last executing test programs:

9m38.699511805s ago: executing program 32 (id=342):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x3f73, 0x100, 0x4, 0x1a}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000600)=<r3=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
ioctl$TCSETSW2(r4, 0x5453, 0x0)
syz_open_pts(r4, 0x40002)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r5, 0x0, 0x0, 0x0, 0x2000, 0x1, {0x1}})
io_uring_enter(r1, 0x3516, 0xf4f5, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000cc0)=ANY=[@ANYBLOB="b700000018000000bfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff0000000015040000000002000f040000000000003404ffc101ed0a0065040000170000801f400000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9"], 0x0}, 0x94)
io_uring_enter(r1, 0x4542, 0xf797, 0x48, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x7d, 0x0, 0x0)

9m26.126284969s ago: executing program 33 (id=490):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000380)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x38}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x2c, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x4071, 0x0, 0xe7, {[@exp_fastopen={0xfe, 0x4}]}}}}}}}, 0x0)

4m49.621196036s ago: executing program 3 (id=4808):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x80}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x7}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x8011}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000200), 0x81, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r5, &(0x7f0000000100)=""/44, 0xbb)
syz_clone3(&(0x7f0000000640)={0x4000000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000380), {0x22}, 0x0, 0x0, &(0x7f0000000300)=""/18, &(0x7f0000000340)=[r0, r0, r0, r0, r0, r0, r0, r0], 0x8, {r5}}, 0x58)
capget(&(0x7f0000feaff9)={0x19980330}, &(0x7f0000000180)={0x0, 0x8, 0x0, 0x0, 0x80, 0xc11})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_normal', 0x40, 0x112)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

4m48.066993852s ago: executing program 3 (id=4825):
syz_mount_image$ext4(&(0x7f00000003c0)='ext3\x00', &(0x7f00000002c0)='./bus\x00', 0x841405, &(0x7f0000000900), 0x1, 0x5f3, &(0x7f0000000bc0)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLR+FE0oCW5MjBtjTFy5EP8LJbJlpSsXblwZEqKEpYlj7sy9tNPOtHT6cWvv75cMvfecOXPO5fbpPXPmnDsBlNZg+k8lYn9ETCcR/cn8o7zOyDIH6897+ODjs+kjiWr1tT+SSLK0/PlJ9rMvK9wTET/9mMS+juX1zsxduzg+NTV5Ndsfnr00PTwzd+3whUvj5yfPT14efWH0xPFjx0+MHGnruK43STt9890P+j8de/Pbr/9KRr77dSyJk/Fy9sTFx7FRBmOw9n+SLM/qO7HRlRWkI/s9WXyKk84CG8Sa5OevKyKeiP7oiIWT1x+fvFJo44BNVU0iqkBJJeIfSirvB+Tv7R8+ONnQP6gU0SkBtsT9U/UBgIX4z8fBOutjg9FTGxvY/TCJxcM6SUS0NzLXaE9E3L0zdvPcnbGbsUnjcEBz8zci4slm8Z/U4n8gemKgFv+VhvhP+wVnsp9p+qtt1r90qFj8w9apx3/PivEfLeL/rUXx/3ab9Q8ubL7T2xD/ve0eEgAAAAAAAJTW7VMR8Xyzz/8r9c/mdtX3ls7/6YuIkxtQ/+CS/eWf/1fubUA1QBP3T0W8FM3jP5v9O9CRbf2nNh+gKzl3YWrySET8NyIORdeudH9khToOf7bvq1Z5g9n8v/yR1n83mwuYteNe567GMhPjs+PrPW4g4v6NiKeazv9NHs3/TZpc/9O/B9OPWce+Z2+daZW3evwDm6X6TcTBptf/hbtWJCvfn2O41h8YznsFyz390efft6q/3fh3iwlYv/T6v3vl+B9IFt+vZ2btdRyd66y2ymu3/9+dvF675Ux3lvbh+Ozs1ZGI7uR0R5rakD669jbDTpTHQx4vafwfemaF8b8W/f/eiJhf8trJn41rinP//7vvt1bt0f+H4qTxP7Gm6//aN0ZvDfzQqv7Hu/4fq13rD2Upxv+g7ss8TLsb05uEY2ezrK1uLwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsBJWI2BNJZejRdqUyNBTRFxH/i92VqSszs8+du/Le5Yk0r/b9/5X8m3776/tJ/v3/A4v2R5fsH42IvRHxRUdvbX/o7JWpiaIPHgAAAAAAAAAAAAAAAAAAALaJvhbr/1O/dxTdOmDTdRbdAKAwTeL/5yLaAWy9rqIbABRG/x/KS/xDeYl/KC/xD+Ul/qG8xD+Ul/gHAAAAAIAdZe+B278kETH/Ym/tkerO8iwLgp2tUnQDgMK4xQ+Ul6k/UF7e4wPJKvk9LQutVnIl02fXURgAAAAAAAAAAAAASufgfuv/oays/4fysv4fyitf/3+g4HYAW897fCBWWcnfdP3/qqUAAAAAAAAAAAAAgI00M3ft4vjU1OTVtW68n80IbrP4Ntx4Y3s0Yys3qtXq9fQkbpf2/Ms38qnw63yd+exlNrqF+Vq/xytVwB8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgqX8CAAD//yErHkg=")
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x61)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
shmget(0x2, 0x3000, 0x54000000, &(0x7f0000ffa000/0x3000)=nil)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000001c0)=r0, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000180)=ANY=[@ANYRES32=r2], 0x0, 0x240400, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0xfffffec0)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x8000001f)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000d40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)

4m47.995127705s ago: executing program 3 (id=4828):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001400)=@newtaction={0xe6c, 0x30, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x101, 0x5c, 0x0, 0xb, 0x9}, 0x8, 0x7}, [{0x7, 0x8, 0xb6f8, 0x8, 0x101, 0x3}, {0x9, 0x6, 0x6, 0xfffffff7, 0xd, 0xed7}, {0xaabee86, 0x100, 0x4, 0x8, 0x8, 0xb6d}, {0x66, 0x80000000, 0xfffffffd, 0x2, 0x10000, 0x9}, {0x2, 0xfffffffc, 0x9, 0x1, 0x9}, {0x3, 0x8, 0x9, 0x400, 0xf, 0x939b}, {0xdc11, 0xfffffff9, 0x3ff, 0xfada, 0x401, 0x10000}, {0x15, 0x9, 0x7, 0x81, 0x7, 0x1}, {0x5, 0x1, 0x2, 0x80000001, 0xfff, 0x8}, {0xb73, 0x5, 0x3, 0xfffffff7, 0x0, 0xd}, {0xffffff80, 0x3, 0x1, 0x80000001, 0x4, 0x4}, {0x519, 0xf0, 0x66, 0x3, 0x5, 0xfffffff7}, {0x400, 0x200, 0x1ff, 0x3, 0x5, 0x5}, {0x3, 0x5, 0x1, 0x101, 0x200}, {0x4, 0x7, 0x1, 0x9, 0xf, 0x1}, {0x401, 0x433, 0x7, 0xffffff7f, 0x9, 0x80000007}, {0x10, 0x6, 0x9, 0x0, 0x5, 0x2}, {0x5, 0x1, 0x8, 0x3, 0x3, 0xfffffffc}, {0x0, 0x80000000, 0x80000000, 0xce4, 0x1ff, 0x2}, {0x1400, 0x8, 0x5, 0x3ff, 0xfffffffe, 0x8}, {0xa177, 0x8, 0x1, 0x7, 0x9, 0x8000}, {0xce0, 0x4, 0x1ff, 0xd7, 0x7, 0x6}, {0xffff4234, 0x4f9, 0xfffffff9, 0x1, 0xc, 0xffffffdd}, {0x81, 0x2c, 0xc13, 0x7d1, 0x4, 0x6}, {0x5, 0x7, 0x7, 0x1000, 0x2, 0x7f}, {0x400, 0x6, 0x7, 0x6, 0x120, 0x6}, {0x6, 0x3, 0x4, 0x7ff, 0x0, 0x3}, {0x6, 0x0, 0x3, 0x2, 0xfff, 0x2}, {0x8, 0x3, 0x6, 0x5c6a, 0x5, 0x9}, {0x8, 0x1, 0x8, 0x8, 0x8, 0x95}, {0xf80, 0x8, 0x10000, 0x8, 0xe, 0xfffeffff}, {0x4, 0x8000, 0x3, 0x8aa6, 0xfffffff7, 0x5}, {0x8, 0x7, 0xfffffff7, 0x3ff, 0xd7d, 0x5}, {0xd50, 0x2, 0x8, 0x1, 0x8, 0x3}, {0x2, 0x6, 0x7f, 0x9, 0xfffffff9, 0x1}, {0x162, 0x0, 0x4b3, 0xcb5, 0x5, 0x7fffffdf}, {0x80000000, 0x0, 0x1, 0x2, 0x100, 0x3}, {0x8, 0x8, 0x1, 0xffffffff, 0x3ff, 0x5d1}, {0x3, 0xd054, 0x9, 0x5, 0xfffff801, 0x1}, {0x7, 0x8, 0x983, 0x0, 0x6, 0x200}, {0x47, 0x200, 0x8, 0x9, 0x2, 0x9}, {0x1, 0xfffffff9, 0x2, 0x7, 0x7, 0x1000}, {0x10000, 0x24056a58, 0x8, 0x400001, 0x0, 0x8}, {0x2, 0x1ff, 0x3ff, 0x0, 0x2, 0x40000000}, {0x7ff, 0x7ff, 0x0, 0x3, 0x9ca, 0xffffffff}, {0x80000000, 0x9, 0x2, 0x4, 0xdd9f, 0x40}, {0xa, 0x9, 0x3, 0x0, 0xe00, 0x7fff}, {0x4, 0x7, 0x3, 0x0, 0x7f, 0x8}, {0x7, 0x8, 0x10, 0x4, 0x0, 0x80000000}, {0x7, 0x5, 0xfffff801, 0x1ff, 0x1, 0x10000}, {0x80000001, 0x2, 0x2, 0x3, 0x4}, {0x40, 0x0, 0x7, 0xc, 0x1, 0xffff0001}, {0x100006, 0x0, 0x2, 0x5, 0x742}, {0x4, 0x401, 0xc0, 0xffffffff, 0x8, 0x2}, {0x7, 0x6, 0x5, 0x4d2b, 0x4, 0x8001}, {0x6, 0xf731, 0x2b1, 0xfffffffa, 0x1, 0x101}, {0x5, 0x7, 0x101, 0x0, 0x7, 0x8}, {0x3, 0x7, 0x8, 0x8, 0x7, 0xa0}, {0x1a, 0xe, 0x3ff, 0x0, 0x3, 0xfe}, {0x2, 0x7, 0xcf0, 0x5, 0x7, 0x6}, {0xfff, 0x6, 0x0, 0x1000, 0x0, 0xf}, {0x9, 0xfffffbff, 0x2, 0x5}, {0x0, 0x22f, 0x2, 0xe7b, 0xba, 0x7ff}, {0x1, 0x7b7, 0x0, 0xcb2d, 0xe, 0x6}, {0x0, 0x30000, 0x50, 0x5, 0x5, 0x8000}, {0xf9, 0x5b, 0x8, 0x1000003, 0x3, 0xff36}, {0x2de, 0x6, 0x5, 0xa4, 0x6, 0x7}, {0xe65a, 0x9, 0xd32, 0xd4, 0x100, 0x1d}, {0x0, 0xb, 0xec36, 0x52, 0x7, 0xe}, {0x80000000, 0x7f, 0x80, 0x4, 0x35b3, 0x5}, {0x8, 0x7, 0x44c9bfe0, 0x40, 0x4, 0x1}, {0xffff7fff, 0xf7af, 0x1ff, 0x21, 0x81, 0xa}, {0x2, 0x4, 0x7fffffff, 0x2, 0x1ff, 0x800}, {0x9, 0x9, 0x8, 0x2, 0x9, 0x6}, {0x6, 0x9, 0xafb, 0x3, 0x9, 0x5}, {0x2b20, 0x9, 0x7fffffff, 0x7c82, 0x7f, 0x8}, {0x1ff, 0x0, 0x0, 0x6, 0x8, 0x2}, {0x3, 0x6, 0x1c97600f, 0x6, 0xd, 0x800}, {0x1, 0x0, 0x0, 0x9, 0x19, 0x2}, {0x3, 0x7, 0xd, 0x7fffffff, 0x4}, {0x7f, 0x3, 0x5, 0x1, 0x75, 0x100}, {0xfff, 0x1, 0x1d, 0x40, 0x472, 0x1}, {0xe, 0x48f, 0x7, 0xfffffffc, 0x6, 0x7}, {0x9, 0x9, 0x401, 0x6, 0x1ff, 0x1}, {0xdd4, 0x0, 0x9, 0x6, 0x7, 0x7e27a179}, {0x3134, 0xfffffff9, 0x7, 0x6, 0x2, 0x1ff}, {0x6, 0x9, 0x611, 0x3, 0x2, 0x1}, {0x9, 0x3, 0x2, 0x9e7, 0x6, 0x4}, {0x5, 0x7, 0x1, 0x10000, 0xa, 0x1}, {0x9, 0x8, 0x3, 0x5, 0x3, 0x80000001}, {0x8, 0x9, 0x2, 0x5, 0x6, 0xd888}, {0x1, 0xdc13, 0x8, 0x6, 0x5, 0x1}, {0xfffffff8, 0x7, 0xb13, 0x7f, 0x81, 0x2}, {0x2da, 0x0, 0x9, 0xa748, 0x4, 0x1}, {0x1, 0x5, 0x1, 0x6, 0x6, 0x4f}, {0x2a, 0x7, 0x1, 0x3000000, 0x2, 0x80000001}, {0x8, 0x2f, 0xfffffff9, 0x4, 0x200, 0x800}, {0x40, 0x6, 0xc, 0xa1f7, 0x9, 0x1000}, {0x4, 0x101, 0x3, 0x401, 0x0, 0xfff}, {0x1, 0x0, 0x9, 0xf, 0x1000, 0x40}, {0x3, 0x3, 0x1, 0x8, 0x600, 0x8}, {0x2, 0x1000, 0x5, 0x8, 0x200, 0x66d4}, {0x7, 0x2b914a38, 0xda2, 0x0, 0x2, 0x6}, {0x95, 0x9, 0x6, 0x3, 0x5, 0xfffffffb}, {0x3eb, 0x9, 0x4, 0x2, 0xfffff801, 0x9}, {0xf48, 0x80000000, 0x1000, 0x1, 0x9, 0x3}, {0x5, 0xffffffff, 0x3, 0xf, 0x8, 0x2}, {0x10000000, 0xbc9, 0x0, 0x6, 0x1}, {0x3ff, 0x0, 0x6, 0x3, 0x892, 0xffff5833}, {0x2, 0x5, 0x8, 0x8, 0xbcb7, 0x8}, {0x5, 0x3, 0xfffffffd, 0x7, 0x8, 0xfffffffb}, {0x6, 0x2, 0x8, 0x1, 0x9, 0x40}, {0x73d, 0x81, 0x4, 0x4c, 0x2, 0x10000}, {0x4, 0x1, 0x401, 0x4, 0x3}, {0x99, 0x1, 0xfffffffb, 0x2, 0xd, 0x4}, {0x100, 0xfffffffc, 0x5, 0xa, 0x7, 0x5cf4}, {0x8, 0x5, 0x9, 0x1000, 0x1ff, 0x80}, {0x800, 0x10000, 0x2, 0xd3, 0xe, 0xfffffffd}, {0x4, 0x3, 0x6, 0x727b, 0xc, 0x5}, {0x6, 0x2bf3, 0x3, 0x35, 0xd, 0xf24}, {0x9, 0x890c, 0xcf3, 0x87ee, 0x5, 0xfffffffc}, {0x49424b5d, 0xf, 0x3, 0x7, 0x2d219f14, 0x1ff}, {0x3, 0x5, 0x9, 0x9, 0xffffffff, 0x4}, {0x6, 0x5, 0x4, 0x80, 0x7fffffff, 0x8000}, {0x5, 0xfffff404, 0x1, 0x8, 0x879, 0x3}, {0x5, 0xc, 0x6, 0xfffffffb, 0x8, 0x2}, {0x4, 0x600, 0x39846a8c, 0x1, 0x7fff, 0xb}, {0xfffffff1, 0x8, 0x3, 0x3, 0x2, 0x3}], [{0x5, 0x1}, {}, {0x5, 0x1}, {0x1}, {}, {0x1, 0x4fa8102eea1673da}, {0x4}, {0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x5}, {0x4, 0x1}, {0x1}, {0x2, 0x1}, {0x5}, {0x3, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x2}, {0x3, 0x1}, {0x2}, {0x4, 0x1}, {0x3}, {0x5}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x5, 0x1a2b73033141e383}, {0x3, 0x1}, {0x2}, {0x3}, {0x4, 0x1}, {}, {}, {0x3}, {0x3, 0x1}, {0x5}, {0x3}, {0x3, 0x1}, {0x5}, {0x2}, {0x3, 0x1}, {0x7, 0x1}, {0x4}, {0x5}, {0x2}, {0x4, 0x1}, {}, {0x2}, {0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x5}, {0x1, 0x1}, {0x3}, {}, {0x2, 0x1}, {0x0, 0x1}, {0x7}, {0x1, 0x1}, {0x3}, {0x2}, {0x1}, {0x8, 0x1}, {0x5}, {0x1}, {0x2}, {0x4, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x2}, {0x5}, {0x3, 0x1}, {0x1}, {0x0, 0xbfb90171edaf7461}, {0x5, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x5}, {0x3, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x5}, {0x4, 0x1}, {0x5}, {0x0, 0x1}, {0x5}, {0x2}, {0x2}, {0x3, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x2}, {0x2}, {0x1}, {0x1, 0x1}, {}, {0x4, 0x1}, {0x5, 0x1}, {0x5}, {0x3}, {}, {0x0, 0x1}, {0x4}, {0x5}, {0x4, 0x1}, {0x1}, {0x4}, {0x5, 0x1}, {0x5}, {0x2}, {0x5, 0x1}, {0x5}, {0x3}, {0x3}, {0x4}, {}, {0x0, 0x1}, {0x2}]}}, @TCA_PEDIT_KEYS_EX={0x4}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0xe6c}, 0x1, 0x0, 0x0, 0x4081}, 0x2400c800)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r3, 0x0, 0xfffffffffffffff4}, 0x18)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@data_ordered}, {@noload}, {@noinit_itable}, {@grpjquota, 0x22}, {@init_itable}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
r4 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x70bd27, 0x25dfdbf9, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

4m47.500199146s ago: executing program 3 (id=4838):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000280)={[{@usrquota}, {@nodelalloc}]}, 0xff, 0x25e, &(0x7f0000000e80)="$eJzs3U1IHGcYB/BnZndr1aXY9lIo/YBSSiuIvRV6sZcWhCJSSqEtWErppUULVulNe8olh+QYkuApFwm5xeQYvEguCYGcTOLBXAKJ5BDJIQnZsDsr+JVo3HUnZH4/WOfDd97nHWb+74g4GEBh9UXEUESUIqI/IioRkWxu8HH26WtuznUvjUXUaj/cTxrtsu3MxnG9ETEbEV9FxGKaxF/liOmFX1YfLn/32dGpyqdnFn7u7uhJNq2trny/fnrkyPnhL6evXr87ksRQVLecV/slu+wrJxHvHEaxV0RSznsE7Mfof+du1HP/bkR80sh/JdLILt6xyTcWK/HFqecde/zetfc7OVag/Wq1Sv0ZOFsDCieNiGok6UBEZOtpOjCQ/Qx/s9ST/j0x+W//nxNT43/kPVMB7VKNWPn2YteF3m35v1PK8g+8prJfSq38ODp/q76yXsp7QEBHfJAt6s///t9mPg/5h8KRfygu+Yfikn8oLvmH4pJ/KC75h4J42vxjv0275B+KS/6huA6c/xNPDm9QQEdszj8AUCy1rgO9Ndzel5CBXOQ9/wAAAAAAAAAAAAAAAAAAADvNdS+NbXza02N5zxaXT0asfZM13Vm/1Ph/xBFvNr72PEi29Jjsq8KL/fpRix206GzOb1+/dTvf+lc+zLf+zHjE7P8RMVgu77z/kub9d3Bv7/H9yu8tFnhJybbtr3/qbP3tHs/nW394OeJSff4Z3G3+SeO9xnL3+adav34t1v/nUYsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0DHPAgAA///B2nXP")
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000140))
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2141, 0x59)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f00000001c0)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r5}, 0x18)
pwrite64(r4, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
ioctl$EXT4_IOC_MIGRATE(r4, 0x6609)
lseek(r2, 0x5, 0x4)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000040)={@rand_addr=0x64010101, @local, 0x1, 0x4, [@broadcast, @broadcast, @broadcast, @multicast2]}, 0x20)
perf_event_open(&(0x7f00000004c0)={0xa, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x840, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x10000, 0x3, 0x5, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8ab}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0)

4m46.839363434s ago: executing program 3 (id=4840):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f00000001c0), &(0x7f0000000080)=r1}, 0x20)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000380), 0x0, 0x0)
umount2(&(0x7f0000000100)='./file0/../file0\x00', 0xa)

4m42.367698865s ago: executing program 3 (id=4898):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000280)={0x2000000})
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000003c0)=ANY=[@ANYBLOB="200000006a0001002abd70009595df250a000000000000000800010001", @ANYRESDEC, @ANYRESHEX, @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)

4m42.348008345s ago: executing program 34 (id=4898):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000280)={0x2000000})
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000003c0)=ANY=[@ANYBLOB="200000006a0001002abd70009595df250a000000000000000800010001", @ANYRESDEC, @ANYRESHEX, @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)

4m15.543595346s ago: executing program 1 (id=5230):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
creat(&(0x7f00000000c0)='./file0\x00', 0xf4)

4m15.525591657s ago: executing program 1 (id=5231):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, 0x0, &(0x7f0000000080)=r1}, 0x20)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000380), 0x0, 0x0)
umount2(&(0x7f0000000100)='./file0/../file0\x00', 0xa)

4m15.508915427s ago: executing program 1 (id=5232):
socket$netlink(0x10, 0x3, 0xb)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$selinux_create(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000400850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
pwrite64(r1, &(0x7f0000000000)="3703c70f70e244b7878fedf0c0c6c2ff2f524255d61dbfb25921e3d3686454b93e5842722103c5c67b0da4173b9e63544ee1f32fc67080b7b83c0a31", 0x3c, 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2082)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x13)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[], 0x2c}}, 0x800)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r7, @ANYRES64=r4], 0x2a8}, 0x1, 0x0, 0x0, 0x48c05}, 0x2404c140)
sendmsg$TIPC_NL_BEARER_GET(r5, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="900000", @ANYBLOB], 0x90}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800000000010000000000000000008510000006", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a02"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
kexec_load(0x4, 0xa, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="38000000031401002dbd700200000025090002007379fb0000000000080041007278650014003300626f6e645f736c6176655f3000000000"], 0x38}, 0x1, 0x0, 0x0, 0x24000811}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
gettid()
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r9, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)

4m15.476551499s ago: executing program 1 (id=5234):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000140))
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2141, 0x59)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f00000001c0)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r5}, 0x18)
pwrite64(r4, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
ioctl$EXT4_IOC_MIGRATE(r4, 0x6609)

4m14.837922696s ago: executing program 1 (id=5238):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000080)})
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x4, 0x8000000000, 0x20, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_setup(0x8, &(0x7f0000002740))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e20, 0x1, @private2, 0x1f7}}}, 0x32)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000540)="43210098")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280), 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="88000000000201040000000000000000020000052400028014000180080001000000000008000200ac1e00010c00028005000100000000002400038014000180080001000000000008110200ac1414000c00028005000100000000002c000180"], 0x88}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0x101}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r3}, 0x18)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f00000002c0)=0x20)
renameat2(0xffffffffffffffff, &(0x7f0000000280)='./file0/file0\x00', r6, &(0x7f00000003c0)='./file0\x00', 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)

4m14.27929864s ago: executing program 1 (id=5253):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f0000000680), 0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffff}, 0x18)
getuid()
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000f80)={&(0x7f0000000d80)={0x1c8, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x814}, 0x4004)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
fcntl$notify(r1, 0x402, 0x4)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)

3m59.138894414s ago: executing program 35 (id=5253):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f0000000680), 0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffff}, 0x18)
getuid()
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000f80)={&(0x7f0000000d80)={0x1c8, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x814}, 0x4004)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
fcntl$notify(r1, 0x402, 0x4)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)

3m44.838838853s ago: executing program 4 (id=5604):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
rseq(&(0x7f0000000680), 0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xffff}, 0x18)
getuid()
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r3, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000f80)={&(0x7f0000000d80)={0x1c8, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x814}, 0x4004)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
fcntl$notify(r2, 0x402, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
inotify_init1(0x0)

3m44.765426756s ago: executing program 4 (id=5607):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r0}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000840), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)
tkill(r1, 0x7)

3m44.691276969s ago: executing program 4 (id=5609):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
setsockopt$inet_mtu(0xffffffffffffffff, 0x111, 0xa, &(0x7f0000000000)=0x3, 0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000280)={{{@in=@dev, @in6=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@private}}, &(0x7f0000000080)=0xe8)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_int(r1, 0x0, 0x0)
fdatasync(r1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

3m44.139390033s ago: executing program 4 (id=5622):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='kmem_cache_free\x00', r3}, 0x18)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xd}, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

3m43.977662949s ago: executing program 4 (id=5629):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000080)})
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x4, 0x8000000000, 0x20, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe10)
io_setup(0x8, &(0x7f0000002740))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e20, 0x1, @private2, 0x1f7}}}, 0x32)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000540)="43210098")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280), 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="88000000000201040000000000000000020000052400028014000180080001000000000008000200ac1e00010c00028005000100000000002400038014000180080001000000000008110200ac1414000c00028005000100000000002c000180"], 0x88}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = dup(0xffffffffffffffff)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0x101}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r3}, 0x18)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
renameat2(0xffffffffffffffff, &(0x7f0000000280)='./file0/file0\x00', r5, &(0x7f00000003c0)='./file0\x00', 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)

3m43.428734563s ago: executing program 4 (id=5639):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000080)})
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x4, 0x8000000000, 0x20, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe10)
io_setup(0x8, &(0x7f0000002740))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e20, 0x1, @private2, 0x1f7}}}, 0x32)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000540)="43210098")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280), 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="88000000000201040000000000000000020000052400028014000180080001000000000008000200ac1e00010c00028005000100000000002400038014000180080001000000000008110200ac1414000c00028005000100000000002c000180"], 0x88}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = dup(0xffffffffffffffff)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0x101}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r3}, 0x18)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
renameat2(0xffffffffffffffff, &(0x7f0000000280)='./file0/file0\x00', r5, &(0x7f00000003c0)='./file0\x00', 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)

3m28.264782408s ago: executing program 36 (id=5639):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000080)})
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x4, 0x8000000000, 0x20, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe10)
io_setup(0x8, &(0x7f0000002740))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e20, 0x1, @private2, 0x1f7}}}, 0x32)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000540)="43210098")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280), 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="88000000000201040000000000000000020000052400028014000180080001000000000008000200ac1e00010c00028005000100000000002400038014000180080001000000000008110200ac1414000c00028005000100000000002c000180"], 0x88}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = dup(0xffffffffffffffff)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0x101}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r3}, 0x18)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
renameat2(0xffffffffffffffff, &(0x7f0000000280)='./file0/file0\x00', r5, &(0x7f00000003c0)='./file0\x00', 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)

2m26.526280685s ago: executing program 8 (id=6791):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b7030000070000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
openat(0xffffffffffffff9c, 0x0, 0x2040, 0x51)

2m26.455686378s ago: executing program 8 (id=6792):
socket$isdn_base(0x22, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000700008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/14, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_open_dev$evdev(0x0, 0x2058c414, 0x200000)
ioctl$EVIOCSABS20(r2, 0x401845e0, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read$eventfd(0xffffffffffffffff, &(0x7f0000000040), 0x8)

2m26.455164049s ago: executing program 8 (id=6793):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500"], 0x38}}, 0x0)

2m26.327443764s ago: executing program 8 (id=6796):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000080)})
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x4, 0x8000000000, 0x20, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe10)
io_setup(0x8, &(0x7f0000002740))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x0, 0x0, 0x0, {0xa, 0x4e20, 0x1, @private2, 0x1f7}}}, 0x32)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000540)="43210098")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280), 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="88000000000201040000000000000000020000052400028014000180080001000000000008000200ac1e00010c00028005000100000000002400038014000180080001000000000008110200ac1414000c00028005000100000000002c000180"], 0x88}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0xfffe, 0x101}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r3}, 0x18)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f00000002c0)=0x20)
renameat2(0xffffffffffffffff, &(0x7f0000000280)='./file0/file0\x00', r6, &(0x7f00000003c0)='./file0\x00', 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)

2m25.810710776s ago: executing program 8 (id=6804):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r2=>0x0)
connect$can_bcm(r1, &(0x7f0000000000), 0x10)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x400000, 0x600, 0x0, 0x1, 0x0, r1, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f00000000000029ffffff000000", 0x38}])

2m25.430320102s ago: executing program 8 (id=6811):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00')
open_tree(r0, &(0x7f0000000200)='./mnt\x00', 0x9001)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="1700000014006b05c84e21000ab16d6e230675f8020000", 0x17}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x2000448, &(0x7f00000003c0), 0xfc, 0x524, &(0x7f00000008c0)="$eJzs3U9vI2cZAPBnJvEmu5uSFDiUSi0VLcpWsHbS0Dbi0C4S4lYJVO7bKHGiKE4cxU7ZRD2k4gMgIQS9cuKCxAdAQv0IqFIlekeAQAi2cOAADBp7TF0zzh9tbC/J7yeNPfPOzPs87649fudPZgK4tp6LiHsRMRURL0bEfFGeFkOcdId8uY8fvrOeD/mcN/+SRFKURcRCr7687HZnlZunxm0dHe+sNRr1g2K61t7dr7WOju9u765t1bfqeysry6+svrr68urSpbQzb9dr3/zDj3/ws2+99quvfu+39/90Z7p/ftGO80gvEvejzmslZvvK8sAHF6nkMTZVtKcy6UQAADiXvDP72Yj4Uqf/Px9T8d9u8WCXbnb82QEAAACXIXt9Lv6ZRGQAAADAlfV6RMxFklaLawHmIk2r1e41vJ+PW2mj2Wp/ZbN5uLeRz4tYiEq6ud2oLxXX1C5EJcmnl4uLgHvTLw1Mr0TEkxHxo/mbnenqerOxMemDHwAAAHBN3B7Y///7fHf/HwAAALhiFiadAAAAADByw/b/kzHnAQAAAIzOsP3/mTHnAQAAAIzEt994Ix+y2eg+/3rj7aPDnebbdzfqrZ3q7uF6db15sF/daja3Ovfs2z2rvkazuf+12Dt8UGvX7yW11tHx/d3m4V77/rbnBwIAAMCkPPnF9z9KIuLk6zc7Q+7GxlsRU0NWcK8AuDLSiyz8+9HlAYzfsJ954OqbnnQCwOScTDoBYNI+dauPkk5B/8U7af/Cvx5hUgAAwKVa/ELJ+f9iF6Ay6eSAkbrQ+X/gSnH+H66vC57//2BUeQDjV/mkB+BSILimznrUx9Cbd5Sd/79RtmCWnVkXAAAwUnOd1yStFucC5yJNq9WIJzp/6l9JNrcb9aWI+ExE/Ga+MpNPL3fX8XhAAAAAAAAAAAAAAAAAAAAAAAAAADinLEsiAwAAAK60iPSPSfH8r8X5F+YGjw/cSP4xH91HevWeD9g+WM7L/9orj/Z7b/7kwVq7ffDSuI9eAAAAAGV6++md9+VJZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAVfPxw3fWi+HGOOP++RsRsfCp+OvdOdMx23mfjUpE3PpbEtN96yURMXUJ8U/ejYinyuIneVqxUGQxGD+NiJvjif9MlmWl8W9fQny4zt7Ptz/3yr5/aTzXeS///k8Xw6Pqbf9mSuL3tn9TQ7Z/T5wzxtMf/qI2NP67EU9Pl29/evGTIfGfL6uw5B/lre8eH/9PYbfyyH4asRjl8ftj1dq7+7XW0fHd7d21rfpWfW9lZfmV1VdXX15dqm1uN+rFa2kbf/jML/89UPSvrKvT/hgSf+GM9r+Qj1T6CrPBMEWwDx88/Fx3tDJQRSf+nefLP39PnRI//0x8ufgdyOcv9sZPuuP9nv35B8+WJlbE3xjS/rP+/+8Mq3TAi9/5/u/OuSgAMAato+OdtUajfjDykfeyLHuUem6NL9VrOdLr3Z2yzMwjhZh9XFr6/zgyExHjC3oZR7YAAIDHzSed/klnAgAAAAAAAAAAAAAAAAAAANdX6yjSUd9ObDDmyWSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwqv8EAAD//57g0/s=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
mount$9p_rdma(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000001440), 0x200800, &(0x7f0000000000)=ANY=[@ANYBLOB="7472616e733d72646d3622362325cec7e78cf7612c706f72743d3078303030303030303030303030346532302c6673636f6e7465788d3d757365725f752c00"])

2m25.378369844s ago: executing program 37 (id=6811):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00')
open_tree(r0, &(0x7f0000000200)='./mnt\x00', 0x9001)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="1700000014006b05c84e21000ab16d6e230675f8020000", 0x17}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x2000448, &(0x7f00000003c0), 0xfc, 0x524, &(0x7f00000008c0)="$eJzs3U9vI2cZAPBnJvEmu5uSFDiUSi0VLcpWsHbS0Dbi0C4S4lYJVO7bKHGiKE4cxU7ZRD2k4gMgIQS9cuKCxAdAQv0IqFIlekeAQAi2cOAADBp7TF0zzh9tbC/J7yeNPfPOzPs87649fudPZgK4tp6LiHsRMRURL0bEfFGeFkOcdId8uY8fvrOeD/mcN/+SRFKURcRCr7687HZnlZunxm0dHe+sNRr1g2K61t7dr7WOju9u765t1bfqeysry6+svrr68urSpbQzb9dr3/zDj3/ws2+99quvfu+39/90Z7p/ftGO80gvEvejzmslZvvK8sAHF6nkMTZVtKcy6UQAADiXvDP72Yj4Uqf/Px9T8d9u8WCXbnb82QEAAACXIXt9Lv6ZRGQAAADAlfV6RMxFklaLawHmIk2r1e41vJ+PW2mj2Wp/ZbN5uLeRz4tYiEq6ud2oLxXX1C5EJcmnl4uLgHvTLw1Mr0TEkxHxo/mbnenqerOxMemDHwAAAHBN3B7Y///7fHf/HwAAALhiFiadAAAAADByw/b/kzHnAQAAAIzOsP3/mTHnAQAAAIzEt994Ix+y2eg+/3rj7aPDnebbdzfqrZ3q7uF6db15sF/daja3Ovfs2z2rvkazuf+12Dt8UGvX7yW11tHx/d3m4V77/rbnBwIAAMCkPPnF9z9KIuLk6zc7Q+7GxlsRU0NWcK8AuDLSiyz8+9HlAYzfsJ954OqbnnQCwOScTDoBYNI+dauPkk5B/8U7af/Cvx5hUgAAwKVa/ELJ+f9iF6Ay6eSAkbrQ+X/gSnH+H66vC57//2BUeQDjV/mkB+BSILimznrUx9Cbd5Sd/79RtmCWnVkXAAAwUnOd1yStFucC5yJNq9WIJzp/6l9JNrcb9aWI+ExE/Ga+MpNPL3fX8XhAAAAAAAAAAAAAAAAAAAAAAAAAADinLEsiAwAAAK60iPSPSfH8r8X5F+YGjw/cSP4xH91HevWeD9g+WM7L/9orj/Z7b/7kwVq7ffDSuI9eAAAAAGV6++md9+VJZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAVfPxw3fWi+HGOOP++RsRsfCp+OvdOdMx23mfjUpE3PpbEtN96yURMXUJ8U/ejYinyuIneVqxUGQxGD+NiJvjif9MlmWl8W9fQny4zt7Ptz/3yr5/aTzXeS///k8Xw6Pqbf9mSuL3tn9TQ7Z/T5wzxtMf/qI2NP67EU9Pl29/evGTIfGfL6uw5B/lre8eH/9PYbfyyH4asRjl8ftj1dq7+7XW0fHd7d21rfpWfW9lZfmV1VdXX15dqm1uN+rFa2kbf/jML/89UPSvrKvT/hgSf+GM9r+Qj1T6CrPBMEWwDx88/Fx3tDJQRSf+nefLP39PnRI//0x8ufgdyOcv9sZPuuP9nv35B8+WJlbE3xjS/rP+/+8Mq3TAi9/5/u/OuSgAMAato+OdtUajfjDykfeyLHuUem6NL9VrOdLr3Z2yzMwjhZh9XFr6/zgyExHjC3oZR7YAAIDHzSed/klnAgAAAAAAAAAAAAAAAAAAANdX6yjSUd9ObDDmyWSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwqv8EAAD//57g0/s=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
mount$9p_rdma(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000001440), 0x200800, &(0x7f0000000000)=ANY=[@ANYBLOB="7472616e733d72646d3622362325cec7e78cf7612c706f72743d3078303030303030303030303030346532302c6673636f6e7465788d3d757365725f752c00"])

1m7.93669973s ago: executing program 5 (id=7815):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001f80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xc5c, &(0x7f00000005c0), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")

1m7.872814692s ago: executing program 5 (id=7817):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f0000000080))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
socket$netlink(0x10, 0x3, 0xc)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)

1m7.794959896s ago: executing program 5 (id=7820):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
setxattr$incfs_id(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000140), 0x0, 0x0, 0x2)

1m7.794365646s ago: executing program 5 (id=7821):
recvmsg(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x20000050)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00'}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m7.722288349s ago: executing program 5 (id=7825):
r0 = io_uring_setup(0x70c4, &(0x7f0000000880)={0x0, 0x0, 0x10, 0x3, 0xfffffffc})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sync()
syz_usb_connect(0x6, 0xb43, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002d00)={r2, 0x0, 0x79, 0x0, &(0x7f0000002b00)="4c592feed90a7518317b06c3b690c49cf52ea8d26a49261e6f703f861c9486c798205de8f46efe2a164b30323e15e76703104bf636a93898557ef955d06c58a8ec88e2f05a14304623c03cc16ed5e1bae9a0beffcf3ecef5045f62bcb75a105931f377dd72c66dfca5a15d33a177d189b6b615961f1951eae6", 0x0, 0xffff655e, 0x0, 0x0, 0x18, 0x0, &(0x7f00000009c0)="2356402ad269710466b0b23516af6a006209f3f18a9b6704", 0x2, 0x0, 0x9}, 0x50)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'sit0\x00'})
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x87, 0x87, 0x3, [@typedef={0x2, 0x0, 0x0, 0x8, 0x2}, @datasec={0x2, 0x7, 0x0, 0xf, 0x3, [{0x3, 0x1, 0x9}, {0x1, 0x80, 0x2}, {0x5, 0x9e2, 0x6}, {0x5, 0x1, 0xfffffffd}, {0x1, 0x6, 0xffffffff}, {0x5, 0x401, 0x8}, {0x3, 0x2, 0x77}], "bc15fc"}, @typedef={0xd, 0x0, 0x0, 0x8, 0x2}, @volatile={0xa, 0x0, 0x0, 0x9, 0x5}]}, {0x0, [0x0]}}, &(0x7f00000006c0)=""/227, 0xa3, 0xe3, 0x0, 0x1e28, 0x10000}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES16=r0, @ANYBLOB="7081cb979b01a8d0ba27ba483a1fc62c04210f3f3555050000004cea820efdd7203d89979f7b8e415c937a5ce1c38f02fb359975260110877a53e8279cc7380b463f35c0b3567794b0102d7bec8005de67d49c0a996097200dc97effc583d48a2b74c25362d8662db5ce34a4e016c81d8d8835f25304059577bf4a9bde2f73bdc853"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getcwd(&(0x7f0000000140)=""/237, 0xfffffee1)
r5 = syz_pidfd_open(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r6, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000480)={0xf97cff8c, 0x8, 'SE Linux', "72f7962ee641a13ab6a994e8e9da2dfef2b9e2be552f0af6ac13da093e58bc72f27e51fab847776c7a998783021ce5a32168d9708bf296da2534f62755001b8b3f0c799d06cc210e7e0d02c03143b8bea05a26fc03ad2217e25256bf751ce5db8ebcfa74d47b1141d04bacf9863d92cab71964da04a2ec8f9c8f596c8cefb9fcdaa0e3711e6fbf529bd7294d81682354c31dd5a7e0a02098bcc093b2b577d42679575875d38a4d4c1adb586c68e2c3d47c9b7edd566d074bf996b0baa5decf7e4f971e2173ce99841e8b548a239616a129bf4f345a312dde537334497ca8ee52aad87e1744c2e4807fee1ccee4f65e68"}, 0x100)
r7 = pidfd_getfd(r5, r5, 0x0)
setns(r7, 0x66020000)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
r8 = socket(0x2b, 0x1, 0x1)
connect$inet6(r8, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x6}, 0x1c)
accept(r8, 0x0, 0x0)
setsockopt$inet6_mreq(r8, 0x29, 0x0, &(0x7f00000000c0)={@mcast2}, 0x14)
close_range(r0, 0xffffffffffffffff, 0x0)

1m4.663334479s ago: executing program 5 (id=7880):
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84800)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0x1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x2, 0x4, 0x5, 0x2, r2}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r5, 0x0, 0x6}, 0x18)
symlink(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = dup(r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r6}, 0x10)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r8, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

49.515215184s ago: executing program 38 (id=7880):
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84800)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0x1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x2, 0x4, 0x5, 0x2, r2}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r5, 0x0, 0x6}, 0x18)
symlink(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = dup(r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r6}, 0x10)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r8, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

2.860784869s ago: executing program 7 (id=8751):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
openat$ptmx(0xffffff9c, &(0x7f0000000000), 0x400, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)

2.399117179s ago: executing program 6 (id=8758):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f0000000680), 0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r2, 0x0, 0xffff}, 0x18)
getuid()
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r4, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r5}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000f80)={&(0x7f0000000d80)={0x1a8, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x814}, 0x4004)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
fcntl$notify(r3, 0x402, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
inotify_init1(0x0)

2.276027864s ago: executing program 6 (id=8760):
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getgid()
write$P9_RGETLOCK(r0, &(0x7f0000000340)=ANY=[], 0x200002e6)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf10010000000000b70200b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2, 0x0, 0x1}, 0x18)
r3 = socket$caif_stream(0x25, 0x1, 0x0)
writev(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)

2.1190515s ago: executing program 7 (id=8766):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r0, 0x0, 0xa}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x37)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1}, './file1\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x0, 0x41}, 0x28)
openat$tun(0xffffffffffffff9c, 0x0, 0x100, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x12, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x75, 0x0, 0x0, 0x4859bd0f8653de88, 0x2}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0xa3, &(0x7f0000000180)={&(0x7f0000001940)=@delchain={0x24, 0x65, 0x8, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xf, 0x5}, {0x0, 0xe}, {0xb, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x4044000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
creat(&(0x7f00000002c0)='./file0\x00', 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000000c0)='9p_client_res\x00'}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x14, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x63, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

1.738543496s ago: executing program 2 (id=8772):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000180))

1.697524979s ago: executing program 2 (id=8773):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = msgget$private(0x0, 0x480)
msgsnd(r2, &(0x7f0000000040)={0x2, "ff7f1c823e695237825488d5e047d09602c1017642c6ca17e11ecf866b5b33b179d065bdcb1b5e01481dfb6a2c73cc623a60ca094f1a550aba92acd8a69444d52f86e5db83b032f4c6cbfcd0c084237048eefc30d84c82b62811c1ed61c0d1cc88dbb7e55311885b8c03a47e40dc0a477e793c06fe89f41fe664acdf6434e5cf7eca1eed5afb2f9e91e889b97755d343257d850a78e658f2d1f1b4ff08fd506422d93d3b8b9ee5580b0eb7f573bd411b8a27de0a2d011cf5bf2940dfc6dd679d19b42d2caa34c32fa898432365273970a5082329e61912d4eef4f24b9268e601579fc8f0fa2a3c2af89591ffce34b75eebb33b8156902d50adc2bcdb24763d29716bfd0626e59496e492fc385c150cf7e89132f467ebaa62301278af495c0e9bc64c588aa6e815255b85c7d90fe5c01aa73969671fd0e29b206006309aeb4615a4b5b0d066b3fa6bce7be06c51410e3ea7e031e6a8edd63d3c44f5ddd104222c649edb056ece9ce94e7a1d115f79b4f2d26a1d29f3213f0d647cafbbb8ef825c1226ed716bfb0d187df7463bc949b8281cd1e5343f1f2d37f5690a5557262a2053e34484be6267897bcba5f709a52ae5a6255c58ef0f46632e05c2ccfe33e8258daf59413151812ebddc6b4293ca132b3612b1cf78b5f83285393979c5d07c3a01db4aba7bf8bca1705673b1a6f218fc971ebfc5ef5accc6fea12d0c0369d290bd9684eab10b88cad97cb10ea58ffc615c54212574874ee72289b96f8f3f00be319ebf72ddfeb45e36b9055f042dad6a290a01101452c3d0e2dd43ea4779f62bee347f05eb191b877dad4c5bdabfd0210b6a39fc8a93e0c2efab44426a3c9e0dbdc4626f4ffa245992c519d624a29b25ed65151ecc38e67d071e01886d922b2ec23728e8445223882b60e6dc2f8551bcbddc2f3d8bc106c8aa2ad0edcf0d1ee8af02ad69e57114f302f13acbda7b97730f4f141cd041198f9a3cb806b7db72b2c05e0aaf6a786bd367d38402a9087b669ec9b557ca2571689369bbd076789a91f655ff0bcaa853891b0ef2b0cf9914a2b886e6c3a0d3eb8d9225557baff7573bd6d45a4b64d4b3d8d5b596a0c944845cb79ca0b1eccd0048f3195b77ec0d2d16158a80cb5937b6f78066ad1e97c8afa5c654c8a68befd2a253280497c7ea2e0409f1fbfc3b507dbb6574dd111ffed8e2de29b5d696196ac949398971d217e9418c08715fe11e29c454ece4a0577633879ef0b8c95bfa5c556b0a746332333e617146f0bb06e15d4102cef7106e2dadd3682c9e47b827ee43e9319181c7759bf6726dac95f0852dd5448b96222edd4bc6c8e0e85656bcaf5137f8ce0cd0fca7fb12eb5582eb6d2a680ab74e18806ccd441cdd87fed1a985cf4f17"}, 0x3e2, 0x0)
msgctl$IPC_RMID(r2, 0x0)

1.690558789s ago: executing program 7 (id=8774):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0002}]})
mq_open(&(0x7f0000000100)='&\x00', 0x40, 0x100, 0x0)

1.635717301s ago: executing program 9 (id=8775):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'team0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@delnexthop={0x38, 0x69, 0x100, 0x70bd25, 0x25dfdbf9, {}, [{0x8, 0x1, 0x2}, {0x8}, {0x8}, {0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x2004d808}, 0x24000000)

1.635478901s ago: executing program 9 (id=8776):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="21000000000000002800128008000100687372001c00028008000100", @ANYRES32, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="0000000000000050dae25b1685c636396e52a39ddc4b00"], 0x48}}, 0x0)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='sched_switch\x00'}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRESOCT, @ANYRESOCT], &(0x7f0000000780)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='vm_unmapped_area\x00', r0}, 0x18)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000019580)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000001600000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
socket(0x15, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))

1.630633541s ago: executing program 2 (id=8777):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='sched_switch\x00'}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRESOCT, @ANYRESOCT], &(0x7f0000000780)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='vm_unmapped_area\x00', r0}, 0x18)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000019580)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000001600000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
socket(0x15, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))

1.604735662s ago: executing program 7 (id=8778):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200000, &(0x7f0000000240)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x20}}, {@errors_remount}, {@oldalloc}, {@nomblk_io_submit}, {@nodioread_nolock}, {@user_xattr}]}, 0x1, 0x524, &(0x7f0000001200)="$eJzs3c+PG1cdAPDvOLHXSbbdtPQACNrQFgKK4s06bVT1AOWEEKqE6BGkdNl1ViF2vIq9pbtEYntG4oREJU5w5A/g3BMSRy4IbgipHJD4sQJ1kTgMmvF4693YiZPdtbfrz0eazHvzZv19z9a8N36O/QKYWZciYjsiKhHxdkQsFMeTYos3elt23kc791d2d+6vJJGmb/0zycuzYzHwN5kLxWNWI+I734j4fvJg3M7m1p3lZrNxr8gvdlvri53Nrau3W8trjbXG3Xr9xtKNa69df7V+ZG19oVUpUp//8PfbX/lRVq354shgO45Sr+nlvTiZsxHxreMINgVnivZUpl0RnkgpIp6NiBfz638hzuSvJgBwmqXpQqQLg/k9yf4sAHBalPI5sKRUK+YC5qNUqtV6c3jPxflSs93pXrnV3ri72psruxjl0q3bzca1Yq7wYpSTLL+Upz/O1w/kr0fEMxHxs7lzeb620m6uTvPGBwBm2IUD4/9/5nrjPwBwylWnXQEAYOKM/wAwe4z/ADB7jP8AMHt64/+5aVcDAJgg7/8BYPYY/wFgpnz7zTezLd0tfv969Z3NjTvtd66uNjp3aq2NldpK+956ba3dXst/s6f1qMdrttvrS6/ExrsXv7re6S52Nrduttobd7s389/1vtko52dtT6BlAMAoz7zwwZ+SbER+/Vy+xcBaDuWp1gw4bqVpVwCYmjOP/yduC+CUsNoXzK5DDObliJ+6F4BPtN/l/w5Zonef6rAvCKVpmh5XtYBjd/kz5v9hVg3M//tfwDBjnmD+HzglzP/D7ErTZNxF/mPcEwGAk80cPzDi8/9ni/2viw8HvrdaHEjT9Md54v0JVA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOqP76v7ViLfD5KJVqtYinIuJilJNbt5uNaxHxdET8ca48l+WXplxnAOCwSn9LivW/Li+8PL+v6PkLe8lKRPzwF2/9/N3lbvfeHyIqyb/m+se77xfH648VuHJULQAAHq4/Tuf7gTfyH+3cX+lvk6zP378eEdVe/N2dSuzuxT8bZ/N9NcoRcf7fSZHvSQbmLg5j+72I+PSw9icxn8+B9FY+PRg/i/3UROOX9sUv5WW9ffZcfOoI6gKz5oOs/3lj2PVXikv5fvj1X817qMMr+r/soVZ28z7w4/j9/u/MiP7v0rgxXvntN3upcw+WvRfx2bMR/di7A/1PP34yIv7LY8b/8+eef3FUWfrLiMsxPP5grMVua32xs7l19XZrea2x1rhbr99YunHtteuv1hfzOerF0aPBP16/8vSosqz950fErz6i/V8cs/2/+t/b3/3CQ+J/+aVh8Uvx3EPiZ2Pil8aMv3z+N9VRZVn81RHtf9Trf2XM+B/+dWt1zFMBgAnobG7dWW42G/ckZinxlx+ciGocTCTFTf/Ic7LCk1HVBxNfm1Ssyojn5ycv9Z69A0X9e//HjDWqxziKWTfgJNi76CPiv9OuDAAAAAAAAAAAAAAAMNQkvrE07TYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwev0/AAD//3PUyGE=")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)

1.462353789s ago: executing program 7 (id=8779):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r3 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a5, 0x1c0c0, 0xb, 0xc1})
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f0000000400), &(0x7f0000000500)=r1}, 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")

1.41889132s ago: executing program 9 (id=8780):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r0, 0x0, 0xa}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x37)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1}, './file1\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x0, 0x41}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x12, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x75, 0x0, 0x0, 0x4859bd0f8653de88, 0x2}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0xa3, &(0x7f0000000180)={&(0x7f0000001940)=@delchain={0x24, 0x65, 0x8, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xf, 0x5}, {0x0, 0xe}, {0xb, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x4044000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
creat(&(0x7f00000002c0)='./file0\x00', 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000000c0)='9p_client_res\x00'}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x14, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x63, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

1.138054982s ago: executing program 9 (id=8782):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xa6, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x16, 0x0, 0x4, 0x7, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000400), 0x901, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b80)={r0, 0xe0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000008c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f0000000900)=[0x0], &(0x7f0000000940)=[0x0, 0x0, 0x0], <r4=>0x0, 0xc4, &(0x7f0000000980)=[{}], 0x8, 0x10, &(0x7f00000009c0), &(0x7f0000000a00), 0x8, 0xcf, 0x8, 0x8, &(0x7f0000000a40)}}, 0x10)
r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000bc0), 0x208000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x10, 0x17, &(0x7f0000000500)=@raw=[@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6346695d}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @jmp={0x5, 0x1, 0x0, 0x4, 0xb, 0x0, 0x1}, @exit, @ldst={0x3, 0x3, 0x3, 0x6, 0x9, 0x18}, @map_fd={0x18, 0xa, 0x1, 0x0, r1}], &(0x7f00000003c0)='GPL\x00', 0x7f, 0x95, &(0x7f00000006c0)=""/149, 0x41100, 0x2, '\x00', 0x0, @sk_msg=0x7, r3, 0x8, &(0x7f00000005c0)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0x4, 0x7fff, 0x72e}, 0x10, r4, r5, 0xa, &(0x7f0000000c00)=[r1, r1, r1, r1, r1, r1, r1], &(0x7f0000000c40)=[{0x1, 0x3, 0x0, 0x8}, {0x2, 0x2, 0x4, 0x9}, {0x5, 0x2, 0x2, 0xa}, {0x4, 0x3, 0xb, 0x2}, {0x0, 0x3, 0x10, 0x8}, {0x1, 0x4, 0xe, 0x3}, {0x2, 0x4, 0x1, 0x3}, {0x1, 0x4, 0xb, 0x4}, {0x2, 0x4, 0xe, 0x5}, {0x0, 0x2, 0xd, 0x7}], 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r2}, 0x18)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r6, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r6, 0x4)
recvmmsg(r6, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r7 = memfd_secret(0x80000)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r7, 0x29, 0x44, &(0x7f0000000dc0)={'ipvs\x00'}, &(0x7f0000000e00)=0x1e)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x4c, &(0x7f0000000000)=0x7f, 0x2d)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'tunl0\x00', &(0x7f0000000080)={'syztnl0\x00', <r12=>0x0, 0x8000, 0x7800, 0x10, 0xffff, {{0x18, 0x4, 0x2, 0x28, 0x60, 0x67, 0x0, 0x48, 0x2f, 0x0, @empty, @empty, {[@cipso={0x86, 0xf, 0x0, [{0x6, 0x9, "d275f6d2560dbf"}]}, @ssrr={0x89, 0x7, 0xf, [@remote]}, @generic={0x82, 0xd, "7b91811396526a8c998bb7"}, @lsrr={0x83, 0x1b, 0x84, [@remote, @loopback, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101, @empty]}, @end, @generic={0x94, 0xa, "ba6cd15f4c146901"}]}}}}})
sendmsg$nl_route_sched_retired(r11, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=@newtclass={0x58, 0x28, 0x200, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r12, {0x0, 0xffff}, {0x6, 0xfff3}, {0xe, 0xffff}}, [@c_cbq={{0x8}, {0x2c, 0x2, [@TCA_CBQ_RATE={0x10, 0x5, {0x5, 0x0, 0x4b4, 0x4, 0x7, 0xef}}, @TCA_CBQ_LSSOPT={0x18, 0x1, {0x22, 0x1, 0x0, 0x1, 0x8, 0x72, 0x7f, 0x6}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
sendmsg$nl_route(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001800010000000000000000000200000000000006000000000c00090008000000", @ANYRES32, @ANYBLOB="08000400", @ANYRES32, @ANYBLOB="080005"], 0x38}}, 0x40000)
sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a03000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000180003801400020000007468305f746f5f68737200000000080002"], 0xe8}}, 0x0)

1.117527723s ago: executing program 0 (id=8783):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000100000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000000001000400004e2100020000000021000000", @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200"], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)

1.041343546s ago: executing program 7 (id=8784):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="21000000000000002800128008000100687372001c00028008000100", @ANYRES32=r2, @ANYBLOB="08000200", @ANYRES32=r3, @ANYBLOB="0000000000000050dae25b1685c636396e52a39ddc4b00"], 0x48}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)

987.101489ms ago: executing program 0 (id=8785):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200000, &(0x7f0000000240)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x20}}, {@errors_remount}, {@oldalloc}, {@nomblk_io_submit}, {@nodioread_nolock}, {@user_xattr}]}, 0x1, 0x524, &(0x7f0000001200)="$eJzs3c+PG1cdAPDvOLHXSbbdtPQACNrQFgKK4s06bVT1AOWEEKqE6BGkdNl1ViF2vIq9pbtEYntG4oREJU5w5A/g3BMSRy4IbgipHJD4sQJ1kTgMmvF4693YiZPdtbfrz0eazHvzZv19z9a8N36O/QKYWZciYjsiKhHxdkQsFMeTYos3elt23kc791d2d+6vJJGmb/0zycuzYzHwN5kLxWNWI+I734j4fvJg3M7m1p3lZrNxr8gvdlvri53Nrau3W8trjbXG3Xr9xtKNa69df7V+ZG19oVUpUp//8PfbX/lRVq354shgO45Sr+nlvTiZsxHxreMINgVnivZUpl0RnkgpIp6NiBfz638hzuSvJgBwmqXpQqQLg/k9yf4sAHBalPI5sKRUK+YC5qNUqtV6c3jPxflSs93pXrnV3ri72psruxjl0q3bzca1Yq7wYpSTLL+Upz/O1w/kr0fEMxHxs7lzeb620m6uTvPGBwBm2IUD4/9/5nrjPwBwylWnXQEAYOKM/wAwe4z/ADB7jP8AMHt64/+5aVcDAJgg7/8BYPYY/wFgpnz7zTezLd0tfv969Z3NjTvtd66uNjp3aq2NldpK+956ba3dXst/s6f1qMdrttvrS6/ExrsXv7re6S52Nrduttobd7s389/1vtko52dtT6BlAMAoz7zwwZ+SbER+/Vy+xcBaDuWp1gw4bqVpVwCYmjOP/yduC+CUsNoXzK5DDObliJ+6F4BPtN/l/w5Zonef6rAvCKVpmh5XtYBjd/kz5v9hVg3M//tfwDBjnmD+HzglzP/D7ErTZNxF/mPcEwGAk80cPzDi8/9ni/2viw8HvrdaHEjT9Md54v0JVA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOqP76v7ViLfD5KJVqtYinIuJilJNbt5uNaxHxdET8ca48l+WXplxnAOCwSn9LivW/Li+8PL+v6PkLe8lKRPzwF2/9/N3lbvfeHyIqyb/m+se77xfH648VuHJULQAAHq4/Tuf7gTfyH+3cX+lvk6zP378eEdVe/N2dSuzuxT8bZ/N9NcoRcf7fSZHvSQbmLg5j+72I+PSw9icxn8+B9FY+PRg/i/3UROOX9sUv5WW9ffZcfOoI6gKz5oOs/3lj2PVXikv5fvj1X817qMMr+r/soVZ28z7w4/j9/u/MiP7v0rgxXvntN3upcw+WvRfx2bMR/di7A/1PP34yIv7LY8b/8+eef3FUWfrLiMsxPP5grMVua32xs7l19XZrea2x1rhbr99YunHtteuv1hfzOerF0aPBP16/8vSosqz950fErz6i/V8cs/2/+t/b3/3CQ+J/+aVh8Uvx3EPiZ2Pil8aMv3z+N9VRZVn81RHtf9Trf2XM+B/+dWt1zFMBgAnobG7dWW42G/ckZinxlx+ciGocTCTFTf/Ic7LCk1HVBxNfm1Ssyojn5ycv9Z69A0X9e//HjDWqxziKWTfgJNi76CPiv9OuDAAAAAAAAAAAAAAAMNQkvrE07TYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwev0/AAD//3PUyGE=")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)

935.254331ms ago: executing program 6 (id=8786):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400038010"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0xa, 0x8, 0x1, 0x40}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
fremovexattr(r5, &(0x7f0000000040)=@random={'os2.', '\\\x00'})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x4000, 0x10000, 0x4, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r3, &(0x7f0000000040), 0x0}, 0x20)

887.400383ms ago: executing program 2 (id=8787):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = msgget$private(0x0, 0x480)
msgsnd(r2, &(0x7f0000000040)={0x2, "ff7f1c823e695237825488d5e047d09602c1017642c6ca17e11ecf866b5b33b179d065bdcb1b5e01481dfb6a2c73cc623a60ca094f1a550aba92acd8a69444d52f86e5db83b032f4c6cbfcd0c084237048eefc30d84c82b62811c1ed61c0d1cc88dbb7e55311885b8c03a47e40dc0a477e793c06fe89f41fe664acdf6434e5cf7eca1eed5afb2f9e91e889b97755d343257d850a78e658f2d1f1b4ff08fd506422d93d3b8b9ee5580b0eb7f573bd411b8a27de0a2d011cf5bf2940dfc6dd679d19b42d2caa34c32fa898432365273970a5082329e61912d4eef4f24b9268e601579fc8f0fa2a3c2af89591ffce34b75eebb33b8156902d50adc2bcdb24763d29716bfd0626e59496e492fc385c150cf7e89132f467ebaa62301278af495c0e9bc64c588aa6e815255b85c7d90fe5c01aa73969671fd0e29b206006309aeb4615a4b5b0d066b3fa6bce7be06c51410e3ea7e031e6a8edd63d3c44f5ddd104222c649edb056ece9ce94e7a1d115f79b4f2d26a1d29f3213f0d647cafbbb8ef825c1226ed716bfb0d187df7463bc949b8281cd1e5343f1f2d37f5690a5557262a2053e34484be6267897bcba5f709a52ae5a6255c58ef0f46632e05c2ccfe33e8258daf59413151812ebddc6b4293ca132b3612b1cf78b5f83285393979c5d07c3a01db4aba7bf8bca1705673b1a6f218fc971ebfc5ef5accc6fea12d0c0369d290bd9684eab10b88cad97cb10ea58ffc615c54212574874ee72289b96f8f3f00be319ebf72ddfeb45e36b9055f042dad6a290a01101452c3d0e2dd43ea4779f62bee347f05eb191b877dad4c5bdabfd0210b6a39fc8a93e0c2efab44426a3c9e0dbdc4626f4ffa245992c519d624a29b25ed65151ecc38e67d071e01886d922b2ec23728e8445223882b60e6dc2f8551bcbddc2f3d8bc106c8aa2ad0edcf0d1ee8af02ad69e57114f302f13acbda7b97730f4f141cd041198f9a3cb806b7db72b2c05e0aaf6a786bd367d38402a9087b669ec9b557ca2571689369bbd076789a91f655ff0bcaa853891b0ef2b0cf9914a2b886e6c3a0d3eb8d9225557baff7573bd6d45a4b64d4b3d8d5b596a0c944845cb79ca0b1eccd0048f3195b77ec0d2d16158a80cb5937b6f78066ad1e97c8afa5c654c8a68befd2a253280497c7ea2e0409f1fbfc3b507dbb6574dd111ffed8e2de29b5d696196ac949398971d217e9418c08715fe11e29c454ece4a0577633879ef0b8c95bfa5c556b0a746332333e617146f0bb06e15d4102cef7106e2dadd3682c9e47b827ee43e9319181c7759bf6726dac95f0852dd5448b96222edd4bc6c8e0e85656bcaf5137f8ce0cd0fca7fb12eb5582eb6d2a680ab74e18806ccd441cdd87fed1a985cf4f17"}, 0x3e2, 0x0)
msgctl$IPC_RMID(r2, 0x0)

803.674516ms ago: executing program 6 (id=8788):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0002}]})
mq_open(&(0x7f0000000100)='&\x00', 0x40, 0x100, 0x0)

803.222477ms ago: executing program 2 (id=8789):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1f0519, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x3}, 0x6025, 0x4005, 0xb, 0x3, 0x2, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r1, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000068e000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x6e)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0x200c1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0x3}, 0x6)
writev(r0, &(0x7f0000000500)=[{&(0x7f0000000140)="0151b1a5f10ecf", 0x7}], 0x1)

725.05206ms ago: executing program 6 (id=8790):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x50, &(0x7f00000002c0), 0x64, 0x505, &(0x7f0000000940)="$eJzs3cFrHF8dAPDvbHZr06a/5Kce9Af+rLaSFu1u0tg2eKgVRE8Ftd5rTDYhZJMN2U3bhKIp/gGCiAqe9OJF8A8QpEePIhT0rKggoq0ePGjnx+5O0jTdTbbtNptmPx+YzHtvZvb73oaZnTfzmAlgYJ2NiBsR8TRN04sRMZqV57IptlpTY70nj+/PNqYk0vTWP5NIsrLtz0qy+elss5MR8Y2vRnw7eTFubWNzaaZSKa9l+VJ9ebVU29i8tLg8s1BeKK9MTU1enb42fWV6oiftPBMR17/8tx99/xdfuf6bz9398+2/X/hOo1oj2fLd7XhJ+f0WtppeaH4XuzdYe8VgR1G+2cLMcLs1hl4oefCG6wQAQHuNc/wPR8SnI+JijMbQ/qezAAAAwFso/eJI/C+JSNs70aEcAAAAeIvkmmNgk1wxGwswErlcsdgaw/vROJWrVGv1z85X11fmWmNlx6KQm1+slCeyscJjUUga+clm+ln+8p78VES8GxE/HB1u5ouz1cpcvy9+AAAAwIA4vaf//5/RVv8fAAAAOGbG+l0BAAAA4I3T/wcAAIDjT/8fAAAAjrWv3bzZmNLt91/P3dlYX6reuTRXri0Vl9dni7PVtdXiQrW60Hxm3/JBn1epVlc/Hyvr90r1cq1eqm1s3l6urq/Uby8+9wpsAAAA4BC9+8mHf0wiYusLw82p4UR3m3a5GnBU5XdSSTZvs1v/6Z3W/K+HVCngUAz1uwJA3+T7XQGgbwr9rgDQd8kByzsO3vldNv9Ub+sDAAD03vjHO9//z+275db+i4Ejz04Mg8v9fxhczfv/3Y7kdbIAx0rBGQAMvNe+/3+gNH2pCgEAAD030pySXDG7vDcSuVyxGHGm+VqAQjK/WClPRMQ7EfGH0cKHGvnJ5pbJgX0GAAAAAAAAAAAAAAAAAAAAAAAAAKAlTZNIAQAAgGMtIrfzGP/x0fMje68PnEj+OxrZK0Lv/vTWj+/N1Otrk43yf+2U13+SlV8+5IsXAAAAMDhe6gX+2/307X48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTSk8f3Z7enw4z7jy9FxFi7+Pk42ZyfjEJEnPp3Evld2yURMdSD+MONPx9rFz9pVGsnZLv4wz2Iv/Vg3/gxln0L7eKf7kF8GGQPG8efG+32v1ycbc7b73/5iOfyr6rz8S92jn9DHfb/M13GeO/Rr0od4z+IeC/f/vizHT/pEP9cl/G/9c3NzU7L0p9FjLf9/Umei1WqL6+WahublxaXZxbKC+WVqanJq9PXpq9MT5TmFyvl7G/bGD/4xK+f7tf+Ux3ijx3Q/vNdtv//j+49/kgrWWgX/8K5NvF/+/NsjRfj57Lfvs9k6cby8e30Viu92/u//P37+7V/rkP7D/r/X+iy/Re//r2/dLkqAHAIahubSzOVSnnt2CYavfQjUA2JI5j4bk8/ME3TtLFPvcbnJHEUvpZmot9HJgAAoNeenfT3uyYAAAAAAAAAAAAAAAAAAAAwuA7jcWJ7Y27tpJJePEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAnPggAAP//FZnXpg==")
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYBLOB="0000000000000000b7040000010000008500000078"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x9)
timer_create(0x2, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x77359400}, {0x0, 0x3938700}}, &(0x7f0000000440)={{0x0, <r1=>0x0}, {0x0, <r2=>0x0}})
inotify_init()
read(r0, &(0x7f0000001600)=""/238, 0xee)
r3 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x47, 0x1e0411, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_config_ext={0x0, 0x4}, 0x700, 0x4005, 0xb, 0x3, 0x4, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8514, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8, 0x6}, 0x120, 0x10000, 0x2, 0x1, 0x8, 0x20007, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, r3, 0x2)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r1, @ANYRES32=r3, @ANYRESDEC=r2], 0x48)
pipe(&(0x7f00000002c0)={<r4=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000400000001811", @ANYRES16=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x74, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x0, 0xc, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r7}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r8 = socket$inet_udp(0x2d, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000d00000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff"]}, 0x104)
r9 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x4e24, 0x7f, @dev={0xfe, 0x80, '\x00', 0x41}, 0xca}, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r10 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1f0719, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x1, @perf_bp={0x0}, 0xa822, 0x4005, 0xb, 0x3, 0x6, 0x20005, 0xab15, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_DISABLE(r10, 0x24fd, 0x7)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r10, 0x0)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001480)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf250401f2800c0018000bac0f000000000014000100"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

641.630493ms ago: executing program 2 (id=8791):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x8080, &(0x7f0000000b80)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d60edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b49057d94f10f7b5e35ead0a38", @ANYRES8=0x0], 0x3, 0x21f, &(0x7f0000000940)="$eJzs2j+LXFUcBuDfXRMSN2xmxH8kIB60UJtLZmqLLJKAOKBoRoiC5Ma9o8NcZ5a5w8KImK209SNYi6WdIClttvETWNhts2UK8Uoya5INY7GIO2Kep5kXzrzccziXwynu/uvffDYa1PmgmMValsXa5diNO1m0Yy3+shuvvXL95xfeu/7BW5u93pV3U7q6ea3TTSmdf/GnD7/4/qXbs3Pv/3D+xzOx1/5o/6D7295zexf2/7j26bBOwzqNJ7NUpJuTyay4WZVpa1iP8pTeqcqiLtNwXJfTI+ODarK9PU/FeGtjfXta1nUqxvM0KudpNkmz6TwVnxTDccrzPG2sB/9E/7s7TRMHzekb0TTNk9/Gudux8Wu0InsqZU9fzp69kT2/m104aJrWqqfKv8L+P94eOtTPRlRf7/R3+ovfxfjmIIZRRRmXohW/x93X5NAiX32zd+VSuqcdX1W3Dvu3dvpPHO13ohXt5f3Oop+O9s/EesTpiMN+N1rxzPJ+d2n/bLz68kPPz6MVv3wck6hiK+52H/S/7KT0xtu9R/oX7/0PAOD/Jk/3Lb2/5fnfjS/6x7gfPnK/OhUXT6127UTU889HRVWVU0EQhPth1ScTJ+HBpq96JgAAAAAAAAAAABzHSXxOuOo1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/21/BgAA//9DWtUg")
open(&(0x7f0000000780)='./bus\x00', 0x145c7e, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
readahead(0xffffffffffffffff, 0x2, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000840), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000180)={0x335, @tick=0xe, 0x42, {}, 0x2})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)

557.238897ms ago: executing program 0 (id=8792):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f0000000680), 0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r2, 0x0, 0xffff}, 0x18)
getuid()
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r4, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r5}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000f80)={&(0x7f0000000d80)={0x1c0, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x814}, 0x4004)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r6}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
fcntl$notify(r3, 0x402, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
inotify_init1(0x0)

377.062114ms ago: executing program 0 (id=8793):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000180001"], 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x3, 0x0, 0x7ffc1ffa}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
pselect6(0x40, &(0x7f0000000080)={0xf, 0x10, 0x9, 0x5, 0x1, 0x8, 0xfffffffffffffff9, 0xf}, 0x0, 0x0, 0x0, 0x0)

327.921937ms ago: executing program 0 (id=8794):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d61637365630000140002800500060000000000050007000000000008000500", @ANYRES32=r2], 0x4c}}, 0x0)

317.120857ms ago: executing program 9 (id=8795):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000100000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200"], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)

53.813948ms ago: executing program 9 (id=8796):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0xd8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r0, r2, 0x25, 0x2, @void}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f00000002c0), 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x9001)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001100010025bd7000ffdbdf2500000000", @ANYRES32=r2], 0x20}}, 0x8080)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x12, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000007000000000000000100ffffb7080000000000007b8af8ff00000000b7"], 0x0, 0x200, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x22}, 0x94)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close_range(r3, 0xffffffffffffffff, 0x200000000000000)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c01000019000100000000000000000000000000000000000000000000000000ac1414bb0000000000000000000000000000fffd000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500ac1414aa000000000000000000000000000000002b00000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000007f000001000000000000000000000000000000006c00000000000000ac1414aa00"/244], 0x13c}}, 0x4040000)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="020100020e00000000000000fcdbdf2505000600331000000a004e2300000006fe8000000000000000000000000000aa050000000000000005000500320000000a004e2000000008fc0000000000000000000000fcffffff00000000000000000200130003"], 0x70}}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_buf(r6, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e000"/184, 0xb8)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="24000000390009002cbd70000000000004000000040000000c000180060006"], 0x24}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

36.063139ms ago: executing program 6 (id=8797):
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getgid()
write$P9_RGETLOCK(r0, &(0x7f0000000340)=ANY=[], 0x200002e6)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf10010000000000b70200b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2, 0x0, 0x1}, 0x18)
r3 = socket$caif_stream(0x25, 0x1, 0x0)
writev(r3, &(0x7f00000002c0), 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)

0s ago: executing program 0 (id=8798):
r0 = io_uring_setup(0x70c4, &(0x7f0000000880)={0x0, 0x0, 0x10, 0x3, 0xfffffffc})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sync()
syz_usb_connect(0x6, 0xb43, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002d00)={r2, 0x0, 0x79, 0x0, &(0x7f0000002b00)="4c592feed90a7518317b06c3b690c49cf52ea8d26a49261e6f703f861c9486c798205de8f46efe2a164b30323e15e76703104bf636a93898557ef955d06c58a8ec88e2f05a14304623c03cc16ed5e1bae9a0beffcf3ecef5045f62bcb75a105931f377dd72c66dfca5a15d33a177d189b6b615961f1951eae6", 0x0, 0xffff655e, 0x0, 0x0, 0x18, 0x0, &(0x7f00000009c0)="2356402ad269710466b0b23516af6a006209f3f18a9b6704", 0x2, 0x0, 0x9}, 0x50)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'sit0\x00'})
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x87, 0x87, 0x3, [@typedef={0x2, 0x0, 0x0, 0x8, 0x2}, @datasec={0x2, 0x7, 0x0, 0xf, 0x3, [{0x3, 0x1, 0x9}, {0x1, 0x80, 0x2}, {0x5, 0x9e2, 0x6}, {0x5, 0x1, 0xfffffffd}, {0x1, 0x6, 0xffffffff}, {0x5, 0x401, 0x8}, {0x3, 0x2, 0x77}], "bc15fc"}, @typedef={0xd, 0x0, 0x0, 0x8, 0x2}, @volatile={0xa, 0x0, 0x0, 0x9, 0x5}]}, {0x0, [0x0]}}, &(0x7f00000006c0)=""/227, 0xa3, 0xe3, 0x0, 0x1e28, 0x10000}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES16=r0, @ANYBLOB="7081cb979b01a8d0ba27ba483a1fc62c04210f3f3555050000004cea820efdd7203d89979f7b8e415c937a5ce1c38f02fb359975260110877a53e8279cc7380b463f35c0b3567794b0102d7bec8005de67d49c0a996097200dc97effc583d48a2b74c25362d8662db5ce34a4e016c81d8d8835f25304059577bf4a9bde2f73bdc853"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getcwd(&(0x7f0000000140)=""/237, 0xfffffee1)
r5 = syz_pidfd_open(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r6, 0x0, 0x0, 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000480)={0xf97cff8c, 0x8, 'SE Linux', "72f7962ee641a13ab6a994e8e9da2dfef2b9e2be552f0af6ac13da093e58bc72f27e51fab847776c7a998783021ce5a32168d9708bf296da2534f62755001b8b3f0c799d06cc210e7e0d02c03143b8bea05a26fc03ad2217e25256bf751ce5db8ebcfa74d47b1141d04bacf9863d92cab71964da04a2ec8f9c8f596c8cefb9fcdaa0e3711e6fbf529bd7294d81682354c31dd5a7e0a02098bcc093b2b577d42679575875d38a4d4c1adb586c68e2c3d47c9b7edd566d074bf996b0baa5decf7e4f971e2173ce99841e8b548a239616a129bf4f345a312dde537334497ca8ee52aad87e1744c2e4807f"}, 0xf9)
r7 = pidfd_getfd(r5, r5, 0x0)
setns(r7, 0x66020000)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
r8 = socket(0x2b, 0x1, 0x1)
connect$inet6(r8, 0x0, 0x0)
accept(r8, 0x0, 0x0)
setsockopt$inet6_mreq(r8, 0x29, 0x0, &(0x7f00000000c0)={@mcast2}, 0x14)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

00-000000000000.
[  629.229244][T22266] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.276034][T29088] loop9: detected capacity change from 0 to 512
[  629.288580][T29088] EXT4-fs: Ignoring removed oldalloc option
[  629.294561][T29088] EXT4-fs: Ignoring removed nomblk_io_submit option
[  629.337638][T29088] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  629.368902][T29088] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  629.398068][T29088] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8350: bg 0: block 217: padding at end of block bitmap is not set
[  629.426134][T29088] EXT4-fs (loop9): Remounting filesystem read-only
[  629.455779][T29095] loop2: detected capacity change from 0 to 512
[  629.487026][T29095] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8352: bg 0: block 248: padding at end of block bitmap is not set
[  629.554837][T29095] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.8352: Failed to acquire dquot type 1
[  629.582698][T29095] EXT4-fs (loop2): 1 truncate cleaned up
[  629.589842][T28755] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.607445][T29095] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  629.634566][T29095] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  629.650820][T29095] netlink: 'syz.2.8352': attribute type 1 has an invalid length.
[  629.651579][T29099] loop9: detected capacity change from 0 to 128
[  629.658754][T29095] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8352'.
[  629.748571][T29101] loop6: detected capacity change from 0 to 512
[  629.826837][T29101] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8354: bg 0: block 248: padding at end of block bitmap is not set
[  629.842163][T29101] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.8354: Failed to acquire dquot type 1
[  629.854775][T29101] EXT4-fs (loop6): 1 truncate cleaned up
[  629.861029][T29101] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  629.874473][T29101] ext4 filesystem being mounted at /417/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  629.897116][T28073] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.911464][T29101] netlink: 'syz.6.8354': attribute type 1 has an invalid length.
[  629.919508][T29101] netlink: 224 bytes leftover after parsing attributes in process `syz.6.8354'.
[  630.037299][T22266] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.115685][T29134] loop2: detected capacity change from 0 to 512
[  630.136211][T29134] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  630.144312][T29134] EXT4-fs (loop2): orphan cleanup on readonly fs
[  630.152075][T29134] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.8366: corrupted inode contents
[  630.165622][T29134] EXT4-fs (loop2): Remounting filesystem read-only
[  630.172300][T29134] EXT4-fs (loop2): 1 truncate cleaned up
[  630.178416][T23076] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  630.189084][T23076] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  630.233553][T23076] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  630.269991][T29134] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  630.295368][T28073] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.402676][T29126] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8363'.
[  630.434445][T29146] loop2: detected capacity change from 0 to 512
[  630.446054][T29146] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  630.454597][T29146] EXT4-fs (loop2): 1 truncate cleaned up
[  630.462399][T29126] loop7: detected capacity change from 0 to 2048
[  630.469393][T29146] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.496376][T29126] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  630.576779][T29151] loop6: detected capacity change from 0 to 128
[  630.689873][T26793] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.897860][T29171] loop7: detected capacity change from 0 to 512
[  630.914464][T29165] loop6: detected capacity change from 0 to 128
[  630.921591][T29165] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  630.941341][T29165] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  630.957089][T29171] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  630.965138][T29171] EXT4-fs (loop7): orphan cleanup on readonly fs
[  630.973067][T29171] EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #16: comm syz.7.8377: corrupted inode contents
[  630.985352][T29171] EXT4-fs (loop7): Remounting filesystem read-only
[  630.991984][T29171] EXT4-fs (loop7): 1 truncate cleaned up
[  630.998334][T23078] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.009017][T23078] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.021109][T23078] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  631.032036][T29171] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  631.044781][T23078] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  631.065657][T26793] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.120958][T29183] loop6: detected capacity change from 0 to 512
[  631.148681][T29183] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  631.156823][T29183] EXT4-fs (loop6): orphan cleanup on readonly fs
[  631.166525][T29187] loop9: detected capacity change from 0 to 128
[  631.174594][T29183] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  631.186528][T29183] EXT4-fs (loop6): Remounting filesystem read-only
[  631.193169][T29183] EXT4-fs (loop6): 1 truncate cleaned up
[  631.199133][T13260] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.209889][T13260] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.220576][T13260] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  631.231297][T29183] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  631.244201][T29183] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.278808][T28073] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.381503][T29199] loop2: detected capacity change from 0 to 512
[  631.403782][T29199] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  631.411945][T29199] EXT4-fs (loop2): orphan cleanup on readonly fs
[  631.419850][T29199] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.8386: corrupted inode contents
[  631.432899][T29199] EXT4-fs (loop2): Remounting filesystem read-only
[  631.439804][T29199] EXT4-fs (loop2): 1 truncate cleaned up
[  631.445932][T23074] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.456629][T23074] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.537493][T29189] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8383'.
[  631.544960][T23074] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  631.558924][T29199] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  631.584440][T28073] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.612987][T29203] loop6: detected capacity change from 0 to 2048
[  631.627329][T29181] loop7: detected capacity change from 0 to 2048
[  631.659397][T29203] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  631.679036][T29214] loop9: detected capacity change from 0 to 512
[  631.679465][T29181] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  631.711319][T29214] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  631.719474][T29214] EXT4-fs (loop9): orphan cleanup on readonly fs
[  631.727230][T29214] EXT4-fs error (device loop9): ext4_do_update_inode:5632: inode #16: comm syz.9.8389: corrupted inode contents
[  631.740472][T29214] EXT4-fs (loop9): Remounting filesystem read-only
[  631.747142][T29214] EXT4-fs (loop9): 1 truncate cleaned up
[  631.752944][T23078] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.763688][T23078] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.774712][T23078] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  631.785490][T29214] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  631.809049][T28755] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.859846][T29221] loop9: detected capacity change from 0 to 512
[  631.895038][T29221] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  631.903155][T29221] EXT4-fs (loop9): orphan cleanup on readonly fs
[  631.911739][T29221] EXT4-fs error (device loop9): ext4_do_update_inode:5632: inode #16: comm syz.9.8390: corrupted inode contents
[  631.924599][T29221] EXT4-fs (loop9): Remounting filesystem read-only
[  631.931243][T29221] EXT4-fs (loop9): 1 truncate cleaned up
[  631.937166][T23078] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.947765][T23078] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  631.973799][T23078] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  631.988830][T29221] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  632.002602][T22266] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.022482][T28755] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.061332][T26793] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.112548][T29229] loop7: detected capacity change from 0 to 512
[  632.125839][T29229] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  632.133932][T29229] EXT4-fs (loop7): orphan cleanup on readonly fs
[  632.143005][T29229] EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #16: comm syz.7.8393: corrupted inode contents
[  632.159315][T29229] EXT4-fs (loop7): Remounting filesystem read-only
[  632.166000][T29229] EXT4-fs (loop7): 1 truncate cleaned up
[  632.172078][T23078] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  632.182704][T23078] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  632.182910][T29233] loop6: detected capacity change from 0 to 512
[  632.205838][T23078] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  632.217629][T29233] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  632.225813][T29233] EXT4-fs (loop6): orphan cleanup on readonly fs
[  632.226344][T29237] loop0: detected capacity change from 0 to 512
[  632.232936][T29229] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  632.268003][T26793] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.276134][T29233] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  632.278524][T29237] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  632.289584][T29233] EXT4-fs (loop6): Remounting filesystem read-only
[  632.296480][T29237] EXT4-fs (loop0): orphan cleanup on readonly fs
[  632.303068][T29233] EXT4-fs (loop6): 1 truncate cleaned up
[  632.316044][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  632.326626][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  632.338420][T23076] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  632.348660][T29237] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  632.360356][T29237] EXT4-fs (loop0): Remounting filesystem read-only
[  632.367076][T29237] EXT4-fs (loop0): 1 truncate cleaned up
[  632.373026][T23076] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  632.383656][T23076] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  632.394551][T23076] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  632.403881][T29243] loop7: detected capacity change from 0 to 128
[  632.405854][T29237] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  632.411498][T29233] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  632.423942][T29237] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.436363][T29233] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.500324][T29246] loop0: detected capacity change from 0 to 512
[  632.507733][T29247] FAULT_INJECTION: forcing a failure.
[  632.507733][T29247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  632.520948][T29247] CPU: 0 UID: 0 PID: 29247 Comm: syz.6.8398 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  632.520980][T29247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  632.520996][T29247] Call Trace:
[  632.521010][T29247]  <TASK>
[  632.521054][T29247]  __dump_stack+0x1d/0x30
[  632.521078][T29247]  dump_stack_lvl+0xe8/0x140
[  632.521141][T29247]  dump_stack+0x15/0x1b
[  632.521159][T29247]  should_fail_ex+0x265/0x280
[  632.521199][T29247]  should_fail+0xb/0x20
[  632.521285][T29247]  should_fail_usercopy+0x1a/0x20
[  632.521307][T29247]  _copy_from_user+0x1c/0xb0
[  632.521337][T29247]  ___sys_sendmsg+0xc1/0x1d0
[  632.521405][T29247]  __x64_sys_sendmsg+0xd4/0x160
[  632.521438][T29247]  x64_sys_call+0x191e/0x3000
[  632.521468][T29247]  do_syscall_64+0xd2/0x200
[  632.521492][T29247]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  632.521530][T29247]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  632.521681][T29247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.521727][T29247] RIP: 0033:0x7efed337f749
[  632.521747][T29247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  632.521810][T29247] RSP: 002b:00007efed1de7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  632.521829][T29247] RAX: ffffffffffffffda RBX: 00007efed35d5fa0 RCX: 00007efed337f749
[  632.521842][T29247] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  632.521854][T29247] RBP: 00007efed1de7090 R08: 0000000000000000 R09: 0000000000000000
[  632.521868][T29247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  632.521884][T29247] R13: 00007efed35d6038 R14: 00007efed35d5fa0 R15: 00007ffe887ec8c8
[  632.521909][T29247]  </TASK>
[  632.700878][T29246] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  632.709099][T29246] EXT4-fs (loop0): orphan cleanup on readonly fs
[  632.727952][T29246] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.8399: corrupted inode contents
[  632.740214][T29246] EXT4-fs (loop0): Remounting filesystem read-only
[  632.746964][T29246] EXT4-fs (loop0): 1 truncate cleaned up
[  632.753879][T13260] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  632.764641][T13260] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  632.787392][T13260] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  632.799507][T29246] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  632.823485][T23730] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.825199][T29258] loop6: detected capacity change from 0 to 512
[  632.842729][T29258] EXT4-fs: Ignoring removed oldalloc option
[  632.848876][T29258] EXT4-fs: Ignoring removed nomblk_io_submit option
[  632.889050][T29258] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  632.923504][T29258] ext4 filesystem being mounted at /429/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  632.972024][T29258] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8402: bg 0: block 217: padding at end of block bitmap is not set
[  632.999498][T29251] __nla_validate_parse: 1 callbacks suppressed
[  632.999563][T29251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8400'.
[  633.021223][T29258] EXT4-fs (loop6): Remounting filesystem read-only
[  633.027592][T29272] loop0: detected capacity change from 0 to 1024
[  633.040215][T29272] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  633.051276][T29272] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  633.063955][T29272] JBD2: no valid journal superblock found
[  633.069960][T29272] EXT4-fs (loop0): Could not load journal inode
[  633.079901][T22266] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.089437][T29273] loop9: detected capacity change from 0 to 512
[  633.114631][T29277] FAULT_INJECTION: forcing a failure.
[  633.114631][T29277] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  633.127848][T29277] CPU: 1 UID: 0 PID: 29277 Comm: syz.6.8408 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  633.127877][T29277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  633.127890][T29277] Call Trace:
[  633.127897][T29277]  <TASK>
[  633.127945][T29277]  __dump_stack+0x1d/0x30
[  633.127969][T29277]  dump_stack_lvl+0xe8/0x140
[  633.127991][T29277]  dump_stack+0x15/0x1b
[  633.128010][T29277]  should_fail_ex+0x265/0x280
[  633.128045][T29277]  should_fail+0xb/0x20
[  633.128075][T29277]  should_fail_usercopy+0x1a/0x20
[  633.128096][T29277]  _copy_from_user+0x1c/0xb0
[  633.128122][T29277]  __sys_connect+0xd0/0x2b0
[  633.128157][T29277]  __x64_sys_connect+0x3f/0x50
[  633.128238][T29277]  x64_sys_call+0x2c0c/0x3000
[  633.128260][T29277]  do_syscall_64+0xd2/0x200
[  633.128281][T29277]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  633.128334][T29277]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  633.128400][T29277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.128421][T29277] RIP: 0033:0x7efed337f749
[  633.128436][T29277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  633.128455][T29277] RSP: 002b:00007efed1de7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  633.128548][T29277] RAX: ffffffffffffffda RBX: 00007efed35d5fa0 RCX: 00007efed337f749
[  633.128561][T29277] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000003
[  633.128575][T29277] RBP: 00007efed1de7090 R08: 0000000000000000 R09: 0000000000000000
[  633.128588][T29277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  633.128601][T29277] R13: 00007efed35d6038 R14: 00007efed35d5fa0 R15: 00007ffe887ec8c8
[  633.128622][T29277]  </TASK>
[  633.333483][T29273] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8406: bg 0: block 248: padding at end of block bitmap is not set
[  633.353972][T29273] __quota_error: 1277 callbacks suppressed
[  633.353988][T29273] Quota error (device loop9): write_blk: dquota write failed
[  633.367416][T29273] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  633.381730][T29279] loop6: detected capacity change from 0 to 512
[  633.390023][T29273] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.8406: Failed to acquire dquot type 1
[  633.403301][T29273] EXT4-fs (loop9): 1 truncate cleaned up
[  633.410399][T29279] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  633.418489][T29279] EXT4-fs (loop6): orphan cleanup on readonly fs
[  633.430767][T29279] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  633.446108][T29279] EXT4-fs (loop6): Remounting filesystem read-only
[  633.452733][T29279] EXT4-fs (loop6): 1 truncate cleaned up
[  633.458863][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  633.469448][T23076] Quota error (device loop6): write_blk: dquota write failed
[  633.476859][T23076] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries
[  633.486879][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  633.497588][T23076] Quota error (device loop6): write_blk: dquota write failed
[  633.505056][T23076] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list
[  633.507290][T29273] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  633.530932][T23076] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  633.530992][T29273] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  633.541210][T23076] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  633.563828][T23076] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  633.565217][T29273] EXT4-fs error (device loop9): ext4_lookup:1791: inode #2: comm syz.9.8406: deleted inode referenced: 12
[  633.574724][T29279] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  633.597935][T29279] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.629396][   T29] audit: type=1326 audit(1763943083.851:45471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29284 comm="syz.6.8411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed337f749 code=0x7ffc0000
[  633.653257][   T29] audit: type=1326 audit(1763943083.851:45472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29284 comm="syz.6.8411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7efed337f749 code=0x7ffc0000
[  633.691272][T29288] loop6: detected capacity change from 0 to 512
[  633.717268][T29288] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  633.725422][T29288] EXT4-fs (loop6): orphan cleanup on readonly fs
[  633.733103][T29288] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.8412: corrupted inode contents
[  633.745896][T29288] EXT4-fs (loop6): Remounting filesystem read-only
[  633.752639][T29288] EXT4-fs (loop6): 1 truncate cleaned up
[  633.758632][T23075] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  633.769298][T23075] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  633.781751][T23075] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  633.798678][T29288] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  633.821154][T22266] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.858412][T29297] loop2: detected capacity change from 0 to 512
[  633.865806][T28755] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.881846][T29297] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  633.890838][T29297] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 1024: comm syz.2.8413: invalid block
[  633.902812][T29297] EXT4-fs (loop2): Remounting filesystem read-only
[  633.910381][T29297] EXT4-fs (loop2): 1 truncate cleaned up
[  633.919198][T29297] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  634.040299][T29307] loop7: detected capacity change from 0 to 512
[  634.066694][T29307] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  634.216599][T26793] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.522758][T29320] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8423'.
[  634.639339][T28073] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.666695][T29323] loop2: detected capacity change from 0 to 512
[  634.685370][T29323] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  634.693580][T29323] EXT4-fs (loop2): orphan cleanup on readonly fs
[  634.705044][T29323] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.8424: corrupted inode contents
[  634.717698][T29323] EXT4-fs (loop2): Remounting filesystem read-only
[  634.724416][T29323] EXT4-fs (loop2): 1 truncate cleaned up
[  634.730590][T13260] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  634.741214][T13260] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  634.752531][T13260] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  634.763443][T29323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  634.789291][T28073] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.886714][T29333] FAULT_INJECTION: forcing a failure.
[  634.886714][T29333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  634.899915][T29333] CPU: 0 UID: 0 PID: 29333 Comm: syz.9.8428 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  634.899944][T29333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  634.899960][T29333] Call Trace:
[  634.899968][T29333]  <TASK>
[  634.899979][T29333]  __dump_stack+0x1d/0x30
[  634.900093][T29333]  dump_stack_lvl+0xe8/0x140
[  634.900115][T29333]  dump_stack+0x15/0x1b
[  634.900179][T29333]  should_fail_ex+0x265/0x280
[  634.900217][T29333]  should_fail+0xb/0x20
[  634.900233][T29333]  should_fail_usercopy+0x1a/0x20
[  634.900255][T29333]  _copy_from_user+0x1c/0xb0
[  634.900281][T29333]  ___sys_sendmsg+0xc1/0x1d0
[  634.900345][T29333]  __x64_sys_sendmsg+0xd4/0x160
[  634.900445][T29333]  x64_sys_call+0x191e/0x3000
[  634.900492][T29333]  do_syscall_64+0xd2/0x200
[  634.900514][T29333]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  634.900655][T29333]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  634.900690][T29333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.900747][T29333] RIP: 0033:0x7f4c1381f749
[  634.900763][T29333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  634.900781][T29333] RSP: 002b:00007f4c12287038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  634.900818][T29333] RAX: ffffffffffffffda RBX: 00007f4c13a75fa0 RCX: 00007f4c1381f749
[  634.900832][T29333] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  634.900845][T29333] RBP: 00007f4c12287090 R08: 0000000000000000 R09: 0000000000000000
[  634.900857][T29333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  634.900870][T29333] R13: 00007f4c13a76038 R14: 00007f4c13a75fa0 R15: 00007ffeca496c98
[  634.900890][T29333]  </TASK>
[  635.198857][T29343] netlink: 'syz.9.8433': attribute type 13 has an invalid length.
[  635.260273][T29346] netlink: 372 bytes leftover after parsing attributes in process `syz.9.8433'.
[  635.280361][T29343] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.287604][T29343] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.298627][T29348] loop0: detected capacity change from 0 to 512
[  635.316902][T29348] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  635.325029][T29348] EXT4-fs (loop0): orphan cleanup on readonly fs
[  635.333257][T29348] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.8434: corrupted inode contents
[  635.345339][T29348] EXT4-fs (loop0): Remounting filesystem read-only
[  635.351999][T29348] EXT4-fs (loop0): 1 truncate cleaned up
[  635.357995][T23076] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  635.368739][T23076] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  635.379912][T23076] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  635.382025][T29337] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8430'.
[  635.399693][T29348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  635.423178][T23730] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.446724][T29343] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  635.460716][T29345] loop7: detected capacity change from 0 to 2048
[  635.476326][T29343] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  635.498568][T29345] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  635.543009][T23076] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  635.553351][T23076] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  635.643988][T23076] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  635.694349][T23076] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  635.855958][T26793] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.911878][T29378] loop7: detected capacity change from 0 to 512
[  635.924278][T29378] EXT4-fs: Ignoring removed oldalloc option
[  635.930268][T29378] EXT4-fs: Ignoring removed nomblk_io_submit option
[  635.948723][T29378] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  635.962350][T29378] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8444: bg 0: block 217: padding at end of block bitmap is not set
[  635.977067][T29378] EXT4-fs (loop7): Remounting filesystem read-only
[  636.078386][T29386] loop7: detected capacity change from 0 to 512
[  636.171461][T29394] FAULT_INJECTION: forcing a failure.
[  636.171461][T29394] name failslab, interval 1, probability 0, space 0, times 0
[  636.184214][T29394] CPU: 1 UID: 0 PID: 29394 Comm: syz.6.8450 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  636.184280][T29394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  636.184293][T29394] Call Trace:
[  636.184300][T29394]  <TASK>
[  636.184308][T29394]  __dump_stack+0x1d/0x30
[  636.184333][T29394]  dump_stack_lvl+0xe8/0x140
[  636.184359][T29394]  dump_stack+0x15/0x1b
[  636.184377][T29394]  should_fail_ex+0x265/0x280
[  636.184453][T29394]  should_failslab+0x8c/0xb0
[  636.184490][T29394]  __kvmalloc_node_noprof+0x12e/0x670
[  636.184604][T29394]  ? file_tty_write+0x1a3/0x690
[  636.184633][T29394]  file_tty_write+0x1a3/0x690
[  636.184737][T29394]  ? __pfx_tty_write+0x10/0x10
[  636.184771][T29394]  tty_write+0x25/0x30
[  636.184794][T29394]  vfs_write+0x52a/0x960
[  636.184843][T29394]  ksys_write+0xda/0x1a0
[  636.184926][T29394]  __x64_sys_write+0x40/0x50
[  636.184976][T29394]  x64_sys_call+0x2802/0x3000
[  636.184998][T29394]  do_syscall_64+0xd2/0x200
[  636.185018][T29394]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  636.185096][T29394]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  636.185135][T29394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.185163][T29394] RIP: 0033:0x7efed337f749
[  636.185201][T29394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  636.185219][T29394] RSP: 002b:00007efed1de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  636.185239][T29394] RAX: ffffffffffffffda RBX: 00007efed35d5fa0 RCX: 00007efed337f749
[  636.185316][T29394] RDX: 000000000000ff2e RSI: 0000000000000000 RDI: 0000000000000003
[  636.185329][T29394] RBP: 00007efed1de7090 R08: 0000000000000000 R09: 0000000000000000
[  636.185419][T29394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  636.185435][T29394] R13: 00007efed35d6038 R14: 00007efed35d5fa0 R15: 00007ffe887ec8c8
[  636.185460][T29394]  </TASK>
[  636.434555][T29402] loop6: detected capacity change from 0 to 128
[  636.515404][T29411] loop0: detected capacity change from 0 to 512
[  636.525527][T29411] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  636.533690][T29411] EXT4-fs (loop0): orphan cleanup on readonly fs
[  636.541453][T29411] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.8457: corrupted inode contents
[  636.553464][T29411] EXT4-fs (loop0): Remounting filesystem read-only
[  636.560263][T29411] EXT4-fs (loop0): 1 truncate cleaned up
[  636.566123][T23078] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  636.576782][T23078] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  636.587528][T23078] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  636.616824][T29418] FAULT_INJECTION: forcing a failure.
[  636.616824][T29418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  636.630006][T29418] CPU: 0 UID: 0 PID: 29418 Comm: syz.0.8458 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  636.630030][T29418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  636.630041][T29418] Call Trace:
[  636.630047][T29418]  <TASK>
[  636.630054][T29418]  __dump_stack+0x1d/0x30
[  636.630073][T29418]  dump_stack_lvl+0xe8/0x140
[  636.630091][T29418]  dump_stack+0x15/0x1b
[  636.630161][T29418]  should_fail_ex+0x265/0x280
[  636.630191][T29418]  should_fail+0xb/0x20
[  636.630282][T29418]  should_fail_usercopy+0x1a/0x20
[  636.630351][T29418]  _copy_from_user+0x1c/0xb0
[  636.630373][T29418]  ___sys_sendmsg+0xc1/0x1d0
[  636.630459][T29418]  __x64_sys_sendmsg+0xd4/0x160
[  636.630480][T29418]  x64_sys_call+0x191e/0x3000
[  636.630500][T29418]  do_syscall_64+0xd2/0x200
[  636.630518][T29418]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  636.630543][T29418]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  636.630594][T29418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.630688][T29418] RIP: 0033:0x7f73c4e6f749
[  636.630702][T29418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  636.630717][T29418] RSP: 002b:00007f73c38cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  636.630734][T29418] RAX: ffffffffffffffda RBX: 00007f73c50c5fa0 RCX: 00007f73c4e6f749
[  636.630799][T29418] RDX: 0000000000004080 RSI: 0000200000000180 RDI: 0000000000000003
[  636.630815][T29418] RBP: 00007f73c38cf090 R08: 0000000000000000 R09: 0000000000000000
[  636.630832][T29418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  636.630842][T29418] R13: 00007f73c50c6038 R14: 00007f73c50c5fa0 R15: 00007fff08dbe4b8
[  636.630860][T29418]  </TASK>
[  636.973410][T29430] loop6: detected capacity change from 0 to 512
[  637.178239][T29426] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8461'.
[  637.295860][T29439] loop9: detected capacity change from 0 to 512
[  637.332279][T29439] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2
[  637.375119][T29439] EXT4-fs (loop9): 1 truncate cleaned up
[  637.604912][T29448] FAULT_INJECTION: forcing a failure.
[  637.604912][T29448] name failslab, interval 1, probability 0, space 0, times 0
[  637.617671][T29448] CPU: 1 UID: 0 PID: 29448 Comm: syz.7.8468 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  637.617698][T29448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  637.617710][T29448] Call Trace:
[  637.617717][T29448]  <TASK>
[  637.617724][T29448]  __dump_stack+0x1d/0x30
[  637.617750][T29448]  dump_stack_lvl+0xe8/0x140
[  637.617776][T29448]  dump_stack+0x15/0x1b
[  637.617798][T29448]  should_fail_ex+0x265/0x280
[  637.617841][T29448]  should_failslab+0x8c/0xb0
[  637.617895][T29448]  __kmalloc_noprof+0xa5/0x570
[  637.617925][T29448]  ? qrtr_tun_write_iter+0x87/0x150
[  637.617947][T29448]  ? __pfx_qrtr_tun_write_iter+0x10/0x10
[  637.618037][T29448]  qrtr_tun_write_iter+0x87/0x150
[  637.618065][T29448]  vfs_write+0x52a/0x960
[  637.618103][T29448]  ksys_write+0xda/0x1a0
[  637.618260][T29448]  __x64_sys_write+0x40/0x50
[  637.618293][T29448]  x64_sys_call+0x2802/0x3000
[  637.618331][T29448]  do_syscall_64+0xd2/0x200
[  637.618358][T29448]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  637.618393][T29448]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  637.618455][T29448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.618478][T29448] RIP: 0033:0x7f3f7d4ef749
[  637.618492][T29448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.618542][T29448] RSP: 002b:00007f3f7bf57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  637.618565][T29448] RAX: ffffffffffffffda RBX: 00007f3f7d745fa0 RCX: 00007f3f7d4ef749
[  637.618580][T29448] RDX: 00000000000000c8 RSI: 00002000000001c0 RDI: 0000000000000003
[  637.618592][T29448] RBP: 00007f3f7bf57090 R08: 0000000000000000 R09: 0000000000000000
[  637.618604][T29448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.618616][T29448] R13: 00007f3f7d746038 R14: 00007f3f7d745fa0 R15: 00007ffea2a27f28
[  637.618658][T29448]  </TASK>
[  637.822360][T28073] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  637.833338][T28073] CPU: 1 UID: 0 PID: 28073 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  637.833371][T28073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  637.833387][T28073] Call Trace:
[  637.833395][T28073]  <TASK>
[  637.833404][T28073]  __dump_stack+0x1d/0x30
[  637.833428][T28073]  dump_stack_lvl+0xe8/0x140
[  637.833517][T28073]  dump_stack+0x15/0x1b
[  637.833536][T28073]  dump_header+0x81/0x220
[  637.833554][T28073]  oom_kill_process+0x342/0x400
[  637.833587][T28073]  out_of_memory+0x979/0xb80
[  637.833699][T28073]  try_charge_memcg+0x610/0xa10
[  637.833804][T28073]  charge_memcg+0x51/0xc0
[  637.833833][T28073]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  637.833868][T28073]  __read_swap_cache_async+0x17b/0x2d0
[  637.833919][T28073]  swap_cluster_readahead+0x362/0x3c0
[  637.833951][T28073]  swapin_readahead+0xde/0x800
[  637.833977][T28073]  ? bpf_send_signal_common+0x280/0x300
[  637.834126][T28073]  ? __rcu_read_unlock+0x4f/0x70
[  637.834158][T28073]  ? __rcu_read_unlock+0x4f/0x70
[  637.834212][T28073]  ? swap_cache_get_folio+0x277/0x280
[  637.834240][T28073]  do_swap_page+0x2ae/0x2370
[  637.834293][T28073]  ? _raw_spin_unlock+0x14/0x50
[  637.834344][T28073]  ? finish_task_switch+0xb6/0x2b0
[  637.834378][T28073]  ? __pfx_default_wake_function+0x10/0x10
[  637.834414][T28073]  handle_mm_fault+0x9a5/0x2be0
[  637.834577][T28073]  ? vma_start_read+0x141/0x1f0
[  637.834615][T28073]  do_user_addr_fault+0x630/0x1080
[  637.834643][T28073]  ? fpregs_restore_userregs+0xe2/0x1d0
[  637.834693][T28073]  ? switch_fpu_return+0xe/0x20
[  637.834731][T28073]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  637.834825][T28073]  exc_page_fault+0x62/0xa0
[  637.834896][T28073]  asm_exc_page_fault+0x26/0x30
[  637.834921][T28073] RIP: 0033:0x7f64b7ca1fc5
[  637.834940][T28073] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 95 1f 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  637.834962][T28073] RSP: 002b:00007ffed9c8f0c8 EFLAGS: 00010246
[  637.834977][T28073] RAX: 0000000000000000 RBX: 0000000000000084 RCX: 00007f64b7ca1fc3
[  637.834989][T28073] RDX: 00007ffed9c8f0e0 RSI: 0000000000000000 RDI: 0000000000000000
[  637.835002][T28073] RBP: 00007ffed9c8f14c R08: 000000002e6709d2 R09: 0000000000000000
[  637.835067][T28073] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  637.835079][T28073] R13: 00000000000927c0 R14: 000000000009b847 R15: 00007ffed9c8f1a0
[  637.835098][T28073]  </TASK>
[  637.853450][T29450] sock: sock_timestamping_bind_phc: sock not bind to device
[  637.855220][T28073] memory: usage 307200kB, limit 307200kB, failcnt 418
[  637.996976][T29463] loop6: detected capacity change from 0 to 512
[  637.997803][T28073] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0
[  638.104237][T28073] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  638.111651][T28073] Memory cgroup stats for /syz2:
[  638.118450][T28073] cache 0
[  638.126499][T28073] rss 0
[  638.129381][T28073] shmem 0
[  638.132342][T28073] mapped_file 0
[  638.135863][T28073] dirty 0
[  638.135908][T29463] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8471: bg 0: block 248: padding at end of block bitmap is not set
[  638.138928][T28073] writeback 0
[  638.138938][T28073] workingset_refault_anon 55
[  638.138949][T28073] workingset_refault_file 0
[  638.165935][T28073] swap 192512
[  638.169284][T28073] swapcached 8192
[  638.172916][T28073] pgpgin 105336
[  638.176480][T28073] pgpgout 105334
[  638.180119][T28073] pgfault 104722
[  638.183677][T28073] pgmajfault 22
[  638.187198][T28073] inactive_anon 8192
[  638.191109][T28073] active_anon 0
[  638.194577][T28073] inactive_file 0
[  638.198246][T28073] active_file 0
[  638.201782][T28073] unevictable 0
[  638.205362][T28073] hierarchical_memory_limit 314572800
[  638.210795][T28073] hierarchical_memsw_limit 9223372036854771712
[  638.213964][T29463] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.8471: Failed to acquire dquot type 1
[  638.216992][T28073] total_cache 0
[  638.217004][T28073] total_rss 0
[  638.229213][T29463] EXT4-fs (loop6): 1 truncate cleaned up
[  638.231703][T28073] total_shmem 0
[  638.231714][T28073] total_mapped_file 0
[  638.235317][T28985] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  638.240757][T28073] total_dirty 0
[  638.240767][T28073] total_writeback 0
[  638.245269][T29463] ext4 filesystem being mounted at /445/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  638.248269][T28073] total_workingset_refault_anon 55
[  638.262482][T28985] EXT4-fs (loop9): Remounting filesystem read-only
[  638.265361][T28073] total_workingset_refault_file 0
[  638.296128][T28073] total_swap 192512
[  638.299933][T28073] total_swapcached 8192
[  638.304127][T28073] total_pgpgin 105336
[  638.308206][T28073] total_pgpgout 105334
[  638.312362][T28073] total_pgfault 104722
[  638.316497][T28073] total_pgmajfault 22
[  638.320561][T28073] total_inactive_anon 8192
[  638.325120][T28073] total_active_anon 0
[  638.329156][T28073] total_inactive_file 0
[  638.333451][T28073] total_active_file 0
[  638.337544][T28073] total_unevictable 0
[  638.341551][T28073] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.8462,pid=29427,uid=0
[  638.342953][T29463] netlink: 'syz.6.8471': attribute type 1 has an invalid length.
[  638.356313][T28073] Memory cgroup out of memory: Killed process 29427 (syz.2.8462) total-vm:93968kB, anon-rss:1136kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  638.364050][T29463] netlink: 224 bytes leftover after parsing attributes in process `syz.6.8471'.
[  638.729941][T29496] loop2: detected capacity change from 0 to 512
[  638.751367][T29496] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  638.765167][T29496] EXT4-fs (loop2): 1 truncate cleaned up
[  638.797527][   T29] kauditd_printk_skb: 709 callbacks suppressed
[  638.797577][   T29] audit: type=1326 audit(1763943089.021:46154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29477 comm="syz.7.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f7d4ef749 code=0x7ffc0000
[  638.827820][   T29] audit: type=1326 audit(1763943089.021:46155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29477 comm="syz.7.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f7d4ef749 code=0x7ffc0000
[  638.851996][   T29] audit: type=1326 audit(1763943089.021:46156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29477 comm="syz.7.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f3f7d4ef749 code=0x7ffc0000
[  638.861626][T29488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8474'.
[  638.875663][   T29] audit: type=1326 audit(1763943089.021:46157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29477 comm="syz.7.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f7d4ef749 code=0x7ffc0000
[  638.908318][   T29] audit: type=1326 audit(1763943089.021:46158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29477 comm="syz.7.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f7d4ef749 code=0x7ffc0000
[  638.931989][   T29] audit: type=1326 audit(1763943089.021:46159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29477 comm="syz.7.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f7d4ef749 code=0x7ffc0000
[  638.955689][   T29] audit: type=1326 audit(1763943089.021:46160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29477 comm="syz.7.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f7d4ef749 code=0x7ffc0000
[  638.955848][T29498] loop0: detected capacity change from 0 to 2048
[  638.979377][   T29] audit: type=1326 audit(1763943089.021:46161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29477 comm="syz.7.8473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f7d4ef749 code=0x7ffc0000
[  639.190272][   T29] audit: type=1326 audit(1763943089.411:46162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29501 comm="syz.0.8478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  639.214152][   T29] audit: type=1326 audit(1763943089.411:46163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29501 comm="syz.0.8478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  639.265810][T29506] netlink: 16 bytes leftover after parsing attributes in process `syz.9.8480'.
[  639.313433][T29509] loop0: detected capacity change from 0 to 512
[  639.325820][T29509] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  639.333907][T29509] EXT4-fs (loop0): orphan cleanup on readonly fs
[  639.345393][T29509] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.8482: corrupted inode contents
[  639.358001][T29509] EXT4-fs (loop0): Remounting filesystem read-only
[  639.364653][T29509] EXT4-fs (loop0): 1 truncate cleaned up
[  639.367749][T29516] netlink: 20 bytes leftover after parsing attributes in process `syz.9.8483'.
[  639.370477][T23074] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  639.389926][T23074] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  639.405781][T23074] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  639.435701][T29518] loop7: detected capacity change from 0 to 128
[  639.510177][T29524] loop0: detected capacity change from 0 to 128
[  639.555313][T29528] loop2: detected capacity change from 0 to 512
[  639.581255][T29528] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  639.589383][T29528] EXT4-fs (loop2): orphan cleanup on readonly fs
[  639.599157][T29528] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.8489: corrupted inode contents
[  639.611264][T29528] EXT4-fs (loop2): Remounting filesystem read-only
[  639.617976][T29528] EXT4-fs (loop2): 1 truncate cleaned up
[  639.623758][T23076] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  639.634350][T23076] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  639.645306][T23076] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  639.736114][T29543] loop9: detected capacity change from 0 to 512
[  639.749439][T29543] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  639.757636][T29543] EXT4-fs (loop9): orphan cleanup on readonly fs
[  639.766170][T29547] netlink: 108 bytes leftover after parsing attributes in process `syz.7.8495'.
[  639.776753][T29543] EXT4-fs error (device loop9): ext4_do_update_inode:5632: inode #16: comm syz.9.8496: corrupted inode contents
[  639.788984][T29543] EXT4-fs (loop9): Remounting filesystem read-only
[  639.795646][T29543] EXT4-fs (loop9): 1 truncate cleaned up
[  639.801877][T23076] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  639.812534][T23076] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  639.827338][T23076] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  639.873727][T29556] loop9: detected capacity change from 0 to 512
[  639.900104][T29556] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8499: bg 0: block 248: padding at end of block bitmap is not set
[  639.920535][T29556] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.8499: Failed to acquire dquot type 1
[  639.932718][T29556] EXT4-fs (loop9): 1 truncate cleaned up
[  639.940559][T29556] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  639.998169][T29567] loop9: detected capacity change from 0 to 128
[  640.004102][T29563] syzkaller0: entered promiscuous mode
[  640.009989][T29563] syzkaller0: entered allmulticast mode
[  640.194967][T29580] netlink: 108 bytes leftover after parsing attributes in process `syz.2.8508'.
[  640.250749][T29583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8509'.
[  640.262313][T29583] autofs4:pid:29583:validate_dev_ioctl: path string terminator missing for cmd(0xc018937a)
[  640.351875][T29589] loop9: detected capacity change from 0 to 512
[  640.358958][T29589] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  640.372744][T29589] EXT4-fs (loop9): 1 truncate cleaned up
[  640.391531][T29592] loop0: detected capacity change from 0 to 512
[  640.440134][T29594] loop6: detected capacity change from 0 to 512
[  640.457817][T29594] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  640.466147][T29594] EXT4-fs (loop6): orphan cleanup on readonly fs
[  640.475688][T29594] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.8513: corrupted inode contents
[  640.489598][T29594] EXT4-fs (loop6): Remounting filesystem read-only
[  640.496413][T29594] EXT4-fs (loop6): 1 truncate cleaned up
[  640.502211][T23074] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  640.512923][T23074] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  640.538591][T23074] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  640.791372][T29610] loop7: detected capacity change from 0 to 512
[  640.829193][T29610] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8519: bg 0: block 248: padding at end of block bitmap is not set
[  640.849047][T29615] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8518'.
[  640.868273][T29615] pimreg: entered allmulticast mode
[  640.877987][T29615] pimreg: left allmulticast mode
[  640.887422][T29610] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.8519: Failed to acquire dquot type 1
[  640.901346][T29617] netlink: 108 bytes leftover after parsing attributes in process `syz.6.8520'.
[  640.918798][T29610] EXT4-fs (loop7): 1 truncate cleaned up
[  640.926378][T29610] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  640.970151][T29622] loop0: detected capacity change from 0 to 128
[  641.120858][T29620] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8522'.
[  641.182292][T29625] loop6: detected capacity change from 0 to 2048
[  641.339845][T29628] loop2: detected capacity change from 0 to 2048
[  641.624890][T29647] loop6: detected capacity change from 0 to 512
[  641.631608][T29644] loop9: detected capacity change from 0 to 2048
[  641.649306][T29647] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  641.657475][T29647] EXT4-fs (loop6): orphan cleanup on readonly fs
[  641.666598][T29647] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  641.678671][T29647] EXT4-fs (loop6): Remounting filesystem read-only
[  641.685333][T29647] EXT4-fs (loop6): 1 truncate cleaned up
[  641.692743][T23075] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  641.703493][T23075] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  641.743804][T23075] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  641.849665][T29655] loop2: detected capacity change from 0 to 512
[  641.925374][T29655] EXT4-fs: Ignoring removed oldalloc option
[  641.931427][T29655] EXT4-fs: Ignoring removed nomblk_io_submit option
[  642.035808][T29655] ext4 filesystem being mounted at /70/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  642.075735][T29668] loop7: detected capacity change from 0 to 128
[  642.091085][T29655] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8530: bg 0: block 217: padding at end of block bitmap is not set
[  642.113006][T29655] EXT4-fs (loop2): Remounting filesystem read-only
[  642.217123][T29682] FAULT_INJECTION: forcing a failure.
[  642.217123][T29682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  642.230406][T29682] CPU: 0 UID: 0 PID: 29682 Comm: syz.2.8540 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  642.230437][T29682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  642.230451][T29682] Call Trace:
[  642.230459][T29682]  <TASK>
[  642.230468][T29682]  __dump_stack+0x1d/0x30
[  642.230516][T29682]  dump_stack_lvl+0xe8/0x140
[  642.230538][T29682]  dump_stack+0x15/0x1b
[  642.230561][T29682]  should_fail_ex+0x265/0x280
[  642.230602][T29682]  should_fail+0xb/0x20
[  642.230622][T29682]  should_fail_usercopy+0x1a/0x20
[  642.230724][T29682]  _copy_from_user+0x1c/0xb0
[  642.230748][T29682]  ___sys_sendmsg+0xc1/0x1d0
[  642.230788][T29682]  __x64_sys_sendmsg+0xd4/0x160
[  642.230871][T29682]  x64_sys_call+0x191e/0x3000
[  642.230900][T29682]  do_syscall_64+0xd2/0x200
[  642.230971][T29682]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  642.231057][T29682]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  642.231097][T29682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.231118][T29682] RIP: 0033:0x7f64b7c6f749
[  642.231137][T29682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.231156][T29682] RSP: 002b:00007f64b66d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  642.231187][T29682] RAX: ffffffffffffffda RBX: 00007f64b7ec5fa0 RCX: 00007f64b7c6f749
[  642.231203][T29682] RDX: 0000000000004080 RSI: 0000200000000180 RDI: 0000000000000003
[  642.231215][T29682] RBP: 00007f64b66d7090 R08: 0000000000000000 R09: 0000000000000000
[  642.231226][T29682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  642.231237][T29682] R13: 00007f64b7ec6038 R14: 00007f64b7ec5fa0 R15: 00007ffed9c8ed88
[  642.231332][T29682]  </TASK>
[  642.448775][T29690] loop2: detected capacity change from 0 to 128
[  642.477757][T29672] loop9: detected capacity change from 0 to 2048
[  642.802918][T29704] blktrace: Concurrent blktraces are not allowed on loop5
[  642.970299][T29713] loop0: detected capacity change from 0 to 512
[  643.009283][T29713] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  643.042405][T29713] EXT4-fs (loop0): 1 truncate cleaned up
[  643.314199][T29689] syz.7.8542 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  643.325303][T29689] CPU: 1 UID: 0 PID: 29689 Comm: syz.7.8542 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  643.325392][T29689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  643.325403][T29689] Call Trace:
[  643.325410][T29689]  <TASK>
[  643.325418][T29689]  __dump_stack+0x1d/0x30
[  643.325517][T29689]  dump_stack_lvl+0xe8/0x140
[  643.325539][T29689]  dump_stack+0x15/0x1b
[  643.325560][T29689]  dump_header+0x81/0x220
[  643.325578][T29689]  oom_kill_process+0x342/0x400
[  643.325623][T29689]  out_of_memory+0x979/0xb80
[  643.325669][T29689]  try_charge_memcg+0x610/0xa10
[  643.325708][T29689]  charge_memcg+0x51/0xc0
[  643.325766][T29689]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  643.325818][T29689]  __read_swap_cache_async+0x17b/0x2d0
[  643.325900][T29689]  swap_cluster_readahead+0x362/0x3c0
[  643.325966][T29689]  swapin_readahead+0xde/0x800
[  643.326037][T29689]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  643.326069][T29689]  ? __rcu_read_unlock+0x34/0x70
[  643.326146][T29689]  ? __rcu_read_unlock+0x4f/0x70
[  643.326217][T29689]  ? swap_cache_get_folio+0x277/0x280
[  643.326239][T29689]  do_swap_page+0x2ae/0x2370
[  643.326270][T29689]  ? css_rstat_updated+0xb7/0x240
[  643.326296][T29689]  ? __pfx_default_wake_function+0x10/0x10
[  643.326371][T29689]  handle_mm_fault+0x9a5/0x2be0
[  643.326395][T29689]  ? vma_start_read+0x141/0x1f0
[  643.326469][T29689]  do_user_addr_fault+0x630/0x1080
[  643.326497][T29689]  exc_page_fault+0x62/0xa0
[  643.326537][T29689]  asm_exc_page_fault+0x26/0x30
[  643.326560][T29689] RIP: 0033:0x7f3f7d3cefcb
[  643.326615][T29689] Code: 74 28 25 ff 0f 00 00 83 f0 3d 8d 04 c0 89 c5 c1 ed 04 31 c5 69 ed 2d eb d4 27 89 e8 c1 e8 0f 31 c5 81 e5 ff 0f 00 00 48 31 d5 <80> 3d 76 30 37 00 00 0f 84 a8 00 00 00 4c 89 f6 48 8b 0d 56 30 37
[  643.326634][T29689] RSP: 002b:00007ffea2a27fb0 EFLAGS: 00010286
[  643.326649][T29689] RAX: 00000000000187f7 RBX: 00007f3f7e275720 RCX: 000000000000000a
[  643.326660][T29689] RDX: ffffffff81d21a54 RSI: 000000000000056a RDI: 0000000000000004
[  643.326673][T29689] RBP: ffffffff81d21a27 R08: 00007f3f7d746038 R09: 00007f3f7d732000
[  643.326687][T29689] R10: 00007f3f7cf5f008 R11: 0000000000000002 R12: 0000000000000002
[  643.326702][T29689] R13: 0000000000000000 R14: ffffffff81d21a54 R15: 000000000000000a
[  643.326748][T29689]  ? security_file_permission+0x14/0x80
[  643.326781][T29689]  ? security_kernfs_init_security+0x77/0x80
[  643.326815][T29689]  ? security_file_permission+0x14/0x80
[  643.326887][T29689]  </TASK>
[  643.326896][T29689] memory: usage 307200kB, limit 307200kB, failcnt 6087
[  643.569571][T29689] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  643.577506][T29689] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  643.584858][T29689] Memory cgroup stats for /syz7:
[  643.586157][T29689] cache 0
[  643.594094][T29689] rss 0
[  643.596924][T29689] shmem 0
[  643.599926][T29689] mapped_file 0
[  643.603432][T29689] dirty 0
[  643.606421][T29689] writeback 0
[  643.609716][T29689] workingset_refault_anon 430
[  643.614465][T29689] workingset_refault_file 0
[  643.619017][T29689] swap 204800
[  643.622297][T29689] swapcached 0
[  643.625728][T29689] pgpgin 382204
[  643.629221][T29689] pgpgout 382204
[  643.632761][T29689] pgfault 420684
[  643.636331][T29689] pgmajfault 205
[  643.639876][T29689] inactive_anon 0
[  643.643506][T29689] active_anon 0
[  643.647014][T29689] inactive_file 0
[  643.650646][T29689] active_file 0
[  643.654106][T29689] unevictable 0
[  643.657649][T29689] hierarchical_memory_limit 314572800
[  643.663023][T29689] hierarchical_memsw_limit 9223372036854771712
[  643.669208][T29689] total_cache 0
[  643.672673][T29689] total_rss 0
[  643.676863][T29689] total_shmem 0
[  643.680347][T29689] total_mapped_file 0
[  643.684371][T29689] total_dirty 0
[  643.688101][T29689] total_writeback 0
[  643.692007][T29689] total_workingset_refault_anon 430
[  643.697304][T29689] total_workingset_refault_file 0
[  643.702320][T29689] total_swap 204800
[  643.706144][T29689] total_swapcached 0
[  643.710106][T29689] total_pgpgin 382204
[  643.714089][T29689] total_pgpgout 382204
[  643.718184][T29689] total_pgfault 420684
[  643.722277][T29689] total_pgmajfault 205
[  643.726372][T29689] total_inactive_anon 0
[  643.730541][T29689] total_active_anon 0
[  643.734538][T29689] total_inactive_file 0
[  643.738729][T29689] total_active_file 0
[  643.742706][T29689] total_unevictable 0
[  643.746742][T29689] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.8542,pid=29689,uid=0
[  643.761562][T29689] Memory cgroup out of memory: Killed process 29689 (syz.7.8542) total-vm:93968kB, anon-rss:1264kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  643.925731][T29729] loop0: detected capacity change from 0 to 128
[  643.937175][   T29] kauditd_printk_skb: 1513 callbacks suppressed
[  643.937221][   T29] audit: type=1326 audit(1763943094.161:47641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  643.967447][   T29] audit: type=1326 audit(1763943094.161:47642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  643.991152][   T29] audit: type=1326 audit(1763943094.161:47643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  644.014931][   T29] audit: type=1326 audit(1763943094.161:47644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  644.038650][   T29] audit: type=1326 audit(1763943094.161:47645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  644.062289][   T29] audit: type=1326 audit(1763943094.161:47646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  644.086005][   T29] audit: type=1326 audit(1763943094.161:47647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  644.109583][   T29] audit: type=1326 audit(1763943094.161:47648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  644.133152][   T29] audit: type=1326 audit(1763943094.161:47649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  644.204531][   T29] audit: type=1326 audit(1763943094.191:47650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29728 comm="syz.0.8555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  644.332240][T29736] loop9: detected capacity change from 0 to 512
[  644.358007][T29736] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  644.366880][T29736] EXT4-fs (loop9): orphan cleanup on readonly fs
[  644.374430][T29736] EXT4-fs error (device loop9): ext4_do_update_inode:5632: inode #16: comm syz.9.8557: corrupted inode contents
[  644.386830][T29736] EXT4-fs (loop9): Remounting filesystem read-only
[  644.393770][T29736] EXT4-fs (loop9): 1 truncate cleaned up
[  644.399637][T23076] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  644.410214][T23076] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  644.421967][T23076] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  644.508657][T29749] FAULT_INJECTION: forcing a failure.
[  644.508657][T29749] name failslab, interval 1, probability 0, space 0, times 0
[  644.516451][T29751] loop7: detected capacity change from 0 to 512
[  644.521344][T29749] CPU: 1 UID: 0 PID: 29749 Comm: syz.0.8560 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  644.521459][T29749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  644.521477][T29749] Call Trace:
[  644.521487][T29749]  <TASK>
[  644.521499][T29749]  __dump_stack+0x1d/0x30
[  644.521530][T29749]  dump_stack_lvl+0xe8/0x140
[  644.521558][T29749]  dump_stack+0x15/0x1b
[  644.521639][T29749]  should_fail_ex+0x265/0x280
[  644.521726][T29749]  ? __pfx_sock_alloc_inode+0x10/0x10
[  644.521816][T29749]  should_failslab+0x8c/0xb0
[  644.521867][T29749]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  644.521907][T29749]  ? sock_alloc_inode+0x34/0xa0
[  644.521941][T29749]  ? __pfx_sock_alloc_inode+0x10/0x10
[  644.521985][T29749]  sock_alloc_inode+0x34/0xa0
[  644.522082][T29749]  alloc_inode+0x40/0x170
[  644.522116][T29749]  do_accept+0xa0/0x3a0
[  644.522153][T29749]  ? vfs_write+0x7e8/0x960
[  644.522240][T29749]  __sys_accept4+0xbf/0x140
[  644.522355][T29749]  __x64_sys_accept+0x42/0x50
[  644.522405][T29749]  x64_sys_call+0x212c/0x3000
[  644.522435][T29749]  do_syscall_64+0xd2/0x200
[  644.522461][T29749]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  644.522540][T29749]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  644.522583][T29749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  644.522618][T29749] RIP: 0033:0x7f73c4e6f749
[  644.522659][T29749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  644.522703][T29749] RSP: 002b:00007f73c38cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  644.522727][T29749] RAX: ffffffffffffffda RBX: 00007f73c50c5fa0 RCX: 00007f73c4e6f749
[  644.522762][T29749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  644.522792][T29749] RBP: 00007f73c38cf090 R08: 0000000000000000 R09: 0000000000000000
[  644.522810][T29749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  644.522826][T29749] R13: 00007f73c50c6038 R14: 00007f73c50c5fa0 R15: 00007fff08dbe4b8
[  644.522851][T29749]  </TASK>
[  644.657183][T29753] loop2: detected capacity change from 0 to 512
[  644.678872][T29751] EXT4-fs: Ignoring removed oldalloc option
[  644.725549][T29753] EXT4-fs: Ignoring removed oldalloc option
[  644.727205][T29751] EXT4-fs: Ignoring removed nomblk_io_submit option
[  644.733440][T29753] EXT4-fs: Ignoring removed nomblk_io_submit option
[  644.780868][T29753] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  644.825868][T29751] ext4 filesystem being mounted at /173/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  644.855885][T29757] __nla_validate_parse: 4 callbacks suppressed
[  644.855974][T29757] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8567'.
[  644.859391][T29753] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8565: bg 0: block 217: padding at end of block bitmap is not set
[  644.874755][T29751] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8564: bg 0: block 217: padding at end of block bitmap is not set
[  644.889884][T29753] EXT4-fs (loop2): Remounting filesystem read-only
[  644.902123][T29751] EXT4-fs (loop7): Remounting filesystem read-only
[  644.990902][T29777] loop7: detected capacity change from 0 to 128
[  645.037948][T29781] loop2: detected capacity change from 0 to 512
[  645.070973][T29781] EXT4-fs: Ignoring removed oldalloc option
[  645.077112][T29781] EXT4-fs: Ignoring removed nomblk_io_submit option
[  645.098357][T29781] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  645.155519][T29781] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8573: bg 0: block 217: padding at end of block bitmap is not set
[  645.190464][T29781] EXT4-fs (loop2): Remounting filesystem read-only
[  645.294794][T29773] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8571'.
[  645.317293][T29798] loop6: detected capacity change from 0 to 512
[  645.349883][T29798] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  645.362829][T29773] loop9: detected capacity change from 0 to 2048
[  645.365280][T29798] EXT4-fs (loop6): orphan cleanup on readonly fs
[  645.401986][T29798] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.8579: corrupted inode contents
[  645.415874][T29805] loop7: detected capacity change from 0 to 512
[  645.434644][T29798] EXT4-fs (loop6): Remounting filesystem read-only
[  645.448360][T29808] loop2: detected capacity change from 0 to 512
[  645.464953][T29798] EXT4-fs (loop6): 1 truncate cleaned up
[  645.470841][T23078] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  645.481415][T23078] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  645.502946][T29805] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8580: bg 0: block 248: padding at end of block bitmap is not set
[  645.514899][T23078] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  645.528946][T29805] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.8580: Failed to acquire dquot type 1
[  645.545399][T29805] EXT4-fs (loop7): 1 truncate cleaned up
[  645.551527][T29805] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  645.573123][T29808] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8582: bg 0: block 248: padding at end of block bitmap is not set
[  645.605238][T29808] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.8582: Failed to acquire dquot type 1
[  645.623945][T29814] loop0: detected capacity change from 0 to 128
[  645.658087][T29808] EXT4-fs (loop2): 1 truncate cleaned up
[  645.672893][T29808] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  645.701018][T29808] netlink: 'syz.2.8582': attribute type 1 has an invalid length.
[  645.708885][T29808] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8582'.
[  645.816126][T29816] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8584'.
[  645.837413][T29816] loop6: detected capacity change from 0 to 2048
[  646.010057][T29830] usb usb8: usbfs: process 29830 (syz.0.8587) did not claim interface 0 before use
[  646.029069][T29832] loop2: detected capacity change from 0 to 512
[  646.052896][T29829] bridge0: port 1(bridge_slave_0) entered disabled state
[  646.062403][T29832] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  646.064504][T29829] bridge0: port 2(bridge_slave_1) entered disabled state
[  646.083410][T29832] EXT4-fs (loop2): 1 truncate cleaned up
[  646.126529][T29835] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8589'.
[  646.227673][T29838] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8592'.
[  646.230247][T29839] loop9: detected capacity change from 0 to 128
[  646.249925][T29841] loop6: detected capacity change from 0 to 512
[  646.285070][T29841] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  646.293079][T29841] EXT4-fs (loop6): orphan cleanup on readonly fs
[  646.304011][T29841] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  646.321528][T29841] EXT4-fs (loop6): Remounting filesystem read-only
[  646.328216][T29841] EXT4-fs (loop6): 1 truncate cleaned up
[  646.334045][T23074] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  646.344741][T23074] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  646.355581][T23074] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  646.416544][T29856] loop0: detected capacity change from 0 to 512
[  646.448060][T29861] loop2: detected capacity change from 0 to 512
[  646.492531][T29861] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  646.505754][T29856] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8597: bg 0: block 248: padding at end of block bitmap is not set
[  646.523952][T29861] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 1024: comm syz.2.8595: invalid block
[  646.545098][T29856] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.8597: Failed to acquire dquot type 1
[  646.605847][T29867] loop6: detected capacity change from 0 to 512
[  646.677528][T29861] EXT4-fs (loop2): Remounting filesystem read-only
[  646.684975][T29856] EXT4-fs (loop0): 1 truncate cleaned up
[  646.695604][T29867] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  646.703588][T29867] EXT4-fs (loop6): orphan cleanup on readonly fs
[  646.711318][T29867] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.8596: corrupted inode contents
[  646.724525][T29867] EXT4-fs (loop6): Remounting filesystem read-only
[  646.731198][T29867] EXT4-fs (loop6): 1 truncate cleaned up
[  646.737416][T29861] EXT4-fs (loop2): 1 truncate cleaned up
[  646.747784][T29856] ext4 filesystem being mounted at /349/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  646.778757][T29874] FAULT_INJECTION: forcing a failure.
[  646.778757][T29874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  646.791917][T29874] CPU: 1 UID: 0 PID: 29874 Comm: syz.7.8600 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  646.791971][T29874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  646.791987][T29874] Call Trace:
[  646.791995][T29874]  <TASK>
[  646.792063][T29874]  __dump_stack+0x1d/0x30
[  646.792108][T29874]  dump_stack_lvl+0xe8/0x140
[  646.792128][T29874]  dump_stack+0x15/0x1b
[  646.792144][T29874]  should_fail_ex+0x265/0x280
[  646.792176][T29874]  should_fail+0xb/0x20
[  646.792195][T29874]  should_fail_usercopy+0x1a/0x20
[  646.792255][T29874]  _copy_from_user+0x1c/0xb0
[  646.792309][T29874]  ___sys_sendmsg+0xc1/0x1d0
[  646.792341][T29874]  __x64_sys_sendmsg+0xd4/0x160
[  646.792383][T29874]  x64_sys_call+0x191e/0x3000
[  646.792461][T29874]  do_syscall_64+0xd2/0x200
[  646.792484][T29874]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  646.792512][T29874]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  646.792586][T29874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.792613][T29874] RIP: 0033:0x7f3f7d4ef749
[  646.792627][T29874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  646.792645][T29874] RSP: 002b:00007f3f7bf57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  646.792665][T29874] RAX: ffffffffffffffda RBX: 00007f3f7d745fa0 RCX: 00007f3f7d4ef749
[  646.792680][T29874] RDX: 0000000000004080 RSI: 0000200000000180 RDI: 0000000000000003
[  646.792790][T29874] RBP: 00007f3f7bf57090 R08: 0000000000000000 R09: 0000000000000000
[  646.792806][T29874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  646.792820][T29874] R13: 00007f3f7d746038 R14: 00007f3f7d745fa0 R15: 00007ffea2a27f28
[  646.792842][T29874]  </TASK>
[  646.981484][T29856] netlink: 'syz.0.8597': attribute type 1 has an invalid length.
[  646.989330][T29856] netlink: 224 bytes leftover after parsing attributes in process `syz.0.8597'.
[  647.010611][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  647.021233][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  647.036213][T23076] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  647.054439][T29866] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8598'.
[  647.090434][T29866] loop9: detected capacity change from 0 to 2048
[  647.192020][T29889] loop2: detected capacity change from 0 to 512
[  647.206191][T29889] EXT4-fs: Ignoring removed oldalloc option
[  647.212185][T29889] EXT4-fs: Ignoring removed nomblk_io_submit option
[  647.298933][T29897] loop0: detected capacity change from 0 to 128
[  647.307067][T29889] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  647.343778][T29898] loop6: detected capacity change from 0 to 512
[  647.369874][T29898] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  647.377954][T29898] EXT4-fs (loop6): orphan cleanup on readonly fs
[  647.386560][T29898] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  647.394616][T29881] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8602'.
[  647.398315][T29889] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8605: bg 0: block 217: padding at end of block bitmap is not set
[  647.421249][T29898] EXT4-fs (loop6): Remounting filesystem read-only
[  647.421318][T29881] loop7: detected capacity change from 0 to 2048
[  647.428018][T29898] EXT4-fs (loop6): 1 truncate cleaned up
[  647.442797][T13260] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  647.453381][T13260] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  647.456657][T29889] EXT4-fs (loop2): Remounting filesystem read-only
[  647.464034][T13260] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  647.566572][T29909] loop2: detected capacity change from 0 to 512
[  647.659329][T29909] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8609: bg 0: block 248: padding at end of block bitmap is not set
[  647.710320][T29915] syzkaller0: entered promiscuous mode
[  647.715974][T29915] syzkaller0: entered allmulticast mode
[  647.717691][T29909] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.8609: Failed to acquire dquot type 1
[  647.753950][T29919] loop0: detected capacity change from 0 to 128
[  647.767871][T29921] netlink: 108 bytes leftover after parsing attributes in process `syz.6.8614'.
[  647.773714][T29909] EXT4-fs (loop2): 1 truncate cleaned up
[  647.783772][T29909] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  647.847316][T29909] netlink: 'syz.2.8609': attribute type 1 has an invalid length.
[  647.967841][T29932] loop9: detected capacity change from 0 to 512
[  648.010013][T29932] EXT4-fs: Ignoring removed oldalloc option
[  648.016117][T29932] EXT4-fs: Ignoring removed nomblk_io_submit option
[  648.077254][T29937] loop7: detected capacity change from 0 to 512
[  648.106877][T29925] loop6: detected capacity change from 0 to 2048
[  648.133047][T29937] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  648.141165][T29937] EXT4-fs (loop7): orphan cleanup on readonly fs
[  648.149218][T29937] EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #16: comm syz.7.8617: corrupted inode contents
[  648.161958][T29937] EXT4-fs (loop7): Remounting filesystem read-only
[  648.168649][T29937] EXT4-fs (loop7): 1 truncate cleaned up
[  648.174394][T23074] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  648.184979][T23074] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  648.244797][T23074] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  648.306977][T29932] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  648.326274][T29932] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8618: bg 0: block 217: padding at end of block bitmap is not set
[  648.349218][T29946] loop0: detected capacity change from 0 to 512
[  648.377051][T29946] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8620: bg 0: block 248: padding at end of block bitmap is not set
[  648.406366][T29932] EXT4-fs (loop9): Remounting filesystem read-only
[  648.424763][T29946] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.8620: Failed to acquire dquot type 1
[  648.467213][T29946] EXT4-fs (loop0): 1 truncate cleaned up
[  648.480176][T29946] ext4 filesystem being mounted at /357/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  648.545182][T29953] loop2: detected capacity change from 0 to 512
[  648.578019][T29953] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  648.595324][T29953] EXT4-fs (loop2): orphan cleanup on readonly fs
[  648.626789][T29953] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.8621: corrupted inode contents
[  648.639273][T29959] syzkaller0: entered promiscuous mode
[  648.644822][T29959] syzkaller0: entered allmulticast mode
[  648.657514][T29953] EXT4-fs (loop2): Remounting filesystem read-only
[  648.664623][T29953] EXT4-fs (loop2): 1 truncate cleaned up
[  648.670506][T23074] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  648.681228][T23074] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  648.692202][T23074] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  648.831857][T29963] syzkaller0: entered promiscuous mode
[  648.837448][T29963] syzkaller0: entered allmulticast mode
[  648.848458][T29974] loop6: detected capacity change from 0 to 128
[  648.885315][T29970] loop0: detected capacity change from 0 to 512
[  648.917396][T29970] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8630: bg 0: block 248: padding at end of block bitmap is not set
[  648.932819][T29970] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.8630: Failed to acquire dquot type 1
[  648.945597][T29970] EXT4-fs (loop0): 1 truncate cleaned up
[  648.952101][T29970] ext4 filesystem being mounted at /360/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  648.966344][   T29] kauditd_printk_skb: 1243 callbacks suppressed
[  648.966357][   T29] audit: type=1326 audit(1763943099.191:48830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed337f749 code=0x7ffc0000
[  648.996651][   T29] audit: type=1326 audit(1763943099.191:48831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed337f749 code=0x7ffc0000
[  649.020359][   T29] audit: type=1326 audit(1763943099.191:48832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7efed337f783 code=0x7ffc0000
[  649.043995][   T29] audit: type=1326 audit(1763943099.191:48833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7efed337f807 code=0x7ffc0000
[  649.067573][   T29] audit: type=1326 audit(1763943099.191:48834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7efed3336bdd code=0x7ffc0000
[  649.091216][   T29] audit: type=1326 audit(1763943099.191:48835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7efed33b3e89 code=0x7ffc0000
[  649.114825][   T29] audit: type=1326 audit(1763943099.191:48836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7efed3336c47 code=0x7ffc0000
[  649.138391][   T29] audit: type=1326 audit(1763943099.191:48837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed337f749 code=0x7ffc0000
[  649.161964][   T29] audit: type=1326 audit(1763943099.191:48838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed337f749 code=0x7ffc0000
[  649.185575][   T29] audit: type=1326 audit(1763943099.191:48839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29972 comm="syz.6.8631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7efed3336357 code=0x7ffc0000
[  649.253618][T29983] loop0: detected capacity change from 0 to 512
[  649.264295][T29985] loop7: detected capacity change from 0 to 128
[  649.301605][T29983] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8633: bg 0: block 248: padding at end of block bitmap is not set
[  649.319591][T29983] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.8633: Failed to acquire dquot type 1
[  649.334195][T29983] EXT4-fs (loop0): 1 truncate cleaned up
[  649.341419][T29983] ext4 filesystem being mounted at /361/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  649.363412][T29993] loop2: detected capacity change from 0 to 512
[  649.370293][T29993] EXT4-fs: Ignoring removed oldalloc option
[  649.376392][T29993] EXT4-fs: Ignoring removed nomblk_io_submit option
[  649.387336][T29993] ext4 filesystem being mounted at /94/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  649.398922][T29993] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8636: bg 0: block 217: padding at end of block bitmap is not set
[  649.413827][T29993] EXT4-fs (loop2): Remounting filesystem read-only
[  649.482163][T29999] loop0: detected capacity change from 0 to 512
[  649.515856][T29999] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  649.530892][T30003] syzkaller0: entered promiscuous mode
[  649.534195][T29999] EXT4-fs (loop0): orphan cleanup on readonly fs
[  649.536467][T30003] syzkaller0: entered allmulticast mode
[  649.558577][T29999] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.8637: corrupted inode contents
[  649.583746][T29999] EXT4-fs (loop0): Remounting filesystem read-only
[  649.590639][T29999] EXT4-fs (loop0): 1 truncate cleaned up
[  649.596594][T13260] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  649.607427][T13260] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  649.636665][T13260] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  649.726724][T30023] loop0: detected capacity change from 0 to 512
[  649.745796][T30023] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  649.753934][T30023] EXT4-fs (loop0): orphan cleanup on readonly fs
[  649.761951][T30023] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm syz.0.8646: corrupted inode contents
[  649.774148][T30023] EXT4-fs (loop0): Remounting filesystem read-only
[  649.780781][T30023] EXT4-fs (loop0): 1 truncate cleaned up
[  649.786667][T23078] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  649.797244][T23078] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  649.808692][T23078] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  649.836966][T30035] loop6: detected capacity change from 0 to 1024
[  649.844953][T30035] ext4: Unknown parameter 'uid<00000000000000000000'
[  649.878907][T30037] loop0: detected capacity change from 0 to 128
[  649.926488][T30040] loop6: detected capacity change from 0 to 128
[  650.106563][T30047] loop0: detected capacity change from 0 to 512
[  650.119592][T30047] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  650.127931][T30047] EXT4-fs (loop0): orphan cleanup on readonly fs
[  650.137441][T30047] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  650.149285][T30047] EXT4-fs (loop0): Remounting filesystem read-only
[  650.156033][T30047] EXT4-fs (loop0): 1 truncate cleaned up
[  650.163876][T23078] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  650.174575][T23078] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  650.204653][T23078] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  650.227030][T30052] loop6: detected capacity change from 0 to 512
[  650.256268][T30052] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8653: bg 0: block 248: padding at end of block bitmap is not set
[  650.282387][T30052] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.8653: Failed to acquire dquot type 1
[  650.317241][T30052] EXT4-fs (loop6): 1 truncate cleaned up
[  650.328114][T30052] ext4 filesystem being mounted at /477/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  650.349542][T30052] netlink: 'syz.6.8653': attribute type 1 has an invalid length.
[  650.357482][T30052] __nla_validate_parse: 3 callbacks suppressed
[  650.357500][T30052] netlink: 224 bytes leftover after parsing attributes in process `syz.6.8653'.
[  650.426104][T30075] loop9: detected capacity change from 0 to 128
[  650.460564][T30077] loop7: detected capacity change from 0 to 128
[  650.611727][T30093] loop2: detected capacity change from 0 to 512
[  650.639708][T30093] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8668: bg 0: block 248: padding at end of block bitmap is not set
[  650.676544][T30096] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8669'.
[  650.705942][T30093] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.8668: Failed to acquire dquot type 1
[  650.746148][T30096] pimreg: entered allmulticast mode
[  650.766042][T30093] EXT4-fs (loop2): 1 truncate cleaned up
[  650.780843][T30093] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  650.796826][T30096] pimreg: left allmulticast mode
[  650.944506][T30104] loop7: detected capacity change from 0 to 2048
[  650.980351][T30106] loop2: detected capacity change from 0 to 2048
[  651.000943][T30110] syzkaller0: entered promiscuous mode
[  651.006530][T30110] syzkaller0: entered allmulticast mode
[  651.319371][T30129] loop2: detected capacity change from 0 to 128
[  651.507012][T30145] loop9: detected capacity change from 0 to 512
[  651.527690][T30145] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2
[  651.561976][T30145] EXT4-fs error (device loop9): ext4_get_branch:178: inode #13: block 1024: comm syz.9.8684: invalid block
[  651.576384][T30145] EXT4-fs (loop9): Remounting filesystem read-only
[  651.583086][T30145] EXT4-fs (loop9): 1 truncate cleaned up
[  651.587753][T30135] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8683'.
[  651.606305][T30135] loop7: detected capacity change from 0 to 2048
[  651.700394][T30156] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8686'.
[  651.879852][T30163] loop7: detected capacity change from 0 to 512
[  651.935122][T30163] EXT4-fs: Ignoring removed oldalloc option
[  651.941181][T30163] EXT4-fs: Ignoring removed nomblk_io_submit option
[  651.972637][T30163] ext4 filesystem being mounted at /198/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  651.986030][T30163] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8689: bg 0: block 217: padding at end of block bitmap is not set
[  652.031074][T30163] EXT4-fs (loop7): Remounting filesystem read-only
[  652.133830][T30177] FAULT_INJECTION: forcing a failure.
[  652.133830][T30177] name failslab, interval 1, probability 0, space 0, times 0
[  652.146636][T30177] CPU: 0 UID: 0 PID: 30177 Comm: syz.2.8691 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  652.146668][T30177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  652.146682][T30177] Call Trace:
[  652.146691][T30177]  <TASK>
[  652.146701][T30177]  __dump_stack+0x1d/0x30
[  652.146783][T30177]  dump_stack_lvl+0xe8/0x140
[  652.146809][T30177]  dump_stack+0x15/0x1b
[  652.146827][T30177]  should_fail_ex+0x265/0x280
[  652.146860][T30177]  ? __pfx_sock_alloc_inode+0x10/0x10
[  652.146940][T30177]  should_failslab+0x8c/0xb0
[  652.147032][T30177]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  652.147123][T30177]  ? sock_alloc_inode+0x34/0xa0
[  652.147151][T30177]  ? __pfx_sock_alloc_inode+0x10/0x10
[  652.147176][T30177]  sock_alloc_inode+0x34/0xa0
[  652.147196][T30177]  alloc_inode+0x40/0x170
[  652.147287][T30176] loop6: detected capacity change from 0 to 512
[  652.147297][T30177]  do_accept+0xa0/0x3a0
[  652.147322][T30177]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  652.147421][T30177]  __sys_accept4+0xbf/0x140
[  652.147461][T30177]  __x64_sys_accept4+0x51/0x60
[  652.147563][T30177]  x64_sys_call+0x2ee2/0x3000
[  652.147593][T30177]  do_syscall_64+0xd2/0x200
[  652.147621][T30177]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  652.147728][T30177]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  652.147772][T30177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.147827][T30177] RIP: 0033:0x7f64b7c6f749
[  652.147848][T30177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.147871][T30177] RSP: 002b:00007f64b66d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  652.147961][T30177] RAX: ffffffffffffffda RBX: 00007f64b7ec5fa0 RCX: 00007f64b7c6f749
[  652.147977][T30177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  652.147993][T30177] RBP: 00007f64b66d7090 R08: 0000000000000000 R09: 0000000000000000
[  652.148080][T30177] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  652.148096][T30177] R13: 00007f64b7ec6038 R14: 00007f64b7ec5fa0 R15: 00007ffed9c8ed88
[  652.148120][T30177]  </TASK>
[  652.328541][T30182] loop0: detected capacity change from 0 to 512
[  652.352984][T30176] EXT4-fs: Ignoring removed oldalloc option
[  652.367640][T30176] EXT4-fs: Ignoring removed nomblk_io_submit option
[  652.393718][T30185] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8697'.
[  652.407031][T30176] ext4 filesystem being mounted at /486/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  652.432954][T30182] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8696: bg 0: block 248: padding at end of block bitmap is not set
[  652.437679][T30176] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8694: bg 0: block 217: padding at end of block bitmap is not set
[  652.462194][T30176] EXT4-fs (loop6): Remounting filesystem read-only
[  652.471473][T30182] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.8696: Failed to acquire dquot type 1
[  652.493881][T30182] EXT4-fs (loop0): 1 truncate cleaned up
[  652.500361][T30182] ext4 filesystem being mounted at /371/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  652.748381][T30198] loop2: detected capacity change from 0 to 2048
[  653.144434][T30199] syz.9.8701 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  653.158769][T30199] CPU: 1 UID: 0 PID: 30199 Comm: syz.9.8701 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  653.158797][T30199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  653.158813][T30199] Call Trace:
[  653.158822][T30199]  <TASK>
[  653.158886][T30199]  __dump_stack+0x1d/0x30
[  653.158922][T30199]  dump_stack_lvl+0xe8/0x140
[  653.158993][T30199]  dump_stack+0x15/0x1b
[  653.159010][T30199]  dump_header+0x81/0x220
[  653.159095][T30199]  oom_kill_process+0x342/0x400
[  653.159187][T30199]  out_of_memory+0x979/0xb80
[  653.159307][T30199]  try_charge_memcg+0x610/0xa10
[  653.159347][T30199]  obj_cgroup_charge_pages+0xa6/0x150
[  653.159372][T30199]  __memcg_kmem_charge_page+0x9f/0x170
[  653.159467][T30199]  __alloc_frozen_pages_noprof+0x188/0x360
[  653.159554][T30199]  alloc_pages_mpol+0xb3/0x260
[  653.159580][T30199]  alloc_pages_noprof+0x90/0x130
[  653.159605][T30199]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  653.159658][T30199]  __kvmalloc_node_noprof+0x483/0x670
[  653.159735][T30199]  ? ip_set_alloc+0x24/0x30
[  653.159771][T30199]  ? ip_set_alloc+0x24/0x30
[  653.159809][T30199]  ip_set_alloc+0x24/0x30
[  653.159954][T30199]  hash_netiface_create+0x282/0x740
[  653.159999][T30199]  ? __pfx_hash_netiface_create+0x10/0x10
[  653.160042][T30199]  ip_set_create+0x3cc/0x970
[  653.160097][T30199]  ? __nla_parse+0x40/0x60
[  653.160152][T30199]  nfnetlink_rcv_msg+0x4c6/0x590
[  653.160213][T30199]  netlink_rcv_skb+0x123/0x220
[  653.160253][T30199]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  653.160309][T30199]  nfnetlink_rcv+0x167/0x16c0
[  653.160344][T30199]  ? insn_get_prefixes+0xa72/0xca0
[  653.160362][T30199]  ? do_sync_core+0x39/0x60
[  653.160421][T30199]  ? trace_event_reg+0xdc/0x170
[  653.160454][T30199]  ? perf_trace_add+0x176/0x1a0
[  653.160476][T30199]  ? event_sched_in+0x675/0x750
[  653.160513][T30199]  ? visit_groups_merge+0xf7e/0xfd0
[  653.160588][T30199]  ? should_fail_ex+0x30/0x280
[  653.160681][T30199]  ? selinux_nlmsg_lookup+0x99/0x890
[  653.160751][T30199]  ? __rcu_read_unlock+0x34/0x70
[  653.160785][T30199]  ? __netlink_lookup+0x266/0x2a0
[  653.160813][T30199]  netlink_unicast+0x5c0/0x690
[  653.160924][T30199]  netlink_sendmsg+0x58b/0x6b0
[  653.161018][T30199]  ? __pfx_netlink_sendmsg+0x10/0x10
[  653.161038][T30199]  __sock_sendmsg+0x145/0x180
[  653.161122][T30199]  ____sys_sendmsg+0x31e/0x4e0
[  653.161155][T30199]  ___sys_sendmsg+0x17b/0x1d0
[  653.161225][T30199]  __x64_sys_sendmsg+0xd4/0x160
[  653.161249][T30199]  x64_sys_call+0x191e/0x3000
[  653.161273][T30199]  do_syscall_64+0xd2/0x200
[  653.161350][T30199]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  653.161442][T30199]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  653.161484][T30199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.161504][T30199] RIP: 0033:0x7f4c1381f749
[  653.161588][T30199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  653.161627][T30199] RSP: 002b:00007f4c12266038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  653.161651][T30199] RAX: ffffffffffffffda RBX: 00007f4c13a76090 RCX: 00007f4c1381f749
[  653.161667][T30199] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  653.161754][T30199] RBP: 00007f4c138a3f91 R08: 0000000000000000 R09: 0000000000000000
[  653.161770][T30199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  653.161781][T30199] R13: 00007f4c13a76128 R14: 00007f4c13a76090 R15: 00007ffeca496c98
[  653.161802][T30199]  </TASK>
[  653.161836][T30199] memory: usage 307200kB, limit 307200kB, failcnt 555
[  653.244269][T30215] loop6: detected capacity change from 0 to 512
[  653.246542][T30199] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[  653.246560][T30199] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  653.246575][T30199] Memory cgroup stats for 
[  653.295902][T30215] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  653.296474][T30199] /syz9
[  653.312600][T30215] EXT4-fs (loop6): orphan cleanup on readonly fs
[  653.316488][T30199] :
[  653.321757][T30199] cache 0
[  653.362066][T30215] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.8704: corrupted inode contents
[  653.365710][T30199] rss 0
[  653.365721][T30199] shmem 0
[  653.365730][T30199] mapped_file 0
[  653.365739][T30199] dirty 0
[  653.383261][T30215] EXT4-fs (loop6): Remounting filesystem read-only
[  653.385315][T30199] writeback 0
[  653.385326][T30199] workingset_refault_anon 217
[  653.385337][T30199] workingset_refault_file 0
[  653.395100][T30215] EXT4-fs (loop6): 1 truncate cleaned up
[  653.399579][T30199] swap 200704
[  653.399590][T30199] swapcached 4096
[  653.399599][T30199] pgpgin 319277
[  653.405344][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  653.410182][T30199] pgpgout 319276
[  653.410191][T30199] pgfault 363118
[  653.415965][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  653.421822][T30199] pgmajfault 126
[  653.477638][T23076] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  653.478622][T30199] inactive_anon 0
[  653.604017][T30222] loop0: detected capacity change from 0 to 512
[  653.606574][T30199] active_anon 4096
[  653.606586][T30199] inactive_file 0
[  653.606595][T30199] active_file 0
[  653.606603][T30199] unevictable 0
[  653.606612][T30199] hierarchical_memory_limit 314572800
[  653.635219][T30222] EXT4-fs: Ignoring removed oldalloc option
[  653.641991][T30199] hierarchical_memsw_limit 9223372036854771712
[  653.645558][T30222] EXT4-fs: Ignoring removed nomblk_io_submit option
[  653.655661][T30199] total_cache 0
[  653.660242][T30213] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8707'.
[  653.665533][T30199] total_rss 0
[  653.690232][T30213] loop7: detected capacity change from 0 to 2048
[  653.691229][T30199] total_shmem 0
[  653.691240][T30199] total_mapped_file 0
[  653.691249][T30199] total_dirty 0
[  653.691255][T30199] total_writeback 0
[  653.691263][T30199] total_workingset_refault_anon 217
[  653.716637][T30222] ext4 filesystem being mounted at /374/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  653.719778][T30199] total_workingset_refault_file 0
[  653.719791][T30199] total_swap 200704
[  653.719801][T30199] total_swapcached 4096
[  653.719810][T30199] total_pgpgin 319277
[  653.738827][T30222] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8711: bg 0: block 217: padding at end of block bitmap is not set
[  653.741000][T30199] total_pgpgout 319276
[  653.746818][T30222] EXT4-fs (loop0): Remounting filesystem read-only
[  653.756637][T30199] total_pgfault 363118
[  653.756649][T30199] total_pgmajfault 126
[  653.756664][T30199] total_inactive_anon 0
[  653.756672][T30199] total_active_anon 4096
[  653.756681][T30199] total_inactive_file 0
[  653.756689][T30199] total_active_file 0
[  653.756698][T30199] total_unevictable 0
[  653.756708][T30199] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz9,task_memcg=/syz9,task=syz.9.8701,pid=30194,uid=0
[  653.842468][T30199] Memory cgroup out of memory: Killed process 30194 (syz.9.8701) total-vm:93968kB, anon-rss:1136kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  653.879922][T30228] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8708'.
[  653.903832][T30230] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8712'.
[  653.937063][T30232] loop6: detected capacity change from 0 to 512
[  653.980134][   T29] kauditd_printk_skb: 1504 callbacks suppressed
[  653.980136][T30234] SELinux:  policydb version 586747130 does not match my version range 15-35
[  653.980152][   T29] audit: type=1400 audit(1763943104.201:50304): avc:  denied  { load_policy } for  pid=30233 comm="syz.2.8713" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  653.995105][T30234] SELinux: failed to load policy
[  654.037374][T30232] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  654.071962][T30232] EXT4-fs (loop6): orphan cleanup on readonly fs
[  654.091039][   T29] audit: type=1326 audit(1763943104.301:50305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30237 comm="syz.0.8714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  654.114754][   T29] audit: type=1326 audit(1763943104.301:50306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30237 comm="syz.0.8714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  654.138368][   T29] audit: type=1326 audit(1763943104.301:50307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30237 comm="syz.0.8714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c4e6f749 code=0x7ffc0000
[  654.165734][T30240] loop2: detected capacity change from 0 to 512
[  654.203298][T30232] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm syz.6.8710: corrupted inode contents
[  654.219225][T30244] loop9: detected capacity change from 0 to 128
[  654.222182][T30232] EXT4-fs (loop6): Remounting filesystem read-only
[  654.230877][   T29] audit: type=1326 audit(1763943104.451:50308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30243 comm="syz.9.8718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c1381f749 code=0x7ffc0000
[  654.245229][T30232] EXT4-fs (loop6): 1 truncate cleaned up
[  654.264986][   T29] audit: type=1326 audit(1763943104.481:50309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30243 comm="syz.9.8718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c1381f749 code=0x7ffc0000
[  654.265074][   T29] audit: type=1326 audit(1763943104.481:50310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30243 comm="syz.9.8718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c1381f749 code=0x7ffc0000
[  654.265103][   T29] audit: type=1326 audit(1763943104.481:50311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30243 comm="syz.9.8718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c1381f749 code=0x7ffc0000
[  654.265136][   T29] audit: type=1326 audit(1763943104.481:50312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30243 comm="syz.9.8718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c1381f749 code=0x7ffc0000
[  654.265170][   T29] audit: type=1326 audit(1763943104.481:50313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30243 comm="syz.9.8718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c1381f749 code=0x7ffc0000
[  654.272230][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  654.290111][T30240] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  654.312876][T23076] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  654.336598][T30240] EXT4-fs (loop2): orphan cleanup on readonly fs
[  654.366689][T23076] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  654.385811][T30240] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.8715: corrupted inode contents
[  654.441442][T30240] EXT4-fs (loop2): Remounting filesystem read-only
[  654.448304][T30240] EXT4-fs (loop2): 1 truncate cleaned up
[  654.448430][T13260] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  654.448453][T13260] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  654.448474][T13260] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  654.571049][T30264] loop6: detected capacity change from 0 to 512
[  654.588847][T30264] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  654.624255][T30264] EXT4-fs (loop6): 1 truncate cleaned up
[  654.638338][T30266] loop9: detected capacity change from 0 to 512
[  654.718436][T30266] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  654.729855][T30266] EXT4-fs (loop9): orphan cleanup on readonly fs
[  654.743147][T30266] EXT4-fs warning (device loop9): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  654.759732][T30266] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  654.770244][T30272] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8725'.
[  654.779985][T30266] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8722: bg 0: block 40: padding at end of block bitmap is not set
[  654.798352][T30266] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  654.807700][T30266] EXT4-fs (loop9): 1 truncate cleaned up
[  654.887874][T30275] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8726'.
[  654.896974][T30268] loop2: detected capacity change from 0 to 2048
[  654.936935][T30275] syzkaller0: entered promiscuous mode
[  654.942483][T30275] syzkaller0: entered allmulticast mode
[  655.177206][T30277] loop9: detected capacity change from 0 to 2048
[  655.234285][T30286] loop0: detected capacity change from 0 to 128
[  655.313852][T30288] uprobe: syz.2.8730:30288 failed to unregister, leaking uprobe
[  655.381930][T30288] uprobe: syz.2.8730:30288 failed to unregister, leaking uprobe
[  655.465996][T30292] syzkaller0: entered promiscuous mode
[  655.471533][T30292] syzkaller0: entered allmulticast mode
[  655.486412][T30297] loop9: detected capacity change from 0 to 128
[  655.593236][T30305] loop2: detected capacity change from 0 to 512
[  655.606473][T30305] EXT4-fs: Ignoring removed oldalloc option
[  655.612448][T30305] EXT4-fs: Ignoring removed nomblk_io_submit option
[  655.656700][T30305] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  655.737232][T30305] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8735: bg 0: block 217: padding at end of block bitmap is not set
[  655.803616][T30305] EXT4-fs (loop2): Remounting filesystem read-only
[  655.826996][T30324] __nla_validate_parse: 1 callbacks suppressed
[  655.827019][T30324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8742'.
[  655.888534][T30324] autofs4:pid:30324:validate_dev_ioctl: path string terminator missing for cmd(0xc018937a)
[  656.022886][T30328] loop2: detected capacity change from 0 to 512
[  656.050295][T30328] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  656.059831][T30331] loop6: detected capacity change from 0 to 2048
[  656.067242][T30328] EXT4-fs (loop2): orphan cleanup on readonly fs
[  656.100299][T30328] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  656.143440][T30328] EXT4-fs (loop2): Remounting filesystem read-only
[  656.182262][T30328] EXT4-fs (loop2): 1 truncate cleaned up
[  656.188552][T23074] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  656.199115][T23074] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  656.212650][T30337] loop6: detected capacity change from 0 to 512
[  656.228828][T23074] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  656.258167][T30337] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  656.303061][T30337] EXT4-fs (loop6): orphan cleanup on readonly fs
[  656.331326][T30337] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  656.354464][T30337] EXT4-fs (loop6): Remounting filesystem read-only
[  656.364208][T30344] loop2: detected capacity change from 0 to 512
[  656.371894][T30345] netlink: 16 bytes leftover after parsing attributes in process `syz.9.8747'.
[  656.381088][T30337] EXT4-fs (loop6): 1 truncate cleaned up
[  656.387113][T23063] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  656.397804][T23063] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  656.409293][T23063] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  656.467895][T30344] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8748: bg 0: block 248: padding at end of block bitmap is not set
[  656.503916][T30357] FAULT_INJECTION: forcing a failure.
[  656.503916][T30357] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  656.504310][T30344] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.8748: Failed to acquire dquot type 1
[  656.517223][T30357] CPU: 0 UID: 0 PID: 30357 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  656.517254][T30357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  656.517270][T30357] Call Trace:
[  656.517278][T30357]  <TASK>
[  656.517290][T30357]  __dump_stack+0x1d/0x30
[  656.517323][T30357]  dump_stack_lvl+0xe8/0x140
[  656.517418][T30357]  dump_stack+0x15/0x1b
[  656.517443][T30357]  should_fail_ex+0x265/0x280
[  656.517491][T30357]  should_fail+0xb/0x20
[  656.517583][T30357]  should_fail_usercopy+0x1a/0x20
[  656.517613][T30357]  _copy_from_user+0x1c/0xb0
[  656.517649][T30357]  copy_from_sockptr+0x48/0x70
[  656.517684][T30357]  ip_mroute_setsockopt+0x5cd/0x960
[  656.517800][T30357]  do_ip_setsockopt+0xcea/0x2240
[  656.517898][T30357]  ip_setsockopt+0x58/0x110
[  656.517957][T30357]  raw_setsockopt+0xbd/0x150
[  656.517990][T30357]  sock_common_setsockopt+0x69/0x80
[  656.518097][T30357]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  656.518186][T30357]  __sys_setsockopt+0x184/0x200
[  656.518233][T30357]  __x64_sys_setsockopt+0x64/0x80
[  656.518279][T30357]  x64_sys_call+0x20ec/0x3000
[  656.518322][T30357]  do_syscall_64+0xd2/0x200
[  656.518351][T30357]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  656.518455][T30357]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  656.518540][T30357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.518571][T30357] RIP: 0033:0x7efed337f749
[  656.518669][T30357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  656.518696][T30357] RSP: 002b:00007efed1de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  656.518723][T30357] RAX: ffffffffffffffda RBX: 00007efed35d5fa0 RCX: 00007efed337f749
[  656.518743][T30357] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000003
[  656.518761][T30357] RBP: 00007efed1de7090 R08: 000000000000003c R09: 0000000000000000
[  656.518779][T30357] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  656.518798][T30357] R13: 00007efed35d6038 R14: 00007efed35d5fa0 R15: 00007ffe887ec8c8
[  656.518825][T30357]  </TASK>
[  656.747710][T30344] EXT4-fs (loop2): 1 truncate cleaned up
[  656.753894][T30344] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  656.803539][T30344] netlink: 'syz.2.8748': attribute type 1 has an invalid length.
[  656.811398][T30344] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8748'.
[  656.936746][T30369] loop0: detected capacity change from 0 to 512
[  656.990309][T30369] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8756: bg 0: block 248: padding at end of block bitmap is not set
[  657.048283][T30369] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.8756: Failed to acquire dquot type 1
[  657.052662][T30380] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8761'.
[  657.081437][T30369] EXT4-fs (loop0): 1 truncate cleaned up
[  657.094447][T30369] ext4 filesystem being mounted at /383/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  657.226493][T30389] loop0: detected capacity change from 0 to 128
[  657.316574][T30394] loop7: detected capacity change from 0 to 512
[  657.366778][T30394] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  657.409279][T30394] EXT4-fs (loop7): orphan cleanup on readonly fs
[  657.428387][T30394] EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  657.440679][T30394] EXT4-fs (loop7): Remounting filesystem read-only
[  657.449223][T30394] EXT4-fs (loop7): 1 truncate cleaned up
[  657.455328][T23063] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  657.465989][T23063] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  657.516361][T23063] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  657.701085][T30418] loop9: detected capacity change from 0 to 2048
[  657.738071][T30422] loop7: detected capacity change from 0 to 512
[  657.745327][T30422] EXT4-fs: Ignoring removed oldalloc option
[  657.751298][T30422] EXT4-fs: Ignoring removed nomblk_io_submit option
[  657.799896][T30422] ext4 filesystem being mounted at /213/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  657.816649][T30422] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8778: bg 0: block 217: padding at end of block bitmap is not set
[  657.831439][T30422] EXT4-fs (loop7): Remounting filesystem read-only
[  657.882078][T30428] loop7: detected capacity change from 0 to 512
[  657.922009][T30428] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8779: bg 0: block 248: padding at end of block bitmap is not set
[  657.945505][T30420] loop2: detected capacity change from 0 to 2048
[  657.967864][T30433] loop9: detected capacity change from 0 to 512
[  657.996359][T30433] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  658.004510][T30433] EXT4-fs (loop9): orphan cleanup on readonly fs
[  658.005978][T30428] EXT4-fs error (device loop7): ext4_acquire_dquot:6945: comm syz.7.8779: Failed to acquire dquot type 1
[  658.026828][T30433] EXT4-fs error (device loop9): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[  658.038607][T30433] EXT4-fs (loop9): Remounting filesystem read-only
[  658.045263][T30433] EXT4-fs (loop9): 1 truncate cleaned up
[  658.055005][T13260] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  658.065645][T13260] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  658.089757][T30428] EXT4-fs (loop7): 1 truncate cleaned up
[  658.099867][T13260] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  658.110774][T30433] EXT4-fs mount: 163 callbacks suppressed
[  658.110792][T30433] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  658.128651][T30428] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.129612][T30433] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.189878][T30428] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  658.228390][T30444] netlink: 108 bytes leftover after parsing attributes in process `syz.0.8783'.
[  658.272127][T26793] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.366842][T30447] loop0: detected capacity change from 0 to 512
[  658.411696][T30447] EXT4-fs: Ignoring removed oldalloc option
[  658.417710][T30447] EXT4-fs: Ignoring removed nomblk_io_submit option
[  658.439669][T28073] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.486920][T30447] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.514910][T30447] ext4 filesystem being mounted at /387/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  658.598054][T30462] loop6: detected capacity change from 0 to 512
[  658.605233][T30447] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8785: bg 0: block 217: padding at end of block bitmap is not set
[  658.691746][T30447] EXT4-fs (loop0): Remounting filesystem read-only
[  658.703302][T30464] loop2: detected capacity change from 0 to 128
[  658.711001][T30462] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8790: bg 0: block 248: padding at end of block bitmap is not set
[  658.744870][T30462] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.8790: Failed to acquire dquot type 1
[  658.756767][T30462] EXT4-fs (loop6): 1 truncate cleaned up
[  658.756822][T23730] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.762831][T30462] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.784411][T30462] ext4 filesystem being mounted at /506/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  658.898468][T30449] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8784'.
[  658.911217][T30462] netlink: 'syz.6.8790': attribute type 1 has an invalid length.
[  658.919268][T30462] netlink: 224 bytes leftover after parsing attributes in process `syz.6.8790'.
[  658.928667][T30449] loop7: detected capacity change from 0 to 2048
[  658.984905][   T29] kauditd_printk_skb: 1250 callbacks suppressed
[  658.984938][   T29] audit: type=1326 audit(1763943109.211:51513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.017276][T30449] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  659.026738][   T29] audit: type=1326 audit(1763943109.241:51514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.053289][   T29] audit: type=1326 audit(1763943109.241:51515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.081613][   T29] audit: type=1326 audit(1763943109.251:51516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.105266][   T29] audit: type=1326 audit(1763943109.251:51517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.128883][   T29] audit: type=1326 audit(1763943109.301:51518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.153703][   T29] audit: type=1326 audit(1763943109.301:51519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.177425][   T29] audit: type=1326 audit(1763943109.311:51520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.201123][   T29] audit: type=1326 audit(1763943109.331:51521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.224720][   T29] audit: type=1326 audit(1763943109.331:51522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30463 comm="syz.2.8791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f64b7ca2005 code=0x7ffc0000
[  659.277153][T22266] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.294441][T30484] loop9: detected capacity change from 0 to 2048
[  659.332703][T30484] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  659.358578][T30449] ==================================================================
[  659.368192][T30449] BUG: KCSAN: data-race in xas_clear_mark / xas_find_marked
[  659.375534][T30449] 
[  659.377862][T30449] read-write to 0xffff888107377d98 of 8 bytes by task 23063 on cpu 1:
[  659.386028][T30449]  xas_clear_mark+0x91/0x180
[  659.390630][T30449]  __folio_start_writeback+0x24a/0x390
[  659.396109][T30449]  ext4_bio_write_folio+0x5ad/0x9f0
[  659.401330][T30449]  ext4_do_writepages+0x13d9/0x2750
[  659.406540][T30449]  ext4_writepages+0x176/0x300
[  659.411326][T30449]  do_writepages+0x1c6/0x310
[  659.415927][T30449]  __writeback_single_inode+0x80/0x7c0
[  659.421399][T30449]  writeback_sb_inodes+0x48f/0xa30
[  659.426524][T30449]  __writeback_inodes_wb+0x94/0x1a0
[  659.431730][T30449]  wb_writeback+0x266/0x5c0
[  659.436244][T30449]  wb_workfn+0x4c9/0x910
[  659.440515][T30449]  process_scheduled_works+0x4ce/0x9d0
[  659.445995][T30449]  worker_thread+0x582/0x770
[  659.450597][T30449]  kthread+0x489/0x510
[  659.454679][T30449]  ret_from_fork+0x122/0x1b0
[  659.459287][T30449]  ret_from_fork_asm+0x1a/0x30
[  659.464072][T30449] 
[  659.466399][T30449] read to 0xffff888107377d98 of 8 bytes by task 30449 on cpu 0:
[  659.474032][T30449]  xas_find_marked+0x218/0x620
[  659.478830][T30449]  find_get_entry+0x5d/0x380
[  659.483443][T30449]  filemap_get_folios_tag+0x13b/0x210
[  659.488838][T30449]  mpage_prepare_extent_to_map+0x320/0xc00
[  659.494657][T30449]  ext4_do_writepages+0x708/0x2750
[  659.499782][T30449]  ext4_writepages+0x176/0x300
[  659.504563][T30449]  do_writepages+0x1c6/0x310
[  659.509176][T30449]  file_write_and_wait_range+0x156/0x2c0
[  659.514841][T30449]  generic_buffers_fsync_noflush+0x45/0x120
[  659.520772][T30449]  ext4_sync_file+0x1ab/0x690
[  659.525457][T30449]  vfs_fsync_range+0x10d/0x130
[  659.530243][T30449]  ext4_buffered_write_iter+0x34f/0x3c0
[  659.535833][T30449]  ext4_file_write_iter+0xe27/0xf60
[  659.541048][T30449]  do_iter_readv_writev+0x4a1/0x540
[  659.546259][T30449]  vfs_writev+0x2df/0x8b0
[  659.550605][T30449]  __se_sys_pwritev2+0xfc/0x1c0
[  659.555468][T30449]  __x64_sys_pwritev2+0x67/0x80
[  659.560336][T30449]  x64_sys_call+0x2c59/0x3000
[  659.565028][T30449]  do_syscall_64+0xd2/0x200
[  659.569539][T30449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.575447][T30449] 
[  659.577778][T30449] value changed: 0xfffffffffffffc00 -> 0xfffffffffffc0000
[  659.584889][T30449] 
[  659.587228][T30449] Reported by Kernel Concurrency Sanitizer on:
[  659.593386][T30449] CPU: 0 UID: 0 PID: 30449 Comm: syz.7.8784 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  659.603206][T30449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  659.613271][T30449] ==================================================================
[  659.629852][T30484] batman_adv: batadv0: Removing interface: batadv_slave_0
[  659.716304][T28755] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  659.744539][T28755] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.788365][T26793] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  660.182641][T30486] syz.6.8797 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  660.193677][T30486] CPU: 1 UID: 0 PID: 30486 Comm: syz.6.8797 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  660.193706][T30486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  660.193719][T30486] Call Trace:
[  660.193727][T30486]  <TASK>
[  660.193737][T30486]  __dump_stack+0x1d/0x30
[  660.193820][T30486]  dump_stack_lvl+0xe8/0x140
[  660.193901][T30486]  dump_stack+0x15/0x1b
[  660.193956][T30486]  dump_header+0x81/0x220
[  660.193977][T30486]  oom_kill_process+0x342/0x400
[  660.194043][T30486]  out_of_memory+0x979/0xb80
[  660.194077][T30486]  try_charge_memcg+0x610/0xa10
[  660.194182][T30486]  charge_memcg+0x51/0xc0
[  660.194205][T30486]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  660.194240][T30486]  __read_swap_cache_async+0x17b/0x2d0
[  660.194276][T30486]  swap_cluster_readahead+0x262/0x3c0
[  660.194326][T30486]  swapin_readahead+0xde/0x800
[  660.194355][T30486]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  660.194446][T30486]  ? __rcu_read_unlock+0x34/0x70
[  660.194472][T30486]  ? __rcu_read_unlock+0x4f/0x70
[  660.194503][T30486]  ? swap_cache_get_folio+0x277/0x280
[  660.194566][T30486]  do_swap_page+0x2ae/0x2370
[  660.194642][T30486]  ? css_rstat_updated+0xb7/0x240
[  660.194674][T30486]  ? __pfx_default_wake_function+0x10/0x10
[  660.194712][T30486]  handle_mm_fault+0x9a5/0x2be0
[  660.194746][T30486]  ? vma_start_read+0x141/0x1f0
[  660.194883][T30486]  do_user_addr_fault+0x630/0x1080
[  660.194916][T30486]  exc_page_fault+0x62/0xa0
[  660.194986][T30486]  asm_exc_page_fault+0x26/0x30
[  660.195005][T30486] RIP: 0033:0x7efed325ef94
[  660.195023][T30486] Code: 82 b5 03 00 00 c6 44 24 1e 01 45 31 ff 45 31 f6 44 0f b6 e6 85 c0 0f 84 9e 00 00 00 44 89 f9 49 8b 50 40 4c 89 f0 49 03 14 ca <80> 3d 0d 8e 37 00 00 49 89 d6 48 89 d5 74 28 25 ff 0f 00 00 83 f0
[  660.195047][T30486] RSP: 002b:00007ffe887ec950 EFLAGS: 00010282
[  660.195074][T30486] RAX: ffffffff81914fd6 RBX: 00007efed4105720 RCX: 0000000000000009
[  660.195091][T30486] RDX: ffffffff819150c8 RSI: 0000000000000519 RDI: 0000000000000080
[  660.195107][T30486] RBP: ffffffff81914679 R08: 00007efed35d6038 R09: 00007efed35c2000
[  660.195123][T30486] R10: 00007efed2def008 R11: 0000000000000002 R12: 0000000000000002
[  660.195138][T30486] R13: 0000000000000000 R14: ffffffff81914fd6 R15: 0000000000000009
[  660.195151][T30486]  ? vfs_write+0x36/0x960
[  660.195198][T30486]  ? __kernel_write_iter+0x299/0x540
[  660.195302][T30486]  ? vfs_write+0x36/0x960
[  660.195333][T30486]  ? vfs_write+0x128/0x960
[  660.195410][T30486]  </TASK>
[  660.431104][T30486] memory: usage 307200kB, limit 307200kB, failcnt 4627
[  660.438075][T30486] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  660.446006][T30486] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  660.453314][T30486] Memory cgroup stats for /syz6:
[  660.453594][T30486] cache 0
[  660.461584][T30486] rss 4096
[  660.464603][T30486] shmem 0
[  660.467590][T30486] mapped_file 0
[  660.471047][T30486] dirty 0
[  660.474017][T30486] writeback 4096
[  660.477606][T30486] workingset_refault_anon 550
[  660.482326][T30486] workingset_refault_file 1877
[  660.487128][T30486] swap 196608
[  660.490430][T30486] swapcached 4096
[  660.494084][T30486] pgpgin 784935
[  660.497555][T30486] pgpgout 784934
[  660.501104][T30486] pgfault 877530
[  660.504641][T30486] pgmajfault 282
[  660.508219][T30486] inactive_anon 4096
[  660.512122][T30486] active_anon 0
[  660.515608][T30486] inactive_file 0
[  660.519270][T30486] active_file 0
[  660.522719][T30486] unevictable 0
[  660.526269][T30486] hierarchical_memory_limit 314572800
[  660.531690][T30486] hierarchical_memsw_limit 9223372036854771712
[  660.537959][T30486] total_cache 0
[  660.541416][T30486] total_rss 4096
[  660.545027][T30486] total_shmem 0
[  660.548600][T30486] total_mapped_file 0
[  660.552574][T30486] total_dirty 0
[  660.556059][T30486] total_writeback 4096
[  660.560156][T30486] total_workingset_refault_anon 550
[  660.565379][T30486] total_workingset_refault_file 1877
[  660.570669][T30486] total_swap 196608
[  660.574535][T30486] total_swapcached 4096
[  660.578744][T30486] total_pgpgin 784935
[  660.582768][T30486] total_pgpgout 784934
[  660.586903][T30486] total_pgfault 877530
[  660.590980][T30486] total_pgmajfault 282
[  660.595078][T30486] total_inactive_anon 4096
[  660.599501][T30486] total_active_anon 0
[  660.603552][T30486] total_inactive_file 0
[  660.607804][T30486] total_active_file 0
[  660.611797][T30486] total_unevictable 0
[  660.615876][T30486] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.8797,pid=30486,uid=0
[  660.630702][T30486] Memory cgroup out of memory: Killed process 30486 (syz.6.8797) total-vm:93968kB, anon-rss:1136kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000