Ignoring removed mblk_io_submit option
[  352.914508][T15380] loop2: detected capacity change from 0 to 512
[  352.930858][T15346] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #16: comm syz.4.3782: corrupted xattr block 31: invalid header
[  352.956792][T15372] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  352.963947][T15346] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  352.980840][T15346] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz.4.3782: bad symlink.
[  352.985827][T15372] EXT4-fs (loop0): orphan cleanup on readonly fs
[  352.995351][T15388] loop3: detected capacity change from 0 to 512
[  353.007482][T15389] loop1: detected capacity change from 0 to 512
[  353.008371][T15372] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  353.032486][T15372] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  353.040702][T15372] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3791: bg 0: block 40: padding at end of block bitmap is not set
[  353.064940][T15372] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  353.070079][T15389] EXT4-fs (loop1): 1 orphan inode deleted
[  353.080585][T15389] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.086397][T15380] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.093921][ T9262] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:26: Failed to release dquot type 1
[  353.106295][T15380] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  353.126184][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.141953][T15372] EXT4-fs (loop0): 1 truncate cleaned up
[  353.148119][T15388] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.156808][T15372] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  353.166106][T15389] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  353.201534][T15388] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  353.217669][T15372] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3791: corrupted xattr block 31: invalid header
[  353.226647][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.238135][T15397] FAULT_INJECTION: forcing a failure.
[  353.238135][T15397] name failslab, interval 1, probability 0, space 0, times 0
[  353.246960][T15388] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3798: corrupted inode contents
[  353.252496][T15397] CPU: 0 UID: 0 PID: 15397 Comm: syz.4.3799 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  353.252618][T15397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  353.252638][T15397] Call Trace:
[  353.252649][T15397]  <TASK>
[  353.252660][T15397]  __dump_stack+0x1d/0x30
[  353.252701][T15397]  dump_stack_lvl+0xe8/0x140
[  353.252730][T15397]  dump_stack+0x15/0x1b
[  353.252754][T15397]  should_fail_ex+0x265/0x280
[  353.252823][T15397]  should_failslab+0x8c/0xb0
[  353.252858][T15397]  kmem_cache_alloc_noprof+0x50/0x310
[  353.252898][T15397]  ? security_inode_alloc+0x37/0x100
[  353.253048][T15397]  security_inode_alloc+0x37/0x100
[  353.253097][T15397]  inode_init_always_gfp+0x4b7/0x500
[  353.253146][T15397]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  353.253176][T15397]  alloc_inode+0x58/0x170
[  353.253303][T15397]  new_inode+0x1d/0xe0
[  353.253345][T15397]  shmem_get_inode+0x244/0x750
[  353.253375][T15397]  __shmem_file_setup+0x113/0x210
[  353.253433][T15397]  shmem_file_setup+0x3b/0x50
[  353.253502][T15397]  __se_sys_memfd_create+0x2c3/0x590
[  353.253549][T15397]  __x64_sys_memfd_create+0x31/0x40
[  353.253594][T15397]  x64_sys_call+0x122f/0x2fb0
[  353.253625][T15397]  do_syscall_64+0xd2/0x200
[  353.253723][T15397]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  353.253761][T15397]  ? clear_bhb_loop+0x40/0x90
[  353.253793][T15397]  ? clear_bhb_loop+0x40/0x90
[  353.253848][T15397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.253880][T15397] RIP: 0033:0x7fc74d2ee929
[  353.253902][T15397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.253931][T15397] RSP: 002b:00007fc74b956e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  353.254044][T15397] RAX: ffffffffffffffda RBX: 0000000000000506 RCX: 00007fc74d2ee929
[  353.254058][T15397] RDX: 00007fc74b956ef0 RSI: 0000000000000000 RDI: 00007fc74d3714cc
[  353.254070][T15397] RBP: 0000200000006380 R08: 00007fc74b956bb7 R09: 00007fc74b956e40
[  353.254082][T15397] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000000c0
[  353.254098][T15397] R13: 00007fc74b956ef0 R14: 00007fc74b956eb0 R15: 00002000000005c0
[  353.254126][T15397]  </TASK>
[  353.260660][T15372] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  353.286365][T15388] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3798: mark_inode_dirty error
[  353.324668][T15372] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #16: comm syz.0.3791: corrupted xattr block 31: invalid header
[  353.349482][T15388] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3798: corrupted inode contents
[  353.433235][T15372] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  353.444661][T15400] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3798: corrupted inode contents
[  353.475568][T15372] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.3791: bad symlink.
[  353.483819][T15400] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3798: mark_inode_dirty error
[  353.546278][T15406] loop4: detected capacity change from 0 to 512
[  353.588681][T15400] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3798: corrupted inode contents
[  353.611732][T15406] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.625455][T15400] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.3798: mark_inode_dirty error
[  353.628295][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.650642][T15406] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  353.667639][T15400] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3798: corrupted inode contents
[  353.695530][T15400] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3798: mark_inode_dirty error
[  353.738600][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.746299][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.758677][T15421] FAULT_INJECTION: forcing a failure.
[  353.758677][T15421] name failslab, interval 1, probability 0, space 0, times 0
[  353.771860][T15419] loop2: detected capacity change from 0 to 512
[  353.771846][T15421] CPU: 1 UID: 0 PID: 15421 Comm: syz.0.3808 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  353.771943][T15421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  353.771961][T15421] Call Trace:
[  353.771972][T15421]  <TASK>
[  353.771983][T15421]  __dump_stack+0x1d/0x30
[  353.772015][T15421]  dump_stack_lvl+0xe8/0x140
[  353.772046][T15421]  dump_stack+0x15/0x1b
[  353.772101][T15421]  should_fail_ex+0x265/0x280
[  353.772148][T15421]  should_failslab+0x8c/0xb0
[  353.772183][T15421]  kmem_cache_alloc_node_noprof+0x57/0x320
[  353.772226][T15421]  ? __alloc_skb+0x101/0x320
[  353.772344][T15421]  __alloc_skb+0x101/0x320
[  353.772384][T15421]  ? pfkey_broadcast+0x223/0x240
[  353.772471][T15421]  pfkey_sendmsg+0x7e4/0x900
[  353.772535][T15421]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  353.772576][T15421]  __sock_sendmsg+0x142/0x180
[  353.772634][T15421]  ____sys_sendmsg+0x31e/0x4e0
[  353.772688][T15421]  ___sys_sendmsg+0x17b/0x1d0
[  353.772957][T15421]  __x64_sys_sendmsg+0xd4/0x160
[  353.773033][T15421]  x64_sys_call+0x2999/0x2fb0
[  353.773145][T15421]  do_syscall_64+0xd2/0x200
[  353.773171][T15421]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  353.773211][T15421]  ? clear_bhb_loop+0x40/0x90
[  353.773242][T15421]  ? clear_bhb_loop+0x40/0x90
[  353.773336][T15421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.773412][T15421] RIP: 0033:0x7faad074e929
[  353.773438][T15421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.773536][T15421] RSP: 002b:00007faacedb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  353.773564][T15421] RAX: ffffffffffffffda RBX: 00007faad0975fa0 RCX: 00007faad074e929
[  353.773621][T15421] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  353.773643][T15421] RBP: 00007faacedb7090 R08: 0000000000000000 R09: 0000000000000000
[  353.773688][T15421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.773706][T15421] R13: 0000000000000000 R14: 00007faad0975fa0 R15: 00007fff7eefedd8
[  353.773739][T15421]  </TASK>
[  354.016325][T15419] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  354.053870][T15419] EXT4-fs (loop2): orphan cleanup on readonly fs
[  354.097647][T15419] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3805: Failed to acquire dquot type 1
[  354.136747][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.163658][T15419] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3805: bg 0: block 40: padding at end of block bitmap is not set
[  354.203609][T15441] netlink: 208360 bytes leftover after parsing attributes in process `syz.0.3815'.
[  354.213282][T15419] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  354.242703][T15419] EXT4-fs (loop2): 1 truncate cleaned up
[  354.250922][T15419] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  354.299368][T15419] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #16: comm syz.2.3805: corrupted xattr block 31: invalid header
[  354.345046][T15419] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[  354.384879][T15419] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #16: comm syz.2.3805: corrupted xattr block 31: invalid header
[  354.434926][T15419] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[  354.465750][T15419] EXT4-fs error (device loop2): ext4_get_link:106: inode #16: comm syz.2.3805: bad symlink.
[  354.472146][T15468] loop4: detected capacity change from 0 to 512
[  354.516014][T15468] EXT4-fs (loop4): 1 orphan inode deleted
[  354.528255][T13145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.536543][T15468] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.552740][ T9249] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:13: Failed to release dquot type 1
[  354.581909][T15468] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  354.638699][T15473] loop3: detected capacity change from 0 to 512
[  354.645501][T15473] EXT4-fs: Ignoring removed bh option
[  354.650987][T15473] ext3: Unknown parameter 'appraise'
[  354.754208][T15484] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=15484 comm=syz.2.3829
[  354.795906][T15484] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3829'.
[  354.837880][T15488] netlink: 208360 bytes leftover after parsing attributes in process `syz.2.3830'.
[  354.847332][T15488] net_ratelimit: 344 callbacks suppressed
[  354.847345][T15488] netlink: zone id is out of range
[  354.858281][T15488] netlink: zone id is out of range
[  354.863467][T15488] netlink: zone id is out of range
[  354.876837][T15488] netlink: zone id is out of range
[  354.882110][T15488] netlink: zone id is out of range
[  354.891174][T15488] netlink: zone id is out of range
[  354.896374][T15488] netlink: zone id is out of range
[  354.901520][T15488] netlink: zone id is out of range
[  354.906764][T15488] netlink: zone id is out of range
[  354.911910][T15488] netlink: zone id is out of range
[  354.994638][T15498] netlink: 'syz.0.3835': attribute type 10 has an invalid length.
[  355.002677][T15498] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3835'.
[  355.047905][T15504] hsr0: entered promiscuous mode
[  355.055055][T15504] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3837'.
[  355.065147][T15504] hsr_slave_0: left promiscuous mode
[  355.077980][T15504] hsr_slave_1: left promiscuous mode
[  355.087523][T15504] hsr0 (unregistering): left promiscuous mode
[  355.120376][T15513] loop0: detected capacity change from 0 to 512
[  355.140721][T15513] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.160396][T15513] ext4 filesystem being mounted at /184/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  355.176525][T15513] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3841: corrupted inode contents
[  355.191160][T15518] FAULT_INJECTION: forcing a failure.
[  355.191160][T15518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.198331][T15513] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.3841: mark_inode_dirty error
[  355.204336][T15518] CPU: 1 UID: 0 PID: 15518 Comm: syz.3.3842 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  355.204380][T15518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  355.204412][T15518] Call Trace:
[  355.204421][T15518]  <TASK>
[  355.204434][T15518]  __dump_stack+0x1d/0x30
[  355.204464][T15518]  dump_stack_lvl+0xe8/0x140
[  355.204495][T15518]  dump_stack+0x15/0x1b
[  355.204518][T15518]  should_fail_ex+0x265/0x280
[  355.204647][T15518]  should_fail+0xb/0x20
[  355.204695][T15518]  should_fail_usercopy+0x1a/0x20
[  355.204743][T15518]  strncpy_from_user+0x25/0x230
[  355.204781][T15518]  ? kmem_cache_alloc_noprof+0x186/0x310
[  355.204856][T15518]  ? getname_flags+0x80/0x3b0
[  355.204892][T15518]  getname_flags+0xae/0x3b0
[  355.204926][T15518]  user_path_at+0x28/0x130
[  355.204964][T15518]  __se_sys_mount+0x25b/0x2e0
[  355.204994][T15518]  ? fput+0x8f/0xc0
[  355.205033][T15518]  __x64_sys_mount+0x67/0x80
[  355.205079][T15518]  x64_sys_call+0xd36/0x2fb0
[  355.205109][T15518]  do_syscall_64+0xd2/0x200
[  355.205179][T15518]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  355.205241][T15518]  ? clear_bhb_loop+0x40/0x90
[  355.205273][T15518]  ? clear_bhb_loop+0x40/0x90
[  355.205334][T15518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.205364][T15518] RIP: 0033:0x7f818e6ee929
[  355.205387][T15518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.205414][T15518] RSP: 002b:00007f818cd57038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  355.205441][T15518] RAX: ffffffffffffffda RBX: 00007f818e915fa0 RCX: 00007f818e6ee929
[  355.205470][T15518] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  355.205544][T15518] RBP: 00007f818cd57090 R08: 0000200000000080 R09: 0000000000000000
[  355.205563][T15518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.205581][T15518] R13: 0000000000000000 R14: 00007f818e915fa0 R15: 00007ffd5b90d848
[  355.205612][T15518]  </TASK>
[  355.307892][T15522] netlink: 208360 bytes leftover after parsing attributes in process `syz.3.3843'.
[  355.311506][T15513] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3841: corrupted inode contents
[  355.445145][T15521] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3841: corrupted inode contents
[  355.461384][T15521] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.3841: mark_inode_dirty error
[  355.466279][T15525] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  355.483290][T15525] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  355.513372][T15521] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3841: corrupted inode contents
[  355.513564][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.534332][T15525] loop2: detected capacity change from 0 to 512
[  355.540106][T15521] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.3841: mark_inode_dirty error
[  355.541364][T15525] journal_path: Non-blockdev passed as './file0'
[  355.558393][T15525] EXT4-fs: error: could not find journal device path
[  355.598697][T15521] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3841: corrupted inode contents
[  355.617044][T15525] loop8: detected capacity change from 0 to 79
[  355.646034][T15521] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.3841: mark_inode_dirty error
[  355.679188][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.705728][T15525] loop8: detected capacity change from 79 to 78
[  355.760977][T15540] loop4: detected capacity change from 0 to 512
[  355.779961][T15540] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  355.795908][T15540] EXT4-fs (loop4): orphan cleanup on readonly fs
[  355.817116][T15540] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3851: Failed to acquire dquot type 1
[  355.858862][T15540] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3851: bg 0: block 40: padding at end of block bitmap is not set
[  355.883501][T15540] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  355.931150][T15540] EXT4-fs (loop4): 1 truncate cleaned up
[  355.946211][T15540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  355.980554][T15540] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #16: comm syz.4.3851: corrupted xattr block 31: invalid header
[  356.003738][T15540] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  356.018974][T15540] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #16: comm syz.4.3851: corrupted xattr block 31: invalid header
[  356.033795][T15540] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=16
[  356.060783][T15540] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz.4.3851: bad symlink.
[  356.074660][T15556] netlink: 208360 bytes leftover after parsing attributes in process `syz.0.3857'.
[  356.221393][T15557] loop3: detected capacity change from 0 to 512
[  356.228724][T15557] EXT4-fs: Ignoring removed bh option
[  356.234221][T15557] ext3: Unknown parameter 'appraise'
[  356.262088][T15562] netlink: 'syz.0.3858': attribute type 30 has an invalid length.
[  356.270405][T15562] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  356.279632][T15562] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  356.294002][T12724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.398882][T15560] loop1: detected capacity change from 0 to 8192
[  356.446506][T15569] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35535 sclass=netlink_route_socket pid=15569 comm=syz.2.3861
[  356.529847][T15574] FAULT_INJECTION: forcing a failure.
[  356.529847][T15574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.543191][T15574] CPU: 1 UID: 0 PID: 15574 Comm: syz.4.3862 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  356.543325][T15574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  356.543342][T15574] Call Trace:
[  356.543351][T15574]  <TASK>
[  356.543362][T15574]  __dump_stack+0x1d/0x30
[  356.543390][T15574]  dump_stack_lvl+0xe8/0x140
[  356.543416][T15574]  dump_stack+0x15/0x1b
[  356.543579][T15574]  should_fail_ex+0x265/0x280
[  356.543643][T15574]  should_fail+0xb/0x20
[  356.543738][T15574]  should_fail_usercopy+0x1a/0x20
[  356.543774][T15574]  strncpy_from_user+0x25/0x230
[  356.543799][T15574]  ? kmem_cache_alloc_noprof+0x186/0x310
[  356.543831][T15574]  ? getname_flags+0x80/0x3b0
[  356.543879][T15574]  getname_flags+0xae/0x3b0
[  356.543904][T15574]  do_sys_openat2+0x60/0x110
[  356.543933][T15574]  __x64_sys_creat+0x65/0x90
[  356.543962][T15574]  x64_sys_call+0x114d/0x2fb0
[  356.543996][T15574]  do_syscall_64+0xd2/0x200
[  356.544021][T15574]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  356.544074][T15574]  ? clear_bhb_loop+0x40/0x90
[  356.544100][T15574]  ? clear_bhb_loop+0x40/0x90
[  356.544122][T15574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.544210][T15574] RIP: 0033:0x7fc74d2ee929
[  356.544229][T15574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.544254][T15574] RSP: 002b:00007fc74b936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  356.544275][T15574] RAX: ffffffffffffffda RBX: 00007fc74d516080 RCX: 00007fc74d2ee929
[  356.544288][T15574] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0
[  356.544300][T15574] RBP: 00007fc74b936090 R08: 0000000000000000 R09: 0000000000000000
[  356.544315][T15574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.544343][T15574] R13: 0000000000000000 R14: 00007fc74d516080 R15: 00007ffc4e55b618
[  356.544441][T15574]  </TASK>
[  356.837327][   T29] kauditd_printk_skb: 157 callbacks suppressed
[  356.837342][   T29] audit: type=1400 audit(2000000287.086:9990): avc:  denied  { append } for  pid=15575 comm="syz.2.3864" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  356.867592][   T29] audit: type=1400 audit(2000000287.086:9991): avc:  denied  { open } for  pid=15575 comm="syz.2.3864" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  356.902946][   T29] audit: type=1400 audit(2000000287.116:9992): avc:  denied  { ioctl } for  pid=15575 comm="syz.2.3864" path="/dev/sg0" dev="devtmpfs" ino=137 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  356.974363][   T29] audit: type=1326 audit(2000000287.216:9993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15584 comm="syz.3.3868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  357.018571][   T29] audit: type=1326 audit(2000000287.246:9994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15584 comm="syz.3.3868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  357.042332][   T29] audit: type=1326 audit(2000000287.246:9995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15584 comm="syz.3.3868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  357.046304][T15576] vhci_hcd: invalid port number 96
[  357.067243][   T29] audit: type=1326 audit(2000000287.246:9996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15584 comm="syz.3.3868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  357.072236][T15576] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  357.096411][   T29] audit: type=1326 audit(2000000287.246:9997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15584 comm="syz.3.3868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  357.127101][   T29] audit: type=1326 audit(2000000287.246:9998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15584 comm="syz.3.3868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  357.150888][   T29] audit: type=1326 audit(2000000287.246:9999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15584 comm="syz.3.3868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f818e6ee929 code=0x7ffc0000
[  357.179678][T15590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3864'.
[  357.332467][T15591] loop1: detected capacity change from 0 to 8192
[  357.603857][T15576] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3864'.
[  357.663245][T15593] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  358.174860][T15614] loop4: detected capacity change from 0 to 8192
[  358.383939][T15616] loop3: detected capacity change from 0 to 8192
[  358.481562][T15622] loop1: detected capacity change from 0 to 512
[  358.499958][T15622] EXT4-fs: Ignoring removed mblk_io_submit option
[  358.532327][T15622] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  358.535686][T15624] FAULT_INJECTION: forcing a failure.
[  358.535686][T15624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.552846][T15622] EXT4-fs (loop1): orphan cleanup on readonly fs
[  358.553458][T15624] CPU: 0 UID: 0 PID: 15624 Comm: syz.2.3881 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  358.553497][T15624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.553590][T15624] Call Trace:
[  358.553601][T15624]  <TASK>
[  358.553612][T15624]  __dump_stack+0x1d/0x30
[  358.553642][T15624]  dump_stack_lvl+0xe8/0x140
[  358.553749][T15624]  dump_stack+0x15/0x1b
[  358.553774][T15624]  should_fail_ex+0x265/0x280
[  358.553819][T15624]  should_fail+0xb/0x20
[  358.553864][T15624]  should_fail_usercopy+0x1a/0x20
[  358.553988][T15624]  _copy_to_user+0x20/0xa0
[  358.554018][T15624]  put_timespec64+0x63/0xb0
[  358.554048][T15624]  poll_select_finish+0x30c/0x3f0
[  358.554081][T15624]  __se_sys_pselect6+0x22a/0x280
[  358.554197][T15624]  __x64_sys_pselect6+0x78/0x90
[  358.554245][T15624]  x64_sys_call+0x1caa/0x2fb0
[  358.554277][T15624]  do_syscall_64+0xd2/0x200
[  358.554314][T15624]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  358.554407][T15624]  ? clear_bhb_loop+0x40/0x90
[  358.554439][T15624]  ? clear_bhb_loop+0x40/0x90
[  358.554470][T15624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.554511][T15624] RIP: 0033:0x7f92a1b5e929
[  358.554533][T15624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.554557][T15624] RSP: 002b:00007f92a01c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  358.554636][T15624] RAX: ffffffffffffffda RBX: 00007f92a1d85fa0 RCX: 00007f92a1b5e929
[  358.554727][T15624] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000040
[  358.554745][T15624] RBP: 00007f92a01c7090 R08: 0000200000000280 R09: 0000000000000000
[  358.554762][T15624] R10: 0000200000000400 R11: 0000000000000246 R12: 0000000000000001
[  358.554794][T15624] R13: 0000000000000000 R14: 00007f92a1d85fa0 R15: 00007ffe71c13d78
[  358.554821][T15624]  </TASK>
[  358.784070][T15622] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  358.800292][T15622] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  358.808755][T15622] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3880: bg 0: block 40: padding at end of block bitmap is not set
[  358.824486][T15622] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  358.835049][T15622] EXT4-fs (loop1): 1 truncate cleaned up
[  358.869979][T15634] netlink: 80 bytes leftover after parsing attributes in process `syz.4.3885'.
[  358.944482][T15622] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  359.029472][T15622] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.3880: corrupted xattr block 31: invalid header
[  359.046919][T15622] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  359.059443][T15634] vhci_hcd: invalid port number 96
[  359.064636][T15634] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  359.073546][T15634] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3885'.
[  359.082920][T15622] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.3880: corrupted xattr block 31: invalid header
[  359.099911][T15634] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3885'.
[  359.112228][T15622] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  359.172323][T15622] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.3880: bad symlink.
[  359.200723][T15653] loop0: detected capacity change from 0 to 512
[  359.220703][T15655] loop3: detected capacity change from 0 to 512
[  359.221243][T15653] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.243456][T15653] ext4 filesystem being mounted at /198/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.257289][T12926] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.268720][T15655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.281467][T15655] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.297891][T12480] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.351217][T12179] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.432364][T15675] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3900'.
[  359.441666][T15675] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3900'.
[  359.487908][T15680] netlink: 80 bytes leftover after parsing attributes in process `syz.4.3903'.
[  359.532188][T15684] netlink: 'syz.1.3902': attribute type 10 has an invalid length.
[  359.540231][T15684] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3902'.
[  359.615879][T15680] vhci_hcd: invalid port number 96
[  359.622842][T15680] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  359.647370][T15680] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3903'.
[  359.658788][T15680] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3903'.
[  359.752307][T12179] ==================================================================
[  359.760451][T12179] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes
[  359.768063][T12179] 
[  359.770412][T12179] read-write to 0xffff88810646eca0 of 8 bytes by task 15690 on cpu 0:
[  359.778937][T12179]  inode_add_bytes+0x47/0xe0
[  359.783573][T12179]  __dquot_alloc_space+0x180/0x8a0
[  359.788730][T12179]  shmem_inode_acct_blocks+0x129/0x240
[  359.794311][T12179]  shmem_get_folio_gfp+0x5a7/0xd60
[  359.799460][T12179]  shmem_write_begin+0xa8/0x190
[  359.804351][T12179]  generic_perform_write+0x181/0x490
[  359.809673][T12179]  shmem_file_write_iter+0xc5/0xf0
[  359.814818][T12179]  __kernel_write_iter+0x256/0x4c0
[  359.819970][T12179]  dump_user_range+0x407/0x8c0
[  359.824772][T12179]  elf_core_dump+0x1dc2/0x1f80
[  359.829565][T12179]  do_coredump+0x1dfd/0x27b0
[  359.834194][T12179]  get_signal+0xd85/0xf70
[  359.838558][T12179]  arch_do_signal_or_restart+0x96/0x480
[  359.844126][T12179]  irqentry_exit_to_user_mode+0x5e/0xa0
[  359.849709][T12179]  irqentry_exit+0x12/0x50
[  359.854155][T12179]  exc_general_protection+0x15b/0x1f0
[  359.859575][T12179]  asm_exc_general_protection+0x26/0x30
[  359.865144][T12179] 
[  359.867485][T12179] read to 0xffff88810646eca0 of 8 bytes by task 12179 on cpu 1:
[  359.875133][T12179]  generic_fillattr+0x27d/0x340
[  359.880016][T12179]  shmem_getattr+0x181/0x200
[  359.884624][T12179]  vfs_getattr_nosec+0x143/0x1e0
[  359.889585][T12179]  vfs_statx+0x113/0x390
[  359.893852][T12179]  vfs_fstatat+0x115/0x170
[  359.898331][T12179]  __se_sys_newfstatat+0x55/0x260
[  359.903382][T12179]  __x64_sys_newfstatat+0x55/0x70
[  359.908437][T12179]  x64_sys_call+0x2c22/0x2fb0
[  359.913159][T12179]  do_syscall_64+0xd2/0x200
[  359.917687][T12179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.923607][T12179] 
[  359.925940][T12179] value changed: 0x00000000000040f8 -> 0x0000000000004100
[  359.933146][T12179] 
[  359.935491][T12179] Reported by Kernel Concurrency Sanitizer on:
[  359.941663][T12179] CPU: 1 UID: 0 PID: 12179 Comm: syz-executor Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(voluntary) 
[  359.954359][T12179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  359.964434][T12179] ==================================================================
[  360.001786][T15702] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3911'.