last executing test programs:

3m23.231791286s ago: executing program 1 (id=2473):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300000003000085"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e1c, 0x74df82a9, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

3m23.125578358s ago: executing program 1 (id=2476):
syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000140)={[], [{@subj_type={'subj_type', 0x3d, '\x00'}}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r1, 0x8979)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2ac}}, 0x0)

3m22.931190511s ago: executing program 1 (id=2477):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @local}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)

3m22.843465372s ago: executing program 1 (id=2481):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000380), &(0x7f0000000300)=r1}, 0x20)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x8100)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000040)={0x4a, 0x2, 0x8, "6fb2198081258a78989709169265d101008ee613e8fb492db040ac04caa092211114561f9db0d23ef0c3fcff77dbafa0c8a75b78a9d625ce0003a9c678e300eeaf893fefda297a7afc48"})

3m22.410921488s ago: executing program 1 (id=2485):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
recvmmsg(r0, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x40000002, 0x0)

3m21.560957171s ago: executing program 1 (id=2487):
r0 = gettid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x6c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3f}, @NFTA_SET_EXPRESSIONS={0x28, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x20050800)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) (async)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='netfs_failure\x00', r5, 0x0, 0x7}, 0x18)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0) (async)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000001cc0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB="2c756e616d653dd0"]) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB="2c756e616d653dd0"])
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r8)
sendmsg$TIPC_NL_LINK_RESET_STATS(r4, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000000a40)={0x128, r9, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x4}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x76}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9a31}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x40}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3ff}]}, @TIPC_NLA_BEARER={0xc0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x0, @mcast1, 0x1}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x57be}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x93c6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffa}]}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x48}]}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x44000}, 0x4000000)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) (async)
r10 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff)
request_key(&(0x7f0000000380)='asymmetric\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000880)='sy\x8akI,\xb3\f6L\xcb\xe7\xbd\x11\xa8\x052\x94.\xcf\xc62s\xf6ll\x84]\xe1\x81=\xf3\x91_m)\x81>\xab>\xaf6\x82n\x80b\xc5\t38%\xab\xdd\"4e9\xbfp\xb9\x920d\xc8S\xd0\x80\x0f\x1f\a\xac\x0f\x87|:\xee\x04\x1ba\xa5w\x18\xa1\x1c\xb15\xca\xb6P\xa7\re`Z\x8a\x8bWsI\xf4s8 \xaa\x99\xea\xcb\xb4\x83\a\t\xc6\xcf\xc5\xed\x1d=a%\xe8\x9e9\x12u\x9c\x13~\x97\xe3\x9c\x03L\xe0i\x13~}d\xd0\x82|\xe1B6d\xcaMj\x03\xb2l\x97\xce\\b\xc702\xb5\x1b\xc9V\x95Gd0\xeb\xa0\xcai\x1b\xcf\xba\xe2\xa0\xc1\xa7\x0e\xc7D\xc9\x8d\xdfk\x7fTwX\xaaaq\xfe)WG\xb5\xbb\xd6.\xd1F#[B\xb58\xed\xdc6\x13\xc6\x02\x91\xca\xac\x9e\xd8j\xa2\xffN\x11\x14\xb8\x9a\xaa4\'\xa5|\xa1\xd7\",\xf6or\",\x83y.\xc8\xd6\x8d]\xae\xa2\xe6\x90\xcb}\x8f \xaa\xce\xa9\xebz\xda~\xeb\xb0\x15\xd1\x9b\x90\xdc\xe4\x88\xc1\x17\x81\x9b\x1b\x82\xf1\r\xd4\x85Be;', r10)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, 0x0)

3m6.510080941s ago: executing program 32 (id=2487):
r0 = gettid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x6c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3f}, @NFTA_SET_EXPRESSIONS={0x28, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x20050800)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) (async)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='netfs_failure\x00', r5, 0x0, 0x7}, 0x18)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0) (async)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000001cc0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB="2c756e616d653dd0"]) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB="2c756e616d653dd0"])
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r8)
sendmsg$TIPC_NL_LINK_RESET_STATS(r4, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000000a40)={0x128, r9, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x4}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x76}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9a31}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x40}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3ff}]}, @TIPC_NLA_BEARER={0xc0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x0, @mcast1, 0x1}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x57be}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x93c6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffa}]}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x48}]}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x44000}, 0x4000000)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) (async)
r10 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff)
request_key(&(0x7f0000000380)='asymmetric\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000880)='sy\x8akI,\xb3\f6L\xcb\xe7\xbd\x11\xa8\x052\x94.\xcf\xc62s\xf6ll\x84]\xe1\x81=\xf3\x91_m)\x81>\xab>\xaf6\x82n\x80b\xc5\t38%\xab\xdd\"4e9\xbfp\xb9\x920d\xc8S\xd0\x80\x0f\x1f\a\xac\x0f\x87|:\xee\x04\x1ba\xa5w\x18\xa1\x1c\xb15\xca\xb6P\xa7\re`Z\x8a\x8bWsI\xf4s8 \xaa\x99\xea\xcb\xb4\x83\a\t\xc6\xcf\xc5\xed\x1d=a%\xe8\x9e9\x12u\x9c\x13~\x97\xe3\x9c\x03L\xe0i\x13~}d\xd0\x82|\xe1B6d\xcaMj\x03\xb2l\x97\xce\\b\xc702\xb5\x1b\xc9V\x95Gd0\xeb\xa0\xcai\x1b\xcf\xba\xe2\xa0\xc1\xa7\x0e\xc7D\xc9\x8d\xdfk\x7fTwX\xaaaq\xfe)WG\xb5\xbb\xd6.\xd1F#[B\xb58\xed\xdc6\x13\xc6\x02\x91\xca\xac\x9e\xd8j\xa2\xffN\x11\x14\xb8\x9a\xaa4\'\xa5|\xa1\xd7\",\xf6or\",\x83y.\xc8\xd6\x8d]\xae\xa2\xe6\x90\xcb}\x8f \xaa\xce\xa9\xebz\xda~\xeb\xb0\x15\xd1\x9b\x90\xdc\xe4\x88\xc1\x17\x81\x9b\x1b\x82\xf1\r\xd4\x85Be;', r10)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, 0x0)

2m18.428221634s ago: executing program 5 (id=3266):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r2)
sendmsg$IEEE802154_LIST_PHY(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x14, r3, 0x30b, 0x0, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x20000004)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}, 0x1c, 0x0}}], 0x1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x6b, 0x11, 0xa4}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
recvmmsg(r0, &(0x7f0000000800), 0x62, 0x12141, 0x0)
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r5 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
write$selinux_attr(r5, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

2m18.311813326s ago: executing program 5 (id=3270):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000240)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x21}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "03000a", 0x18, 0x0, 0x0, @private0, @local, {[@hopopts={0x3a, 0x1, '\x00', [@pad1, @jumbo={0xc2, 0x4, 0x6}]}]}}}}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000780)={&(0x7f0000000b00)=ANY=[@ANYBLOB], 0x18}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0), 0x0)
setresuid(0x0, 0x0, 0x0)
quotactl_fd$Q_SETINFO(r6, 0xffffffff80000600, 0x0, &(0x7f0000000600)={0x9, 0xffffffffffffffff, 0x0, 0x5})
syz_emit_ethernet(0x52, &(0x7f0000000800)={@local, @local, @val={@val={0x88a8, 0x3}, {0x8100, 0x1, 0x0, 0x1}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dc58c", 0x14, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xfffd}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="796100000000000000007e000000330003006764c0b98823c5339b"], 0x1c}}, 0x4000054)
listen(r2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

2m18.07996832s ago: executing program 5 (id=3274):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000700)=',&#^%\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x88)
socket(0x18, 0x4, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000050a03000000000000000000020000000c00024000000000000000010900010073797a30000000002c000000030a0102e8ffffff00000000020000000900010073797a30000000000900030073797a320000000020000000020a"], 0xa0}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r3, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @local}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)

2m18.05663948s ago: executing program 5 (id=3275):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000003e00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xf, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x2000000000000000}, 0x18)
r2 = fsopen(&(0x7f0000000000)='pipefs\x00', 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000680)={0x42, 0xfffffffa, 0x1}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', 0x0, 0x10}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
unshare(0x60600)
umount2(&(0x7f00000001c0)='./file0/file0\x00', 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000340), 0x800000001f7, 0x82)
r7 = dup(r6)
ioctl$USBDEVFS_CONTROL(r7, 0xc0185500, &(0x7f0000000080)={0x23, 0x3, 0x4, 0x2, 0x0, 0x2, 0x0})
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
write$selinux_load(r5, &(0x7f0000000000)=ANY=[], 0x44f0)

2m17.902654822s ago: executing program 5 (id=3278):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r2 = getpgid(0xffffffffffffffff)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
kcmp(r2, r3, 0x0, 0xffffffffffffffff, r1)
socket$nl_generic(0x10, 0x3, 0x10)
mount$bind(&(0x7f0000000000)='./bus\x00', &(0x7f00000001c0)='./bus\x00', &(0x7f00000003c0), 0x2000, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010067bd7000fbdbdf250100009e7203d7038e929634003000018014000300fe8000000000000000000000000000bb060001002800000006000200110003000600040001150000"], 0x44}, 0x1, 0x0, 0x0, 0x20004084}, 0x20008800)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1200000001000000080000000200000000000000", @ANYRES32, @ANYBLOB="00000000e9ffffff0000000000000000ae6e1c9270f51628321c96200ee0e3c70b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x78, 0x24, 0xd0f, 0x8, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x8}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x200, 0x5, 0x1, 0x0, 0xf407}, 0xfffffffb, 0x0, 0x0, 0x4, 0x7, 0x0, 0x40, 0x9, 0x0, 0x1ff, {0xffffffe4, 0x0, 0x0, 0x6}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4000041}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000780)={r4, &(0x7f0000000380), 0x0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

2m17.812782043s ago: executing program 5 (id=3283):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xfffffffe, @empty, 0x2}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x100000, @loopback, 0x7}, 0x1c)

2m17.768993924s ago: executing program 33 (id=3283):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xfffffffe, @empty, 0x2}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x100000, @loopback, 0x7}, 0x1c)

26.297387436s ago: executing program 3 (id=4881):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x490, &(0x7f0000000000), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8080c61)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000001000000000000000008510000001000000950000000000000018400000ffffffff000000000000000095000000000000006eac"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
lsm_list_modules(&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=0x20, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

25.488924287s ago: executing program 3 (id=4892):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x5da, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988ca", 0xe}], 0x1)

25.333531909s ago: executing program 3 (id=4901):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000700)={r3, 0x20, &(0x7f0000000680)={&(0x7f0000000580)=""/128, 0x80, 0x0, &(0x7f0000000600)=""/100, 0x64}}, 0x10)

25.31287098s ago: executing program 3 (id=4902):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x42)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000500))
r1 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x80000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
futimesat(r5, &(0x7f0000000080)='./mnt\x00', &(0x7f0000000200)={{0x77359400}})
getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000080)={'filter\x00', 0x0, 0x0, 0x90, [], 0x0, 0x0, 0x20001100}, &(0x7f0000000100)=0x8)
recvmmsg(r4, &(0x7f0000001140)=[{{0x0, 0x925608069d8afb47, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0xfa}], 0x2, 0x2000, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_GET_SERVICE(r8, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4ee0ff00", @ANYRES16=r7, @ANYBLOB="01002dbd7000ffdbdf25040000001400018008000500030000000600010002000000"], 0x28}, 0x1, 0x0, 0x0, 0x40}, 0xe)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[@ANYRESDEC, @ANYRESDEC=r8, @ANYRESOCT=r2], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000600)='track_foreign_dirty\x00', r9, 0x0, 0x202b503f}, 0x18)
r10 = getpgid(0x0)
syz_pidfd_open(r10, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r11 = gettid()
rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)
tkill(r11, 0x12)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000380)={<r12=>0x0, 0x5, 0x0, 0x1, 0x7be0b672, 0xffffffff}, &(0x7f0000000400)=0x14)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000440)={r12, @in6={{0xa, 0x4e22, 0xb, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}}, 0x6, 0xb07}, 0x90)
ptrace(0x10, 0xffffffffffffffff)
ptrace$setregs(0x1a, r6, 0xc, &(0x7f0000000000))

25.103889963s ago: executing program 3 (id=4904):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x50)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0)
lseek(r2, 0x2b, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
copy_file_range(r3, &(0x7f0000000000)=0x8, r3, 0x0, 0x4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffe, 0x0, 0x7, @scatter={0x1, 0x0, &(0x7f0000000580)=[{&(0x7f0000000000)=""/22, 0x16}]}, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffc, 0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0xa, 0xdd18b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, @perf_config_ext={0x4, 0x100000003}, 0x3323, 0x4, 0x3, 0x0, 0x9, 0x800001, 0xfff7, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
fcntl$addseals(r6, 0x409, 0xb)

24.815150997s ago: executing program 3 (id=4907):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
syz_io_uring_setup(0x7582, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0xf0b, 0x70bd2b, 0x2000000, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x6, 0x4, 0x7}}}}]}, 0x44}}, 0x0)

24.814604837s ago: executing program 34 (id=4907):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
syz_io_uring_setup(0x7582, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0xf0b, 0x70bd2b, 0x2000000, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x6, 0x4, 0x7}}}}]}, 0x44}}, 0x0)

9.217075795s ago: executing program 0 (id=5081):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x490, &(0x7f0000000000), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8080c61)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000001000000000000000008510000001000000950000000000000018400000ffffffff000000000000000095000000000000006eac"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
lsm_list_modules(&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=0x20, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

8.668079534s ago: executing program 7 (id=5085):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x200000000000000)

8.564852595s ago: executing program 7 (id=5086):
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

8.523582105s ago: executing program 7 (id=5087):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x490, &(0x7f0000000000), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8080c61)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000001000000000000000008510000001000000950000000000000018400000ffffffff000000000000000095000000000000006eac"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
lsm_list_modules(&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=0x20, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

7.605551729s ago: executing program 0 (id=5096):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x80, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x3c, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x18, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc8}}, 0x20050800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000d80)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b)

7.52435694s ago: executing program 7 (id=5098):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
epoll_create1(0x80000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
fcntl$addseals(r0, 0x409, 0xb)

7.479400301s ago: executing program 2 (id=5099):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)

4.77291922s ago: executing program 2 (id=5101):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
shmdt(0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000740)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f00000000c0)={r3})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000002780)={<r4=>0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000200080000000000000", @ANYRES32, @ANYBLOB="0100000000000000000000000000000000934fb2", @ANYRES32=0x0, @ANYRES16=r1, @ANYBLOB="00000000000000000000000000000800000000000000000010000000"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r5, @ANYBLOB="0000000000002000b702000000ffff0000000000000000009500000100008000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f00000003c0)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, 0xfffa, 0x7995}, 0xfffffffffffffe7d, 0x0, 0x0, 0x48000000, 0x0, 0x400000, 0x0})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r9}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a80)=@bpf_tracing={0x1a, 0x32, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000600000000000000fcffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000094fffff3000000000282303307000000186b6534b6c60000000000000500000018110000", @ANYBLOB="0000000000000000b70200000000000085000000860000001837000002000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000820000003d9b02000b00000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffffff7f8500000006000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000070000008500000006000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000540)='GPL\x00', 0x3, 0x3c, &(0x7f0000000600)=""/60, 0x40f00, 0x8, '\x00', 0x0, 0x18, r8, 0x8, &(0x7f0000000680)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x3, 0xf, 0x3, 0xb6}, 0x10, 0x2f4a0, r9, 0x5, &(0x7f0000000700)=[r5, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000a00)=[{0x75, 0x2, 0x1, 0x1}, {0x3, 0x2, 0x5, 0x3}, {0x4, 0x3, 0xd, 0x4}, {0x4, 0x5, 0x9, 0x7}, {0x0, 0x3, 0x6, 0xa}], 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r4, 0x3, r2, 0x5})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000180)=ANY=[@ANYRESOCT=r11, @ANYRES32=r12, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x53, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)

4.583199833s ago: executing program 7 (id=5103):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x13, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000205ef161105a00000000009500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000140)={0x9, @remote}, &(0x7f0000000180)=0x12, 0x0)
sendmsg$inet(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000380)="eabfdee8e1f9a82006daa339192063e8995b013772f07fb7f6f90f4f7345011569e7743e7d17bbd183de6ef9e146ca151474ba533d8ac7d5b15c26951d491b36e22fa78251efe4381130d446bfdd786393c6f877609a721747f13e42b6eab4c032c35e2df21b62b2c75bbbb0a0bc908a822d0d92064948f20a6c8f9ca1bdd8233ac5de03d27b44893c5a1d7aee7b08d0dd44b01321c26eeb7fcfad452f6a536274397e8c64edfe66f33a3d98925071309c1ebd54b0a220537daeb6aece740b586be04905818ef315ddddbb66ee799b57f76612f0dc9ded9ef409e84134e2939f5bf8f52d6a02860353be5d24049ed625e1e99092c46d8c79601bf18aaf", 0xfd}], 0x1, &(0x7f00000002c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x89509}}, @ip_ttl={{0x14, 0x0, 0x2, 0x42}}], 0x30}, 0x8c0)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000002380)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
creat(&(0x7f0000000100)='./file1\x00', 0xe0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x31, 0x0, &(0x7f0000000480))
rename(&(0x7f0000000080)='./file2\x00', &(0x7f0000000140)='./file1\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)

4.575303994s ago: executing program 0 (id=5104):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x24, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xe41f}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb0}}, 0x20050800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000d80)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b)

4.047235251s ago: executing program 4 (id=5105):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000000000001823", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000700)={r3, 0x20, &(0x7f0000000680)={&(0x7f0000000580)=""/128, 0x80, 0x0, &(0x7f0000000600)=""/100, 0x64}}, 0x10)

3.905632693s ago: executing program 4 (id=5106):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000f00)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

3.892473663s ago: executing program 2 (id=5107):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
shutdown(r2, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000000)={0x2000, 0x747, 0x0, 0x3, 0x0, 0x0, 0x9}, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x200000000000000)

3.776552425s ago: executing program 4 (id=5108):
unshare(0x26000400)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c1}, 0xc000)

3.723142766s ago: executing program 2 (id=5109):
r0 = gettid()
r1 = io_uring_setup(0xaab, &(0x7f00000003c0)={0x0, 0x2c97, 0x1000, 0xfffffffd, 0x17b})
setuid(0x0)
r2 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x88)
openat(r3, &(0x7f0000000340)='.\x00', 0x0, 0x131)
close_range(r1, r1, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x1000, 0x3fd, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)=@generic={&(0x7f00000000c0)='./file0/file0\x00', r4}, 0x18)
timer_create(0x2, &(0x7f000049efa0)={0x0, 0x7, 0x4, @tid=r0}, &(0x7f0000044000))
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$TIOCCBRK(r5, 0x5428)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sched_setscheduler(r0, 0x1, &(0x7f0000000380)=0x3)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0)

3.623414507s ago: executing program 4 (id=5110):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x10000}, 0x4c094)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x48, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bridge\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x28, r3, 0xc4fc9e906872338b, 0x20, 0x2000000, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}}, 0x28}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000001c00070f002e0000000000000700000039da8a0ad359aed019a96066dd6a83025de77ce96052cf724470a3793e875939e961aeda744ddd5d67762cd550a848ae602dcbbbb6aee922badd2f63a0515049c3122fac9e893d80cbe811d1f18c64db6b7457bea7c581194254ab4697cb2cc64379d452cbc98e9d6986484463079f5a9175adcee0c1dab343bbe6b4"], 0x1c}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0x4, &(0x7f0000000440)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r6, 0x18000000000002a0, 0x4f, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r9}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000001000010700000000200000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/vmcoreinfo', 0x2000, 0x0)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=ANY=[@ANYRESHEX=r8], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x50)
r13 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r13)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r15=>0x0})
sendmsg$NL80211_CMD_GET_INTERFACE(r13, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x28, r14, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r15}, @val={0xc, 0x99, {0x3, 0x6}}}}, [""]}, 0x28}}, 0xc000)
sendmsg$NL80211_CMD_GET_SCAN(r10, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r11, 0x300, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r15}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x200080d0}, 0x80)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x64, r3, 0x200, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r15}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x6d}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x79}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x7}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x5b}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x15}]}, 0x64}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)

2.827771349s ago: executing program 4 (id=5112):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x80, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x3c, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x18, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc8}}, 0x20050800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000d80)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b)

2.645591262s ago: executing program 0 (id=5113):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df85000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
fcntl$addseals(r0, 0x409, 0xb)

1.774924945s ago: executing program 2 (id=5116):
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
r1 = gettid()
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3011, 0x17)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x15)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f00000002c0)={0xe, 0x9989, 0xc})
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
lchown(0x0, 0x0, 0xee00)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
sendfile(r0, r0, &(0x7f0000000080)=0x4, 0x3)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="021380ee02"], 0x10}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0xffffffffa0018000, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300090c00000000420b00000000000200130002000000000000000000001f030006"], 0x60}}, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="020000000400000008000000010000008000"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4, <r5=>0xffffffffffffffff}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYRESOCT, @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000000)=0x3)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'veth0_to_hsr\x00'})
syz_init_net_socket$llc(0x1a, 0x3, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000000)

1.740221345s ago: executing program 6 (id=5117):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000000000001823", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000700)={r3, 0x20, &(0x7f0000000680)={&(0x7f0000000580)=""/128, 0x80, 0x0, &(0x7f0000000600)=""/100, 0x64}}, 0x10)

1.636536596s ago: executing program 6 (id=5118):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x18)
ioprio_get$pid(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r5 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000280)=0x3fa, 0x4)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000000)=0x200, 0x4)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
listen(r4, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r2, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

1.587582327s ago: executing program 4 (id=5119):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000300)={0x3, &(0x7f00000001c0)=[{0x7, 0x26, 0x3f, 0x8}, {0xf20f, 0x4, 0x5, 0x9}, {0x5, 0xfc, 0x9, 0x6}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000003000000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0x3, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x1, 0xffffffffffffffff, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xf, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r1, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9001c2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="051a00000e8000", 0x7}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)
mmap(&(0x7f00006d1000/0x3000)=nil, 0x3000, 0x2000002, 0x40010, r2, 0xfffff000)
r4 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x201080, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x1ff}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x0, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$security_ima(&(0x7f00000008c0)='./cgroup/../file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x1)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000003c0)=ANY=[@ANYBLOB="020000000100000000000000040004000000000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB="087dee486077472a354d7c7e000200", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000010000000000"], 0x44, 0x3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a5c000000060a0b040000000000000000020000004b0004802c0001800b0001006e756d67656e00001c00028008000240000056af080003400000000008000140000000110900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000ac5b8b76cf4aae63cda"], 0x84}, 0x1, 0x0, 0x0, 0x40050}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c0000000306010100000000000000000200000509fb8a0d0e39dadea47efe3400020073797a300000000005000100070000000900020073797a310000000005000100070000000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4880)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

1.582799128s ago: executing program 7 (id=5120):
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0xf42349c2e3cba64c)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = msgget$private(0x0, 0x0)
futex(0xfffffffffffffffc, 0x2, 0x1, &(0x7f0000000380), &(0x7f00000004c0)=0x2, 0x2)
prctl$PR_SET_NAME(0xf, &(0x7f0000000300)='\x04\x00\x00\x00\x00^\xf6jAc')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000015c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080)) (async)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080))
msgsnd(r1, &(0x7f0000000380)=ANY=[], 0x0, 0x0)
r3 = epoll_create1(0x80000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x4}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
fsetxattr$security_selinux(r5, &(0x7f0000000280), &(0x7f00000002c0)='system_u:object_r:semanage_exec_t:s0\x00', 0x25, 0x3)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r6}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r6}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, 0xffffffffffffffff, &(0x7f0000000000))

1.342034271s ago: executing program 6 (id=5121):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b000000010050bba0777b80d6c8000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x20, &(0x7f0000000380)={&(0x7f0000000180)=""/136, 0x88, <r1=>0x0, &(0x7f00000004c0)=""/218, 0xda}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000cc000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r2, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x1d, 0x0, 0x0, 0x8eb6}]})

1.233621532s ago: executing program 0 (id=5122):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000100b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x24, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xe41f}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb0}}, 0x20050800)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000d80)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b)

663.798321ms ago: executing program 6 (id=5123):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_open_dev$vcsn(0x0, 0x0, 0x26642)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xf, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x25, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000040200000800000085000000860000000101000000000000"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_io_uring_setup(0x10b, &(0x7f0000000600)={0x0, 0xd737, 0x8, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
io_uring_enter(r4, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)

475.069083ms ago: executing program 6 (id=5124):
unshare(0x26000400)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c1}, 0xc000)

170.428618ms ago: executing program 2 (id=5125):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x490, &(0x7f0000000000), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8080c61)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000001000000000000000008510000001000000950000000000000018400000ffffffff000000000000000095000000000000006eac"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
lsm_list_modules(&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=0x20, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r5}, 0x18)
pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

11.66476ms ago: executing program 6 (id=5126):
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r1, 0x0, 0x80000001}, 0x18)
r2 = syz_open_dev$evdev(0x0, 0x2, 0x0)
ioctl$EVIOCGRAB(r2, 0x40044590, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="6e6f646f74732c6e6f646f74972c74696d655f6f66667365743d3078666666666666666666666666666239342c6e6f646f74732c646f74732c646f74732c736d61636b6673666c6f6f723d646f74732c666f776e65723d", @ANYRESDEC=0x0, @ANYBLOB=',dont_appraise,\x00'], 0x1, 0x540, &(0x7f0000000b40)="$eJzs2j9rE2EcB/DHtE2Li5mLw4GLU6lOjgZJoXggRG7QyYPGJSfC3XLJYt+NIPjO3LJ0izR3tI1ahebPI/r5QLgv+d4Dv2dJnuF59/DD+Oxj9f7Zt8/h4HkSOiGEzkUIvUVq3GufnUXuhpvOw93s3XEdALC64TDvx56BzSrLfn55htv/qcm+RBkIAAAAAAAAAACAlcW6/w8AxOP+/7+vLPt5tz2/LXP/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjnYj5/MP/NJ/Z8AMD6+f8HgP/P6zdvX/bTdDBMkoMQZud1VmfNs+lPTtPBcbLQu141q+ts56p/0vTJcr8X7rf901/23fD4UdNfdi9epT/0++Fs89sHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbjhKrvSuv53VdbbT9Ee39U06OU0Hx+0Ly/1uONzd2jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANagm03FeFKNSEISthK+Hf8UYfwixf5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBYqsl0nBfFqKxueeHTlgcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKKrJtNxXhSjcoMh9h4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWL/vAQAA//8TnGGj")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r3 = openat(0xffffffffffffff9c, &(0x7f0000001d40)='./file1\x00', 0x0, 0x111)
ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f00000003c0)=ANY=[@ANYBLOB="10fcffffff030000529f00000000000003e9ffffff00"/32])
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2000004, 0x4010, 0xffffffffffffffff, 0x80000000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0xb}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x84}}, 0x0)
perf_event_open(&(0x7f0000000e00)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000001080)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r6=>0x0}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_DEV_REPLACE(r5, 0xca289435, &(0x7f0000001d80)={0x2, 0x8, @start={r6, 0x0, "5acd4095027b2755aeab6db5604c3ada55546c28ee09a47a64e24a565c46b44e551fd725bfeaaaadac313baacd44a674cc07f0a9b01ecf026b56fb07198818d30786a07993205c0c50acdfc4c92f7aa83b38d3f1e31697357b8fb7e55dedf2204292527c5ccab840688ba7b388af24044013d0a0202d7b3b3e80b3aa96b62b7a07be7c800cb5d9a81c8c46a7c2e12ff3e3870cebd4e2a6d86cbc145c9b4f50159118d7c795b9d18cce402cec780f4dac6b8950c8d0df9411a3748a2284062cafba9927cf76f3c0d76d249019aff9c090512f275a7e5925808c6f71c2b4245bd2abb4a9d0fdad1b4cec3b763d805935a5d97c513253e751df60b79ff20316ed96e3fe0a6b758698fee30f8068c097cc7a5cc4627cae00f041459a0a86d5866b707c1f5b4947be1eefe2bb86d0ed7d5b904e691ec4072dc8829ff79eda5b342abf5fdbe2c3ea72c908e7b6621476f1513c2441de9a3df2fdf230b2bf968f0f67e89b312612e598cb1d106b45adcf06e29387187e6fc420ac4bf79d9d12f6dcdbbb3c66082311b4fba170e6cdda494b432dcb4c9b91f93b10890377c0ff8eae625af6bf57478e56b87f4e686e5c2bec270aa7d094f70a02f5085ca004496d137410234ce0974e2f2532fec6a58d253235be983db9fe0ac48db03a0661ab03fd3a4842722f3cdb9512c468988840eb58a36be01b2f0184419ce8b27404343e5c65a41a83b690716ed4142a097f0c29ddd50141900c9502eba4a3a198ee4719d4ea8dd4a278e23349b9d738071cdfc62ecaf2aca84d936cd64cd7b2951de607aff03d3ab8e415c3826179768249664de483f6eb571a509b328699f309ad7e818e52ab0965d6e0156548ac9d9d6720e2caeabd3c0759151b8a1330005bc2a1f3835537b25f3e3e5a6ece597d33486a579d50a8c32c10b941e1b666f86ceee763621f4bb46cc52fb155476036e33b892e08569d93c9b13b5e258c330f064dcb491e0c699dfa4df1c1c2425e9403548cf89118b424f3ec00c5ca6b64b3b2703c4351ad3d7c14bec5b3e46caa3d81ae238d32f11ecf4f5e031e816e7f817df424903b6d3484b8e2c4ba55ce6b29df607d448b08d02e6a4b876f05807789b52c0313568c8f9a685f8289c3c311c732b19d40d9653cbcfcfdf73c58ca4646aac9d003220075a655794b408722381229d39e403d54caba8ceb38fc1461c23016744c7c3b7a67f4f6c38fd6333069a974726e154d09af706be185e106a68e47a8243da64d3a67dd9851a1d4397af5eb862baf1e4f13a3a0d123466c22f16e501c0da49e825cb083a6f0fa2b0ae99e1c5a8064d8b49f438c92060321af477813f679cb9996f1f1cebadc97d329439d9f54b31cd22cb194811b6911126e0e3afc32164a68d44c541b2c17feb5c06cdc4a808dba88877e798917a6b700c46d6f22fd803cd2ef8de7de", "5ad601bce8f0da2010b745150419afedc6b05e2a0c2d28cd90b89c2b1d0e029ab795387f3e2e425136491424cd54676a461673fd1728deb59a7b22a8aeec38d88d4f1d33decfeab529a68ee090d656fd8cdd70d5ad175e11faa6e16f4d711c5ca7d0298ccbb0229e2a513dbbf7008cc67b7ad6d20197bb8c4300dadd52e84e15ce9adedf956387eb6b703fe60f2a2bbd7820112d8b096d325f0f8d4e5c85e6e7c8ce9b67f09a825b89227847089ef68b2db1a4dda7cad902f32b60a9a863731b69695be5167a165b9583542df928cff721e65a43f861f5a7a0286464f4c059c480e0c78b6d459d6de8b97c10802be558df6b2765483967f11da7d332e54e46570c4824a4525d87af45288d20b19062f512e60a10c335bb243e1d20e20f520b70af080ff22e60b9205ea86cc01f090fc86422f9ec32af6b85a2e48691398b1a1a4eb3c1b07fc54c6ce78b9af1f70cf0575afbce9fb0d3f37af097db1398729a11535a4999b40e94a29d03770fda99f88c622748b241f7b336f5b6e1d824578315893e8c9d05b335fc66a83c97d94fe08a6d99e024895f348b0d6be5e63c89756c459b5924565ea7ae6fb4da47da47bde2fc2a90cc7d65e7fe9704896d3dcb2ecdbe5d1b4e511a38ee4ffcdad0148ae954220ff7a38e3bb7bca9cfeb31c64acaa4319cdc45ca231114f7b3cb04351806c6e6714f18a77ae93cf0446900b671261163c80a44bfc99e40a5bdeb60c5eb52680654c1389acc292045361a5cda8d27351f5583a96577528e50efb2a2fe79631ddfbe420b2444aa22f4abfd88ed3607c489d1ff446dbf6af40d205d10a8df431bdfbc23e3aeff021e5c747378188ff94a2e5cb8b68f8bf3043235ace02c485f61c2b18555c6dddb255a392e941edc33b0219ba786e18349ea7f0adaaf2c8bc1ca2bfc3ca4c6e368cf788850ea8312286ed98bccbff474145d329c4c76bc9286024ab571073bb470a254512327b8f7a364b326b65b7ca0031150d4c0816dca92a94895301ce60ca67cee29da2db9639fb8ee00ef8d071627222de9b6fa5bf20842c443c9684f385670248401288a1cffce9482d93fb22ad6735e688c719eacfc53c207a6b20e98cb916b066694c33807bbd26239d7b2b028bea49a641384aa85491c79997c0b5b1ff2b6b454a663583de3fea64ab050c2b293db70bb7db3d28ee730b036477dd5b0879be053435fef364f630460754135af4847e99524097b840b31386c7bec4baf31225318bc3238b90f6ad1a4b3b580fd3acec7f94e9d2da597d31b87d9354d09ebce069b133a46a6107decadbb6a134f505b127948f773698269a82a7d92e7ef04f40dafe5e957a4da5c944f2615d0560da5cb60fdc1b184068cfbd8f85330d7f9c731ace4d8f1df1be7d43335cf1b090c242ac1b37d9aed0d51cf2579ec3ba1358e13cff283d15e4dde"}, [0x20, 0x70f, 0xfffffffffffffffe, 0xaecd, 0x2, 0x1, 0x100000000, 0x9, 0x3, 0x51ef9cc0, 0x400, 0x1, 0x6, 0x2, 0x7fff, 0x6, 0xa9, 0x3, 0x8, 0x2, 0x8, 0x2, 0x1000, 0xa, 0xf, 0x3, 0x8001, 0x4, 0xfffffffffffffffd, 0x1, 0x1, 0x8000000000000001, 0x1, 0x80000000, 0xdc2, 0x0, 0x1200000000, 0x1, 0x6, 0x4, 0x0, 0x8000000000000001, 0x5, 0x100, 0x6, 0xd4b, 0x6, 0x27, 0x1e8, 0x8, 0x3, 0x20000, 0x4bbd, 0x0, 0x0, 0x6, 0x9, 0x9, 0xffffffffffffffc0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0xffffffffffffffff]})
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'veth1_virt_wifi\x00', <r8=>0x0})
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(r7, &(0x7f0000000340)="050300061400091c6202a0ffffffff006003000000007f14143488a87f4386dd62cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x88a8, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x4c, 0x30, 0x9, 0xffffffff, 0x0, {}, [{0x38, 0x1, [@m_bpf={0x34, 0x1, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24000004}, 0x0)

0s ago: executing program 0 (id=5127):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000300)={0x3, &(0x7f00000001c0)=[{0x7, 0x26, 0x3f, 0x8}, {0xf20f, 0x4, 0x5, 0x9}, {0x5, 0xfc, 0x9, 0x6}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000003000000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0x3, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x1, 0xffffffffffffffff, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xf, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r1, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9001c2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="051a00000e8000", 0x7}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)
mmap(&(0x7f00006d1000/0x3000)=nil, 0x3000, 0x2000002, 0x40010, r2, 0xfffff000)
r4 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x201080, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x1ff}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x0, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$security_ima(&(0x7f00000008c0)='./cgroup/../file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x1)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000003c0)=ANY=[@ANYBLOB="020000000100000000000000040004000000000008000200", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB="087dee486077472a354d7c7e000200", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000010000000000"], 0x44, 0x3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a5c000000060a0b040000000000000000020000004b0004802c0001800b0001006e756d67656e00001c00028008000240000056af080003400000000008000140000000110900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000ac5b8b76cf4aae63cdaca69f8a69b"], 0x84}, 0x1, 0x0, 0x0, 0x40050}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c0000000306010100000000000000000200000509fb8a0d0e39dadea47efe3400020073797a300000000005000100070000000900020073797a310000000005000100070000000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4880)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

kernel console output (not intermixed with test programs):

[1, 0] type 2 family 0 port 6081 - 0
[  344.481995][T16776] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  344.516875][T16776] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  344.558952][T16776] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  344.676211][T16801] netlink: 'syz.6.4661': attribute type 13 has an invalid length.
[  344.705643][T16801] gretap0: refused to change device tx_queue_len
[  344.721377][T16802] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  344.734835][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.745971][T16801] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  344.809711][T16811] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4662'.
[  344.818748][T16811] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4662'.
[  344.893441][T16811] wireguard0: entered promiscuous mode
[  344.915960][T16820] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.954119][T16822] loop0: detected capacity change from 0 to 1024
[  345.009978][T16822] EXT4-fs: Ignoring removed orlov option
[  345.032131][T16827] loop3: detected capacity change from 0 to 512
[  345.041423][T16827] EXT4-fs (loop3): blocks per group (71) and clusters per group (20800) inconsistent
[  345.053625][T16820] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.072657][T16828] loop4: detected capacity change from 0 to 512
[  345.079659][T16828] EXT4-fs: Ignoring removed mblk_io_submit option
[  345.086233][T16828] EXT4-fs: Ignoring removed bh option
[  345.092701][T16828] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  345.181802][T16826] lo speed is unknown, defaulting to 1000
[  345.231207][T16828] EXT4-fs (loop4): 1 truncate cleaned up
[  345.237912][T16828] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.321485][T16822] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.339895][T16820] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.426478][T16827] loop3: detected capacity change from 0 to 1024
[  345.483037][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.497087][T16827] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.540592][T16820] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.641430][T16835] loop0: detected capacity change from 0 to 512
[  345.649896][T16835] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.4671: casefold flag without casefold feature
[  345.665915][T16827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.677902][T16835] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4671: couldn't read orphan inode 15 (err -117)
[  345.714807][T16835] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.801004][   T29] kauditd_printk_skb: 153 callbacks suppressed
[  345.801047][   T29] audit: type=1400 audit(1749490571.023:22661): avc:  denied  { map } for  pid=16834 comm="syz.0.4671" path="/366/file0/cgroup.controllers" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  345.885827][   T29] audit: type=1400 audit(1749490571.096:22662): avc:  denied  { relabelfrom } for  pid=16834 comm="syz.0.4671" name="NETLINK" dev="sockfs" ino=57636 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  345.910544][   T29] audit: type=1400 audit(1749490571.096:22663): avc:  denied  { relabelto } for  pid=16834 comm="syz.0.4671" name="NETLINK" dev="sockfs" ino=57636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[  345.936177][   T29] audit: type=1400 audit(1749490571.096:22664): avc:  denied  { ioctl } for  pid=16834 comm="syz.0.4671" path="socket:[57636]" dev="sockfs" ino=57636 ioctlcmd=0x7006 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=sock_file permissive=1
[  345.964406][T11014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.991802][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.009787][   T29] audit: type=1326 audit(1749490571.243:22665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16847 comm="syz.4.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  346.010736][T16848] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4675'.
[  346.033617][   T29] audit: type=1326 audit(1749490571.243:22666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16847 comm="syz.4.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  346.033695][   T29] audit: type=1326 audit(1749490571.243:22667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16847 comm="syz.4.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  346.090204][   T29] audit: type=1326 audit(1749490571.243:22668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16847 comm="syz.4.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  346.114915][   T29] audit: type=1326 audit(1749490571.243:22669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16847 comm="syz.4.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  346.138805][   T29] audit: type=1326 audit(1749490571.243:22670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16847 comm="syz.4.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  346.233147][T16862] syz!: rxe_newlink: already configured on team_slave_0
[  346.258508][T16864] loop6: detected capacity change from 0 to 4096
[  346.270319][T16864] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.293946][T16864] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4682: corrupted inode contents
[  346.306329][T16864] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #15: comm syz.6.4682: mark_inode_dirty error
[  346.327054][T16864] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4682: corrupted inode contents
[  346.345123][T16864] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #15: comm syz.6.4682: mark_inode_dirty error
[  346.356958][T16864] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4682: corrupted inode contents
[  346.370329][T16864] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #15: comm syz.6.4682: mark_inode_dirty error
[  346.382068][T16864] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4682: corrupted inode contents
[  346.403326][T16864] EXT4-fs error (device loop6): ext4_truncate:4597: inode #15: comm syz.6.4682: mark_inode_dirty error
[  346.424976][T16864] EXT4-fs error (device loop6) in ext4_setattr:5986: Corrupt filesystem
[  346.435558][T16871] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4682: corrupted inode contents
[  346.486704][T12410] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  346.518869][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.584970][T16887] netlink: 'syz.3.4691': attribute type 1 has an invalid length.
[  346.632773][T16891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4692'.
[  346.652457][T16891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4692'.
[  346.669868][T16891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4692'.
[  346.679451][T16891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4692'.
[  346.683919][T16892] loop6: detected capacity change from 0 to 4096
[  346.688917][T16891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4692'.
[  346.705207][T16891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4692'.
[  346.714653][T16891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4692'.
[  346.724255][T16892] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.747721][T16892] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4693: corrupted inode contents
[  346.747799][T16898] FAULT_INJECTION: forcing a failure.
[  346.747799][T16898] name failslab, interval 1, probability 0, space 0, times 0
[  346.747833][T16898] CPU: 0 UID: 0 PID: 16898 Comm: syz.3.4695 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  346.747862][T16898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  346.747881][T16898] Call Trace:
[  346.747890][T16898]  <TASK>
[  346.747899][T16898]  __dump_stack+0x1d/0x30
[  346.747932][T16898]  dump_stack_lvl+0xe8/0x140
[  346.747969][T16898]  dump_stack+0x15/0x1b
[  346.747992][T16898]  should_fail_ex+0x265/0x280
[  346.748046][T16898]  should_failslab+0x8c/0xb0
[  346.748216][T16898]  kmem_cache_alloc_node_noprof+0x57/0x320
[  346.748257][T16898]  ? __alloc_skb+0x101/0x320
[  346.748305][T16898]  __alloc_skb+0x101/0x320
[  346.748353][T16898]  inet_netconf_notify_devconf+0x173/0x230
[  346.748466][T16898]  inetdev_event+0x743/0xc10
[  346.748518][T16898]  ? __pfx_ib_netdevice_event+0x10/0x10
[  346.748557][T16898]  ? ib_netdevice_event+0x186/0x5f0
[  346.748639][T16898]  ? __pfx_inetdev_event+0x10/0x10
[  346.748687][T16898]  raw_notifier_call_chain+0x6c/0x1b0
[  346.748744][T16898]  ? call_netdevice_notifiers_info+0x9c/0x100
[  346.748853][T16898]  call_netdevice_notifiers_info+0xae/0x100
[  346.748897][T16898]  unregister_netdevice_many_notify+0xd9d/0x1690
[  346.748939][T16898]  ? __pfx_veth_dellink+0x10/0x10
[  346.748974][T16898]  ? __pfx_veth_dellink+0x10/0x10
[  346.749071][T16898]  rtnl_dellink+0x3cb/0x550
[  346.749137][T16898]  ? security_capable+0x83/0x90
[  346.749193][T16898]  ? ns_capable+0x7d/0xb0
[  346.749217][T16898]  ? __pfx_rtnl_dellink+0x10/0x10
[  346.749246][T16898]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  346.749337][T16898]  ? avc_has_perm_noaudit+0x1b1/0x200
[  346.749389][T16898]  netlink_rcv_skb+0x120/0x220
[  346.749461][T16898]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  346.749505][T16898]  rtnetlink_rcv+0x1c/0x30
[  346.749538][T16898]  netlink_unicast+0x5a1/0x670
[  346.749589][T16898]  netlink_sendmsg+0x58b/0x6b0
[  346.749695][T16898]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.749734][T16898]  __sock_sendmsg+0x142/0x180
[  346.749776][T16898]  ____sys_sendmsg+0x31e/0x4e0
[  346.749885][T16898]  ___sys_sendmsg+0x17b/0x1d0
[  346.749934][T16898]  __x64_sys_sendmsg+0xd4/0x160
[  346.749975][T16898]  x64_sys_call+0x2999/0x2fb0
[  346.750022][T16898]  do_syscall_64+0xd2/0x200
[  346.750053][T16898]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  346.750162][T16898]  ? clear_bhb_loop+0x40/0x90
[  346.750193][T16898]  ? clear_bhb_loop+0x40/0x90
[  346.750226][T16898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.750332][T16898] RIP: 0033:0x7fc01f77e929
[  346.750355][T16898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.750449][T16898] RSP: 002b:00007fc01dde7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.750475][T16898] RAX: ffffffffffffffda RBX: 00007fc01f9a5fa0 RCX: 00007fc01f77e929
[  346.750551][T16898] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000005
[  346.750569][T16898] RBP: 00007fc01dde7090 R08: 0000000000000000 R09: 0000000000000000
[  346.750587][T16898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.750605][T16898] R13: 0000000000000000 R14: 00007fc01f9a5fa0 R15: 00007fff6fced2e8
[  346.750632][T16898]  </TASK>
[  347.088643][T16892] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #15: comm syz.6.4693: mark_inode_dirty error
[  347.111774][T16892] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4693: corrupted inode contents
[  347.128490][T16892] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #15: comm syz.6.4693: mark_inode_dirty error
[  347.129333][T16884] lo speed is unknown, defaulting to 1000
[  347.149207][T16892] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4693: corrupted inode contents
[  347.261800][T16892] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #15: comm syz.6.4693: mark_inode_dirty error
[  347.280895][T16892] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4693: corrupted inode contents
[  347.303841][T16892] EXT4-fs error (device loop6): ext4_truncate:4597: inode #15: comm syz.6.4693: mark_inode_dirty error
[  347.325403][T16892] EXT4-fs error (device loop6) in ext4_setattr:5986: Corrupt filesystem
[  347.361335][T16900] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #15: comm syz.6.4693: corrupted inode contents
[  347.396642][T16907] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  347.403235][T16907] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  347.410984][T16907] vhci_hcd vhci_hcd.0: Device attached
[  347.439223][T12410] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  347.458126][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.478850][T16907] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  347.506364][T16908] vhci_hcd: connection closed
[  347.507444][   T12] vhci_hcd: stop threads
[  347.516545][   T12] vhci_hcd: release socket
[  347.521043][   T12] vhci_hcd: disconnect device
[  347.543586][T16918] loop3: detected capacity change from 0 to 4096
[  347.556447][T16918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.576958][T16918] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #15: comm syz.3.4700: corrupted inode contents
[  347.590130][T16918] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #15: comm syz.3.4700: mark_inode_dirty error
[  347.603554][T16918] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #15: comm syz.3.4700: corrupted inode contents
[  347.632739][T16918] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.4700: mark_inode_dirty error
[  347.644476][T16918] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #15: comm syz.3.4700: corrupted inode contents
[  347.668230][T16918] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.4700: mark_inode_dirty error
[  347.680225][T16918] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #15: comm syz.3.4700: corrupted inode contents
[  347.705331][T16918] EXT4-fs error (device loop3): ext4_truncate:4597: inode #15: comm syz.3.4700: mark_inode_dirty error
[  347.734953][T16918] EXT4-fs error (device loop3) in ext4_setattr:5986: Corrupt filesystem
[  347.752135][T16927] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #15: comm syz.3.4700: corrupted inode contents
[  347.780791][T11457] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  347.795704][T11457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.797044][T16935] netlink: 'syz.6.4707': attribute type 13 has an invalid length.
[  347.971149][T16935] netdevsim netdevsim6 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  347.979646][T16935] netdevsim netdevsim6 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  347.988054][T16935] netdevsim netdevsim6 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  347.996850][T16935] netdevsim netdevsim6 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  348.102381][T16943] FAULT_INJECTION: forcing a failure.
[  348.102381][T16943] name failslab, interval 1, probability 0, space 0, times 0
[  348.115143][T16943] CPU: 0 UID: 0 PID: 16943 Comm: syz.0.4710 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  348.115187][T16943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  348.115210][T16943] Call Trace:
[  348.115216][T16943]  <TASK>
[  348.115224][T16943]  __dump_stack+0x1d/0x30
[  348.115351][T16943]  dump_stack_lvl+0xe8/0x140
[  348.115370][T16943]  dump_stack+0x15/0x1b
[  348.115387][T16943]  should_fail_ex+0x265/0x280
[  348.115430][T16943]  should_failslab+0x8c/0xb0
[  348.115454][T16943]  kmem_cache_alloc_noprof+0x50/0x310
[  348.115506][T16943]  ? getname_flags+0x80/0x3b0
[  348.115542][T16943]  ? should_fail_usercopy+0x1a/0x20
[  348.115582][T16943]  getname_flags+0x80/0x3b0
[  348.115608][T16943]  io_getxattr_prep+0x1ba/0x200
[  348.115673][T16943]  io_submit_sqes+0x5e5/0xfd0
[  348.115781][T16943]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  348.115817][T16943]  ? 0xffffffff81000000
[  348.115864][T16943]  ? __rcu_read_unlock+0x4f/0x70
[  348.115910][T16943]  ? get_pid_task+0x96/0xd0
[  348.115937][T16943]  ? proc_fail_nth_write+0x12d/0x160
[  348.115966][T16943]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  348.115995][T16943]  ? vfs_write+0x75e/0x8e0
[  348.116020][T16943]  ? __rcu_read_unlock+0x4f/0x70
[  348.116116][T16943]  ? __fget_files+0x184/0x1c0
[  348.116146][T16943]  ? fput+0x8f/0xc0
[  348.116231][T16943]  __x64_sys_io_uring_enter+0x78/0x90
[  348.116276][T16943]  x64_sys_call+0x28c8/0x2fb0
[  348.116305][T16943]  do_syscall_64+0xd2/0x200
[  348.116408][T16943]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  348.116440][T16943]  ? clear_bhb_loop+0x40/0x90
[  348.116462][T16943]  ? clear_bhb_loop+0x40/0x90
[  348.116489][T16943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.116590][T16943] RIP: 0033:0x7f27f915e929
[  348.116606][T16943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.116663][T16943] RSP: 002b:00007f27f77c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  348.116686][T16943] RAX: ffffffffffffffda RBX: 00007f27f9385fa0 RCX: 00007f27f915e929
[  348.116753][T16943] RDX: 0000000000000002 RSI: 00000000000047bc RDI: 0000000000000006
[  348.116765][T16943] RBP: 00007f27f77c7090 R08: 0000000000000000 R09: 0000000000000000
[  348.116778][T16943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.116793][T16943] R13: 0000000000000000 R14: 00007f27f9385fa0 R15: 00007ffdd21c0418
[  348.116818][T16943]  </TASK>
[  348.438414][T16955] netlink: 'syz.4.4714': attribute type 1 has an invalid length.
[  348.533325][T16965] wireguard0: entered promiscuous mode
[  348.538908][T16965] wireguard0: entered allmulticast mode
[  348.581049][T16968] loop6: detected capacity change from 0 to 512
[  348.589942][T16968] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.4720: bg 0: block 5: invalid block bitmap
[  348.604151][T16968] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  348.613352][T16968] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4720: invalid indirect mapped block 3 (level 2)
[  348.627923][T16968] EXT4-fs (loop6): 2 truncates cleaned up
[  348.634316][T16968] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.653695][T16973] syz!: rxe_newlink: already configured on team_slave_0
[  348.680296][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.766522][T16981] loop3: detected capacity change from 0 to 512
[  348.783108][T16981] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  348.804253][T16981] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.4725: invalid block
[  348.823707][T16981] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4725: invalid indirect mapped block 4294967295 (level 1)
[  348.868239][T16981] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4725: invalid indirect mapped block 4294967295 (level 1)
[  348.887859][T16981] EXT4-fs (loop3): 2 truncates cleaned up
[  348.894759][T16981] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.915732][T16981] FAULT_INJECTION: forcing a failure.
[  348.915732][T16981] name failslab, interval 1, probability 0, space 0, times 0
[  348.928550][T16981] CPU: 1 UID: 0 PID: 16981 Comm: syz.3.4725 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  348.928605][T16981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  348.928627][T16981] Call Trace:
[  348.928635][T16981]  <TASK>
[  348.928645][T16981]  __dump_stack+0x1d/0x30
[  348.928672][T16981]  dump_stack_lvl+0xe8/0x140
[  348.928698][T16981]  dump_stack+0x15/0x1b
[  348.928731][T16981]  should_fail_ex+0x265/0x280
[  348.928826][T16981]  should_failslab+0x8c/0xb0
[  348.928852][T16981]  kmem_cache_alloc_noprof+0x50/0x310
[  348.928881][T16981]  ? getname_flags+0x80/0x3b0
[  348.928916][T16981]  getname_flags+0x80/0x3b0
[  348.929020][T16981]  user_path_at+0x28/0x130
[  348.929060][T16981]  __se_sys_mount+0x25b/0x2e0
[  348.929086][T16981]  ? do_mkdirat+0x3ac/0x3f0
[  348.929123][T16981]  __x64_sys_mount+0x67/0x80
[  348.929230][T16981]  x64_sys_call+0xd36/0x2fb0
[  348.929252][T16981]  do_syscall_64+0xd2/0x200
[  348.929273][T16981]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  348.929343][T16981]  ? clear_bhb_loop+0x40/0x90
[  348.929447][T16981]  ? clear_bhb_loop+0x40/0x90
[  348.929494][T16981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.929515][T16981] RIP: 0033:0x7fc01f7800ca
[  348.929531][T16981] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.929554][T16981] RSP: 002b:00007fc01dde6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  348.929579][T16981] RAX: ffffffffffffffda RBX: 00007fc01dde6ef0 RCX: 00007fc01f7800ca
[  348.929619][T16981] RDX: 0000200000000180 RSI: 0000200000000100 RDI: 0000000000000000
[  348.929636][T16981] RBP: 0000200000000180 R08: 00007fc01dde6ef0 R09: 00000000000000e1
[  348.929652][T16981] R10: 00000000000000e1 R11: 0000000000000246 R12: 0000200000000100
[  348.929668][T16981] R13: 00007fc01dde6eb0 R14: 0000000000000000 R15: 00002000000001c0
[  348.929691][T16981]  </TASK>
[  349.223752][T11457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.283439][T16997] lo speed is unknown, defaulting to 1000
[  349.432463][T17009] loop6: detected capacity change from 0 to 512
[  349.449015][T17007] loop3: detected capacity change from 0 to 512
[  349.456692][T17009] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.4735: casefold flag without casefold feature
[  349.483376][T17009] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.4735: couldn't read orphan inode 15 (err -117)
[  349.498931][T17007] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4733: bg 0: block 5: invalid block bitmap
[  349.511877][T17009] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.525594][T17007] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  349.548459][T17007] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4733: invalid indirect mapped block 3 (level 2)
[  349.600605][T17007] EXT4-fs (loop3): 2 truncates cleaned up
[  349.614444][T16820] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  349.646805][T16820] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  349.665132][T17007] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.695372][T16820] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  349.742568][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.753738][T16820] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.789614][T17018] loop0: detected capacity change from 0 to 164
[  349.803934][T11457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.859887][T17018] netlink: 'syz.0.4738': attribute type 39 has an invalid length.
[  349.895197][T17026] loop3: detected capacity change from 0 to 512
[  349.908821][T17028] __nla_validate_parse: 31 callbacks suppressed
[  349.908840][T17028] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4742'.
[  349.945538][T17026] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  349.993555][T17026] EXT4-fs (loop3): 1 truncate cleaned up
[  350.004057][T17026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.331546][T17053] loop6: detected capacity change from 0 to 512
[  350.374565][T17053] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.4751: bg 0: block 5: invalid block bitmap
[  350.412068][T17053] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  350.434922][T17053] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4751: invalid indirect mapped block 3 (level 2)
[  350.459200][T17053] EXT4-fs (loop6): 2 truncates cleaned up
[  350.465490][T17053] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.537332][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.552438][T17057] loop0: detected capacity change from 0 to 512
[  350.559935][T17057] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  350.615612][T17069] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  350.622200][T17069] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  350.630048][T17069] vhci_hcd vhci_hcd.0: Device attached
[  350.638942][   T29] kauditd_printk_skb: 379 callbacks suppressed
[  350.638959][   T29] audit: type=1326 audit(1749490576.097:23050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.640781][T17067] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4757'.
[  350.668859][   T29] audit: type=1326 audit(1749490576.097:23051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.701412][   T29] audit: type=1326 audit(1749490576.097:23052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.725269][   T29] audit: type=1326 audit(1749490576.097:23053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.730890][T17069] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  350.748940][   T29] audit: type=1326 audit(1749490576.097:23054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.759621][T17070] loop6: detected capacity change from 0 to 512
[  350.781031][   T29] audit: type=1326 audit(1749490576.097:23055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.810961][   T29] audit: type=1326 audit(1749490576.097:23056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.834716][   T29] audit: type=1326 audit(1749490576.097:23057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.858618][   T29] audit: type=1326 audit(1749490576.097:23058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.882265][   T29] audit: type=1326 audit(1749490576.097:23059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17065 comm="syz.4.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  350.894420][T17070] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.4755: corrupted in-inode xattr: invalid ea_ino
[  350.919275][    T9] usb 1-1: new high-speed USB device number 2 using vhci_hcd
[  350.939017][T17071] vhci_hcd: connection reset by peer
[  350.945081][T12003] vhci_hcd: stop threads
[  350.949362][T12003] vhci_hcd: release socket
[  350.953965][T12003] vhci_hcd: disconnect device
[  350.955641][T17070] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.4755: couldn't read orphan inode 15 (err -117)
[  350.992056][T17070] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.009048][T17085] loop2: detected capacity change from 0 to 512
[  351.018475][T17085] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4762: corrupted in-inode xattr: invalid ea_ino
[  351.049258][T17085] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4762: couldn't read orphan inode 15 (err -117)
[  351.065747][T17085] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.138385][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.167113][T11687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.208258][T17026] syz.3.4743 (17026) used greatest stack depth: 6784 bytes left
[  351.230109][T11457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.244592][T17094] loop2: detected capacity change from 0 to 512
[  351.265217][T17097] loop3: detected capacity change from 0 to 512
[  351.278951][T17094] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4766: bg 0: block 5: invalid block bitmap
[  351.289333][T17097] journal_path: Non-blockdev passed as './bus'
[  351.291857][T17094] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  351.297623][T17097] EXT4-fs: error: could not find journal device path
[  351.307669][T17094] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4766: invalid indirect mapped block 3 (level 2)
[  351.327261][T17094] EXT4-fs (loop2): 2 truncates cleaned up
[  351.333532][T17094] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.377511][T11687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.533512][T17103] lo speed is unknown, defaulting to 1000
[  351.641418][T17110] netlink: 'syz.0.4772': attribute type 13 has an invalid length.
[  351.697910][T17110] gretap0: refused to change device tx_queue_len
[  351.726466][T17110] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  351.948063][T17127] loop2: detected capacity change from 0 to 512
[  352.040926][T17127] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4777: corrupted in-inode xattr: invalid ea_ino
[  352.117955][T17127] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4777: couldn't read orphan inode 15 (err -117)
[  352.141348][T17127] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.251942][T11687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.275913][T17136] loop3: detected capacity change from 0 to 2048
[  352.306202][T17136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.341338][T17136] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  352.378316][T17136] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  352.391094][T17136] EXT4-fs (loop3): This should not happen!! Data will be lost
[  352.391094][T17136] 
[  352.400764][T17136] EXT4-fs (loop3): Total free blocks count 0
[  352.406909][T17136] EXT4-fs (loop3): Free/Dirty block details
[  352.412874][T17136] EXT4-fs (loop3): free_blocks=4096
[  352.418205][T17136] EXT4-fs (loop3): dirty_blocks=32
[  352.423474][T17136] EXT4-fs (loop3): Block reservation details
[  352.429582][T17136] EXT4-fs (loop3): i_reserved_data_blocks=2
[  352.622153][T17149] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 513 with error 28
[  352.737246][T17152] netlink: 'syz.0.4785': attribute type 1 has an invalid length.
[  352.769271][T17155] netlink: 'syz.3.4786': attribute type 13 has an invalid length.
[  352.779772][T17155] gretap0: refused to change device tx_queue_len
[  352.796940][T17155] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  352.823376][T17159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4788'.
[  352.848063][T17159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4788'.
[  352.850647][T17161] loop3: detected capacity change from 0 to 2048
[  352.875214][T17159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4788'.
[  352.886372][T17159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4788'.
[  352.924329][T17159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4788'.
[  352.942015][T17159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4788'.
[  353.051360][T17173] loop4: detected capacity change from 0 to 512
[  353.060891][T17173] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.4792: casefold flag without casefold feature
[  353.074029][T17173] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.4792: couldn't read orphan inode 15 (err -117)
[  353.086936][T17173] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.205165][T11014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.268031][T17185] loop2: detected capacity change from 0 to 4096
[  353.292893][T17185] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.307513][T17185] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4797: corrupted inode contents
[  353.337762][T17185] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #15: comm syz.2.4797: mark_inode_dirty error
[  353.356611][T17185] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4797: corrupted inode contents
[  353.379819][T17185] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.4797: mark_inode_dirty error
[  353.412991][T17185] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4797: corrupted inode contents
[  353.427303][T17185] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.4797: mark_inode_dirty error
[  353.441281][T17185] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4797: corrupted inode contents
[  353.453758][T17185] EXT4-fs error (device loop2): ext4_truncate:4597: inode #15: comm syz.2.4797: mark_inode_dirty error
[  353.466471][T17185] EXT4-fs error (device loop2) in ext4_setattr:5986: Corrupt filesystem
[  353.475658][T17194] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4797: corrupted inode contents
[  353.515654][T11687] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  353.536165][T11687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.278811][T17217] loop0: detected capacity change from 0 to 512
[  354.385457][T17217] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.4807: casefold flag without casefold feature
[  354.463014][T17217] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4807: couldn't read orphan inode 15 (err -117)
[  354.542147][T17217] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.627740][T17211] lo speed is unknown, defaulting to 1000
[  354.814684][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.185096][T17241] lo speed is unknown, defaulting to 1000
[  355.526756][T17243] loop6: detected capacity change from 0 to 512
[  355.533674][T17243] EXT4-fs: Ignoring removed mblk_io_submit option
[  355.540280][T17243] EXT4-fs: Ignoring removed bh option
[  355.595702][T17245] lo speed is unknown, defaulting to 1000
[  356.027954][    T9] vhci_hcd: vhci_device speed not set
[  356.047119][T17243] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  356.240888][T17244] loop4: detected capacity change from 0 to 512
[  356.247668][T17244] EXT4-fs: Ignoring removed mblk_io_submit option
[  356.254186][T17244] EXT4-fs: Ignoring removed bh option
[  356.951426][T17244] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  357.722777][T17243] EXT4-fs: error -4 creating inode table initialization thread
[  357.726461][T17252] netlink: 'syz.0.4817': attribute type 13 has an invalid length.
[  357.730672][T17243] EXT4-fs (loop6): mount failed
[  357.746139][T17244] EXT4-fs (loop4): 1 truncate cleaned up
[  357.752412][T17244] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.803363][T17252] gretap0: refused to change device tx_queue_len
[  357.810665][T17252] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  357.847639][   T29] kauditd_printk_skb: 504 callbacks suppressed
[  357.847659][   T29] audit: type=1326 audit(1749490583.681:23564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  357.918512][   T29] audit: type=1326 audit(1749490583.681:23565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  357.942300][   T29] audit: type=1326 audit(1749490583.681:23566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  357.966079][   T29] audit: type=1326 audit(1749490583.681:23567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  357.989764][   T29] audit: type=1326 audit(1749490583.681:23568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  358.013406][   T29] audit: type=1326 audit(1749490583.681:23569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  358.037234][   T29] audit: type=1326 audit(1749490583.681:23570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  358.061008][   T29] audit: type=1326 audit(1749490583.681:23571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  358.084890][   T29] audit: type=1326 audit(1749490583.681:23572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  358.095813][T17267] FAULT_INJECTION: forcing a failure.
[  358.095813][T17267] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.108646][   T29] audit: type=1326 audit(1749490583.681:23573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17259 comm="syz.3.4820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7fc01f77e929 code=0x7ffc0000
[  358.121545][T17267] CPU: 0 UID: 0 PID: 17267 Comm: syz.3.4822 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  358.121580][T17267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.121615][T17267] Call Trace:
[  358.121626][T17267]  <TASK>
[  358.121639][T17267]  __dump_stack+0x1d/0x30
[  358.121672][T17267]  dump_stack_lvl+0xe8/0x140
[  358.121701][T17267]  dump_stack+0x15/0x1b
[  358.121764][T17267]  should_fail_ex+0x265/0x280
[  358.121867][T17267]  should_fail+0xb/0x20
[  358.121930][T17267]  should_fail_usercopy+0x1a/0x20
[  358.121960][T17267]  _copy_to_user+0x20/0xa0
[  358.122004][T17267]  simple_read_from_buffer+0xb5/0x130
[  358.122057][T17267]  proc_fail_nth_read+0x100/0x140
[  358.122091][T17267]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  358.122123][T17267]  vfs_read+0x19d/0x6f0
[  358.122147][T17267]  ? putname+0xda/0x100
[  358.122261][T17267]  ? __rcu_read_unlock+0x4f/0x70
[  358.122301][T17267]  ? __fget_files+0x184/0x1c0
[  358.122337][T17267]  ksys_read+0xda/0x1a0
[  358.122368][T17267]  __x64_sys_read+0x40/0x50
[  358.122397][T17267]  x64_sys_call+0x2d77/0x2fb0
[  358.122427][T17267]  do_syscall_64+0xd2/0x200
[  358.122489][T17267]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  358.122529][T17267]  ? clear_bhb_loop+0x40/0x90
[  358.122673][T17267]  ? clear_bhb_loop+0x40/0x90
[  358.122705][T17267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.122770][T17267] RIP: 0033:0x7fc01f77d33c
[  358.122794][T17267] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  358.122861][T17267] RSP: 002b:00007fc01ddc6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  358.122888][T17267] RAX: ffffffffffffffda RBX: 00007fc01f9a6080 RCX: 00007fc01f77d33c
[  358.122907][T17267] RDX: 000000000000000f RSI: 00007fc01ddc60a0 RDI: 0000000000000004
[  358.122925][T17267] RBP: 00007fc01ddc6090 R08: 0000000000000000 R09: 0000000000000000
[  358.122944][T17267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.123024][T17267] R13: 0000000000000001 R14: 00007fc01f9a6080 R15: 00007fff6fced2e8
[  358.123055][T17267]  </TASK>
[  358.421919][T11014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.499337][T17274] loop3: detected capacity change from 0 to 512
[  358.507623][T17273] loop4: detected capacity change from 0 to 1024
[  358.516744][T17273] EXT4-fs: Ignoring removed orlov option
[  358.523710][T17274] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.4826: casefold flag without casefold feature
[  358.540072][T17273] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.568236][T17274] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.4826: couldn't read orphan inode 15 (err -117)
[  358.604948][T17274] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.625406][T11014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.726969][T17284] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4828'.
[  358.792094][T11457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.820048][T17286] netlink: 'syz.0.4830': attribute type 1 has an invalid length.
[  358.965542][T17296] loop3: detected capacity change from 0 to 512
[  358.990080][T17296] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.4833: bg 0: block 5: invalid block bitmap
[  359.012042][T17296] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  359.021363][T17296] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4833: invalid indirect mapped block 3 (level 2)
[  359.037055][T17296] EXT4-fs (loop3): 2 truncates cleaned up
[  359.043308][T17296] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.062357][T17296] EXT4-fs (loop3): shut down requested (1)
[  359.068946][T17296] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[  359.078776][T17296] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[  359.122481][T11457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.239033][T17304] loop6: detected capacity change from 0 to 512
[  359.265867][T17304] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.4836: corrupted in-inode xattr: invalid ea_ino
[  359.328640][T17304] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.4836: couldn't read orphan inode 15 (err -117)
[  359.345895][T17309] cgroup: none used incorrectly
[  359.357136][T17311] loop0: detected capacity change from 0 to 2048
[  359.369782][T17304] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.401322][T17317] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  359.419732][T17311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.440690][T17318] loop3: detected capacity change from 0 to 1024
[  359.449966][T17311] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  359.465670][T17311] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  359.478301][T17311] EXT4-fs (loop0): This should not happen!! Data will be lost
[  359.478301][T17311] 
[  359.485361][T17318] EXT4-fs: Ignoring removed orlov option
[  359.487984][T17311] EXT4-fs (loop0): Total free blocks count 0
[  359.499728][T17311] EXT4-fs (loop0): Free/Dirty block details
[  359.505714][T17311] EXT4-fs (loop0): free_blocks=4096
[  359.510947][T17311] EXT4-fs (loop0): dirty_blocks=32
[  359.516204][T17311] EXT4-fs (loop0): Block reservation details
[  359.522250][T17311] EXT4-fs (loop0): i_reserved_data_blocks=2
[  359.530380][T17318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.597221][T11457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.637209][T17334] netlink: 'syz.3.4845': attribute type 1 has an invalid length.
[  359.662869][T17332] loop4: detected capacity change from 0 to 512
[  359.681005][T17336] loop2: detected capacity change from 0 to 512
[  359.690470][T17336] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4848: bg 0: block 5: invalid block bitmap
[  359.704904][T17332] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4847: bg 0: block 5: invalid block bitmap
[  359.726017][T17311] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 513 with error 28
[  359.750590][T17336] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  359.756239][T17332] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  359.762695][T17336] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4848: invalid indirect mapped block 3 (level 2)
[  359.782465][T17332] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4847: invalid indirect mapped block 3 (level 2)
[  359.796358][T17336] EXT4-fs (loop2): 2 truncates cleaned up
[  359.803523][T17336] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.827201][T17332] EXT4-fs (loop4): 2 truncates cleaned up
[  359.833507][T17332] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.860465][T17336] EXT4-fs (loop2): shut down requested (1)
[  359.870705][T17332] EXT4-fs (loop4): shut down requested (1)
[  359.872042][T17336] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[  359.886351][T17332] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[  359.886956][T17336] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[  359.902782][T17332] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=15
[  359.929758][T11687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.967413][T17346] loop4: detected capacity change from 0 to 1024
[  360.167516][T17358] loop0: detected capacity change from 0 to 164
[  360.172058][T17360] loop6: detected capacity change from 0 to 128
[  360.341962][T17360] ext4 filesystem being mounted at /340/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.441121][T17363] loop0: detected capacity change from 0 to 1024
[  360.463152][T17363] EXT4-fs: Ignoring removed nobh option
[  360.468860][T17363] EXT4-fs: Ignoring removed bh option
[  360.604283][T17363] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  360.656529][T17375] loop2: detected capacity change from 0 to 512
[  360.672604][T17375] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  360.685374][T17375] EXT4-fs (loop2): 1 truncate cleaned up
[  360.708143][T17354] lo speed is unknown, defaulting to 1000
[  360.731965][T17379] loop6: detected capacity change from 0 to 2048
[  360.760763][T17380] netlink: 'syz.0.4861': attribute type 13 has an invalid length.
[  360.786044][T17380] gretap0: refused to change device tx_queue_len
[  360.793798][T17380] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  360.800817][T17379] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  360.862293][T17379] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  360.874937][T17379] EXT4-fs (loop6): This should not happen!! Data will be lost
[  360.874937][T17379] 
[  360.884875][T17379] EXT4-fs (loop6): Total free blocks count 0
[  360.890907][T17379] EXT4-fs (loop6): Free/Dirty block details
[  360.897039][T17379] EXT4-fs (loop6): free_blocks=4096
[  360.902343][T17379] EXT4-fs (loop6): dirty_blocks=32
[  360.907479][T17379] EXT4-fs (loop6): Block reservation details
[  360.913666][T17379] EXT4-fs (loop6): i_reserved_data_blocks=2
[  361.015606][T17390] loop4: detected capacity change from 0 to 256
[  361.022843][T17390] vfat: Unknown parameter 'codepaee'
[  361.211800][T17387] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 737 with error 28
[  361.224682][T17387] EXT4-fs (loop6): This should not happen!! Data will be lost
[  361.224682][T17387] 
[  361.316562][T17392] lo speed is unknown, defaulting to 1000
[  361.363147][T17401] loop4: detected capacity change from 0 to 4096
[  361.414754][T17401] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.4869: corrupted inode contents
[  361.435540][T17401] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #15: comm syz.4.4869: mark_inode_dirty error
[  361.473399][T17401] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.4869: corrupted inode contents
[  361.524944][T17401] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.4869: mark_inode_dirty error
[  361.571581][T17401] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.4869: corrupted inode contents
[  361.622794][T17401] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.4869: mark_inode_dirty error
[  361.667348][T17392] loop0: detected capacity change from 0 to 512
[  361.683927][T17392] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  361.694006][T17401] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.4869: corrupted inode contents
[  361.708331][T17401] EXT4-fs error (device loop4): ext4_truncate:4597: inode #15: comm syz.4.4869: mark_inode_dirty error
[  361.721572][T17392] EXT4-fs (loop0): 1 truncate cleaned up
[  361.821835][T17401] EXT4-fs error (device loop4): ext4_evict_inode:265: comm syz.4.4869: couldn't truncate inode 15 (err -117)
[  361.999750][T17420] bond1: entered promiscuous mode
[  362.004898][T17420] bond1: entered allmulticast mode
[  362.030723][T17422] loop2: detected capacity change from 0 to 128
[  362.042629][T17430] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17430 comm=syz.6.4877
[  362.056381][T17425] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  362.063075][T17425] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  362.070908][T17425] vhci_hcd vhci_hcd.0: Device attached
[  362.071000][T17420] 8021q: adding VLAN 0 to HW filter on device bond1
[  362.098629][T17420] bond1 (unregistering): Released all slaves
[  362.122238][T17427] loop0: detected capacity change from 0 to 1024
[  362.128800][T17425] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  362.153148][T17426] vhci_hcd: connection closed
[  362.153430][T12026] vhci_hcd: stop threads
[  362.162476][T12026] vhci_hcd: release socket
[  362.166997][T12026] vhci_hcd: disconnect device
[  362.252284][T17422] bio_check_eod: 75 callbacks suppressed
[  362.252299][T17422] syz.2.4874: attempt to access beyond end of device
[  362.252299][T17422] loop2: rw=2049, sector=129, nr_sectors = 8 limit=128
[  362.272830][T17422] syz.2.4874: attempt to access beyond end of device
[  362.272830][T17422] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128
[  362.297471][T17422] syz.2.4874: attempt to access beyond end of device
[  362.297471][T17422] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128
[  362.316755][T17422] syz.2.4874: attempt to access beyond end of device
[  362.316755][T17422] loop2: rw=2049, sector=177, nr_sectors = 8 limit=128
[  362.332259][T17420] lo speed is unknown, defaulting to 1000
[  362.366695][T17422] syz.2.4874: attempt to access beyond end of device
[  362.366695][T17422] loop2: rw=2049, sector=193, nr_sectors = 8 limit=128
[  362.383920][T17422] syz.2.4874: attempt to access beyond end of device
[  362.383920][T17422] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128
[  362.397820][T17422] syz.2.4874: attempt to access beyond end of device
[  362.397820][T17422] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128
[  362.415062][T17422] syz.2.4874: attempt to access beyond end of device
[  362.415062][T17422] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128
[  362.430564][T17422] syz.2.4874: attempt to access beyond end of device
[  362.430564][T17422] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128
[  362.444181][T17447] loop3: detected capacity change from 0 to 2048
[  362.453514][T17422] syz.2.4874: attempt to access beyond end of device
[  362.453514][T17422] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128
[  362.516632][T17447] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  362.531243][T17455] loop6: detected capacity change from 0 to 512
[  362.538838][T17447] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  362.551631][T17447] EXT4-fs (loop3): This should not happen!! Data will be lost
[  362.551631][T17447] 
[  362.552711][T17455] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.4884: bg 0: block 5: invalid block bitmap
[  362.561396][T17447] EXT4-fs (loop3): Total free blocks count 0
[  362.561418][T17447] EXT4-fs (loop3): Free/Dirty block details
[  362.561433][T17447] EXT4-fs (loop3): free_blocks=4096
[  362.561449][T17447] EXT4-fs (loop3): dirty_blocks=32
[  362.575831][T17455] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  362.580097][T17447] EXT4-fs (loop3): Block reservation details
[  362.586273][T17455] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4884: invalid indirect mapped block 3 (level 2)
[  362.591076][T17447] EXT4-fs (loop3): i_reserved_data_blocks=2
[  362.632159][T17455] EXT4-fs (loop6): 2 truncates cleaned up
[  362.638980][   T29] kauditd_printk_skb: 308 callbacks suppressed
[  362.639065][   T29] audit: type=1326 audit(1749490588.712:23882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f50a44cd290 code=0x7ffc0000
[  362.685923][T17455] EXT4-fs (loop6): shut down requested (1)
[  362.721657][T17455] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=15
[  362.733031][T17461] loop2: detected capacity change from 0 to 4096
[  362.745195][T17461] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4886: corrupted inode contents
[  362.757193][T17455] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=15
[  362.766462][T17461] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #15: comm syz.2.4886: mark_inode_dirty error
[  362.775210][   T29] audit: type=1326 audit(1749490588.712:23883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f50a44cd677 code=0x7ffc0000
[  362.801474][   T29] audit: type=1326 audit(1749490588.712:23884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f50a44cd290 code=0x7ffc0000
[  362.825237][   T29] audit: type=1326 audit(1749490588.712:23885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  362.844242][T17447] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 481 with error 28
[  362.849085][   T29] audit: type=1326 audit(1749490588.712:23886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  362.861619][T17447] EXT4-fs (loop3): This should not happen!! Data will be lost
[  362.861619][T17447] 
[  362.885254][   T29] audit: type=1326 audit(1749490588.754:23887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  362.903227][T17461] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4886: corrupted inode contents
[  362.918524][   T29] audit: type=1326 audit(1749490588.754:23888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  362.954180][   T29] audit: type=1326 audit(1749490588.754:23889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  362.977848][   T29] audit: type=1326 audit(1749490588.754:23890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  363.001523][   T29] audit: type=1326 audit(1749490588.796:23891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17453 comm="syz.6.4884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  363.044528][T17461] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.4886: mark_inode_dirty error
[  363.066612][T17461] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4886: corrupted inode contents
[  363.139872][T17461] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.4886: mark_inode_dirty error
[  363.154535][T17471] loop4: detected capacity change from 0 to 8192
[  363.193761][T17461] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.4886: corrupted inode contents
[  363.206159][T17461] EXT4-fs error (device loop2): ext4_truncate:4597: inode #15: comm syz.2.4886: mark_inode_dirty error
[  363.218847][T17461] EXT4-fs error (device loop2): ext4_evict_inode:265: comm syz.2.4886: couldn't truncate inode 15 (err -117)
[  363.251299][T17471] loop4: detected capacity change from 0 to 2048
[  363.259384][T17471] ext2: Unknown parameter 'uid<00000000000000000000'
[  363.346029][T17491] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(9)
[  363.352721][T17491] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  363.360361][T17491] vhci_hcd vhci_hcd.0: Device attached
[  363.371382][T17499] loop3: detected capacity change from 0 to 164
[  363.373210][T17491] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  363.389144][T17499] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  363.401199][T17502] loop0: detected capacity change from 0 to 2048
[  363.417105][T17496] vhci_hcd: connection closed
[  363.418502][T12026] vhci_hcd: stop threads
[  363.427566][T12026] vhci_hcd: release socket
[  363.432014][T12026] vhci_hcd: disconnect device
[  363.462844][T17502] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  363.478837][T17502] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  363.491664][T17502] EXT4-fs (loop0): This should not happen!! Data will be lost
[  363.491664][T17502] 
[  363.501345][T17502] EXT4-fs (loop0): Total free blocks count 0
[  363.507475][T17502] EXT4-fs (loop0): Free/Dirty block details
[  363.513601][T17502] EXT4-fs (loop0): free_blocks=4096
[  363.518851][T17502] EXT4-fs (loop0): dirty_blocks=32
[  363.524038][T17502] EXT4-fs (loop0): Block reservation details
[  363.530176][T17502] EXT4-fs (loop0): i_reserved_data_blocks=2
[  363.564166][T12003] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  363.576417][T12003] EXT4-fs (loop0): This should not happen!! Data will be lost
[  363.576417][T12003] 
[  363.587569][T11457] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  363.607005][T11457] rock: directory entry would overflow storage
[  363.613221][T11457] rock: sig=0x4f50, size=4, remaining=3
[  363.618861][T11457] iso9660: Corrupted directory entry in block 4 of inode 1792
[  363.634099][T11457] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  363.642828][T11457] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  363.651768][T11457] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  363.660752][T11457] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  363.670400][T11457] rock: directory entry would overflow storage
[  363.676691][T11457] rock: sig=0x4f50, size=4, remaining=3
[  363.682427][T11457] iso9660: Corrupted directory entry in block 3 of inode 1856
[  363.691482][T11457] VFS: Lookup of '' in iso9660 loop3 would have caused loop
[  363.699035][T11457] VFS: Lookup of '' in iso9660 loop3 would have caused loop
[  363.929614][T17514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  363.945919][T17514] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  364.102591][T17528] loop0: detected capacity change from 0 to 4096
[  364.116579][T17516] lo speed is unknown, defaulting to 1000
[  364.128662][T17528] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.4909: corrupted inode contents
[  364.145975][T17528] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #15: comm syz.0.4909: mark_inode_dirty error
[  364.172091][T17528] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.4909: corrupted inode contents
[  364.198715][T17528] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.4909: mark_inode_dirty error
[  364.214726][T17528] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.4909: corrupted inode contents
[  364.244093][T17528] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.4909: mark_inode_dirty error
[  364.257605][T17528] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.4909: corrupted inode contents
[  364.272743][T17528] EXT4-fs error (device loop0): ext4_truncate:4597: inode #15: comm syz.0.4909: mark_inode_dirty error
[  364.284251][T17528] EXT4-fs error (device loop0): ext4_evict_inode:265: comm syz.0.4909: couldn't truncate inode 15 (err -117)
[  364.296106][T17516] chnl_net:caif_netlink_parms(): no params data found
[  364.349195][T17544] netlink: 'syz.0.4913': attribute type 13 has an invalid length.
[  364.350950][T17542] netlink: 'syz.2.4914': attribute type 1 has an invalid length.
[  364.365902][T17516] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.373320][T17516] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.381380][T17516] bridge_slave_0: entered allmulticast mode
[  364.388231][T17516] bridge_slave_0: entered promiscuous mode
[  364.397630][T17544] gretap0: refused to change device tx_queue_len
[  364.404857][T17544] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  364.420622][T17516] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.427977][T17516] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.436595][T17516] bridge_slave_1: entered allmulticast mode
[  364.443226][T17516] bridge_slave_1: entered promiscuous mode
[  364.481824][T17516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  364.492725][T17516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  364.521836][T17516] team0: Port device team_slave_0 added
[  364.536121][T17552] loop0: detected capacity change from 0 to 1024
[  364.544040][T17516] team0: Port device team_slave_1 added
[  364.552322][T17554] ip6gre1: entered allmulticast mode
[  364.559109][T17552] EXT4-fs: Ignoring removed orlov option
[  364.610992][T17516] batman_adv: batadv0: Adding interface: batadv_slave_0
[  364.618150][T17516] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.644426][T17516] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  364.657605][T17516] batman_adv: batadv0: Adding interface: batadv_slave_1
[  364.664652][T17516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.690945][T17516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  364.727633][T17516] hsr_slave_0: entered promiscuous mode
[  364.733773][T17569] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4924'.
[  364.742958][T17569] netlink: 43 bytes leftover after parsing attributes in process `syz.4.4924'.
[  364.752152][T17569] netlink: 'syz.4.4924': attribute type 5 has an invalid length.
[  364.760103][T17569] netlink: 43 bytes leftover after parsing attributes in process `syz.4.4924'.
[  364.763418][T17571] loop2: detected capacity change from 0 to 512
[  364.769950][T17516] hsr_slave_1: entered promiscuous mode
[  364.781500][T17516] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  364.793147][T17569] netlink: 'syz.4.4924': attribute type 10 has an invalid length.
[  364.799916][T17516] Cannot create hsr debugfs directory
[  364.804028][T17571] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4925: bg 0: block 5: invalid block bitmap
[  364.820557][T17571] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  364.829544][T17571] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4925: invalid indirect mapped block 3 (level 2)
[  364.830004][T17569] team0: Device hsr_slave_0 failed to register rx_handler
[  364.859420][T17571] EXT4-fs (loop2): 2 truncates cleaned up
[  364.869693][T17576] netlink: 'syz.0.4926': attribute type 13 has an invalid length.
[  364.879344][T17571] EXT4-fs (loop2): shut down requested (1)
[  364.887844][T17576] gretap0: refused to change device tx_queue_len
[  364.893358][T17571] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[  364.895331][T17576] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  364.903209][T17571] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[  365.005396][T17584] SELinux:  Context system_u:object_r:hald_mac_exec_t:s0 is not valid (left unmapped).
[  365.016680][T17585] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4930'.
[  365.021494][T17516] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  365.038609][T17516] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  365.050201][T17584] loop6: detected capacity change from 0 to 512
[  365.050308][T17585] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4930'.
[  365.065681][T17585] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4930'.
[  365.080660][T17585] openvswitch: netlink: Message has 6 unknown bytes.
[  365.088752][T17516] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  365.104200][T17516] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  365.104689][T17584] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  365.129320][T17591] loop4: detected capacity change from 0 to 1024
[  365.137645][T17584] EXT4-fs (loop6): mount failed
[  365.142964][T17591] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  365.154020][T17591] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  365.203912][T17591] JBD2: no valid journal superblock found
[  365.209920][T17591] EXT4-fs (loop4): Could not load journal inode
[  365.224176][T17516] 8021q: adding VLAN 0 to HW filter on device bond0
[  365.259446][T17591] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4933'.
[  365.268691][T17591] netlink: 108 bytes leftover after parsing attributes in process `syz.4.4933'.
[  365.288535][T17607] loop2: detected capacity change from 0 to 1024
[  365.291904][T17591] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4933'.
[  365.296069][T17607] EXT4-fs: Ignoring removed orlov option
[  365.313183][T17591] netlink: 108 bytes leftover after parsing attributes in process `syz.4.4933'.
[  365.341144][T17516] 8021q: adding VLAN 0 to HW filter on device team0
[  365.368768][T12026] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.376040][T12026] bridge0: port 1(bridge_slave_0) entered forwarding state
[  365.424503][T12026] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.431634][T12026] bridge0: port 2(bridge_slave_1) entered forwarding state
[  365.508353][T17629] netlink: 'syz.2.4942': attribute type 13 has an invalid length.
[  365.524517][T17629] gretap0: refused to change device tx_queue_len
[  365.532022][T17629] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  365.556300][T17634] loop4: detected capacity change from 0 to 164
[  365.567452][T17516] 8021q: adding VLAN 0 to HW filter on device batadv0
[  365.687538][T17646] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  365.770365][T17658] loop4: detected capacity change from 0 to 1024
[  365.777196][T17658] EXT4-fs: Ignoring removed orlov option
[  365.828113][T17516] veth0_vlan: entered promiscuous mode
[  365.842854][T17516] veth1_vlan: entered promiscuous mode
[  365.863472][T17516] veth0_macvtap: entered promiscuous mode
[  365.873881][T17516] veth1_macvtap: entered promiscuous mode
[  365.888602][T17516] batman_adv: batadv0: Interface activated: batadv_slave_0
[  365.890452][T17668] x_tables: duplicate underflow at hook 3
[  365.904187][T17516] batman_adv: batadv0: Interface activated: batadv_slave_1
[  365.914310][T17516] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  365.922402][T17668] loop2: detected capacity change from 0 to 256
[  365.923344][T17516] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  365.938770][T17516] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  365.947656][T17516] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  365.948939][T17668] FAT-fs (loop2): Directory bread(block 64) failed
[  365.964855][T17668] FAT-fs (loop2): Directory bread(block 65) failed
[  365.974087][T17668] FAT-fs (loop2): Directory bread(block 66) failed
[  365.985511][T17668] FAT-fs (loop2): Directory bread(block 67) failed
[  365.995448][T17669] batadv_slave_1: entered promiscuous mode
[  366.001369][T17668] FAT-fs (loop2): Directory bread(block 68) failed
[  366.008957][T17668] FAT-fs (loop2): Directory bread(block 69) failed
[  366.016555][T17668] FAT-fs (loop2): Directory bread(block 70) failed
[  366.019988][T17669] batadv_slave_1: left promiscuous mode
[  366.031556][T17668] FAT-fs (loop2): Directory bread(block 71) failed
[  366.042358][T17668] FAT-fs (loop2): Directory bread(block 72) failed
[  366.055495][T17668] FAT-fs (loop2): Directory bread(block 73) failed
[  366.091254][T17677] loop4: detected capacity change from 0 to 512
[  366.125497][T17677] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.4954: corrupted in-inode xattr: invalid ea_ino
[  366.153906][T17682] loop2: detected capacity change from 0 to 164
[  366.172541][T17677] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.4954: couldn't read orphan inode 15 (err -117)
[  366.191566][T17686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  366.205421][T17686] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  366.304731][T17701] loop0: detected capacity change from 0 to 512
[  366.314066][T17706] loop2: detected capacity change from 0 to 256
[  366.316933][T17704] loop4: detected capacity change from 0 to 128
[  366.342577][T17706] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  366.351409][T17706] FAT-fs (loop2): Filesystem has been set read-only
[  366.380254][T17710] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  366.517168][T17715] loop2: detected capacity change from 0 to 164
[  366.589751][T17724] loop0: detected capacity change from 0 to 512
[  366.610381][T17724] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4975: corrupted in-inode xattr: invalid ea_ino
[  366.628679][T17727] loop4: detected capacity change from 0 to 128
[  366.635395][T17724] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4975: couldn't read orphan inode 15 (err -117)
[  366.647991][T17727] EXT4-fs: Ignoring removed nobh option
[  366.674302][T17727] ext4 filesystem being mounted at /383/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  366.704981][T17735] loop7: detected capacity change from 0 to 1024
[  366.712995][T17735] EXT4-fs: Ignoring removed orlov option
[  366.816607][T17744] netlink: 'syz.7.4982': attribute type 1 has an invalid length.
[  366.848350][T17746] loop4: detected capacity change from 0 to 128
[  366.941417][T17754] FAULT_INJECTION: forcing a failure.
[  366.941417][T17754] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.954589][T17754] CPU: 0 UID: 0 PID: 17754 Comm: syz.6.4987 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  366.954634][T17754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  366.954652][T17754] Call Trace:
[  366.954661][T17754]  <TASK>
[  366.954671][T17754]  __dump_stack+0x1d/0x30
[  366.954698][T17754]  dump_stack_lvl+0xe8/0x140
[  366.954776][T17754]  dump_stack+0x15/0x1b
[  366.954812][T17754]  should_fail_ex+0x265/0x280
[  366.954853][T17754]  should_fail+0xb/0x20
[  366.954895][T17754]  should_fail_usercopy+0x1a/0x20
[  366.954922][T17754]  fpu__restore_sig+0x12d/0xaa0
[  366.955028][T17754]  ? should_fail_ex+0xdb/0x280
[  366.955086][T17754]  __ia32_sys_rt_sigreturn+0x29f/0x350
[  366.955130][T17754]  x64_sys_call+0x2e8a/0x2fb0
[  366.955166][T17754]  do_syscall_64+0xd2/0x200
[  366.955194][T17754]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  366.955294][T17754]  ? clear_bhb_loop+0x40/0x90
[  366.955322][T17754]  ? clear_bhb_loop+0x40/0x90
[  366.955351][T17754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.955379][T17754] RIP: 0033:0x7f50a44ce929
[  366.955399][T17754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.955423][T17754] RSP: 002b:00007f50a2b37038 EFLAGS: 00000246
[  366.955515][T17754] RAX: 0000000000000034 RBX: 00007f50a46f5fa0 RCX: 00007f50a44ce929
[  366.955533][T17754] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  366.955549][T17754] RBP: 00007f50a2b37090 R08: 0000000000000000 R09: 0000000000000000
[  366.955565][T17754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  366.955582][T17754] R13: 0000000000000000 R14: 00007f50a46f5fa0 R15: 00007ffe3938c4a8
[  366.955684][T17754]  </TASK>
[  367.844634][T17755] loop7: detected capacity change from 0 to 164
[  367.985422][T17733] lo speed is unknown, defaulting to 1000
[  368.023455][   T29] kauditd_printk_skb: 431 callbacks suppressed
[  368.023521][   T29] audit: type=1326 audit(1749490594.363:24320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17745 comm="syz.4.4983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f267871e929 code=0x7ffc0000
[  368.228625][T17733] loop2: detected capacity change from 0 to 512
[  368.235399][T17733] EXT4-fs: Ignoring removed mblk_io_submit option
[  368.241918][T17733] EXT4-fs: Ignoring removed bh option
[  368.251299][T17733] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  368.278016][T17733] EXT4-fs (loop2): 1 truncate cleaned up
[  368.298399][   T29] audit: type=1326 audit(1749490594.646:24321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.322300][   T29] audit: type=1326 audit(1749490594.646:24322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.346096][   T29] audit: type=1326 audit(1749490594.646:24323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.370364][   T29] audit: type=1326 audit(1749490594.646:24324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.385782][T17771] loop6: detected capacity change from 0 to 1024
[  368.394072][   T29] audit: type=1326 audit(1749490594.646:24325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.405713][T17771] EXT4-fs: Ignoring removed orlov option
[  368.432659][   T29] audit: type=1326 audit(1749490594.678:24326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.456316][   T29] audit: type=1326 audit(1749490594.678:24327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.458498][T17773] loop4: detected capacity change from 0 to 256
[  368.479985][   T29] audit: type=1326 audit(1749490594.678:24328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.480030][   T29] audit: type=1326 audit(1749490594.793:24329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17762 comm="syz.7.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  368.497257][T17763] bond1: entered promiscuous mode
[  368.538911][T17763] bond1: entered allmulticast mode
[  368.553295][T17773] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  368.562214][T17773] FAT-fs (loop4): Filesystem has been set read-only
[  368.570068][T17763] 8021q: adding VLAN 0 to HW filter on device bond1
[  368.593242][T17776] loop7: detected capacity change from 0 to 1024
[  368.616821][T17763] bond1 (unregistering): Released all slaves
[  368.622247][T17779] netlink: 'syz.2.4995': attribute type 1 has an invalid length.
[  368.632698][T17780] FAULT_INJECTION: forcing a failure.
[  368.632698][T17780] name failslab, interval 1, probability 0, space 0, times 0
[  368.645504][T17780] CPU: 1 UID: 0 PID: 17780 Comm: syz.0.4996 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  368.645534][T17780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  368.645548][T17780] Call Trace:
[  368.645556][T17780]  <TASK>
[  368.645564][T17780]  __dump_stack+0x1d/0x30
[  368.645587][T17780]  dump_stack_lvl+0xe8/0x140
[  368.645611][T17780]  dump_stack+0x15/0x1b
[  368.645632][T17780]  should_fail_ex+0x265/0x280
[  368.645678][T17780]  should_failslab+0x8c/0xb0
[  368.645702][T17780]  kmem_cache_alloc_noprof+0x50/0x310
[  368.645732][T17780]  ? vm_area_alloc+0x2c/0xb0
[  368.645771][T17780]  vm_area_alloc+0x2c/0xb0
[  368.645800][T17780]  mmap_region+0xa3a/0x1560
[  368.645860][T17780]  do_mmap+0x9b3/0xbe0
[  368.645907][T17780]  vm_mmap_pgoff+0x17a/0x2e0
[  368.645948][T17780]  ksys_mmap_pgoff+0xc2/0x310
[  368.645988][T17780]  ? __x64_sys_mmap+0x49/0x70
[  368.646017][T17780]  x64_sys_call+0x1602/0x2fb0
[  368.646044][T17780]  do_syscall_64+0xd2/0x200
[  368.646068][T17780]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  368.646094][T17780]  ? clear_bhb_loop+0x40/0x90
[  368.646117][T17780]  ? clear_bhb_loop+0x40/0x90
[  368.646147][T17780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.646175][T17780] RIP: 0033:0x7f27f915e963
[  368.646195][T17780] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  368.646217][T17780] RSP: 002b:00007f27f77c6e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  368.646236][T17780] RAX: ffffffffffffffda RBX: 000000000000043e RCX: 00007f27f915e963
[  368.646251][T17780] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  368.646267][T17780] RBP: 0000200000000cc2 R08: 00000000ffffffff R09: 0000000000000000
[  368.646283][T17780] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000008
[  368.646299][T17780] R13: 00007f27f77c6ef0 R14: 00007f27f77c6eb0 R15: 0000200000000300
[  368.646325][T17780]  </TASK>
[  368.926361][T17783] loop2: detected capacity change from 0 to 164
[  368.935212][T17785] netlink: 'syz.4.4999': attribute type 1 has an invalid length.
[  368.981161][T17776] lo speed is unknown, defaulting to 1000
[  368.982041][T17791] loop6: detected capacity change from 0 to 256
[  369.063026][T17791] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  369.071960][T17791] FAT-fs (loop6): Filesystem has been set read-only
[  369.156693][T17804] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  369.163381][T17804] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  369.171018][T17804] vhci_hcd vhci_hcd.0: Device attached
[  369.208148][T17805] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(12)
[  369.214878][T17805] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  369.222415][T17805] vhci_hcd vhci_hcd.0: Device attached
[  369.233340][T17811] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(15)
[  369.240059][T17811] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  369.247691][T17811] vhci_hcd vhci_hcd.0: Device attached
[  369.260092][T17817] netlink: 'syz.7.5009': attribute type 1 has an invalid length.
[  369.288135][T17804] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(14)
[  369.294814][T17804] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  369.302488][T17804] vhci_hcd vhci_hcd.0: Device attached
[  369.315720][T17805] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  369.339325][T17804] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  369.356819][T17822] loop4: detected capacity change from 0 to 1024
[  369.363775][T17822] EXT4-fs: Ignoring removed orlov option
[  369.379282][T17805] vhci_hcd vhci_hcd.0: pdev(0) rhport(7) sockfd(25)
[  369.386163][T17805] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  369.393791][T17805] vhci_hcd vhci_hcd.0: Device attached
[  369.407281][T17834] loop2: detected capacity change from 0 to 512
[  369.417921][T17804] vhci_hcd vhci_hcd.0: pdev(0) rhport(6) sockfd(20)
[  369.424586][T17804] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  369.432172][T17804] vhci_hcd vhci_hcd.0: Device attached
[  369.444074][T17811] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(28)
[  369.450864][T17811] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  369.458651][T17811] vhci_hcd vhci_hcd.0: Device attached
[  369.472114][T17834] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.5012: bg 0: block 5: invalid block bitmap
[  369.487442][T17804] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  369.516996][T17834] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  369.531045][T17844] netlink: 'syz.4.5014': attribute type 1 has an invalid length.
[  369.544300][T17838] vhci_hcd: connection closed
[  369.544436][T17832] vhci_hcd: connection closed
[  369.545110][T17813] vhci_hcd: connection closed
[  369.549595][T17812] vhci_hcd: connection closed
[  369.554469][T11972] vhci_hcd: stop threads
[  369.559244][T17806] vhci_hcd: connection closed
[  369.563648][T11972] vhci_hcd: release socket
[  369.569140][T17834] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.5012: invalid indirect mapped block 3 (level 2)
[  369.572689][T11972] vhci_hcd: disconnect device
[  369.578395][T17834] EXT4-fs (loop2): 2 truncates cleaned up
[  369.591880][T17823] vhci_hcd: connection closed
[  369.596616][T17834] EXT4-fs mount: 48 callbacks suppressed
[  369.596640][T17834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.601325][T17833] vhci_hcd: connection closed
[  369.612490][T17834] EXT4-fs (loop2): shut down requested (1)
[  369.638480][T17834] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[  369.647646][T17834] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=15
[  369.657730][T11972] vhci_hcd: stop threads
[  369.662082][T11972] vhci_hcd: release socket
[  369.666516][T11972] vhci_hcd: disconnect device
[  369.672201][T11687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.693404][T11972] vhci_hcd: stop threads
[  369.697770][T11972] vhci_hcd: release socket
[  369.702388][T11972] vhci_hcd: disconnect device
[  369.718297][T11972] vhci_hcd: stop threads
[  369.722636][T11972] vhci_hcd: release socket
[  369.727084][T11972] vhci_hcd: disconnect device
[  369.731984][T17856] loop7: detected capacity change from 0 to 512
[  369.738649][T17852] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  369.739723][T11972] vhci_hcd: stop threads
[  369.745197][T17852] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  369.749502][T11972] vhci_hcd: release socket
[  369.757207][T17852] vhci_hcd vhci_hcd.0: Device attached
[  369.761504][T11972] vhci_hcd: disconnect device
[  369.779112][T17854] vhci_hcd: connection closed
[  369.779675][T11972] vhci_hcd: stop threads
[  369.784678][T17856] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.5018: corrupted in-inode xattr: invalid ea_ino
[  369.788681][T11972] vhci_hcd: release socket
[  369.788698][T11972] vhci_hcd: disconnect device
[  369.789287][T11972] vhci_hcd: stop threads
[  369.804652][T17856] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.5018: couldn't read orphan inode 15 (err -117)
[  369.806816][T11972] vhci_hcd: release socket
[  369.832101][T11972] vhci_hcd: disconnect device
[  369.837823][T11972] vhci_hcd: stop threads
[  369.842159][T11972] vhci_hcd: release socket
[  369.846604][T11972] vhci_hcd: disconnect device
[  369.852402][T17856] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.904069][T17864] netlink: 'syz.6.5021': attribute type 1 has an invalid length.
[  369.980376][T17516] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.991972][T17872] loop6: detected capacity change from 0 to 2048
[  370.005790][T17872] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.020006][T17872] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  370.024932][T13580] kernel write not supported for file task/38/net/sockstat (pid: 13580 comm: kworker/1:11)
[  370.049802][T17872] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  370.062604][T17872] EXT4-fs (loop6): This should not happen!! Data will be lost
[  370.062604][T17872] 
[  370.072395][T17872] EXT4-fs (loop6): Total free blocks count 0
[  370.078427][T17872] EXT4-fs (loop6): Free/Dirty block details
[  370.084418][T17872] EXT4-fs (loop6): free_blocks=4096
[  370.089802][T17872] EXT4-fs (loop6): dirty_blocks=32
[  370.095033][T17872] EXT4-fs (loop6): Block reservation details
[  370.095439][T17879] netlink: 'syz.0.5026': attribute type 1 has an invalid length.
[  370.101086][T17872] EXT4-fs (loop6): i_reserved_data_blocks=2
[  370.136622][T17881] loop7: detected capacity change from 0 to 512
[  370.147846][T17881] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.5027: bg 0: block 5: invalid block bitmap
[  370.161514][T17881] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  370.181006][T17881] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.5027: invalid indirect mapped block 3 (level 2)
[  370.205208][T17881] EXT4-fs (loop7): 2 truncates cleaned up
[  370.211672][T17881] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.256998][T17881] EXT4-fs (loop7): shut down requested (1)
[  370.259976][T17872] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 513 with error 28
[  370.277295][T17888] loop0: detected capacity change from 0 to 512
[  370.287081][T17881] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop7 ino=15
[  370.304020][T17881] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop7 ino=15
[  370.315021][T17888] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.5030: bg 0: block 5: invalid block bitmap
[  370.341084][T17888] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  370.354302][T17516] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.365639][T17888] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.5030: invalid indirect mapped block 3 (level 2)
[  370.388676][T17888] EXT4-fs (loop0): 2 truncates cleaned up
[  370.396045][T17888] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.412150][T17893] x_tables: duplicate underflow at hook 3
[  370.421689][T17893] loop7: detected capacity change from 0 to 256
[  370.436677][T17893] FAT-fs (loop7): Directory bread(block 64) failed
[  370.443557][T17893] FAT-fs (loop7): Directory bread(block 65) failed
[  370.450154][T17893] FAT-fs (loop7): Directory bread(block 66) failed
[  370.457914][T17893] FAT-fs (loop7): Directory bread(block 67) failed
[  370.464637][T17893] FAT-fs (loop7): Directory bread(block 68) failed
[  370.472889][T17893] FAT-fs (loop7): Directory bread(block 69) failed
[  370.479507][T17893] FAT-fs (loop7): Directory bread(block 70) failed
[  370.512541][T17888] EXT4-fs (loop0): shut down requested (1)
[  370.519023][T17893] FAT-fs (loop7): Directory bread(block 71) failed
[  370.525960][T17893] FAT-fs (loop7): Directory bread(block 72) failed
[  370.532676][T17893] FAT-fs (loop7): Directory bread(block 73) failed
[  370.539349][T17888] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[  370.557728][T17888] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=15
[  370.585203][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.651697][T17906] loop6: detected capacity change from 0 to 512
[  370.658614][T17906] EXT4-fs: Ignoring removed bh option
[  370.664119][T17906] EXT4-fs: Ignoring removed mblk_io_submit option
[  370.671807][T17906] EXT4-fs: Mount option(s) incompatible with ext2
[  370.748215][T17909] loop2: detected capacity change from 0 to 2048
[  370.800366][T17909] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.847925][T17909] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  370.959607][T17909] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  370.972241][T17909] EXT4-fs (loop2): This should not happen!! Data will be lost
[  370.972241][T17909] 
[  370.982001][T17909] EXT4-fs (loop2): Total free blocks count 0
[  370.988087][T17909] EXT4-fs (loop2): Free/Dirty block details
[  370.994072][T17909] EXT4-fs (loop2): free_blocks=4096
[  370.999325][T17909] EXT4-fs (loop2): dirty_blocks=32
[  371.004480][T17909] EXT4-fs (loop2): Block reservation details
[  371.010483][T17909] EXT4-fs (loop2): i_reserved_data_blocks=2
[  371.497127][T17923] __nla_validate_parse: 3 callbacks suppressed
[  371.497148][T17923] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5038'.
[  371.516075][T17920] loop7: detected capacity change from 0 to 1024
[  371.527737][T17920] EXT4-fs: Ignoring removed orlov option
[  371.548064][T17920] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.577258][T17923] loop0: detected capacity change from 0 to 2048
[  371.584905][T17909] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 513 with error 28
[  371.695531][T17516] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.705127][T17923]  loop0: p1 < > p4
[  371.709829][T17923] loop0: p4 size 8388608 extends beyond EOD, truncated
[  371.748661][T17923] netlink: 'syz.0.5038': attribute type 4 has an invalid length.
[  371.771704][T17931] netlink: 'syz.7.5045': attribute type 13 has an invalid length.
[  371.779624][T17931] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5045'.
[  371.865413][T17941] loop4: detected capacity change from 0 to 256
[  371.895754][T17940] netlink: 40 bytes leftover after parsing attributes in process `syz.7.5049'.
[  371.906436][T17941] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  371.915296][T17941] FAT-fs (loop4): Filesystem has been set read-only
[  371.949388][T17945] FAULT_INJECTION: forcing a failure.
[  371.949388][T17945] name failslab, interval 1, probability 0, space 0, times 0
[  371.962166][T17945] CPU: 0 UID: 0 PID: 17945 Comm: syz.6.5052 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  371.962273][T17945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  371.962290][T17945] Call Trace:
[  371.962298][T17945]  <TASK>
[  371.962309][T17945]  __dump_stack+0x1d/0x30
[  371.962407][T17945]  dump_stack_lvl+0xe8/0x140
[  371.962432][T17945]  dump_stack+0x15/0x1b
[  371.962453][T17945]  should_fail_ex+0x265/0x280
[  371.962499][T17945]  ? kernfs_fop_open+0x4c0/0x6d0
[  371.962531][T17945]  should_failslab+0x8c/0xb0
[  371.962560][T17945]  __kmalloc_cache_noprof+0x4c/0x320
[  371.962615][T17945]  kernfs_fop_open+0x4c0/0x6d0
[  371.962652][T17945]  do_dentry_open+0x649/0xa20
[  371.962686][T17945]  ? __pfx_kernfs_fop_open+0x10/0x10
[  371.962769][T17945]  vfs_open+0x37/0x1e0
[  371.962802][T17945]  path_openat+0x1c5e/0x2170
[  371.962869][T17945]  do_filp_open+0x109/0x230
[  371.962922][T17945]  do_sys_openat2+0xa6/0x110
[  371.963035][T17945]  __x64_sys_openat+0xf2/0x120
[  371.963074][T17945]  x64_sys_call+0x1af/0x2fb0
[  371.963101][T17945]  do_syscall_64+0xd2/0x200
[  371.963127][T17945]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  371.963168][T17945]  ? clear_bhb_loop+0x40/0x90
[  371.963195][T17945]  ? clear_bhb_loop+0x40/0x90
[  371.963223][T17945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.963250][T17945] RIP: 0033:0x7f50a44ce929
[  371.963269][T17945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.963363][T17945] RSP: 002b:00007f50a2b37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  371.963387][T17945] RAX: ffffffffffffffda RBX: 00007f50a46f5fa0 RCX: 00007f50a44ce929
[  371.963409][T17945] RDX: 0000000000020001 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  371.963426][T17945] RBP: 00007f50a2b37090 R08: 0000000000000000 R09: 0000000000000000
[  371.963441][T17945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.963525][T17945] R13: 0000000000000000 R14: 00007f50a46f5fa0 R15: 00007ffe3938c4a8
[  371.963551][T17945]  </TASK>
[  372.171811][T17943] loop0: detected capacity change from 0 to 8192
[  372.245567][T17954] loop4: detected capacity change from 0 to 512
[  372.292330][T17954] EXT4-fs (loop4): 1 orphan inode deleted
[  372.298552][T17954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.350241][T11972] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:20: Failed to release dquot type 1
[  372.403228][T17954] ext4 filesystem being mounted at /396/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  372.447249][T17954] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.5054: iget: bad i_size value: 360287970189639690
[  372.465287][T17954] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.5054: iget: bad i_size value: 360287970189639690
[  372.481115][T17972] loop6: detected capacity change from 0 to 164
[  372.535530][T17972] ISOFS: unable to read i-node block
[  372.540999][T17972] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  372.556769][T17954] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.5054: iget: bad i_size value: 360287970189639690
[  372.594658][T17972] netlink: 96 bytes leftover after parsing attributes in process `syz.6.5058'.
[  372.607597][T17975] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.5054: iget: bad i_size value: 360287970189639690
[  372.643223][T11014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.716395][T17979] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5060'.
[  372.782792][T17982] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5060'.
[  372.791889][T17982] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5060'.
[  372.938001][T17982] wireguard0: entered promiscuous mode
[  372.943556][T17982] wireguard0: entered allmulticast mode
[  373.023037][T17979] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5060'.
[  376.062100][T17998] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5065'.
[  376.127455][   T29] kauditd_printk_skb: 384 callbacks suppressed
[  376.127474][   T29] audit: type=1326 audit(1749490602.828:24713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.157326][   T29] audit: type=1326 audit(1749490602.828:24714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.180915][   T29] audit: type=1326 audit(1749490602.828:24715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.204568][   T29] audit: type=1326 audit(1749490602.828:24716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.228239][   T29] audit: type=1326 audit(1749490602.828:24717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.237318][T18004] loop2: detected capacity change from 0 to 512
[  376.252002][   T29] audit: type=1326 audit(1749490602.828:24718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.282074][   T29] audit: type=1326 audit(1749490602.828:24719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.304542][T18004] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.5068: corrupted in-inode xattr: invalid ea_ino
[  376.305663][   T29] audit: type=1326 audit(1749490602.838:24720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.342629][   T29] audit: type=1326 audit(1749490602.838:24721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.366419][   T29] audit: type=1326 audit(1749490602.838:24722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.0.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f915e929 code=0x7ffc0000
[  376.391312][T17998] loop0: detected capacity change from 0 to 1024
[  376.411993][T18004] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.5068: couldn't read orphan inode 15 (err -117)
[  376.458229][T18012] loop4: detected capacity change from 0 to 2048
[  376.466978][T18004] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.481963][T17998] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.502216][T18012] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.597928][T18012] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  376.632567][T18012] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  376.645357][T18012] EXT4-fs (loop4): This should not happen!! Data will be lost
[  376.645357][T18012] 
[  376.655175][T18012] EXT4-fs (loop4): Total free blocks count 0
[  376.661271][T18012] EXT4-fs (loop4): Free/Dirty block details
[  376.667216][T18012] EXT4-fs (loop4): free_blocks=4096
[  376.672643][T18012] EXT4-fs (loop4): dirty_blocks=32
[  376.677788][T18012] EXT4-fs (loop4): Block reservation details
[  376.683896][T18012] EXT4-fs (loop4): i_reserved_data_blocks=2
[  376.720857][T11687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.959656][T18027] lo speed is unknown, defaulting to 1000
[  377.138920][T18027] loop6: detected capacity change from 0 to 512
[  377.146025][T18027] EXT4-fs: Ignoring removed mblk_io_submit option
[  377.152652][T18027] EXT4-fs: Ignoring removed bh option
[  377.159622][T18027] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  377.361698][T18027] EXT4-fs (loop6): 1 truncate cleaned up
[  377.368922][T18027] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.816882][ T3379] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  377.824421][ T3379] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  377.832054][ T3379] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  378.396456][T18035] lo speed is unknown, defaulting to 1000
[  378.572814][T18032] loop2: detected capacity change from 0 to 512
[  378.579728][T18032] EXT4-fs: Ignoring removed mblk_io_submit option
[  378.586266][T18032] EXT4-fs: Ignoring removed bh option
[  378.599139][T18032] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  378.614450][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.804528][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.015594][T18012] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 481 with error 28
[  379.234905][T18032] EXT4-fs (loop2): 1 truncate cleaned up
[  379.241229][T18032] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.259458][ T3379] hid-generic 0000:0004:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  379.377075][T18034] loop7: detected capacity change from 0 to 2048
[  379.413027][T18034] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  379.447525][T18043] loop6: detected capacity change from 0 to 2048
[  379.504851][T18043] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.524118][T11687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.531621][T18046] loop0: detected capacity change from 0 to 2048
[  379.570303][T18043] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  379.591419][T18034] loop7: detected capacity change from 0 to 1024
[  379.598127][T18043] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  379.610824][T18043] EXT4-fs (loop6): This should not happen!! Data will be lost
[  379.610824][T18043] 
[  379.620287][T18034] EXT4-fs: Ignoring removed orlov option
[  379.620698][T18043] EXT4-fs (loop6): Total free blocks count 0
[  379.626452][T18034] EXT4-fs: Ignoring removed nomblk_io_submit option
[  379.632301][T18043] EXT4-fs (loop6): Free/Dirty block details
[  379.632320][T18043] EXT4-fs (loop6): free_blocks=4096
[  379.650273][T18043] EXT4-fs (loop6): dirty_blocks=32
[  379.655439][T18043] EXT4-fs (loop6): Block reservation details
[  379.661478][T18043] EXT4-fs (loop6): i_reserved_data_blocks=2
[  379.693091][T18046] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.738108][T18034] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.777440][T18046] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  379.925783][T18046] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  379.938431][T18046] EXT4-fs (loop0): This should not happen!! Data will be lost
[  379.938431][T18046] 
[  379.948182][T18046] EXT4-fs (loop0): Total free blocks count 0
[  379.954340][T18046] EXT4-fs (loop0): Free/Dirty block details
[  379.960445][T18046] EXT4-fs (loop0): free_blocks=4096
[  379.965711][T18046] EXT4-fs (loop0): dirty_blocks=32
[  379.970858][T18046] EXT4-fs (loop0): Block reservation details
[  379.976900][T18046] EXT4-fs (loop0): i_reserved_data_blocks=2
[  380.017762][T17516] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.021675][T18060] loop4: detected capacity change from 0 to 4096
[  380.108036][T18060] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.179566][T18060] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.5084: corrupted inode contents
[  380.199669][T18068] loop7: detected capacity change from 0 to 2048
[  380.262187][T18060] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #15: comm syz.4.5084: mark_inode_dirty error
[  380.319872][T18068] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.328417][T18073] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  380.342278][T18060] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.5084: corrupted inode contents
[  380.375291][T18068] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  380.394550][T18060] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.5084: mark_inode_dirty error
[  380.401435][T18068] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  380.418453][T18068] EXT4-fs (loop7): This should not happen!! Data will be lost
[  380.418453][T18068] 
[  380.428142][T18068] EXT4-fs (loop7): Total free blocks count 0
[  380.434184][T18068] EXT4-fs (loop7): Free/Dirty block details
[  380.440262][T18068] EXT4-fs (loop7): free_blocks=4096
[  380.441528][T18060] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.5084: corrupted inode contents
[  380.445479][T18068] EXT4-fs (loop7): dirty_blocks=32
[  380.445499][T18068] EXT4-fs (loop7): Block reservation details
[  380.445511][T18068] EXT4-fs (loop7): i_reserved_data_blocks=2
[  380.517182][T18060] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #15: comm syz.4.5084: mark_inode_dirty error
[  380.541528][T18043] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 881 with error 28
[  380.592352][T18060] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.5084: corrupted inode contents
[  380.640233][T18060] EXT4-fs error (device loop4): ext4_truncate:4597: inode #15: comm syz.4.5084: mark_inode_dirty error
[  380.653815][T18046] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 689 with error 28
[  380.687745][T18060] EXT4-fs error (device loop4) in ext4_setattr:5986: Corrupt filesystem
[  380.724719][T18068] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 481 with error 28
[  380.735272][T18071] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #15: comm syz.4.5084: corrupted inode contents
[  380.860324][T11014] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  380.897314][T11014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.102350][T18092] loop6: detected capacity change from 0 to 1024
[  381.136542][T18092] EXT4-fs: Ignoring removed orlov option
[  381.397268][T18103] lo speed is unknown, defaulting to 1000
[  381.805030][T18105] loop4: detected capacity change from 0 to 512
[  381.811943][T18105] EXT4-fs: Ignoring removed mblk_io_submit option
[  381.818440][T18105] EXT4-fs: Ignoring removed bh option
[  382.130398][T18092] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.277645][T18105] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  382.832534][T18110] lo speed is unknown, defaulting to 1000
[  383.470948][T18106] loop0: detected capacity change from 0 to 512
[  383.477795][T18106] EXT4-fs: Ignoring removed mblk_io_submit option
[  383.484283][T18106] EXT4-fs: Ignoring removed bh option
[  383.677201][T18106] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  383.699336][T18105] EXT4-fs (loop4): 1 truncate cleaned up
[  383.705857][T18105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.792178][T18106] EXT4-fs (loop0): 1 truncate cleaned up
[  383.798433][T18106] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.864231][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.904495][   T29] kauditd_printk_skb: 82 callbacks suppressed
[  383.904510][   T29] audit: type=1326 audit(1749490611.041:24805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.017108][T11014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.048132][T18116] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(9)
[  384.054705][T18116] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  384.062445][T18116] vhci_hcd vhci_hcd.0: Device attached
[  384.087573][   T29] audit: type=1326 audit(1749490611.104:24806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.111258][   T29] audit: type=1326 audit(1749490611.104:24807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.134942][   T29] audit: type=1326 audit(1749490611.104:24808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.155376][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.158603][   T29] audit: type=1326 audit(1749490611.104:24809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.158633][   T29] audit: type=1326 audit(1749490611.104:24810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.168343][T18120] loop7: detected capacity change from 0 to 4096
[  384.191182][   T29] audit: type=1326 audit(1749490611.104:24811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.191296][   T29] audit: type=1326 audit(1749490611.104:24812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.268521][   T29] audit: type=1326 audit(1749490611.188:24813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.292147][   T29] audit: type=1326 audit(1749490611.188:24814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18113 comm="syz.2.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0151be929 code=0x7ffc0000
[  384.309892][T18120] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.345726][T18117] vhci_hcd: connection closed
[  384.353417][T13569] usb 13-1: new high-speed USB device number 2 using vhci_hcd
[  384.365836][T18118] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  384.390128][T12005] vhci_hcd: stop threads
[  384.394484][T12005] vhci_hcd: release socket
[  384.398941][T12005] vhci_hcd: disconnect device
[  384.479526][T18120] EXT4-fs error (device loop7): ext4_do_update_inode:5568: inode #15: comm syz.7.5103: corrupted inode contents
[  384.494371][T18120] EXT4-fs error (device loop7): ext4_dirty_inode:6459: inode #15: comm syz.7.5103: mark_inode_dirty error
[  384.556074][T18120] EXT4-fs error (device loop7): ext4_do_update_inode:5568: inode #15: comm syz.7.5103: corrupted inode contents
[  384.931295][T18145] netlink: 'syz.4.5108': attribute type 1 has an invalid length.
[  385.052608][T18148] netlink: 'syz.2.5109': attribute type 1 has an invalid length.
[  385.060466][T18148] netlink: 224 bytes leftover after parsing attributes in process `syz.2.5109'.
[  385.370231][T18160] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  385.551060][T18137] loop0: detected capacity change from 0 to 512
[  385.553365][T18120] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.5103: mark_inode_dirty error
[  385.557951][T18137] EXT4-fs: Ignoring removed mblk_io_submit option
[  385.575214][T18137] EXT4-fs: Ignoring removed bh option
[  385.581676][T18137] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  385.625285][T18120] EXT4-fs error (device loop7): ext4_do_update_inode:5568: inode #15: comm syz.7.5103: corrupted inode contents
[  385.673059][T18137] EXT4-fs (loop0): 1 truncate cleaned up
[  385.673388][T18134] lo speed is unknown, defaulting to 1000
[  385.679339][T18137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.707562][T18120] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #15: comm syz.7.5103: mark_inode_dirty error
[  385.760767][T18120] EXT4-fs error (device loop7): ext4_do_update_inode:5568: inode #15: comm syz.7.5103: corrupted inode contents
[  385.825039][T18120] EXT4-fs error (device loop7): ext4_truncate:4597: inode #15: comm syz.7.5103: mark_inode_dirty error
[  385.981661][T18120] EXT4-fs error (device loop7) in ext4_setattr:5986: Corrupt filesystem
[  385.991381][T18120] EXT4-fs error (device loop7): ext4_do_update_inode:5568: inode #15: comm syz.7.5103: corrupted inode contents
[  386.001791][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.014993][T18120] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  386.025989][T18147] lo speed is unknown, defaulting to 1000
[  386.201172][T18167] lo speed is unknown, defaulting to 1000
[  386.397046][T18173] loop4: detected capacity change from 0 to 512
[  386.404179][T18173] EXT4-fs: Ignoring removed mblk_io_submit option
[  386.410741][T18173] EXT4-fs: Ignoring removed bh option
[  386.417405][T18173] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  386.431079][T18173] EXT4-fs (loop4): 1 truncate cleaned up
[  386.437779][T18173] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.632959][T18177] loop6: detected capacity change from 0 to 164
[  386.928578][T18179] loop2: detected capacity change from 0 to 2048
[  386.975926][T18179] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  387.071367][T17516] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.083214][T11014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.114578][T18188] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5118'.
[  387.142560][T18179] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  387.200778][T18179] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 346 with error 28
[  387.213387][T18179] EXT4-fs (loop2): This should not happen!! Data will be lost
[  387.213387][T18179] 
[  387.223251][T18179] EXT4-fs (loop2): Total free blocks count 0
[  387.229376][T18179] EXT4-fs (loop2): Free/Dirty block details
[  387.235295][T18179] EXT4-fs (loop2): free_blocks=2415919104
[  387.241079][T18179] EXT4-fs (loop2): dirty_blocks=368
[  387.246327][T18179] EXT4-fs (loop2): Block reservation details
[  387.252453][T18179] EXT4-fs (loop2): i_reserved_data_blocks=23
[  387.280097][T18198] bond1: entered promiscuous mode
[  387.285196][T18198] bond1: entered allmulticast mode
[  387.290965][T18195] loop7: detected capacity change from 0 to 1024
[  387.313067][T18198] 8021q: adding VLAN 0 to HW filter on device bond1
[  387.337895][T18195] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  387.370384][T18192] loop4: detected capacity change from 0 to 1024
[  387.397471][T18195] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  387.419056][T18198] bond1 (unregistering): Released all slaves
[  387.528503][T18195] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  387.574052][T18195] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 2: comm syz.7.5120: lblock 2 mapped to illegal pblock 2 (length 1)
[  387.598528][T18195] EXT4-fs (loop7): Remounting filesystem read-only
[  387.786112][T18207] loop0: detected capacity change from 0 to 512
[  387.793050][T18207] EXT4-fs: Ignoring removed mblk_io_submit option
[  387.799534][T18207] EXT4-fs: Ignoring removed bh option
[  387.808248][T18207] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  387.876010][T18207] EXT4-fs (loop0): 1 truncate cleaned up
[  387.882836][T18207] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.457542][T18192] lo speed is unknown, defaulting to 1000
[  388.469337][T18215] netlink: 'syz.6.5124': attribute type 1 has an invalid length.
[  388.481985][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  388.568009][T18208] lo speed is unknown, defaulting to 1000
[  388.573874][T18195] EXT4-fs (loop7): 1 orphan inode deleted
[  388.580101][T18195] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  388.643353][T18195] sd 0:0:1:0: device reset
[  388.667229][   T29] kauditd_printk_skb: 180 callbacks suppressed
[  388.667322][   T29] audit: type=1326 audit(1749490616.050:24993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18193 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f5fafbee929 code=0x7ffc0000
[  388.667391][T18194] ==================================================================
[  388.673602][T18194] BUG: KCSAN: data-race in data_alloc / prb_reserve
[  388.710915][T18194] 
[  388.713253][T18194] write to 0xffffffff86889d38 of 8 bytes by task 29 on cpu 1:
[  388.720721][T18194]  data_alloc+0x27d/0x2b0
[  388.725083][T18194]  prb_reserve+0x808/0xaf0
[  388.729531][T18194]  vprintk_store+0x56d/0x860
[  388.734136][T18194]  vprintk_emit+0x178/0x650
[  388.738654][T18194]  _printk_deferred+0x82/0xb0
[  388.743358][T18194]  ___ratelimit+0x4b1/0x4f0
[  388.747890][T18194]  __printk_ratelimit+0x1c/0x30
[  388.752760][T18194]  kauditd_hold_skb+0x63/0x1c0
[  388.757540][T18194]  kauditd_send_queue+0x273/0x2c0
[  388.762587][T18194]  kauditd_thread+0x421/0x630
[  388.767292][T18194]  kthread+0x486/0x510
[  388.771390][T18194]  ret_from_fork+0xda/0x150
[  388.775921][T18194]  ret_from_fork_asm+0x1a/0x30
[  388.780710][T18194] 
[  388.783044][T18194] read to 0xffffffff86889d38 of 8 bytes by task 18194 on cpu 0:
[  388.790690][T18194]  prb_reserve+0x221/0xaf0
[  388.795139][T18194]  vprintk_store+0x56d/0x860
[  388.799754][T18194]  vprintk_emit+0x178/0x650
[  388.804274][T18194]  vprintk_default+0x26/0x30
[  388.808886][T18194]  vprintk+0x1d/0x30
[  388.812807][T18194]  _printk+0x79/0xa0
[  388.816732][T18194]  sidtab_context_to_sid+0x5bf/0x5e0
[  388.822046][T18194]  security_context_to_sid_core+0x294/0x3b0
[  388.827964][T18194]  security_context_to_sid_force+0x30/0x40
[  388.833799][T18194]  selinux_inode_setxattr+0x4e8/0x6e0
[  388.839197][T18194]  security_inode_setxattr+0x13a/0x1b0
[  388.844677][T18194]  __vfs_setxattr_locked+0x83/0x1d0
[  388.849895][T18194]  vfs_setxattr+0x132/0x270
[  388.854416][T18194]  file_setxattr+0x139/0x1b0
[  388.859028][T18194]  path_setxattrat+0x290/0x310
[  388.863823][T18194]  __x64_sys_fsetxattr+0x6b/0x80
[  388.868781][T18194]  x64_sys_call+0x2f7c/0x2fb0
[  388.873513][T18194]  do_syscall_64+0xd2/0x200
[  388.878048][T18194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.883971][T18194] 
[  388.886306][T18194] value changed: 0x00000000000316c0 -> 0x00000000000d3a00
[  388.893424][T18194] 
[  388.895755][T18194] Reported by Kernel Concurrency Sanitizer on:
[  388.901919][T18194] CPU: 0 UID: 0 PID: 18194 Comm:  Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  388.911934][T18194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  388.922006][T18194] ==================================================================
[  388.667263][T18194] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[  388.984906][   T29] audit: type=1400 audit(1749490616.333:24994): avc:  denied  { relabelto } for  pid=18193 comm=04 name="NETLINK" dev="sockfs" ino=61359 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_netfilter_socket permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0"
[  389.105254][   T29] audit: type=1326 audit(1749490616.491:24995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18216 comm="syz.6.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  389.128959][   T29] audit: type=1326 audit(1749490616.491:24996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18216 comm="syz.6.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  389.152631][   T29] audit: type=1326 audit(1749490616.491:24997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18216 comm="syz.6.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f50a44ce929 code=0x7ffc0000
[  389.176251][   T29] audit: type=1326 audit(1749490616.491:24998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18216 comm="syz.6.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f50a44ce963 code=0x7ffc0000
[  389.199810][   T29] audit: type=1326 audit(1749490616.491:24999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18216 comm="syz.6.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f50a44cd3df code=0x7ffc0000
[  389.250444][T11278] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.279936][T18218] loop6: detected capacity change from 0 to 2048
[  389.295444][T13569] vhci_hcd: vhci_device speed not set
[  389.297239][T18218] msdos: Unknown parameter 'nodot—'
[  389.301107][T18220] loop2: detected capacity change from 0 to 2048
[  389.368036][   T29] audit: type=1326 audit(1749490616.607:25000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18216 comm="syz.6.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f50a44ce9b7 code=0x7ffc0000
[  389.391645][   T29] audit: type=1326 audit(1749490616.691:25001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18216 comm="syz.6.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f50a44cd290 code=0x7ffc0000
[  389.396802][T18218] loop6: detected capacity change from 0 to 1024
[  389.415399][   T29] audit: type=1326 audit(1749490616.691:25002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18216 comm="syz.6.5126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f50a44ce52b code=0x7ffc0000
[  389.424630][T18220] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.482728][T18224] bond1: entered promiscuous mode
[  389.487852][T18224] bond1: entered allmulticast mode
[  389.497345][T18224] 8021q: adding VLAN 0 to HW filter on device bond1
[  389.509732][T18224] bond1 (unregistering): Released all slaves
[  389.523315][T18220] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  389.539249][T17516] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.569569][T18220] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  389.582303][T18220] EXT4-fs (loop2): This should not happen!! Data will be lost
[  389.582303][T18220] 
[  389.592025][T18220] EXT4-fs (loop2): Total free blocks count 0
[  389.595109][T18228] loop0: detected capacity change from 0 to 1024
[  389.598012][T18220] EXT4-fs (loop2): Free/Dirty block details
[  389.598028][T18220] EXT4-fs (loop2): free_blocks=4096
[  389.615744][T18220] EXT4-fs (loop2): dirty_blocks=32
[  389.621026][T18220] EXT4-fs (loop2): Block reservation details
[  389.627084][T18220] EXT4-fs (loop2): i_reserved_data_blocks=2
[  389.635464][T18218] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.650836][T18218] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  389.777378][T12410] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.906772][T18232] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 865 with error 28
[  389.952697][T18224] lo speed is unknown, defaulting to 1000