last executing test programs:

56.384574198s ago: executing program 3 (id=1919):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r0 = syz_clone(0x88288200, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
r2 = epoll_create1(0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r4, 0x0, 0x200000000000006}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r2, &(0x7f0000000080)={0x200d})
epoll_pwait(r5, &(0x7f0000000040)=[{}], 0x1, 0xfffffff3, 0x0, 0x0)
dup3(r1, r5, 0x0)

55.506776701s ago: executing program 3 (id=1928):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x7de, 0x101, 0x0, 0x8, 0x0})

55.445026562s ago: executing program 3 (id=1930):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x7de, 0x101, 0x0, 0x8, 0x0})

55.444372212s ago: executing program 3 (id=1931):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES16=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r4 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r4, 0x13)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r6, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000003100)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000ac0)=""/62, 0x3e}], 0x1}}, {{0x0, 0x0, &(0x7f0000002b00)=[{&(0x7f00000007c0)=""/196, 0xc4}], 0x1}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000200)=""/221, 0xdd}], 0x1}}], 0x4, 0x400122a0, 0x0)
sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r7 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, r7)
tkill(r4, 0x12)
wait4(r4, 0x0, 0x4000000a, 0x0)
recvfrom(r3, &(0x7f00000002c0)=""/168, 0xa8, 0x40012000, 0x0, 0x0)
close_range(r1, r3, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4056, &(0x7f0000000200)={[{@noload}, {@nombcache}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@errors_remount}, {@lazytime}, {@minixdf}, {@noquota}, {@usrjquota}]}, 0x1, 0x451, &(0x7f0000000680)="$eJzs28tvG8UfAPDvbh6/X1/EVOXRBzRQEBWPpElL6YELCCQOICHBoRxD4lahboOaINGqgoJQOaJK3BFHpP4FnOCCgBOCK3BGlSrUSwsno7V3G8e1XcdK6jT+fKRtZ3bHmfl6duzZHW8AA2s8+yeJ2B4Rv0fEWD27ssB4/b+b1y/M/nP9wmwS1epbfye1cjeuX5gtihav21ZkhiPSz5LY26LexXPnT81UKuWzeX5y6fT7k4vnzj83f3rmZPlk+cz0sWNHDk+9cHT6+TWJM4vrxp6PFvbtfu2dy2/MHr/87k9XkiL+pji6MXTnIuOdDj5Zra6mug1vR0M6Ge5jQ1iVofowjZHa+B+LoVjuvLF49dO+Ng5YV9Vqtfpg+8NXagWATSoxxGFAFV/02fVvsd2lqceGcO2l+gVQFvfNfKsfGY40LzPSdH27lsYj4vjFf7/Ktmi+D7FlnSoFAAbad9n859lW8780Gu8L3ZevoZQi4v6I2BkRRyNiV0Q8EFEr+1BEPLzK+psXSW6ff6ZXewqsS9n878V8bWvl/K+Y/UVpKM/tqMU/kpyYr5QPZe/Jr/vrJeYr5akOdXz/ym9ftDvWOP/Ltqz+Yi6Yt+Pq8P9WvmZuZmmm54CbXPskYs9wq/iTWysBSUTsjog9PdYx//Q3+9odaxP/aFd/eA3WmapfRzxV7/+L0RR/Iem8Pjn5/6iUD00WZ8Xtfv7l0pvt6r9z/6+vrP+3tjz/i/j/LCWN67WLq6/j0h+ft72m7PX8H03eXrHvw5mlpbNTEaPJ67V8qXH/dFO56eXyWfwHD7Qe/ztj+Z3YGxHZSfxIRDwaEfvztj8WEY9HxIEO8f/48hPv9R7/+srin+vY/9HU/8uJ0Wje0zoxdOqHb1dUWlpN/Fn/H6mlDuZ7uvn866ZdvZ3NAAAAcO9JI2J7JOnErXSaTkzUf8O/K7amlYXFpWdOLHxwZq7+jEApRtLiTtdYw/3QqfyyvshP578tLvKH8/vGXw5tqeUnZhcqc/0OHgbctjbjP/NXFw+5APe45nW0rX1qB3D3eV4TBpfxD4PL+IfB1WL8e/QMBkSr7/+P+9AO4O5rGv8dl/1MDGBzcf0Pg8v4h8Fl/MNAWtwSd35IfnMk0ojYAM3YLIlIN0QzJNYp0e9PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLXxXwAAAP//JI/k8w==")
lseek(0xffffffffffffffff, 0x11, 0x2)
getdents64(0xffffffffffffffff, 0x0, 0x44)

55.130577297s ago: executing program 3 (id=1933):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a80)={&(0x7f0000000940)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@fwd={0xa}]}, {0x0, [0x2e, 0x30, 0x5f, 0x51, 0x0]}}, &(0x7f0000000980)=""/240, 0x2b, 0xf0}, 0x28)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0xa, 0x1, 0x8, 0x8, 0x210}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000}, 0x50)
ioperm(0x0, 0x1, 0x1)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = gettid()
r4 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, r3, 0xfffffffffffffffe, r2, 0x2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
umount2(0x0, 0x13)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$int_in(r4, 0x5452, &(0x7f00000001c0)=0x1)
io_submit(0x0, 0x1, &(0x7f0000000340)=[&(0x7f00000008c0)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r4, 0x0}])

54.778581822s ago: executing program 3 (id=1936):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000000240)=""/53}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xffffffff}}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b'], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000640)='cma_alloc_start\x00', 0xffffffffffffffff, 0x0, 0x101}, 0x18)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x82000000, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x100, 0x7, &(0x7f0000000300)="5742e3109bac2e8d6422447d9bcebb17565ae5d65285f7c7aab185dd78ea2b333941f5692339ac8f6cec88ac3b003bf6016c61ab2187809e1eeadb879176b4a895ed97e52b3d160eb4b28311c18728a7601893ae7b021128f92e1c5f2a4c9f60d63c55c2271056a9a64f45c0b5f2b7754ded3e0c2fc5745ec97b1686e730a619bc17f795c80dc1a3801922d9ef82a9026587fd714de0d683a5bfc1c0b2d5058121db52e25d1cadc6d3165b79f0a633946937807faa91ad7807bb9b567bbd61c3ded8c80273bb16a2", 0xc8)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000005c0)={0x5, &(0x7f0000000500)=[{0x0, 0x5, 0xd, 0x773}, {0x5, 0xfd, 0x4, 0x6}, {0x7, 0x5, 0x80, 0x6}, {0x3ff, 0xf0, 0x9, 0xfbb2}, {0x1, 0x3, 0x7, 0x4}]})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
pwrite64(0xffffffffffffffff, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file1\x00', 0x1000802, &(0x7f0000000b80)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41e27af3a3a924308cb010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383ee21373a9c3f450cb6d7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d572ed87cf12b9ce4e527266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f327b3669c159abfa125ee992a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b450c894a3e95d26e14259fdb65aa49761847cc1c13f18742072e80cbed0d5622618817583d0365f807882e539ff07c9205d3ee72efb8dd6853a02f49abd1b38d4571666a4d7d98c4f34f082eea5a5ac7b9e9fd030791df5d98a03ed76cdbb3241f96f22b6dd0da2bd8105c3408eeb8543ebc5de0849c1f31bd94033655fd11430fd18e55f5361750c7a2a7"], 0x4, 0x25e, &(0x7f0000000900)="$eJzs3cFLk38YAPDn1Yn+hB/zEEgS9Eb3oUZ3JRSkQZHsUKcklcKZkCDUQdepc6cu9S/UJegadIiu/QMRhAVdtJOHYKGbTueWWrlFfj6XPez7PO/3+7572Xc77NnNM/Nz0wuLs+vrq9HTk3RlRuLlwEYSfdERnVFRCgDgX7JRLsdauaLdawEAWsP+DwAnT23/T/bt/0lp5zPB1davDAA4Lr7/A8DJM3n9xuXRfH7s2lraEzH/aKmwVKg8VsZHZ+NOFGMmBiMb3yPKOyrxk4n82GC66XNfFOZXqvUrS4XOvfVDkY2+/fXjE/mxobRib31X9FbrP/TGTAxHNk41rh9uVN8VEed3zZ+LbLy/FQtRjOnYrK3VLw+l6aUr+br5u7fyAAAAAAAAAAAAAAAAAAAAAADgOOQ6tlrnlLvTtGH/nlwu3VY3Xqnf3R/ovwb9gcZ3+gPV9/fJxECmvecOAAAAAAAAAAAAAAAAAAAAf4vF+w/mporFmXs/C+6+e/7moJxDBkl13oY53RHx+1McMvj/3KenzXMeHuX6/Nng9dkWT7p52Y9a9Xb19ukLi/0Xm+VE5tjW3HHAi5JpdDpfs01ureoNWfr19bzYDka+HZj8eLJVd3hn/TP9z0amXi1//HLY47TrHQkAAAAAAAAAAAAAAAAAAE6u2o9+270SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGif2v//NwmSaDq0O0gi2Tpeg6FSu88RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+BAAA///6sZyI")

54.778221422s ago: executing program 32 (id=1936):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000000240)=""/53}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xffffffff}}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b'], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000640)='cma_alloc_start\x00', 0xffffffffffffffff, 0x0, 0x101}, 0x18)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x82000000, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x100, 0x7, &(0x7f0000000300)="5742e3109bac2e8d6422447d9bcebb17565ae5d65285f7c7aab185dd78ea2b333941f5692339ac8f6cec88ac3b003bf6016c61ab2187809e1eeadb879176b4a895ed97e52b3d160eb4b28311c18728a7601893ae7b021128f92e1c5f2a4c9f60d63c55c2271056a9a64f45c0b5f2b7754ded3e0c2fc5745ec97b1686e730a619bc17f795c80dc1a3801922d9ef82a9026587fd714de0d683a5bfc1c0b2d5058121db52e25d1cadc6d3165b79f0a633946937807faa91ad7807bb9b567bbd61c3ded8c80273bb16a2", 0xc8)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000005c0)={0x5, &(0x7f0000000500)=[{0x0, 0x5, 0xd, 0x773}, {0x5, 0xfd, 0x4, 0x6}, {0x7, 0x5, 0x80, 0x6}, {0x3ff, 0xf0, 0x9, 0xfbb2}, {0x1, 0x3, 0x7, 0x4}]})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
pwrite64(0xffffffffffffffff, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file1\x00', 0x1000802, &(0x7f0000000b80)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41e27af3a3a924308cb010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383ee21373a9c3f450cb6d7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d572ed87cf12b9ce4e527266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f327b3669c159abfa125ee992a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b450c894a3e95d26e14259fdb65aa49761847cc1c13f18742072e80cbed0d5622618817583d0365f807882e539ff07c9205d3ee72efb8dd6853a02f49abd1b38d4571666a4d7d98c4f34f082eea5a5ac7b9e9fd030791df5d98a03ed76cdbb3241f96f22b6dd0da2bd8105c3408eeb8543ebc5de0849c1f31bd94033655fd11430fd18e55f5361750c7a2a7"], 0x4, 0x25e, &(0x7f0000000900)="$eJzs3cFLk38YAPDn1Yn+hB/zEEgS9Eb3oUZ3JRSkQZHsUKcklcKZkCDUQdepc6cu9S/UJegadIiu/QMRhAVdtJOHYKGbTueWWrlFfj6XPez7PO/3+7572Xc77NnNM/Nz0wuLs+vrq9HTk3RlRuLlwEYSfdERnVFRCgDgX7JRLsdauaLdawEAWsP+DwAnT23/T/bt/0lp5zPB1davDAA4Lr7/A8DJM3n9xuXRfH7s2lraEzH/aKmwVKg8VsZHZ+NOFGMmBiMb3yPKOyrxk4n82GC66XNfFOZXqvUrS4XOvfVDkY2+/fXjE/mxobRib31X9FbrP/TGTAxHNk41rh9uVN8VEed3zZ+LbLy/FQtRjOnYrK3VLw+l6aUr+br5u7fyAAAAAAAAAAAAAAAAAAAAAADgOOQ6tlrnlLvTtGH/nlwu3VY3Xqnf3R/ovwb9gcZ3+gPV9/fJxECmvecOAAAAAAAAAAAAAAAAAAAAf4vF+w/mporFmXs/C+6+e/7moJxDBkl13oY53RHx+1McMvj/3KenzXMeHuX6/Nng9dkWT7p52Y9a9Xb19ukLi/0Xm+VE5tjW3HHAi5JpdDpfs01ureoNWfr19bzYDka+HZj8eLJVd3hn/TP9z0amXi1//HLY47TrHQkAAAAAAAAAAAAAAAAAAE6u2o9+270SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGif2v//NwmSaDq0O0gi2Tpeg6FSu88RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+BAAA///6sZyI")

47.558887826s ago: executing program 5 (id=2024):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_open_procfs(0x0, &(0x7f0000001300)='net/kcm\x00')

47.504140476s ago: executing program 5 (id=2026):
close(0xffffffffffffffff)
add_key(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000bc0), 0x101000, 0x0)
r3 = msgget$private(0x0, 0x790)
r4 = fsopen(&(0x7f0000000100)='proc\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r4, 0x0, 0x1)
fchdir(r7)
sendmsg$key(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="020b09082400000028bd7000fbdbdf250800120003000300ba6b6e000900000006002b0073fa0000ea07340700000000fe8000000000000000000000000000aae000000100000000000000000000000005001a00e000000100000000000000000000000000000000000000000000000000000001280010100800120003000300ba6b6e00100e000006006c00000800000100000000000000e000000100000000000000000000000000000000000000000000ffffe0000001010016004e24000004000300000200000101000000000009000800000000000027080000000000000800120000000000b16b6e0006000000060033000904000007000000000000007f000b9bbe46000000000000000000000a01010100"/288], 0x120}}, 0x8085)
msgsnd(0x0, &(0x7f0000000080)=ANY=[@ANYRESDEC=r7], 0x401, 0x0)
msgsnd(r3, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0)
msgsnd(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="0000ff"], 0x8, 0x0)
r8 = socket(0x2c, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'veth1_to_batadv\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x933}]}}]}, 0x40}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x7f, 0x3ff, 0xe, 0x10, 0xffffffffffffffff, 0x7, '\x00', r9, r7, 0x4, 0x3, 0x2, 0xb}, 0x50)
getgroups(0x2, &(0x7f0000000240)=[0xffffffffffffffff, <r10=>0xee01])
setresgid(0x0, 0xffffffffffffffff, r10)
msgrcv(r3, 0x0, 0x0, 0x0, 0x1000)
msgctl$IPC_RMID(r3, 0x0)
close(r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

47.352690718s ago: executing program 5 (id=2030):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

47.333834339s ago: executing program 5 (id=2031):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r0 = syz_clone(0x88288200, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
r2 = epoll_create1(0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r4, 0x0, 0x200000000000006}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r2, &(0x7f0000000080)={0x200d})
epoll_pwait(r5, 0x0, 0x0, 0xfffffff3, 0x0, 0x0)
r6 = dup3(r1, r5, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r6, &(0x7f0000000300)={0x200f})

47.24272083s ago: executing program 5 (id=2034):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1fff}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

47.154617032s ago: executing program 5 (id=2035):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file2\x00', 0x404, &(0x7f0000000100)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRES32], 0x1, 0x122e, &(0x7f0000002580)="$eJzs3MFrHFUcB/BftqlZU5tErdX2oA+9eBqaHDwJEiQFyYJSG6EVhCmZ6JJxN2SWwIoYe/Lq0b9BPHpTxH8gV/8Cb7mIpxzEEXZSk60NmlqyRT+fy/zIb76Z99hl4S3v7f7rX368uVFlG/kgWlNT0dqKSAcpUrTinhdXm+ut26vLnc7KjZSuL99cfC2lNPfSD+9/+s3LPw4uvPft3Hczsbfwwf4vSz/vXd67sv/7zY+6VepWqdcfpDzd6fcH+Z2ySOvdajNL6Z2yyKsidXtVsT3W3yj7W1vDlPfWL85ubRdVlfLeMG0WwzTop8H2MOUf5t1eyrIsXZwNTnT+729Z+/qgrr+PqOvz8UTUdV0/GbMxFU/FxZiLzyPi6Xgmno1L8Vxcjufjhbgyuusshg8AAAAAAAAAAAAAAAAAAAD/Hwej0/zj5/8vHJ7/n48F5/8BAAAAAAAAAAAAAAAAAADgDLx76/bqcqezciOldkT5xc7azlpzbfrLG9GNMoq4FvPxW4xO/zea+vpbnZVraeRcROwe5nd31s6N5xdHPydwmJ8e9e7lF5t8irvlsfxMzDb5dkQUsRTzcenY89tH+aUH5tvx6ivHnp/FfL0b0Y8y1kfPPsp/tpjSm2937stfHd0HAAAA/wVZ+tPC+Pq3Wb9n2Un9Jn+K7wfuW19Px9Xpyc6diGr4yWZelsX2eNH+y18mVsw8HsM4TdH6N/GZOLHVGmt99VPEpGf6WBTtw/fyo/iHU5OfzkMUdx/J3MeLCX8wcSaOXvRJjwQAAAAAAAAAAIDT+Cf7AX+Nh95FOB0P2Fn2xmSmCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MEOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoQIAAP//uXHE5A==")
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x4a66}, 0x18)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x2000000000000075, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
readv(r3, 0x0, 0x0)
write$binfmt_script(r4, &(0x7f0000020240), 0x10010)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r5 = socket(0x25, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000140)=@req={0xffff, 0x477b, 0x8acf, 0x9}, 0x10)
recvmmsg$unix(r5, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)=""/27, 0x1b}], 0x1}}], 0x1, 0x0, 0x0)
setitimer(0x0, &(0x7f0000000580)={{0x0, 0xea60}, {0x0, 0x2710}}, 0x0)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(r6)
r7 = inotify_init1(0x800)
fcntl$setstatus(r6, 0x4, 0x2c00)
r8 = gettid()
fcntl$setown(r6, 0x8, r8)
fcntl$setsig(r7, 0xa, 0xe)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
inotify_add_watch(r7, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

47.154100472s ago: executing program 33 (id=2035):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file2\x00', 0x404, &(0x7f0000000100)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRES32], 0x1, 0x122e, &(0x7f0000002580)="$eJzs3MFrHFUcB/BftqlZU5tErdX2oA+9eBqaHDwJEiQFyYJSG6EVhCmZ6JJxN2SWwIoYe/Lq0b9BPHpTxH8gV/8Cb7mIpxzEEXZSk60NmlqyRT+fy/zIb76Z99hl4S3v7f7rX368uVFlG/kgWlNT0dqKSAcpUrTinhdXm+ut26vLnc7KjZSuL99cfC2lNPfSD+9/+s3LPw4uvPft3Hczsbfwwf4vSz/vXd67sv/7zY+6VepWqdcfpDzd6fcH+Z2ySOvdajNL6Z2yyKsidXtVsT3W3yj7W1vDlPfWL85ubRdVlfLeMG0WwzTop8H2MOUf5t1eyrIsXZwNTnT+729Z+/qgrr+PqOvz8UTUdV0/GbMxFU/FxZiLzyPi6Xgmno1L8Vxcjufjhbgyuusshg8AAAAAAAAAAAAAAAAAAAD/Hwej0/zj5/8vHJ7/n48F5/8BAAAAAAAAAAAAAAAAAADgDLx76/bqcqezciOldkT5xc7azlpzbfrLG9GNMoq4FvPxW4xO/zea+vpbnZVraeRcROwe5nd31s6N5xdHPydwmJ8e9e7lF5t8irvlsfxMzDb5dkQUsRTzcenY89tH+aUH5tvx6ivHnp/FfL0b0Y8y1kfPPsp/tpjSm2937stfHd0HAAAA/wVZ+tPC+Pq3Wb9n2Un9Jn+K7wfuW19Px9Xpyc6diGr4yWZelsX2eNH+y18mVsw8HsM4TdH6N/GZOLHVGmt99VPEpGf6WBTtw/fyo/iHU5OfzkMUdx/J3MeLCX8wcSaOXvRJjwQAAAAAAAAAAIDT+Cf7AX+Nh95FOB0P2Fn2xmSmCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MEOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoQIAAP//uXHE5A==")
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x4a66}, 0x18)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x2000000000000075, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
readv(r3, 0x0, 0x0)
write$binfmt_script(r4, &(0x7f0000020240), 0x10010)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r5 = socket(0x25, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000140)=@req={0xffff, 0x477b, 0x8acf, 0x9}, 0x10)
recvmmsg$unix(r5, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)=""/27, 0x1b}], 0x1}}], 0x1, 0x0, 0x0)
setitimer(0x0, &(0x7f0000000580)={{0x0, 0xea60}, {0x0, 0x2710}}, 0x0)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(r6)
r7 = inotify_init1(0x800)
fcntl$setstatus(r6, 0x4, 0x2c00)
r8 = gettid()
fcntl$setown(r6, 0x8, r8)
fcntl$setsig(r7, 0xa, 0xe)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
inotify_add_watch(r7, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

43.298248142s ago: executing program 0 (id=2089):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000208500000072000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='sched_switch\x00', r0, 0x0, 0x100000000000}, 0x18)
r1 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)=ANY=[@ANYBLOB="14000000f603010000000000000000000500000a1400000011000100009ecff86c0000000000200a"], 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x40000)
timerfd_create(0x8, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x189080, 0x0)
pipe(&(0x7f0000000d00))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
r3 = syz_open_dev$vcsa(&(0x7f0000000000), 0xf69, 0x4040)
ioctl$TUNSETOFFLOAD(r3, 0x541b, 0xf0ff1f00000002)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000040)={0x0, 0xfffffffe, 0xfffffffe, 0x0, 0x1b8})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{}, &(0x7f0000000380), &(0x7f0000000200)}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r3}, 0x18)
close(r4)
ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000100)=0x5)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r7], 0x20}}, 0x0)

43.134624935s ago: executing program 0 (id=2090):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x7de, 0x101, 0x0, 0x8, 0x0})

43.085591165s ago: executing program 0 (id=2091):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000b606000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x1000}, 0x20)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f00000001c0)={@mcast2, @local, @private0, 0x2, 0x1, 0x2, 0x900, 0x0, 0x802a0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000740)={r0, 0x58, &(0x7f00000006c0)}, 0x10)
getsockname$packet(r1, &(0x7f0000000780)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000007c0)=0x14)
r4 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000840)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100)={'team0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)

43.008811546s ago: executing program 0 (id=2092):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000080)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES16=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r4 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r4, 0x13)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r6, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000003100)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000ac0)=""/62, 0x3e}], 0x1}}, {{0x0, 0x0, &(0x7f0000002b00)=[{&(0x7f00000007c0)=""/196, 0xc4}], 0x1}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000200)=""/221, 0xdd}], 0x1}}], 0x4, 0x400122a0, 0x0)
sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r7 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, r7)
tkill(r4, 0x12)
wait4(r4, 0x0, 0x4000000a, 0x0)
recvfrom(r3, &(0x7f00000002c0)=""/168, 0xa8, 0x40012000, 0x0, 0x0)
close_range(r1, r3, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4056, &(0x7f0000000200)={[{@noload}, {@nombcache}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@errors_remount}, {@lazytime}, {@minixdf}, {@noquota}, {@usrjquota}]}, 0x1, 0x451, &(0x7f0000000680)="$eJzs28tvG8UfAPDvbh6/X1/EVOXRBzRQEBWPpElL6YELCCQOICHBoRxD4lahboOaINGqgoJQOaJK3BFHpP4FnOCCgBOCK3BGlSrUSwsno7V3G8e1XcdK6jT+fKRtZ3bHmfl6duzZHW8AA2s8+yeJ2B4Rv0fEWD27ssB4/b+b1y/M/nP9wmwS1epbfye1cjeuX5gtihav21ZkhiPSz5LY26LexXPnT81UKuWzeX5y6fT7k4vnzj83f3rmZPlk+cz0sWNHDk+9cHT6+TWJM4vrxp6PFvbtfu2dy2/MHr/87k9XkiL+pji6MXTnIuOdDj5Zra6mug1vR0M6Ge5jQ1iVofowjZHa+B+LoVjuvLF49dO+Ng5YV9Vqtfpg+8NXagWATSoxxGFAFV/02fVvsd2lqceGcO2l+gVQFvfNfKsfGY40LzPSdH27lsYj4vjFf7/Ktmi+D7FlnSoFAAbad9n859lW8780Gu8L3ZevoZQi4v6I2BkRRyNiV0Q8EFEr+1BEPLzK+psXSW6ff6ZXewqsS9n878V8bWvl/K+Y/UVpKM/tqMU/kpyYr5QPZe/Jr/vrJeYr5akOdXz/ym9ftDvWOP/Ltqz+Yi6Yt+Pq8P9WvmZuZmmm54CbXPskYs9wq/iTWysBSUTsjog9PdYx//Q3+9odaxP/aFd/eA3WmapfRzxV7/+L0RR/Iem8Pjn5/6iUD00WZ8Xtfv7l0pvt6r9z/6+vrP+3tjz/i/j/LCWN67WLq6/j0h+ft72m7PX8H03eXrHvw5mlpbNTEaPJ67V8qXH/dFO56eXyWfwHD7Qe/ztj+Z3YGxHZSfxIRDwaEfvztj8WEY9HxIEO8f/48hPv9R7/+srin+vY/9HU/8uJ0Wje0zoxdOqHb1dUWlpN/Fn/H6mlDuZ7uvn866ZdvZ3NAAAAcO9JI2J7JOnErXSaTkzUf8O/K7amlYXFpWdOLHxwZq7+jEApRtLiTtdYw/3QqfyyvshP578tLvKH8/vGXw5tqeUnZhcqc/0OHgbctjbjP/NXFw+5APe45nW0rX1qB3D3eV4TBpfxD4PL+IfB1WL8e/QMBkSr7/+P+9AO4O5rGv8dl/1MDGBzcf0Pg8v4h8Fl/MNAWtwSd35IfnMk0ojYAM3YLIlIN0QzJNYp0e9PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLXxXwAAAP//JI/k8w==")
lseek(0xffffffffffffffff, 0x11, 0x2)
getdents64(0xffffffffffffffff, 0x0, 0x44)

42.77600707s ago: executing program 0 (id=2094):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1fff}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")

42.694005172s ago: executing program 0 (id=2098):
close(0xffffffffffffffff)
add_key(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000bc0), 0x101000, 0x0)
r3 = msgget$private(0x0, 0x790)
r4 = fsopen(&(0x7f0000000100)='proc\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r4, 0x0, 0x1)
r8 = msgget$private(0x0, 0x44a)
sendmsg$key(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="020b09082400000028bd7000fbdbdf250800120003000300ba6b6e000900000006002b0073fa0000ea07340700000000fe8000000000000000000000000000aae000000100000000000000000000000005001a00e000000100000000000000000000000000000000000000000000000000000001280010100800120003000300ba6b6e00100e000006006c00000800000100000000000000e000000100000000000000000000000000000000000000000000ffffe0000001010016004e24000004000300000200000101000000000009000800000000000027080000000000000800120000000000b16b6e0006000000060033000904000007000000000000007f000b9bbe46000000000000000000000a01010100"/288], 0x120}}, 0x8085)
msgsnd(r8, &(0x7f0000000080)=ANY=[@ANYRESDEC=r7], 0x401, 0x0)
msgsnd(r3, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0)
msgsnd(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="0000ff"], 0x8, 0x0)
r9 = socket(0x2c, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'veth1_to_batadv\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x933}]}}]}, 0x40}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x7f, 0x3ff, 0xe, 0x10, 0xffffffffffffffff, 0x7, '\x00', r10, r7, 0x4, 0x3, 0x2, 0xb}, 0x50)
getgroups(0x2, &(0x7f0000000240)=[0xffffffffffffffff, <r11=>0xee01])
setresgid(0x0, 0xffffffffffffffff, r11)
msgrcv(r3, 0x0, 0x0, 0x0, 0x1000)
msgctl$IPC_RMID(r3, 0x0)
close(r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

42.672793152s ago: executing program 34 (id=2098):
close(0xffffffffffffffff)
add_key(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000bc0), 0x101000, 0x0)
r3 = msgget$private(0x0, 0x790)
r4 = fsopen(&(0x7f0000000100)='proc\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc3, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa19a, 0x1000}, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t')
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r4, 0x0, 0x1)
r8 = msgget$private(0x0, 0x44a)
sendmsg$key(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="020b09082400000028bd7000fbdbdf250800120003000300ba6b6e000900000006002b0073fa0000ea07340700000000fe8000000000000000000000000000aae000000100000000000000000000000005001a00e000000100000000000000000000000000000000000000000000000000000001280010100800120003000300ba6b6e00100e000006006c00000800000100000000000000e000000100000000000000000000000000000000000000000000ffffe0000001010016004e24000004000300000200000101000000000009000800000000000027080000000000000800120000000000b16b6e0006000000060033000904000007000000000000007f000b9bbe46000000000000000000000a01010100"/288], 0x120}}, 0x8085)
msgsnd(r8, &(0x7f0000000080)=ANY=[@ANYRESDEC=r7], 0x401, 0x0)
msgsnd(r3, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0)
msgsnd(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="0000ff"], 0x8, 0x0)
r9 = socket(0x2c, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'veth1_to_batadv\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x933}]}}]}, 0x40}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x7f, 0x3ff, 0xe, 0x10, 0xffffffffffffffff, 0x7, '\x00', r10, r7, 0x4, 0x3, 0x2, 0xb}, 0x50)
getgroups(0x2, &(0x7f0000000240)=[0xffffffffffffffff, <r11=>0xee01])
setresgid(0x0, 0xffffffffffffffff, r11)
msgrcv(r3, 0x0, 0x0, 0x0, 0x1000)
msgctl$IPC_RMID(r3, 0x0)
close(r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.834392441s ago: executing program 2 (id=2688):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='lp\x00', 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020020008500000082"], 0x0, 0xffffffff, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRESHEX=r2, @ANYRES32=r2, @ANYRES64], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffdfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='mm_lru_insertion\x00'}, 0x18)
socket(0xa, 0x3, 0x3a)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f00000002c0)={'team_slave_1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r1, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e900272f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="051a00000e80006558", 0x2c}], 0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x3}, 0x94)

1.715046183s ago: executing program 2 (id=2691):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x1}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x200000, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r1, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000), 0x4)
r2 = dup3(r0, r1, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)

1.691555834s ago: executing program 7 (id=2693):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), 0x0}, 0x20)

1.678386684s ago: executing program 2 (id=2695):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.574951855s ago: executing program 7 (id=2698):
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
setxattr$trusted_overlay_upper(0x0, &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

1.574452655s ago: executing program 7 (id=2699):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xb, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
rmdir(0x0)
open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
unshare(0x2040400)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x8042)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e(||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P,\xda|\xb2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\xff\xff\xff\x7f [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r5, &(0x7f00000000c0)=[{&(0x7f0000000680)='P', 0x1}], 0x1, 0x800004, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
sendfile(r4, r4, 0x0, 0x24002deb)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
pivot_root(&(0x7f00000001c0)='./file0\x00', 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0x13, 0x0, 0x0, 0x2, 0x0, 0x100}, 0x10}}, 0x0)

1.091298603s ago: executing program 2 (id=2704):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x2, 0x3bd})
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r3, 0x4)
recvmmsg(r3, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
close_range(r2, r3, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x1c71c1, 0x170)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb77qOa+dVP0j9+Ugbz+yuO/P1ztizM7UDGFij6Z8kYmdE/B4RwxFRaD5htPZw68al6b9vXJpOolp946+klB6+eePSdH5qkj3uyDOliMInSRxoUe784sWzU5XK7IUsP75w7t3x+cWLz5w5N3V69vTs+ckTJ44dnXju+OSzHYkzjevm/g/mDu575a2rr02fvPr2T98kefxNcXTI6EoHH69WO1xcf+1qSNdaBptBsdZNo7zU/4ejGLcv3nC8/HFfKwd0VbVard7X/vDlKnAPS6LfNQD6I/+gT+9/861HQ4//hOsv1G6A0rhvZVvtSKk+D1Juur/tpNGIOHn5ny/TLbozDwEAsMx36fjn6Vbjv0I0zgvtztZQRiLifxGxJyKOR8TeiPh/xNK590fEA+ssv3mR5M7xT+HahgJbo3T893y2trV8/FdfBRspZrldS/GXk1NnKrNHstfkUJS3pPmJFcr4/qVfP2t3rHH8l25p+flYMKvHtdKW5c+ZmVqYupuYG13/KGJ/qVX8SX0lIImIfRGxf4NlnDn89cF2x1aPfwUdWGeqfhXxRO36X46m+HPJyuuT41ujMntkPG8Vd/r5lyuvtyv/ruLvgPT6b2/Z/uvxjySN67Xz6/nXv3gy/Xvlj0/b3tNstP0PJW8u2/f+1MLChYmIoeTVWqUb9082nTd5+/w0/kOPtu7/e+L2K3EgItJG/GBEPBQRD2d1f+S33au+Cj+++Ng7G4+/u9L4Z9Z+/avDEXlDWByKLFHf0zpRPPvDt8sKHWkd/+621//YUupQtmct739rqdd6WzMAAABsVoWI2BlJYayeLhTGxmr/h39vbC9U5uYXnjo19975mdp3BEaiXMhnuoYb5kMnstv6PD/ZlD+azRt/Xty2lB+bnqvM9Dt4GHA72vT/1J/FftcO6Drf14LBpf/D4NL/YXDd2f+39qUeQO+1+Pzf1o96AL3Xavz/4VqeuLPzdQF6q6n/W/aDAWL+DwbXRvq/9wy4N5RW+snmoZ5WBeid+W2x+pfkJTZTIv/lmm4UUU5by+GIWLwYhb5HKtHFRL/fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj3wAAAP//fnHhbQ==")

1.068756353s ago: executing program 4 (id=2705):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000041, 0x0)

1.042950133s ago: executing program 7 (id=2706):
ioctl$USBDEVFS_DROP_PRIVILEGES(0xffffffffffffffff, 0x4004551e, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000600)={[{@fat=@check_strict}, {@fat=@check_normal}, {@nodots}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@fat=@quiet}, {@fat=@nfs_nostale_ro}, {@nodots}, {@nodots}, {}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x7fff}}, {@nodots}, {@dots}, {@fat=@tz_utc}, {@fat=@nfs}, {@dots}, {@dots}, {@dots}, {@fat=@flush}]}, 0xfd, 0x1bf, &(0x7f0000000840)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") (async)
mount$nfs(&(0x7f0000000000)='.\xec\xbf\\.', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0, <r1=>0xffffffffffffffff}, 0x4) (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='ext4\x00') (async)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r3, &(0x7f0000004200), 0x0) (async, rerun: 64)
sendfile(r3, r2, 0x0, 0x3ffff) (async, rerun: 64)
sendfile(r3, r2, 0x0, 0x7ffff000) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
r5 = timerfd_create(0x0, 0x0) (rerun: 64)
timerfd_settime(r5, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) (async)
read(r5, &(0x7f0000000240)=""/123, 0x7b) (async)
clock_adjtime(0x0, &(0x7f0000000040)={0xd51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xe438, 0x0, 0x3}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)

942.718815ms ago: executing program 1 (id=2708):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020020008500000082"], 0x0, 0xffffffff, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRESHEX=r2, @ANYRES32=r2, @ANYRES64], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffdfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='mm_lru_insertion\x00'}, 0x18)
socket(0xa, 0x3, 0x3a)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f00000002c0)={'team_slave_1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r1, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e900272f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="051a00000e80006558", 0x2c}], 0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x3}, 0x94)

942.379615ms ago: executing program 7 (id=2709):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) (fail_nth: 1)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000041, 0x0)

710.720259ms ago: executing program 4 (id=2710):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)="2f03", 0x2}], 0x1, 0x0, 0x0, 0x800}, 0x20004011)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r0}, 0x3d)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xc, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x8d}]}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8}, 0x94)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

708.459469ms ago: executing program 7 (id=2711):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r2=>0x0})
syz_usb_connect$cdc_ncm(0x0, 0x7a, 0x0, 0x0)
bind$can_j1939(r1, &(0x7f0000000740)={0x1d, r2, 0x2, {0x1, 0x1, 0x1}, 0xfe}, 0x18)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[], 0x14}}, 0x40000)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r4}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)

687.886459ms ago: executing program 1 (id=2713):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000b606000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x1000}, 0x20)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000740)={r0, 0x58, &(0x7f00000006c0)}, 0x10)
getsockname$packet(r1, &(0x7f0000000780)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000007c0)=0x14)
r4 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100)={'team0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)

663.240549ms ago: executing program 2 (id=2714):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x1ff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$SNDRV_TIMER_IOCTL_STATUS64(0xffffffffffffffff, 0x80605414, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000000)={0x2a, 0x0, 0x2}, 0xc)
bind$qrtr(0xffffffffffffffff, &(0x7f00000000c0)={0x2a, 0x1}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x11)
io_uring_setup(0x24cc, &(0x7f0000000140))
ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x4004550c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8205, &(0x7f0000000080)={[{@journal_dev={'journal_dev', 0x3d, 0x1}}]}, 0x81, 0x633, &(0x7f0000000600)="$eJzs3c9rHNcdAPDvzGplyVYruxRTm5YKerChWD9cU7c92b7UB0MN9aGUHiwsyRVe2cKSoXYNlqGHBhIIIdcQfMk/kHswueYWAkluOQecEBxySII3zOyMvKx25bWs3ZW9nw/s6s2bmX3vu6O3897Mzk4AQ2sqe0ojjkTE5SRismneRDRmThXLPf7m7pXskUS9/vevk0iKvHL5J8XfA9lTEjEWER+fi/hFZWu5a7fvXJuv1RvuRcysr6zOrN2+c2J5Zf7q4tXF63Mn/3Tq9Oyf507N7UqcZVznL/zt12/8799/XPqkdiKJM3Gp+t+F1jh2y1RMxZMixOb8kYg4nSXavC8vmzKEZMD1YGcqxf9jNSIOx2RUYt/mvMlYfn2glQN6ql6JqANDKtls/9XBVgTos7IfUI7tezEO3ssenW0MgLbGP9I4NhJj+dho/+MkHyeVsvHuwV0oPyvjx7tH38ke0eE4xMgulNPJxv2I+FW7+JO8bgfzozhZ/GmkTetl6dmIGC3ei3SH5U+1TPf7/+954m/eDlm8Z4q/Wf65HZY/6PgBGE4PzxY78o1s6un+L+sZlv2faOn/JMW5odZ9104Mev/Xuf9X7u/H8mPkaUs/LHsPLrZ/yWprxhevnX+rU/nN/b/skZVf9gX74dH9iKMt8f8/78wlm9s/adP/zRa53GUZf/30q/Od5g06/vqDiGNtxz9Pz2hlqZn1ldUyr+X85MzScm1xtvHctowPPvrXe53KH3T82faPDvFvt/2zvNUuy3j/4oOVTvMmnhl/+uVocilPjRY5/5lfX785FzGaXCgWaco/ubli24+ncpnyNbL4j/+uffvfJv58Q290Gf/qP649bqS2niXtevtv+VTJPal3WYdOsvgXdrj93+yyjO/+ees3LVnjZWK7+Me3vlTS7XsOAAAAAAAAwyjNz8Em6fRmOk2npxvX8P4y9qe1G2vrv1+6cev6QsTx/PuQ1bQ80z3ZmE6y6bni+7Dl9MmW6T9ExKGIeLsynk9PX7lRWxh08AAAAAAAAAAAAAAAAAAAALBHHCiu/y/vU/1tpXH9f1fWD/e4dkDP9fIGc8Depv3D8Mrbfxd3cN3Xh7oA/WX/D8NL+4fhpf3D8NL+YXg12n8XBwCBV479Pwwv7R+Gl/YPAAAAAK+kQ799+HkSERt/Gc8fmdFiXnWgNQN6rbmNj3W1xlTP6gL0V6WvqwF7yeapf9/+haHT1Rj/++LHAXtfHWAAknaZeeegvn3jf9h2TQAAAAAAAAAAAACgB44dcf0/DKs0Pnyexev1+r3eVQboqxe4kN9vAMBLzk//w/AyxgeedRV/x98GdP0/AAAAAAAAAAAAAPTNRP5I0uniFqATkabT0xE/i4iDUU2WlmuLsxHx84j4rFLdl03PDbrSAAAAAAAAAAAAAAAAAAAA8IpZu33n2nyttnizOfHDlpweJ8q7i3WzcIc6v0iivAtqP0PuNhFJ/wsdj4i9EHtvEiNNOUnERrbl90TFbq7FnqhGmldjgB9KAAAAAAAAAAAAAAAAAAAwpJquPW7v6Lt9rhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9N/T+//vPJE843UGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HL6KQAA//9SFzeV")

525.805992ms ago: executing program 6 (id=2715):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYRESOCT=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00'}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000003e000701fcfffffffedbdf25017c000006000480"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

525.139372ms ago: executing program 4 (id=2716):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xf7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000a00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40)

328.784865ms ago: executing program 4 (id=2717):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000000), &(0x7f0000000200)=r1}, 0x20)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

310.177845ms ago: executing program 6 (id=2718):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x486, &(0x7f0000001040)="$eJzs3M9rHFUcAPDv7Db93SbWWm1tNVrF4o+kSav24EFFwYOCoId6jElaa7eNNBFsCRpF6lEK3sWj4F/gzYuoBxG8KniUQtEgNPW0Mr+a7WaTJmmSNdnPBzb73s6bfe87M2/3zbzMBtCxetM/ScTOiPgtIrrz7K0FevOnmenJ4RvTk8NJ1Otv/JVk5a5PTw6XRcv1dhSZI5WIyqdJPJ/MrXf84qWzQ7Xa6IUi3z9x7r3+8YuXnjpzbuj06OnR84MnThw/NvDsM4NPr0icaVzXD3w4dnD/K29deW345JW3f/wmbda+Q/nyxjhu60aLgFroTbfa3/VM87JHl9D29WBXQzrZ1MaGsCTViEh3V1fW/7ujGrM7rzte/qStjQNWVfrdtGX+xVN1YANLot0tANqj/KJPz3/LxxoNPf4Xrr0QsblIz0xPDs/cjL9arxSvd61i/b0RcXLq3y/TRyz1OgQAwDJkY5snW43/KrEve87nOnYXcyg9EXFXROyJiLsjYm9E3BORlb03Iu7LV653L7L+3qb83PFP5WrLNq+QdPz3XMPYb6Yh/uKpp1rkdmXxdyWnztRGjxbb5Eh0bUnzAwvU8d1Lv34+37LG8V/6SOsvx4JFA65uarpANzI0MbRSG+HaxxEHNrWKP7k5E5AeAfsj4sDS3np3mTjz+NcH5yt0+/gXsALzTPWvIh7L9/9UNMVfShaen+zfGrXRo/3lUTHXT79cfn2++u8o/hWQ7v/ttx7/TSW6/0ny+dquqNVGL4wvvY7Lv3827znNco//zcmb2Zz1z+/kr30wNDFxYSBic/Jqli/P6bLXB2fXLfNl+TT+I4db9/89xTpp/PdHRHoQH4qIByLiwaLtD0XEwxFxeIH4f3jxkXcXiD+JJNq6/0dafv7dPP57ksb5+mUkqme//3a+GfPF7f/jMZV91uayz7/bWGwD73DzAQAAwLpQiYidkVT68nTvzqhU+vry/+HfG9srtbHxiSdOjb1/fiS/R6Anuirlla7uhuuhA8lU8Y55frC4VlwuP1ZcN/6iui3L9w2P1UbaHDt0uh239v8o+3/qz2q7WwesOvdrQedq7v+VNrUDWHuL+f53LgAbU4v+v60d7QDWnvN/6Fyt+v9HTXnjf9iY5vb/P1r8ZB2wERn/Q+fS/6Fz6f/Qke7kvv7lJ8qbBZb/PlsXfYd/pyTKX7xYzbq2xewrUWl7yB2USHvM2lY6+xsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA69l/AQAA//9EvefZ")
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x0)

293.359106ms ago: executing program 1 (id=2719):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x1}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x200000, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000000), 0x4)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88)

275.310426ms ago: executing program 1 (id=2720):
accept4$nfc_llcp(0xffffffffffffffff, 0x0, 0x0, 0x80400)
r0 = syz_io_uring_setup(0x1370, &(0x7f00000000c0)={0x0, 0x49fa, 0x10, 0x0, 0x50}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")

274.847566ms ago: executing program 4 (id=2721):
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
setxattr$trusted_overlay_upper(0x0, &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

182.834327ms ago: executing program 4 (id=2722):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xb, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
rmdir(0x0)
open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
unshare(0x2040400)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x8042)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e(||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P,\xda|\xb2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\xff\xff\xff\x7f [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r5, &(0x7f00000000c0)=[{&(0x7f0000000680)='P', 0x1}], 0x1, 0x800004, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
sendfile(r4, r4, 0x0, 0x24002deb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0x13, 0x0, 0x0, 0x2, 0x0, 0x100}, 0x10}}, 0x0)

182.563317ms ago: executing program 6 (id=2723):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x2}, 0x18)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000004c0)={r0, &(0x7f0000000340), 0x0}, 0x20)

174.105207ms ago: executing program 1 (id=2724):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='lp\x00', 0x3)
bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020020008500000082"], 0x0, 0xffffffff, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRESHEX=r1, @ANYRES32=r1, @ANYRES64], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffdfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='mm_lru_insertion\x00'}, 0x18)
socket(0xa, 0x3, 0x3a)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f00000002c0)={'team_slave_1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e900272f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="051a00000e80006558", 0x2c}], 0x2)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x3}, 0x94)

159.364388ms ago: executing program 6 (id=2725):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='sched_switch\x00', r0, 0x0, 0x100000000000}, 0x18)
r1 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)=ANY=[@ANYBLOB="14000000f603010000000000000000000500000a1400000011000100009ecff86c000000000020"], 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x40000)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x189080, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
r3 = syz_open_dev$vcsa(&(0x7f0000000000), 0xf69, 0x4040)
ioctl$TUNSETOFFLOAD(r3, 0x541b, 0xf0ff1f00000002)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000040)={0x0, 0xfffffffe, 0xfffffffe, 0x0, 0x1b8})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{}, &(0x7f0000000380), &(0x7f0000000200)}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x2000c044)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}}, 0x0)

86.599049ms ago: executing program 1 (id=2726):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, &(0x7f0000000740)=""/105, 0x0, 0x69, 0x1}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030003220000002cbd7000fcdbdf2502000900080000000a0000000000000005000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000400070c0000000005000500000000000a000000000000000000000000000000000000000000000107000000000000001200080008"], 0x110}, 0x1, 0x7}, 0x0)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt(0xffffffffffffffff, 0x100, 0x7, &(0x7f0000000300)="5742e3109bac2e8d6422447d9bcebb17565ae5d65285f7c7aab185dd78ea2b333941f5692339ac8f6cec88ac3b003bf6016c61ab2187809e1eeadb879176b4a895ed97e52b3d160eb4b28311c18728a7601893ae7b021128f92e1c5f2a4c9f60d63c55c2271056a9a64f45c0b5f2b7754ded3e0c2fc5745ec97b1686e730a619bc17f795c80dc1a3801922d9ef82a9026587fd714de0d683a5bfc1c0b2d5058121db52e25d1cadc6d3165b79f0a633946937807faa91ad7807bb9b567bbd61c3ded8c80273bb16a2", 0xc8)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000005c0)={0x5, &(0x7f0000000500)=[{0x0, 0x5, 0xd, 0x773}, {0x5, 0xfd, 0x4, 0x6}, {0x7, 0x5, 0x80, 0x6}, {0x3ff, 0xf0, 0x9, 0xfbb2}, {0x1, 0x3, 0x7, 0x4}]})
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x401c5820, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
unlink(&(0x7f0000000180)='./file1\x00')
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file1\x00', 0x1000802, &(0x7f0000000b80)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41e27af3a3a924308cb010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383ee21373a9c3f450cb6d7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d572ed87cf12b9ce4e527266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f327b3669c159abfa125ee992a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b450c894a3e95d26e14259fdb65aa49761847cc1c13f18742072e80cbed0d5622618817583d0365f807882e539ff07c9205d3ee72efb8dd6853a02f49abd1b38d4571666a4d7d98c4f34f082eea5a5ac7b9e9fd030791df5d98a03ed76cdbb3241f96f22b6dd0da2bd8105c3408eeb8543ebc5de0849c1f31bd94033655fd11430fd18e55f5361750c7a2a7"], 0x4, 0x25e, &(0x7f0000000900)="$eJzs3cFLk38YAPDn1Yn+hB/zEEgS9Eb3oUZ3JRSkQZHsUKcklcKZkCDUQdepc6cu9S/UJegadIiu/QMRhAVdtJOHYKGbTueWWrlFfj6XPez7PO/3+7572Xc77NnNM/Nz0wuLs+vrq9HTk3RlRuLlwEYSfdERnVFRCgDgX7JRLsdauaLdawEAWsP+DwAnT23/T/bt/0lp5zPB1davDAA4Lr7/A8DJM3n9xuXRfH7s2lraEzH/aKmwVKg8VsZHZ+NOFGMmBiMb3yPKOyrxk4n82GC66XNfFOZXqvUrS4XOvfVDkY2+/fXjE/mxobRib31X9FbrP/TGTAxHNk41rh9uVN8VEed3zZ+LbLy/FQtRjOnYrK3VLw+l6aUr+br5u7fyAAAAAAAAAAAAAAAAAAAAAADgOOQ6tlrnlLvTtGH/nlwu3VY3Xqnf3R/ovwb9gcZ3+gPV9/fJxECmvecOAAAAAAAAAAAAAAAAAAAAf4vF+w/mporFmXs/C+6+e/7moJxDBkl13oY53RHx+1McMvj/3KenzXMeHuX6/Nng9dkWT7p52Y9a9Xb19ukLi/0Xm+VE5tjW3HHAi5JpdDpfs01ureoNWfr19bzYDka+HZj8eLJVd3hn/TP9z0amXi1//HLY47TrHQkAAAAAAAAAAAAAAAAAAE6u2o9+270SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGif2v//NwmSaDq0O0gi2Tpeg6FSu88RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+BAAA///6sZyI")

78.830018ms ago: executing program 2 (id=2727):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xb, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
rmdir(0x0)
open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
unshare(0x2040400)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x8042)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e(||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P,\xda|\xb2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\xff\xff\xff\x7f [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r5, &(0x7f00000000c0)=[{&(0x7f0000000680)='P', 0x1}], 0x1, 0x800004, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
sendfile(r4, r4, 0x0, 0x24002deb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0x13, 0x0, 0x0, 0x2, 0x0, 0x100}, 0x10}}, 0x0)

55.681759ms ago: executing program 6 (id=2728):
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="73686f776173736f632c6d61703d6e6f726d616c006e6f72ebed512025d7010bf67e265c69446f636b2c686964652c6d61703d6f66662c756e686964652c73657373696f6e3d3078303030303030303030303030303032332c6d61703d61636d50e26b4e94a354957bd980967ed2b7873ce5f688b5e688babd7195f91d49e0d01aa70ea49813d6b95831a8020a0c02531895df9baf6bcd2830af6bd85a5cf47437d98bb85fca9bab788db9bdec2db0302810f7df0a117388234f937209413884e87b9ee6abec681b290de4c1a24d9faccd767ffc5b89fb2b231ea7b06a014287fa47247990fe403e63e49d78e69e588eeb8c9465", @ANYRESHEX=0x0, @ANYBLOB=',norock,unhide,norock,\x00'], 0x2, 0x6a0, &(0x7f0000000a40)="$eJzs3V1rG+n5x/HfyLIte/+E5d8SQnCSO0kXHJoqI3njYFLoqqORPa2kETNysaGwpBt7CZGzbZJC45OtT/oA2zfQs570oC+i0ON9Fz0pLSztWaE9mDIPeoqeol0l2d18P2ZXo3uumfuauRVdjK25JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIMup2nbJUt1r7h+YyZxq4Dey5f9Go+vTvS3rRrpwY2a/khX/p0JBF9KmC9/srz4f/++aNtJnGyrEDwWdvnX+7bvfyOe6209J+PPQvDt88uz04b1O5+jxC8Quae7dv07KdZfWsjEZE7TrNr3Q9xqVXdd4oW92trftW3u10NS8uhsehm23YZzAzbX9wGw6N0xpZ2fLuMVDf7+5W63U3W7jne+UbXvb/GA1HWhJxdDZ8+p1r7mbxMSr45g75pMfpwFupWHM8YPO0dasI4mDSi8SVJ4VVLbL5VKpXC5t3965fce28yMNdsyyezQSsfAXLb5iFvPGDSxALq7/f7Wkugpqal8HMmN/HFUVyFdjwvpMt/6/c8ud2u9g/e9W+QvS97LVF5XU/8vps8uT6v+EXIxMssG4NdaE9vl+lpOMjJ7omU71UPfUUUdHeryAfRuZKwvZyyv42ZWrpjyF8uWpoUrSYrIWox1ta1u23teeagplVJOnulyFOlSottzkFeUokKuK2vIVyGhTjm7IqKQd7WhLRq6KOpSvfTW1q6oq+ncURcd6kJz3rSk5qhtUmhCwOhhUnrKnSfX/Jx+nr9Os/tvU/zdV+jpYTR8+nRYDfAlE2fX/oNzsza68vIwAAAAAAMCiWclv363kb/eXJEWqeXXXft1pAQAAAACABbIUrWpDVnz9L+mSLK7/AQAAAAD4urGSe+wsSevJh/qt/p1QL/JLgKVXkCIAAAAAAPiCkjv/L69IUTJpxRVZc13/AwAAAACAr4DfDMyxn+/OsRt1/6yfkxS2Vq0//3NVwbJ11jr4lnVSiddUTrKYkU8AtGsXrXPZRL3Jw4qk5Jnjblgb6eSY2SSYvXkHPzueNde/FTyXwMrS4A4mJGDFPW/ns2f6RFfTTa5m88zfP80pWZP2sl7z6m7R8et3S6pUzuXa7kH7548e/EIKesd5/KBzVPzgo879JJezuOnsJN7px0Pp5MafjH4uT5P5FpJ7LsYd8Zpq3S5/22ysW0m/dvf4l1Q5yQ12NG0A+n3+StfSMbu2nsaun/Zm3I+PvxAff6mYDNnQ0QfLVj+L0vNHPm4gJmRRSLK4nsZc37yu8t/S5d4o5KzCt5ekcnF0DIayKA9mMftcWP8aORcDWSQP3TUD52IrzuIv8Y4mZLE1XxYjIwIAr8uxLil5F7qkZBLzXhUqZHW3Wx66b2qfq+7Mru7vDVf3p7+PomSDJSmf/W1iai8Fxe/om1ZSh1bSQ8pfHPOObmd1paAJ7+j2F6hucV9/6n8HUpb2SBb/iaLobinp93fPVdU/DHU30m9YLy/Fp/DW05OfJhPgxz48+vDoUbm8tW2/a9u3y1pODiN7WBK1BwAwYvZ37MyMsN7V1TTi6v1/vJMuDVW8/+99pKCoD/SROrqvm92vELgyfq/rAx9DuJletWrgqtWcf/tu8r10w7El3Zx4VZfU0oHYci92Wd1Nhit1P3brJY8CAACv1rUZdXh8/S8M1f+b2kwjNi+Ove4eruXZ1XHvkn5SbGl28u8t+mwAAPBmcIPPrPX2r60g8Frvl3Z2SpX2nmsC3/mhCbzqrmu8ZtsNnL1Kc9c1rcBv+45fN61Aq17VDU2432r5QdvU/MC0/NA7SL753WRf/R66jUqz7Tlhq+5WQtc4frNdcdqm6oWOae1/v+6Fe26QbBy2XMereU6l7flNE/r7geMWjQlddyDQq7rNtlfz4sWmaQVeoxIcmh/59f2Ga6pu6AReq+2nO+z25TVrftBIdlvMR+M+LwAAwBvnybPTh/c6naPHzy+sxZfmacuZJsSMLqzoybP4qjxuyWermCMIAIAvmX4Bn2OjwktMCAAAAAAAAAAAAAAAAAAAAAAAjJh9S9+cC8vjbhaUei0/O5e16Jfq32I4sh9Li05snoXcvFt1b4k4ffjplOC1Xkv39A/GnL2yA/z7/0lvJS1KW/KL72ttyuC+jIXvHqdndGJMvHLsqtXeWOQX/88hXnj0xwmroiiKpm++OnwOV4YOMDet07ykxytzD8HKyEsUwNfV/wIAAP//qMc0fQ==")
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x20, &(0x7f0000000740)={&(0x7f0000000840)=""/226, 0xe2, <r1=>0x0, &(0x7f0000000580)=""/77, 0x4d}}, 0x10)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
tee(0xffffffffffffffff, r4, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001100)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001180)=ANY=[@ANYBLOB="020000000400000008000000016b000080000000", @ANYRES32, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000000000000200"/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0xfffffffffffffda3, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0xa, 0xe, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x307742e8, 0x0, 0x0, 0x0, 0x3ff}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f00000002c0)='GPL\x00', 0x7, 0x3e, &(0x7f0000000340)=""/62, 0x41100, 0x1, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x2, 0x1, 0x2, 0x3}, 0x10, r1, r0, 0x1, &(0x7f0000001280)=[r2, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0xffffffffffffffff, r6, 0xffffffffffffffff], &(0x7f00000012c0)=[{0x2, 0x3, 0xc, 0x2}], 0x10, 0x2}, 0x94)

0s ago: executing program 6 (id=2729):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYRESOCT=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000003e000701fcfffffffedbdf25017c000006000480"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

kernel console output (not intermixed with test programs):

][T11190] FAULT_INJECTION: forcing a failure.
[  183.194584][T11190] name failslab, interval 1, probability 0, space 0, times 0
[  183.207453][T11190] CPU: 0 UID: 0 PID: 11190 Comm: syz.2.2131 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  183.207485][T11190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  183.207573][T11190] Call Trace:
[  183.207580][T11190]  <TASK>
[  183.207589][T11190]  __dump_stack+0x1d/0x30
[  183.207624][T11190]  dump_stack_lvl+0xe8/0x140
[  183.207644][T11190]  dump_stack+0x15/0x1b
[  183.207662][T11190]  should_fail_ex+0x265/0x280
[  183.207697][T11190]  should_failslab+0x8c/0xb0
[  183.207729][T11190]  kmem_cache_alloc_noprof+0x50/0x310
[  183.207765][T11190]  ? dst_alloc+0xbd/0x100
[  183.207822][T11190]  dst_alloc+0xbd/0x100
[  183.207856][T11190]  ? __ip_select_ident+0x32/0x1a0
[  183.207880][T11190]  ip_route_output_key_hash_rcu+0xf16/0x1440
[  183.207951][T11190]  ip_route_output_flow+0x7b/0x130
[  183.208049][T11190]  udp_sendmsg+0x1197/0x13b0
[  183.208079][T11190]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  183.208111][T11190]  ? avc_has_perm+0xd3/0x150
[  183.208141][T11190]  ? __pfx_udp_sendmsg+0x10/0x10
[  183.208253][T11190]  inet_sendmsg+0xac/0xd0
[  183.208314][T11190]  __sock_sendmsg+0x102/0x180
[  183.208344][T11190]  ____sys_sendmsg+0x345/0x4e0
[  183.208407][T11190]  ___sys_sendmsg+0x17b/0x1d0
[  183.208462][T11190]  __sys_sendmmsg+0x178/0x300
[  183.208504][T11190]  __x64_sys_sendmmsg+0x57/0x70
[  183.208626][T11190]  x64_sys_call+0x2f2f/0x2fb0
[  183.208648][T11190]  do_syscall_64+0xd2/0x200
[  183.208665][T11190]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  183.208727][T11190]  ? clear_bhb_loop+0x40/0x90
[  183.208786][T11190]  ? clear_bhb_loop+0x40/0x90
[  183.208844][T11190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.208868][T11190] RIP: 0033:0x7f4c15cee929
[  183.208891][T11190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.208912][T11190] RSP: 002b:00007f4c14357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  183.208978][T11190] RAX: ffffffffffffffda RBX: 00007f4c15f15fa0 RCX: 00007f4c15cee929
[  183.208991][T11190] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000003
[  183.209007][T11190] RBP: 00007f4c14357090 R08: 0000000000000000 R09: 0000000000000000
[  183.209022][T11190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.209038][T11190] R13: 0000000000000000 R14: 00007f4c15f15fa0 R15: 00007ffc33f50178
[  183.209062][T11190]  </TASK>
[  183.507905][T11193] loop6: detected capacity change from 0 to 1024
[  183.521252][T11193] EXT4-fs: Ignoring removed orlov option
[  183.540357][T11193] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  183.559651][T11196] loop1: detected capacity change from 0 to 8192
[  183.567671][T11196] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  183.597174][T11205] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2136'.
[  183.609970][T11205] 9pnet_fd: Insufficient options for proto=fd
[  183.624507][T11207] loop6: detected capacity change from 0 to 1024
[  183.637319][T11199] loop7: detected capacity change from 0 to 512
[  183.646120][T11207] EXT4-fs: Ignoring removed orlov option
[  183.652130][T11199] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  183.663144][T11207] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  183.664989][T11211] loop4: detected capacity change from 0 to 512
[  183.677337][T11199] EXT4-fs (loop7): 1 truncate cleaned up
[  183.680318][T11211] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  183.688492][T11199] EXT4-fs error (device loop7): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.7.2135: path /6/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  183.701716][T11211] EXT4-fs (loop4): 1 truncate cleaned up
[  183.718076][T11199] EXT4-fs (loop7): Remounting filesystem read-only
[  183.833533][T11226] netlink: 168 bytes leftover after parsing attributes in process `syz.6.2142'.
[  183.847000][T11226] 9pnet_fd: Insufficient options for proto=fd
[  184.250631][T11254] loop6: detected capacity change from 0 to 1024
[  184.272242][T11256] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2148'.
[  184.286647][T11254] EXT4-fs: Ignoring removed orlov option
[  184.297128][T11251] loop2: detected capacity change from 0 to 256
[  184.305952][T11254] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  184.320695][T11251] FAT-fs (loop2): Directory bread(block 1285) failed
[  184.546000][T11276] loop2: detected capacity change from 0 to 164
[  184.555087][T11276] Unable to read rock-ridge attributes
[  184.572718][T11280] loop1: detected capacity change from 0 to 1024
[  184.579786][T11280] EXT4-fs: Ignoring removed orlov option
[  184.689494][T11288] can0: slcan on ttyS3.
[  184.711235][T11288] loop1: detected capacity change from 0 to 1024
[  184.720219][T11288] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  184.734246][T11291] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11291 comm=syz.7.2160
[  184.752057][T11288] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  184.831158][T11288] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  184.840548][T11288] EXT4-fs (loop1): orphan cleanup on readonly fs
[  184.848032][T11288] EXT4-fs error (device loop1): ext4_read_inode_bitmap:167: comm syz.1.2159: Inode bitmap for bg 0 marked uninitialized
[  184.946574][T11299] loop7: detected capacity change from 0 to 1024
[  184.954056][T11299] EXT4-fs: Ignoring removed orlov option
[  184.961860][T11299] EXT4-fs (loop7): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  185.165587][T11303] loop7: detected capacity change from 0 to 1024
[  185.173172][T11303] EXT4-fs: Ignoring removed orlov option
[  185.179863][T11303] EXT4-fs (loop7): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  185.185342][T11287] can0 (unregistered): slcan off ttyS3.
[  185.220319][T11309] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.229045][T11309] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.240972][T11309] netlink: 168 bytes leftover after parsing attributes in process `+}[@'.
[  185.250098][T11309] C: renamed from team_slave_0 (while UP)
[  185.264700][T11307] loop1: detected capacity change from 0 to 512
[  185.286964][T11307] ext4 filesystem being mounted at /413/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.323093][T11313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.331764][T11313] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.341398][T11313] netlink: 168 bytes leftover after parsing attributes in process `+}[@'.
[  185.454242][T11322] loop6: detected capacity change from 0 to 164
[  185.462112][T11322] Unable to read rock-ridge attributes
[  185.833439][T11334] loop4: detected capacity change from 0 to 128
[  185.850569][T11334] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  185.858535][T11334] FAT-fs (loop4): Filesystem has been set read-only
[  185.880777][T11334] bio_check_eod: 9 callbacks suppressed
[  185.880797][T11334] syz.4.2172: attempt to access beyond end of device
[  185.880797][T11334] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  185.905243][T11334] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  185.913451][T11334] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  185.923569][T11334] syz.4.2172: attempt to access beyond end of device
[  185.923569][T11334] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  185.938867][T11334] syz.4.2172: attempt to access beyond end of device
[  185.938867][T11334] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  185.952862][T11338] syz.4.2172: attempt to access beyond end of device
[  185.952862][T11338] loop4: rw=0, sector=2065, nr_sectors = 1 limit=128
[  185.966164][T11338] buffer_io_error: 8 callbacks suppressed
[  185.966207][T11338] Buffer I/O error on dev loop4, logical block 2065, async page read
[  186.016380][T11338] syz.4.2172: attempt to access beyond end of device
[  186.016380][T11338] loop4: rw=0, sector=2066, nr_sectors = 1 limit=128
[  186.029989][T11338] Buffer I/O error on dev loop4, logical block 2066, async page read
[  186.043254][T11343] loop7: detected capacity change from 0 to 512
[  186.065687][T11338] syz.4.2172: attempt to access beyond end of device
[  186.065687][T11338] loop4: rw=0, sector=2067, nr_sectors = 1 limit=128
[  186.079963][T11338] Buffer I/O error on dev loop4, logical block 2067, async page read
[  186.101120][T11343] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.116714][T11338] syz.4.2172: attempt to access beyond end of device
[  186.116714][T11338] loop4: rw=0, sector=2068, nr_sectors = 1 limit=128
[  186.130094][T11338] Buffer I/O error on dev loop4, logical block 2068, async page read
[  186.158252][T11338] syz.4.2172: attempt to access beyond end of device
[  186.158252][T11338] loop4: rw=0, sector=2069, nr_sectors = 1 limit=128
[  186.171781][T11338] Buffer I/O error on dev loop4, logical block 2069, async page read
[  186.195512][T11338] syz.4.2172: attempt to access beyond end of device
[  186.195512][T11338] loop4: rw=0, sector=2070, nr_sectors = 1 limit=128
[  186.208947][T11338] Buffer I/O error on dev loop4, logical block 2070, async page read
[  186.244499][T11338] syz.4.2172: attempt to access beyond end of device
[  186.244499][T11338] loop4: rw=0, sector=2071, nr_sectors = 1 limit=128
[  186.257974][T11338] Buffer I/O error on dev loop4, logical block 2071, async page read
[  186.277319][T11338] Buffer I/O error on dev loop4, logical block 2072, async page read
[  186.285595][T11334] Buffer I/O error on dev loop4, logical block 2065, async page read
[  186.296002][T11334] Buffer I/O error on dev loop4, logical block 2066, async page read
[  186.348725][T11350] 
@ÿ: renamed from bond_slave_0 (while UP)
[  186.377100][T11355] loop6: detected capacity change from 0 to 512
[  186.388943][T11355] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.2179: casefold flag without casefold feature
[  186.441077][T11355] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2179: couldn't read orphan inode 15 (err -117)
[  186.588529][T11359] loop7: detected capacity change from 0 to 8192
[  186.686898][T11359] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  186.816211][T11365] loop7: detected capacity change from 0 to 512
[  186.824124][T11365] journal_path: Lookup failure for './file0/../file0'
[  186.831034][T11365] EXT4-fs: error: could not find journal device path
[  186.962009][T11369] loop6: detected capacity change from 0 to 128
[  186.975516][T11383] loop1: detected capacity change from 0 to 256
[  186.996162][   T29] kauditd_printk_skb: 179 callbacks suppressed
[  186.996178][   T29] audit: type=1326 audit(1752726869.005:8194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11378 comm="syz.4.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  187.020103][T11385] loop4: detected capacity change from 0 to 512
[  187.025971][   T29] audit: type=1326 audit(1752726869.005:8195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11378 comm="syz.4.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  187.026021][   T29] audit: type=1326 audit(1752726869.005:8196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11378 comm="syz.4.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  187.033724][T11385] journal_path: Lookup failure for './file0/../file0'
[  187.056036][   T29] audit: type=1326 audit(1752726869.005:8197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11378 comm="syz.4.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  187.056073][   T29] audit: type=1326 audit(1752726869.005:8198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11378 comm="syz.4.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  187.056104][   T29] audit: type=1326 audit(1752726869.015:8199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11378 comm="syz.4.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  187.056208][   T29] audit: type=1326 audit(1752726869.015:8200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11378 comm="syz.4.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  187.079570][T11385] EXT4-fs: error: could not find journal device path
[  187.188044][   T29] audit: type=1326 audit(1752726869.015:8201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11378 comm="syz.4.2188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  187.244175][T11387] loop4: detected capacity change from 0 to 164
[  187.275202][T11387] Unable to read rock-ridge attributes
[  187.292845][   T29] audit: type=1326 audit(1752726869.305:8202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11388 comm="syz.2.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  187.296945][T11389] can0: slcan on ttyS3.
[  187.316444][   T29] audit: type=1326 audit(1752726869.305:8203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11388 comm="syz.2.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  187.360751][T11389] loop2: detected capacity change from 0 to 1024
[  187.369524][T11383] FAT-fs (loop1): Directory bread(block 1285) failed
[  187.401764][T11389] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  187.419622][T11389] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  187.433398][T11389] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  187.441689][T11389] EXT4-fs (loop2): orphan cleanup on readonly fs
[  187.449996][T11389] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.2191: Inode bitmap for bg 0 marked uninitialized
[  187.493839][T11394] loop1: detected capacity change from 0 to 164
[  187.502162][T11394] Unable to read rock-ridge attributes
[  187.515340][T11388] can0 (unregistered): slcan off ttyS3.
[  187.604150][T11400] loop2: detected capacity change from 0 to 1024
[  187.611079][T11400] EXT4-fs: Ignoring removed orlov option
[  187.785478][T11412] loop7: detected capacity change from 0 to 256
[  187.792763][T11412] FAT-fs (loop7): Directory bread(block 1285) failed
[  187.856832][T11420] loop2: detected capacity change from 0 to 512
[  187.863984][T11420] journal_path: Lookup failure for './file0/../file0'
[  187.870930][T11420] EXT4-fs: error: could not find journal device path
[  187.902660][T11424] loop2: detected capacity change from 0 to 164
[  187.909189][T11417] loop7: detected capacity change from 0 to 512
[  187.916538][T11417] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  187.917389][T11424] Unable to read rock-ridge attributes
[  187.938279][T11417] EXT4-fs (loop7): 1 truncate cleaned up
[  187.969997][T11417] EXT4-fs error (device loop7): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.7.2200: path /21/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  188.070283][T11417] EXT4-fs (loop7): Remounting filesystem read-only
[  188.320444][T11433] loop4: detected capacity change from 0 to 256
[  188.457353][T11437] can0: slcan on ttyS3.
[  188.477566][T11437] loop7: detected capacity change from 0 to 1024
[  188.488829][T11437] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  188.502007][T11437] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  188.520578][T11437] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  188.537862][T11437] EXT4-fs (loop7): orphan cleanup on readonly fs
[  188.546980][T11437] EXT4-fs error (device loop7): ext4_read_inode_bitmap:167: comm syz.7.2204: Inode bitmap for bg 0 marked uninitialized
[  188.586757][T11444] wg2: entered promiscuous mode
[  188.591802][T11444] wg2: entered allmulticast mode
[  188.600534][T11433] FAT-fs (loop4): Directory bread(block 1285) failed
[  188.607614][T11436] can0 (unregistered): slcan off ttyS3.
[  188.698118][T11448] loop7: detected capacity change from 0 to 1024
[  188.717365][T11448] EXT4-fs: Ignoring removed orlov option
[  188.732464][T11448] EXT4-fs (loop7): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  188.791086][T11459] loop2: detected capacity change from 0 to 164
[  188.798397][T11459] Unable to read rock-ridge attributes
[  188.975309][T11468] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2217'.
[  189.452622][T11476] loop1: detected capacity change from 0 to 512
[  189.467312][T11476] ext4 filesystem being mounted at /421/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.524447][T11481] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11481 comm=syz.1.2229
[  189.544289][T11482] loop4: detected capacity change from 0 to 1024
[  189.553367][T11482] EXT4-fs: Ignoring removed orlov option
[  189.560018][T11482] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  189.577836][T11486] loop6: detected capacity change from 0 to 512
[  189.584932][T11486] journal_path: Lookup failure for './file0/../file0'
[  189.591773][T11486] EXT4-fs: error: could not find journal device path
[  189.622517][T11490] loop4: detected capacity change from 0 to 1024
[  189.629407][T11490] EXT4-fs: Ignoring removed orlov option
[  189.641045][T11490] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  189.654880][T11494] loop6: detected capacity change from 0 to 1024
[  189.664171][T11494] EXT4-fs: Ignoring removed orlov option
[  189.671383][T11498] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11498 comm=syz.2.2225
[  189.741268][T11511] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2228'.
[  189.763166][T11511] loop4: detected capacity change from 0 to 2048
[  189.787136][T11513] loop2: detected capacity change from 0 to 1024
[  189.827170][T11513] EXT4-fs: Ignoring removed orlov option
[  189.836629][T11513] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  189.893372][T11529] can0: slcan on ttyS3.
[  189.910663][T11529] loop4: detected capacity change from 0 to 1024
[  189.921825][T11532] loop1: detected capacity change from 0 to 512
[  189.928560][T11529] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  189.930598][T11532] journal_path: Lookup failure for './file0/../file0'
[  189.945077][T11532] EXT4-fs: error: could not find journal device path
[  189.948655][T11529] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  189.973691][T11529] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  189.986626][T11529] EXT4-fs (loop4): orphan cleanup on readonly fs
[  189.993357][T11529] EXT4-fs error (device loop4): ext4_read_inode_bitmap:167: comm syz.4.2234: Inode bitmap for bg 0 marked uninitialized
[  190.009982][T11540] loop2: detected capacity change from 0 to 164
[  190.019776][T11540] Unable to read rock-ridge attributes
[  190.051723][T11544] FAULT_INJECTION: forcing a failure.
[  190.051723][T11544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.064950][T11544] CPU: 1 UID: 0 PID: 11544 Comm: syz.1.2239 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  190.064977][T11544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  190.064990][T11544] Call Trace:
[  190.064996][T11544]  <TASK>
[  190.065063][T11544]  __dump_stack+0x1d/0x30
[  190.065088][T11544]  dump_stack_lvl+0xe8/0x140
[  190.065116][T11544]  dump_stack+0x15/0x1b
[  190.065137][T11544]  should_fail_ex+0x265/0x280
[  190.065178][T11544]  should_fail+0xb/0x20
[  190.065247][T11544]  should_fail_usercopy+0x1a/0x20
[  190.065278][T11544]  strncpy_from_user+0x25/0x230
[  190.065305][T11544]  path_setxattrat+0xeb/0x310
[  190.065382][T11544]  __x64_sys_setxattr+0x6e/0x90
[  190.065419][T11544]  x64_sys_call+0x28a7/0x2fb0
[  190.065440][T11544]  do_syscall_64+0xd2/0x200
[  190.065457][T11544]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  190.065537][T11544]  ? clear_bhb_loop+0x40/0x90
[  190.065562][T11544]  ? clear_bhb_loop+0x40/0x90
[  190.065586][T11544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.065606][T11544] RIP: 0033:0x7f20ccc5e929
[  190.065639][T11544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.065662][T11544] RSP: 002b:00007f20cb2c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  190.065685][T11544] RAX: ffffffffffffffda RBX: 00007f20cce85fa0 RCX: 00007f20ccc5e929
[  190.065717][T11544] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000000
[  190.065732][T11544] RBP: 00007f20cb2c7090 R08: 0000000000000000 R09: 0000000000000000
[  190.065778][T11544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.065793][T11544] R13: 0000000000000000 R14: 00007f20cce85fa0 R15: 00007fff1251ff28
[  190.065813][T11544]  </TASK>
[  190.255593][T11528] can0 (unregistered): slcan off ttyS3.
[  190.279565][T11546] loop2: detected capacity change from 0 to 1024
[  190.289399][T11546] EXT4-fs: Ignoring removed orlov option
[  190.299631][T11546] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  190.303983][T11549] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11549 comm=syz.4.2242
[  190.328843][T11546] EXT4-fs mount: 92 callbacks suppressed
[  190.328862][T11546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.374929][T11557] loop4: detected capacity change from 0 to 1024
[  190.381910][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.382517][T11557] EXT4-fs: Ignoring removed orlov option
[  190.427200][T11557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.530186][T11560] loop2: detected capacity change from 0 to 512
[  190.545218][T11560] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  190.556702][T11560] EXT4-fs (loop2): 1 truncate cleaned up
[  190.563028][T11560] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.580940][T11560] EXT4-fs error (device loop2): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.2.2244: path /470/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  190.606203][T11560] EXT4-fs (loop2): Remounting filesystem read-only
[  190.610236][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.657004][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.684723][T11570] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2245'.
[  190.731628][T11570] loop2: detected capacity change from 0 to 2048
[  190.739670][T11578] loop4: detected capacity change from 0 to 164
[  190.751197][T11578] Unable to read rock-ridge attributes
[  190.766371][T11582] loop6: detected capacity change from 0 to 164
[  190.773706][T11570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  190.789905][T11582] Unable to read rock-ridge attributes
[  190.808555][T11585] netlink: 168 bytes leftover after parsing attributes in process `syz.7.2252'.
[  190.820594][T11585] 9pnet_fd: Insufficient options for proto=fd
[  190.830080][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  190.866648][T11593] loop7: detected capacity change from 0 to 1024
[  190.873536][T11593] EXT4-fs: Ignoring removed orlov option
[  190.896642][T11593] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.983807][T11599] loop2: detected capacity change from 0 to 512
[  191.003891][T11044] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.015705][T11599] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  191.032985][T11599] EXT4-fs (loop2): 1 truncate cleaned up
[  191.039807][T11599] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.054940][T11599] EXT4-fs error (device loop2): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.2.2256: path /473/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  191.078490][T11599] EXT4-fs (loop2): Remounting filesystem read-only
[  191.178432][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.309895][T11620] loop2: detected capacity change from 0 to 256
[  191.393684][T11620] FAT-fs (loop2): Directory bread(block 1285) failed
[  191.588419][   T10] hid-generic 0001:7DD6:FFFFF935.0007: unknown main item tag 0x4
[  191.596378][   T10] hid-generic 0001:7DD6:FFFFF935.0007: item fetching failed at offset 26/202
[  191.618355][   T10] hid-generic 0001:7DD6:FFFFF935.0007: probe with driver hid-generic failed with error -22
[  191.637037][T11630] loop6: detected capacity change from 0 to 164
[  191.650503][T11630] Unable to read rock-ridge attributes
[  191.865086][T11653] loop4: detected capacity change from 0 to 512
[  191.891578][T11653] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.2272: casefold flag without casefold feature
[  191.907190][T11644] loop2: detected capacity change from 0 to 128
[  191.925738][T11653] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2272: couldn't read orphan inode 15 (err -117)
[  191.952877][T11653] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.989235][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.021211][T11661] loop6: detected capacity change from 0 to 256
[  192.052567][T11663] netlink: 'syz.1.2275': attribute type 1 has an invalid length.
[  192.085925][T11667] FAULT_INJECTION: forcing a failure.
[  192.085925][T11667] name failslab, interval 1, probability 0, space 0, times 0
[  192.099779][T11667] CPU: 0 UID: 0 PID: 11667 Comm: syz.7.2276 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  192.099819][T11667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.099832][T11667] Call Trace:
[  192.099838][T11667]  <TASK>
[  192.099845][T11667]  __dump_stack+0x1d/0x30
[  192.099868][T11667]  dump_stack_lvl+0xe8/0x140
[  192.099891][T11667]  dump_stack+0x15/0x1b
[  192.099926][T11667]  should_fail_ex+0x265/0x280
[  192.099962][T11667]  should_failslab+0x8c/0xb0
[  192.100009][T11667]  kmem_cache_alloc_noprof+0x50/0x310
[  192.100111][T11667]  ? getname_flags+0x80/0x3b0
[  192.100136][T11667]  getname_flags+0x80/0x3b0
[  192.100162][T11667]  getname_uflags+0x21/0x30
[  192.100215][T11667]  __x64_sys_execveat+0x5d/0x90
[  192.100290][T11667]  x64_sys_call+0x2dae/0x2fb0
[  192.100389][T11667]  do_syscall_64+0xd2/0x200
[  192.100406][T11667]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  192.100436][T11667]  ? clear_bhb_loop+0x40/0x90
[  192.100463][T11667]  ? clear_bhb_loop+0x40/0x90
[  192.100490][T11667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.100567][T11667] RIP: 0033:0x7f14adb2e929
[  192.100582][T11667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.100599][T11667] RSP: 002b:00007f14ac197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  192.100619][T11667] RAX: ffffffffffffffda RBX: 00007f14add55fa0 RCX: 00007f14adb2e929
[  192.100635][T11667] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  192.100725][T11667] RBP: 00007f14ac197090 R08: 0000000000000000 R09: 0000000000000000
[  192.100740][T11667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.100752][T11667] R13: 0000000000000000 R14: 00007f14add55fa0 R15: 00007fff0b671ef8
[  192.100774][T11667]  </TASK>
[  192.291585][T11661] FAT-fs (loop6): Directory bread(block 1285) failed
[  192.303731][T11670] loop4: detected capacity change from 0 to 512
[  192.346604][T11670] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  192.348795][T11679] FAULT_INJECTION: forcing a failure.
[  192.348795][T11679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.367611][T11670] EXT4-fs (loop4): orphan cleanup on readonly fs
[  192.367632][T11670] EXT4-fs error (device loop4): ext4_quota_enable:7120: comm syz.4.2277: Bad quota inum: 4294967295, type: 0
[  192.368190][T11670] EXT4-fs (loop4): Remounting filesystem read-only
[  192.374089][T11679] CPU: 1 UID: 0 PID: 11679 Comm: syz.7.2280 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  192.374122][T11679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.374138][T11679] Call Trace:
[  192.374148][T11679]  <TASK>
[  192.374160][T11679]  __dump_stack+0x1d/0x30
[  192.374196][T11679]  dump_stack_lvl+0xe8/0x140
[  192.374225][T11679]  dump_stack+0x15/0x1b
[  192.374248][T11679]  should_fail_ex+0x265/0x280
[  192.374289][T11679]  should_fail+0xb/0x20
[  192.374331][T11679]  should_fail_usercopy+0x1a/0x20
[  192.374373][T11679]  _copy_from_user+0x1c/0xb0
[  192.374434][T11679]  ___sys_sendmsg+0xc1/0x1d0
[  192.374500][T11679]  __x64_sys_sendmsg+0xd4/0x160
[  192.374551][T11679]  x64_sys_call+0x2999/0x2fb0
[  192.374579][T11679]  do_syscall_64+0xd2/0x200
[  192.374683][T11679]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  192.374717][T11679]  ? clear_bhb_loop+0x40/0x90
[  192.374760][T11679]  ? clear_bhb_loop+0x40/0x90
[  192.374790][T11679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.374820][T11679] RIP: 0033:0x7f14adb2e929
[  192.374866][T11679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.374901][T11679] RSP: 002b:00007f14ac197038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.374926][T11679] RAX: ffffffffffffffda RBX: 00007f14add55fa0 RCX: 00007f14adb2e929
[  192.374943][T11679] RDX: 0000000024004059 RSI: 00002000000019c0 RDI: 0000000000000003
[  192.374968][T11679] RBP: 00007f14ac197090 R08: 0000000000000000 R09: 0000000000000000
[  192.374983][T11679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.375056][T11679] R13: 0000000000000000 R14: 00007f14add55fa0 R15: 00007fff0b671ef8
[  192.375082][T11679]  </TASK>
[  192.571812][T11670] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967295). Please run e2fsck to fix.
[  192.587634][T11670] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  192.597026][T11670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  192.617520][   T29] kauditd_printk_skb: 461 callbacks suppressed
[  192.617534][   T29] audit: type=1400 audit(1752726874.635:8665): avc:  denied  { bind } for  pid=11668 comm="syz.4.2277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  192.663614][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.665690][T11689] loop7: detected capacity change from 0 to 512
[  192.681356][   T29] audit: type=1326 audit(1752726874.665:8666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11668 comm="syz.4.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  192.705214][   T29] audit: type=1326 audit(1752726874.665:8667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11668 comm="syz.4.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  192.709600][T11689] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.2284: casefold flag without casefold feature
[  192.729311][   T29] audit: type=1326 audit(1752726874.665:8668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11668 comm="syz.4.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  192.765749][   T29] audit: type=1326 audit(1752726874.665:8669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11668 comm="syz.4.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  192.789839][   T29] audit: type=1326 audit(1752726874.665:8670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11668 comm="syz.4.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  192.800104][T11689] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.2284: couldn't read orphan inode 15 (err -117)
[  192.813381][   T29] audit: type=1326 audit(1752726874.665:8671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11668 comm="syz.4.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  192.849178][   T29] audit: type=1326 audit(1752726874.665:8672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11668 comm="syz.4.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  192.872804][   T29] audit: type=1326 audit(1752726874.665:8673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11668 comm="syz.4.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  192.897061][   T29] audit: type=1326 audit(1752726874.725:8674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11690 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  192.898940][T11689] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.946075][T11701] loop4: detected capacity change from 0 to 164
[  192.978948][T11701] Unable to read rock-ridge attributes
[  192.979314][T11044] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.012554][T11703] loop7: detected capacity change from 0 to 512
[  193.019862][T11703] journal_path: Lookup failure for './file0/../file0'
[  193.026761][T11703] EXT4-fs: error: could not find journal device path
[  193.078077][T11708] netlink: 'syz.7.2290': attribute type 16 has an invalid length.
[  193.086126][T11708] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2290'.
[  193.191305][T11722] loop7: detected capacity change from 0 to 1024
[  193.220117][T11726] loop7: detected capacity change from 0 to 512
[  193.227291][T11726] EXT4-fs: Ignoring removed nomblk_io_submit option
[  193.236157][T11726] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  193.244130][T11726] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[  193.252277][T11726] System zones: 0-1, 15-15, 18-18, 34-34
[  193.259277][T11726] EXT4-fs (loop7): orphan cleanup on readonly fs
[  193.266354][T11726] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #16: comm syz.7.2294: casefold flag without casefold feature
[  193.280640][T11726] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.2294: couldn't read orphan inode 16 (err -117)
[  193.293337][T11726] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.308433][T11728] loop1: detected capacity change from 0 to 1024
[  193.319297][T11726] netlink: 'syz.7.2294': attribute type 4 has an invalid length.
[  193.327125][T11726] netlink: 'syz.7.2294': attribute type 2 has an invalid length.
[  193.361606][T11728] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.408017][T11044] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.432924][T11728] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.2292: Allocating blocks 497-513 which overlap fs metadata
[  193.447703][T11728] EXT4-fs (loop1): pa ffff8881056e7460: logic 256, phys. 385, len 8
[  193.455854][T11728] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  193.547205][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.580229][T11742] loop2: detected capacity change from 0 to 512
[  193.588580][T11742] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2299: casefold flag without casefold feature
[  193.601632][T11742] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2299: couldn't read orphan inode 15 (err -117)
[  193.614676][T11742] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.628090][T11744] loop7: detected capacity change from 0 to 256
[  193.655280][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.676328][T11747] loop2: detected capacity change from 0 to 512
[  193.683445][T11747] journal_path: Lookup failure for './file0/../file0'
[  193.690370][T11747] EXT4-fs: error: could not find journal device path
[  193.761265][T11744] FAT-fs (loop7): Directory bread(block 1285) failed
[  193.844331][T11758] can0: slcan on ttyS3.
[  193.920443][T11758] loop2: detected capacity change from 0 to 1024
[  193.949124][T11758] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  193.959047][T11758] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  194.061258][T11758] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  194.092707][T11758] EXT4-fs (loop2): orphan cleanup on readonly fs
[  194.103436][T11784] loop7: detected capacity change from 0 to 256
[  194.111863][T11758] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.2303: Inode bitmap for bg 0 marked uninitialized
[  194.112933][T11786] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11786 comm=syz.4.2310
[  194.140165][T11758] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.167575][T11758] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.204668][T11784] FAT-fs (loop7): Directory bread(block 1285) failed
[  194.225367][T11757] can0 (unregistered): slcan off ttyS3.
[  194.325628][T11792] loop2: detected capacity change from 0 to 164
[  194.346012][T11792] Unable to read rock-ridge attributes
[  194.361317][T11795] loop4: detected capacity change from 0 to 164
[  194.369930][T11795] Unable to read rock-ridge attributes
[  194.436934][T11797] loop4: detected capacity change from 0 to 2048
[  194.453420][T11801] team0 (unregistering): Port device C removed
[  194.468644][T11801] team0 (unregistering): Port device team_slave_1 removed
[  194.481403][T11797] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.515803][T11797] FAULT_INJECTION: forcing a failure.
[  194.515803][T11797] name failslab, interval 1, probability 0, space 0, times 0
[  194.528764][T11797] CPU: 0 UID: 0 PID: 11797 Comm: syz.4.2314 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  194.528925][T11797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.528941][T11797] Call Trace:
[  194.528949][T11797]  <TASK>
[  194.528956][T11797]  __dump_stack+0x1d/0x30
[  194.528979][T11797]  dump_stack_lvl+0xe8/0x140
[  194.528997][T11797]  dump_stack+0x15/0x1b
[  194.529012][T11797]  should_fail_ex+0x265/0x280
[  194.529056][T11797]  ? __iomap_dio_rw+0x14b/0x1250
[  194.529084][T11797]  should_failslab+0x8c/0xb0
[  194.529112][T11797]  __kmalloc_cache_noprof+0x4c/0x320
[  194.529147][T11797]  __iomap_dio_rw+0x14b/0x1250
[  194.529257][T11797]  ? ext4_mark_iloc_dirty+0xd3f/0xda0
[  194.529359][T11797]  ? ext4_journal_check_start+0x11a/0x1b0
[  194.529390][T11797]  iomap_dio_rw+0x40/0x90
[  194.529418][T11797]  ext4_file_write_iter+0xad9/0xf00
[  194.529455][T11797]  do_iter_readv_writev+0x41e/0x4c0
[  194.529601][T11797]  vfs_writev+0x2df/0x8b0
[  194.529641][T11797]  __se_sys_pwritev2+0xfc/0x1c0
[  194.529675][T11797]  __x64_sys_pwritev2+0x67/0x80
[  194.529701][T11797]  x64_sys_call+0x1cea/0x2fb0
[  194.529728][T11797]  do_syscall_64+0xd2/0x200
[  194.529794][T11797]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  194.529826][T11797]  ? clear_bhb_loop+0x40/0x90
[  194.529847][T11797]  ? clear_bhb_loop+0x40/0x90
[  194.529941][T11797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.529965][T11797] RIP: 0033:0x7f0047ffe929
[  194.529985][T11797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.530010][T11797] RSP: 002b:00007f004665f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  194.530036][T11797] RAX: ffffffffffffffda RBX: 00007f0048225fa0 RCX: 00007f0047ffe929
[  194.530053][T11797] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000006
[  194.530069][T11797] RBP: 00007f004665f090 R08: 0000000000000000 R09: 0000000000000003
[  194.530092][T11797] R10: 0000000000007c00 R11: 0000000000000246 R12: 0000000000000001
[  194.530105][T11797] R13: 0000000000000000 R14: 00007f0048225fa0 R15: 00007ffe287bec48
[  194.530129][T11797]  </TASK>
[  194.534318][T11805] loop1: detected capacity change from 0 to 2048
[  194.633867][T11807] loop7: detected capacity change from 0 to 2048
[  194.677885][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.717584][T11805] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.763783][T11807] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.814221][T11813] loop6: detected capacity change from 0 to 1024
[  194.821272][T11813] EXT4-fs: Ignoring removed orlov option
[  194.821342][T11805] EXT4-fs (loop1): shut down requested (0)
[  194.847152][T11805] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[  194.868173][T11813] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.881649][T11805] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[  194.915767][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.986856][T11824] loop4: detected capacity change from 0 to 256
[  195.005079][T11044] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.037002][T11824] FAT-fs (loop4): Directory bread(block 1285) failed
[  195.048891][T11826] SELinux:  Context system_u:object_r:hugetlbfs_t:s0 is not valid (left unmapped).
[  195.089824][T11830] can0: slcan on ttyS3.
[  195.108040][T11830] loop1: detected capacity change from 0 to 1024
[  195.126340][T11830] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  195.145333][T11830] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  195.158166][T11830] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  195.169164][T11830] EXT4-fs (loop1): orphan cleanup on readonly fs
[  195.178092][T11830] EXT4-fs error (device loop1): ext4_read_inode_bitmap:167: comm syz.1.2323: Inode bitmap for bg 0 marked uninitialized
[  195.191852][T11830] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  195.280673][T11830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.325329][T11829] can0 (unregistered): slcan off ttyS3.
[  195.362780][T11853] loop1: detected capacity change from 0 to 1024
[  195.387302][T11853] EXT4-fs: Ignoring removed orlov option
[  195.393443][T11853] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  195.438613][T11853] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.479565][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.524856][T11867] loop1: detected capacity change from 0 to 512
[  195.532503][T11867] EXT4-fs: Ignoring removed nomblk_io_submit option
[  195.543650][T11867] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  195.551701][T11867] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[  195.559869][T11867] System zones: 0-1, 15-15, 18-18, 34-34
[  195.565705][T11867] EXT4-fs (loop1): orphan cleanup on readonly fs
[  195.576671][T11867] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #16: comm syz.1.2334: casefold flag without casefold feature
[  195.599736][T11867] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2334: couldn't read orphan inode 16 (err -117)
[  195.621101][T11867] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  195.638642][T11867] netlink: 'syz.1.2334': attribute type 4 has an invalid length.
[  195.646482][T11867] netlink: 'syz.1.2334': attribute type 2 has an invalid length.
[  195.672378][T10790] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.735851][T11877] loop6: detected capacity change from 0 to 512
[  195.742661][T11877] EXT4-fs: Ignoring removed oldalloc option
[  195.759779][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.775736][T11877] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.2337: Parent and EA inode have the same ino 15
[  195.801528][T11877] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.2337: Parent and EA inode have the same ino 15
[  195.821833][T11877] EXT4-fs (loop6): 1 orphan inode deleted
[  195.829158][T11877] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.847949][T11877] EXT4-fs warning (device loop6): __ext4_unlink:3274: inode #15: comm syz.6.2337: Deleting file 'file1' with no links
[  195.894586][T11883] loop7: detected capacity change from 0 to 164
[  195.903920][T11883] Unable to read rock-ridge attributes
[  195.962614][T10790] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.991030][T11888] can0: slcan on ttyS3.
[  196.016999][T11891] loop6: detected capacity change from 0 to 1024
[  196.035619][T11891] EXT4-fs: Ignoring removed orlov option
[  196.037900][T11894] loop1: detected capacity change from 0 to 512
[  196.048529][T11891] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  196.049239][T11888] loop7: detected capacity change from 0 to 1024
[  196.068034][T11888] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  196.077823][T11888] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  196.090369][T11894] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2344: casefold flag without casefold feature
[  196.104836][T11894] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2344: couldn't read orphan inode 15 (err -117)
[  196.119521][T11891] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.144126][T11894] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.157804][T11888] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  196.174253][T11888] EXT4-fs (loop7): orphan cleanup on readonly fs
[  196.182978][T10790] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.192146][T11888] EXT4-fs error (device loop7): ext4_read_inode_bitmap:167: comm syz.7.2342: Inode bitmap for bg 0 marked uninitialized
[  196.193044][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.217257][T11888] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  196.230544][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.251101][T11904] loop1: detected capacity change from 0 to 512
[  196.263321][T11903] loop6: detected capacity change from 0 to 1024
[  196.271104][T11903] EXT4-fs: Ignoring removed orlov option
[  196.277463][T11903] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  196.285339][T11886] can0 (unregistered): slcan off ttyS3.
[  196.295078][T11904] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.297939][T11903] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.315523][T11904] ext4 filesystem being mounted at /452/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.328808][T11900] loop4: detected capacity change from 0 to 128
[  196.347991][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.409651][T10790] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.447815][T11916] 9pnet: Could not find request transport: r
[  196.482461][T11921] loop2: detected capacity change from 0 to 512
[  196.489721][T11921] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  196.504529][T11921] EXT4-fs (loop2): failed to initialize system zone (-117)
[  196.512357][T11921] EXT4-fs (loop2): mount failed
[  196.793622][T11931] loop6: detected capacity change from 0 to 512
[  196.816780][T11931] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  196.838292][T11931] EXT4-fs (loop6): 1 truncate cleaned up
[  196.855707][T11931] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.885075][T11931] EXT4-fs error (device loop6): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.6.2353: path /42/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  196.943832][T11931] EXT4-fs (loop6): Remounting filesystem read-only
[  196.967923][T11913] loop2: detected capacity change from 0 to 2048
[  196.974842][T11913] ext4: Unknown parameter 'smackfsdef'
[  197.041036][T10790] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.071810][T11952] 9p: Unknown uid 00000000004294967295
[  197.072598][T11954] loop6: detected capacity change from 0 to 512
[  197.085537][T11954] EXT4-fs: Ignoring removed oldalloc option
[  197.097859][T11954] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.2361: Parent and EA inode have the same ino 15
[  197.111455][T11954] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.2361: Parent and EA inode have the same ino 15
[  197.134970][T11954] EXT4-fs (loop6): 1 orphan inode deleted
[  197.142628][T11954] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.146779][T11965] loop4: detected capacity change from 0 to 164
[  197.165041][T11965] Unable to read rock-ridge attributes
[  197.193734][T10790] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.256813][T11973] loop7: detected capacity change from 0 to 16384
[  197.394784][T11985] loop4: detected capacity change from 0 to 736
[  197.402772][T11985] iso9660: Unknown parameter '„'
[  197.481000][T11988] syzkaller0: entered promiscuous mode
[  197.486619][T11988] syzkaller0: entered allmulticast mode
[  197.588077][T11990] loop6: detected capacity change from 0 to 512
[  197.597517][T11990] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.2373: casefold flag without casefold feature
[  197.610929][T11990] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2373: couldn't read orphan inode 15 (err -117)
[  197.624797][T11990] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.656851][T10790] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.678293][T11993] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2374'.
[  197.798578][T11999] loop6: detected capacity change from 0 to 128
[  197.880689][T12002] loop1: detected capacity change from 0 to 164
[  197.888033][T12002] Unable to read rock-ridge attributes
[  197.950558][T12004] loop1: detected capacity change from 0 to 512
[  197.967162][T12004] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.980001][T12004] ext4 filesystem being mounted at /460/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.012292][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.122253][T12021] loop1: detected capacity change from 0 to 512
[  198.137915][T12021] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  198.146782][T12021] EXT4-fs (loop1): orphan cleanup on readonly fs
[  198.153186][T12021] EXT4-fs error (device loop1): ext4_quota_enable:7120: comm syz.1.2382: Bad quota inum: 4294967295, type: 0
[  198.168705][T12021] EXT4-fs (loop1): Remounting filesystem read-only
[  198.175337][T12021] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967295). Please run e2fsck to fix.
[  198.190813][T12021] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  198.198834][T12021] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  198.343971][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.400141][T12030] loop7: detected capacity change from 0 to 512
[  198.410739][T12030] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  198.450849][T12030] EXT4-fs (loop7): 1 truncate cleaned up
[  198.475741][T12030] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.498954][   T29] kauditd_printk_skb: 524 callbacks suppressed
[  198.498968][   T29] audit: type=1326 audit(1752726880.515:9199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12032 comm="syz.4.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  198.539464][   T29] audit: type=1326 audit(1752726880.555:9200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12032 comm="syz.4.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  198.543477][T12030] EXT4-fs error (device loop7): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.7.2384: path /62/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  198.563026][   T29] audit: type=1326 audit(1752726880.555:9201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12032 comm="syz.4.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  198.563092][   T29] audit: type=1326 audit(1752726880.555:9202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12032 comm="syz.4.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  198.632016][   T29] audit: type=1326 audit(1752726880.555:9203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12032 comm="syz.4.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  198.655951][   T29] audit: type=1326 audit(1752726880.605:9204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12032 comm="syz.4.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  198.679639][   T29] audit: type=1326 audit(1752726880.605:9205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12032 comm="syz.4.2386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0047ffe929 code=0x7ffc0000
[  198.707784][T12030] EXT4-fs (loop7): Remounting filesystem read-only
[  198.716182][T12041] loop1: detected capacity change from 0 to 512
[  198.724767][T12041] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2385: casefold flag without casefold feature
[  198.737785][T12041] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2385: couldn't read orphan inode 15 (err -117)
[  198.754597][T12041] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.812151][T12051] loop4: detected capacity change from 0 to 164
[  198.828964][T12051] Unable to read rock-ridge attributes
[  198.886499][   T29] audit: type=1326 audit(1752726880.905:9206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.2.2394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  198.910204][   T29] audit: type=1326 audit(1752726880.905:9207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.2.2394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  198.918321][T12058] loop2: detected capacity change from 0 to 1024
[  198.933748][   T29] audit: type=1326 audit(1752726880.905:9208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.2.2394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  198.941398][T12058] EXT4-fs: Ignoring removed orlov option
[  198.980960][T12058] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  199.040414][T12068] loop2: detected capacity change from 0 to 512
[  199.048922][T12066] can0: slcan on ttyS3.
[  199.068450][T12066] loop1: detected capacity change from 0 to 1024
[  199.076770][T12066] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  199.090597][T12068] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  199.090623][T12066] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  199.212002][T12068] EXT4-fs (loop2): orphan cleanup on readonly fs
[  199.215973][T12066] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  199.218461][T12068] EXT4-fs error (device loop2): ext4_quota_enable:7120: comm syz.2.2396: Bad quota inum: 4294967295, type: 0
[  199.240714][T12066] EXT4-fs (loop1): orphan cleanup on readonly fs
[  199.248985][T12068] EXT4-fs (loop2): Remounting filesystem read-only
[  199.250651][T12066] EXT4-fs error (device loop1): ext4_read_inode_bitmap:167: comm syz.1.2397: Inode bitmap for bg 0 marked uninitialized
[  199.255571][T12068] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967295). Please run e2fsck to fix.
[  199.283754][T12068] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  199.405317][T12065] can0 (unregistered): slcan off ttyS3.
[  199.424172][T12079] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12079 comm=syz.2.2399
[  199.464154][T12081] loop1: detected capacity change from 0 to 512
[  199.498923][T12081] journal_path: Lookup failure for './file0/../file0'
[  199.505951][T12081] EXT4-fs: error: could not find journal device path
[  199.591090][T12086] loop2: detected capacity change from 0 to 512
[  199.613484][T12086] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2401: casefold flag without casefold feature
[  199.652660][T12086] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2401: couldn't read orphan inode 15 (err -117)
[  199.679535][T12091] loop1: detected capacity change from 0 to 8192
[  199.689443][T12091] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  199.750082][T12103] loop6: detected capacity change from 0 to 1024
[  199.758575][T12103] EXT4-fs: Ignoring removed orlov option
[  199.782536][T12106] FAULT_INJECTION: forcing a failure.
[  199.782536][T12106] name failslab, interval 1, probability 0, space 0, times 0
[  199.795474][T12106] CPU: 0 UID: 0 PID: 12106 Comm: syz.4.2408 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  199.795546][T12106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.795558][T12106] Call Trace:
[  199.795563][T12106]  <TASK>
[  199.795569][T12106]  __dump_stack+0x1d/0x30
[  199.795589][T12106]  dump_stack_lvl+0xe8/0x140
[  199.795607][T12106]  dump_stack+0x15/0x1b
[  199.795627][T12106]  should_fail_ex+0x265/0x280
[  199.795734][T12106]  should_failslab+0x8c/0xb0
[  199.795755][T12106]  kmem_cache_alloc_node_noprof+0x57/0x320
[  199.795787][T12106]  ? __alloc_skb+0x101/0x320
[  199.795884][T12106]  __alloc_skb+0x101/0x320
[  199.795916][T12106]  netlink_alloc_large_skb+0xba/0xf0
[  199.795982][T12106]  netlink_sendmsg+0x3cf/0x6b0
[  199.796009][T12106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  199.796032][T12106]  __sock_sendmsg+0x145/0x180
[  199.796058][T12106]  ____sys_sendmsg+0x31e/0x4e0
[  199.796153][T12106]  ___sys_sendmsg+0x17b/0x1d0
[  199.796201][T12106]  __x64_sys_sendmsg+0xd4/0x160
[  199.796243][T12106]  x64_sys_call+0x2999/0x2fb0
[  199.796277][T12106]  do_syscall_64+0xd2/0x200
[  199.796347][T12106]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.796371][T12106]  ? clear_bhb_loop+0x40/0x90
[  199.796393][T12106]  ? clear_bhb_loop+0x40/0x90
[  199.796413][T12106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.796438][T12106] RIP: 0033:0x7f0047ffe929
[  199.796457][T12106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.796532][T12106] RSP: 002b:00007f004665f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  199.796555][T12106] RAX: ffffffffffffffda RBX: 00007f0048225fa0 RCX: 00007f0047ffe929
[  199.796571][T12106] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000003
[  199.796584][T12106] RBP: 00007f004665f090 R08: 0000000000000000 R09: 0000000000000000
[  199.796596][T12106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.796607][T12106] R13: 0000000000000000 R14: 00007f0048225fa0 R15: 00007ffe287bec48
[  199.796651][T12106]  </TASK>
[  199.796914][T12103] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  199.800407][T12108] loop2: detected capacity change from 0 to 164
[  199.964318][T12115] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2411'.
[  199.979368][T12108] Unable to read rock-ridge attributes
[  200.058310][T12122] loop1: detected capacity change from 0 to 164
[  200.065789][T12122] Unable to read rock-ridge attributes
[  200.135706][T12131] loop2: detected capacity change from 0 to 512
[  200.143960][T12131] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2416: casefold flag without casefold feature
[  200.158716][T12131] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2416: couldn't read orphan inode 15 (err -117)
[  200.221669][T12136] loop2: detected capacity change from 0 to 1024
[  200.228728][T12136] EXT4-fs: Ignoring removed orlov option
[  200.344855][T12143] netlink: 'syz.6.2413': attribute type 13 has an invalid length.
[  200.397535][T12145] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2413'.
[  200.483525][T12143] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  200.817396][T12150] loop4: detected capacity change from 0 to 512
[  200.827037][T12150] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  200.856231][T12150] EXT4-fs (loop4): failed to initialize system zone (-117)
[  200.863709][T12150] EXT4-fs (loop4): mount failed
[  200.949153][T12160] loop1: detected capacity change from 0 to 512
[  200.968005][T12160] ext4 filesystem being mounted at /472/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.044880][T12166] loop1: detected capacity change from 0 to 1024
[  201.053849][T12166] EXT4-fs: Ignoring removed orlov option
[  201.060486][T12166] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  201.111049][T12173] can0: slcan on ttyS3.
[  201.144109][T12173] loop1: detected capacity change from 0 to 1024
[  201.152085][T12173] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  201.163775][T12173] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  201.175377][T12173] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  201.183661][T12173] EXT4-fs (loop1): orphan cleanup on readonly fs
[  201.190552][T12173] EXT4-fs error (device loop1): ext4_read_inode_bitmap:167: comm syz.1.2427: Inode bitmap for bg 0 marked uninitialized
[  201.251992][T12187] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2429'.
[  201.275627][T12171] can0 (unregistered): slcan off ttyS3.
[  201.293056][T12188] loop7: detected capacity change from 0 to 256
[  201.318021][T12190] loop1: detected capacity change from 0 to 512
[  201.333238][T12190] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2433: casefold flag without casefold feature
[  201.341113][T12193] loop6: detected capacity change from 0 to 512
[  201.352714][T12190] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2433: couldn't read orphan inode 15 (err -117)
[  201.383966][T12193] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.418069][T12188] FAT-fs (loop7): Directory bread(block 1285) failed
[  201.446603][T12199] loop6: detected capacity change from 0 to 1024
[  201.453606][T12199] EXT4-fs: Ignoring removed orlov option
[  201.564149][T12214] loop7: detected capacity change from 0 to 512
[  201.571494][T12214] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  201.583455][T12214] EXT4-fs (loop7): 1 truncate cleaned up
[  201.590979][T12214] EXT4-fs error (device loop7): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.7.2441: path /70/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  201.613274][T12214] EXT4-fs (loop7): Remounting filesystem read-only
[  201.662810][T12219] loop7: detected capacity change from 0 to 164
[  201.670576][T12219] Unable to read rock-ridge attributes
[  201.855511][T12223] loop4: detected capacity change from 0 to 128
[  202.399537][T12228] loop6: detected capacity change from 0 to 512
[  202.418413][T12228] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.531468][T12240] loop7: detected capacity change from 0 to 164
[  202.553891][T12240] Unable to read rock-ridge attributes
[  202.614768][T12248] loop4: detected capacity change from 0 to 512
[  202.622933][T12248] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  202.639244][T12248] EXT4-fs (loop4): failed to initialize system zone (-117)
[  202.650914][T12248] EXT4-fs (loop4): mount failed
[  202.677400][T12255] loop7: detected capacity change from 0 to 512
[  202.702111][T12255] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  202.742395][T12262] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2459'.
[  202.758053][T12262] 9pnet_fd: Insufficient options for proto=fd
[  202.772434][T12255] EXT4-fs (loop7): 1 truncate cleaned up
[  202.790953][T12255] EXT4-fs error (device loop7): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.7.2456: path /74/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  202.797281][T12272] loop4: detected capacity change from 0 to 164
[  202.821493][T12272] Unable to read rock-ridge attributes
[  202.837456][T12255] EXT4-fs (loop7): Remounting filesystem read-only
[  202.859839][T12276] IPv6: Can't replace route, no match found
[  202.938065][T12280] loop7: detected capacity change from 0 to 512
[  202.950148][T12280] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  202.961955][T12280] EXT4-fs (loop7): failed to initialize system zone (-117)
[  202.973406][T12280] EXT4-fs (loop7): mount failed
[  203.038164][T12279] loop4: detected capacity change from 0 to 128
[  203.072744][T12298] loop7: detected capacity change from 0 to 512
[  203.074685][T12299] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2468'.
[  203.096451][T12298] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  203.104606][T12298] EXT4-fs (loop7): orphan cleanup on readonly fs
[  203.111035][T12298] EXT4-fs error (device loop7): ext4_quota_enable:7120: comm syz.7.2472: Bad quota inum: 4294967295, type: 0
[  203.123182][T12298] EXT4-fs (loop7): Remounting filesystem read-only
[  203.129782][T12298] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967295). Please run e2fsck to fix.
[  203.145506][T12298] EXT4-fs (loop7): Cannot turn on quotas: error -117
[  203.212415][T12307] 
@ÿ: renamed from bond_slave_0 (while UP)
[  203.257775][T12310] loop7: detected capacity change from 0 to 2048
[  203.306079][T12314] FAULT_INJECTION: forcing a failure.
[  203.306079][T12314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.319438][T12314] CPU: 0 UID: 0 PID: 12314 Comm: syz.7.2476 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  203.319476][T12314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  203.319493][T12314] Call Trace:
[  203.319500][T12314]  <TASK>
[  203.319511][T12314]  __dump_stack+0x1d/0x30
[  203.319557][T12314]  dump_stack_lvl+0xe8/0x140
[  203.319585][T12314]  dump_stack+0x15/0x1b
[  203.319607][T12314]  should_fail_ex+0x265/0x280
[  203.319680][T12314]  should_fail+0xb/0x20
[  203.319778][T12314]  should_fail_usercopy+0x1a/0x20
[  203.319882][T12314]  _copy_from_user+0x1c/0xb0
[  203.319908][T12314]  ___sys_sendmsg+0xc1/0x1d0
[  203.319995][T12314]  __x64_sys_sendmsg+0xd4/0x160
[  203.320043][T12314]  x64_sys_call+0x2999/0x2fb0
[  203.320142][T12314]  do_syscall_64+0xd2/0x200
[  203.320160][T12314]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  203.320303][T12314]  ? clear_bhb_loop+0x40/0x90
[  203.320330][T12314]  ? clear_bhb_loop+0x40/0x90
[  203.320359][T12314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.320483][T12314] RIP: 0033:0x7f14adb2e929
[  203.320501][T12314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.320523][T12314] RSP: 002b:00007f14ac197038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.320548][T12314] RAX: ffffffffffffffda RBX: 00007f14add55fa0 RCX: 00007f14adb2e929
[  203.320565][T12314] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  203.320595][T12314] RBP: 00007f14ac197090 R08: 0000000000000000 R09: 0000000000000000
[  203.320612][T12314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.320627][T12314] R13: 0000000000000000 R14: 00007f14add55fa0 R15: 00007fff0b671ef8
[  203.320653][T12314]  </TASK>
[  203.519773][T12316] loop7: detected capacity change from 0 to 512
[  203.527068][T12316] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  203.546664][T12316] EXT4-fs (loop7): 1 truncate cleaned up
[  203.554497][T12316] EXT4-fs error (device loop7): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.7.2477: path /83/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  203.578184][T12316] EXT4-fs (loop7): Remounting filesystem read-only
[  203.692488][   T29] kauditd_printk_skb: 467 callbacks suppressed
[  203.692505][   T29] audit: type=1400 audit(1752726885.705:9676): avc:  denied  { getopt } for  pid=12324 comm="syz.7.2481" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  203.767913][T12335] loop2: detected capacity change from 0 to 512
[  203.822676][T12335] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  203.831153][T12335] EXT4-fs (loop2): orphan cleanup on readonly fs
[  203.837703][T12335] EXT4-fs error (device loop2): ext4_quota_enable:7120: comm syz.2.2484: Bad quota inum: 4294967295, type: 0
[  203.851920][T12335] EXT4-fs (loop2): Remounting filesystem read-only
[  203.858683][T12335] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967295). Please run e2fsck to fix.
[  203.874444][T12335] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  203.891214][   T29] audit: type=1326 audit(1752726885.905:9677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12334 comm="syz.2.2484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  203.917201][   T29] audit: type=1326 audit(1752726885.905:9678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12334 comm="syz.2.2484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  203.942078][   T29] audit: type=1326 audit(1752726885.905:9679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12334 comm="syz.2.2484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  203.966241][   T29] audit: type=1326 audit(1752726885.905:9680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12334 comm="syz.2.2484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  203.990381][   T29] audit: type=1326 audit(1752726885.905:9681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12334 comm="syz.2.2484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  204.069751][T12350] loop2: detected capacity change from 0 to 164
[  204.083148][T12350] Unable to read rock-ridge attributes
[  204.098974][   T29] audit: type=1326 audit(1752726886.105:9682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12351 comm="syz.6.2488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6208de929 code=0x7ffc0000
[  204.122676][   T29] audit: type=1326 audit(1752726886.105:9683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12351 comm="syz.6.2488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fb6208de929 code=0x7ffc0000
[  204.146335][   T29] audit: type=1326 audit(1752726886.105:9684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12351 comm="syz.6.2488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6208de929 code=0x7ffc0000
[  204.169916][   T29] audit: type=1326 audit(1752726886.105:9685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12351 comm="syz.6.2488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6208de929 code=0x7ffc0000
[  204.214041][T12355] loop6: detected capacity change from 0 to 512
[  204.229259][T12357] loop2: detected capacity change from 0 to 512
[  204.236205][T12355] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.2489: casefold flag without casefold feature
[  204.250067][T12355] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2489: couldn't read orphan inode 15 (err -117)
[  204.268053][T12357] ext4 filesystem being mounted at /512/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  204.296707][T12357] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2490: corrupted inode contents
[  204.308844][T12344] loop7: detected capacity change from 0 to 256
[  204.314272][T12357] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.2490: mark_inode_dirty error
[  204.329788][T12357] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2490: corrupted inode contents
[  204.344686][T12357] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2490: corrupted inode contents
[  204.351021][T12344] FAT-fs (loop7): Directory bread(block 1285) failed
[  204.363808][T12357] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.2490: mark_inode_dirty error
[  204.385941][T12357] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2490: corrupted inode contents
[  204.400213][T12357] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.2490: mark_inode_dirty error
[  204.412103][T12357] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2490: corrupted inode contents
[  204.434668][T12357] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.2490: mark_inode_dirty error
[  204.449582][T12366] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12366 comm=syz.6.2492
[  204.564651][T12375] loop2: detected capacity change from 0 to 1024
[  204.572099][T12375] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  204.581885][T12375] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  204.593957][T12375] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  204.606759][T12375] EXT4-fs (loop2): orphan cleanup on readonly fs
[  204.619530][T12375] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.2495: Inode bitmap for bg 0 marked uninitialized
[  204.734526][T12386] IPv6: Can't replace route, no match found
[  204.762520][T12387] loop7: detected capacity change from 0 to 256
[  204.808877][T12391] loop2: detected capacity change from 0 to 512
[  204.817412][T12394] loop1: detected capacity change from 0 to 128
[  204.833486][T12391] EXT4-fs: Ignoring removed nomblk_io_submit option
[  204.892615][T12391] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  204.900766][T12391] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[  204.903151][T12387] FAT-fs (loop7): Directory bread(block 1285) failed
[  204.909669][T12391] System zones: 0-1, 15-15, 18-18, 34-34
[  204.923374][T12391] EXT4-fs (loop2): orphan cleanup on readonly fs
[  204.931482][T10731] bio_check_eod: 15113 callbacks suppressed
[  204.931498][T10731] kworker/u8:13: attempt to access beyond end of device
[  204.931498][T10731] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  204.965505][T12391] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #16: comm syz.2.2501: casefold flag without casefold feature
[  204.985331][T12391] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2501: couldn't read orphan inode 16 (err -117)
[  205.012914][T12401] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2504'.
[  205.031071][T12391] netlink: 'syz.2.2501': attribute type 4 has an invalid length.
[  205.039009][T12391] netlink: 'syz.2.2501': attribute type 2 has an invalid length.
[  205.111142][T12408] loop1: detected capacity change from 0 to 256
[  206.232427][T12425] IPv6: Can't replace route, no match found
[  206.527722][T12424] loop7: detected capacity change from 0 to 16384
[  207.338862][T12408] FAT-fs (loop1): Directory bread(block 1285) failed
[  207.432105][T12433] loop4: detected capacity change from 0 to 256
[  207.570608][T12437] FAULT_INJECTION: forcing a failure.
[  207.570608][T12437] name failslab, interval 1, probability 0, space 0, times 0
[  207.583452][T12437] CPU: 1 UID: 0 PID: 12437 Comm: syz.6.2515 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  207.583511][T12437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  207.583557][T12437] Call Trace:
[  207.583564][T12437]  <TASK>
[  207.583571][T12437]  __dump_stack+0x1d/0x30
[  207.583596][T12437]  dump_stack_lvl+0xe8/0x140
[  207.583621][T12437]  dump_stack+0x15/0x1b
[  207.583642][T12437]  should_fail_ex+0x265/0x280
[  207.583718][T12437]  ? serport_ldisc_read+0x8c/0x300
[  207.583752][T12437]  should_failslab+0x8c/0xb0
[  207.583779][T12437]  __kmalloc_cache_noprof+0x4c/0x320
[  207.583885][T12437]  serport_ldisc_read+0x8c/0x300
[  207.583920][T12437]  ? terminate_walk+0x27f/0x2a0
[  207.583949][T12437]  tty_read+0x154/0x470
[  207.583989][T12437]  ? __import_iovec+0x428/0x540
[  207.584009][T12437]  do_iter_readv_writev+0x41e/0x4c0
[  207.584142][T12437]  vfs_readv+0x1ea/0x690
[  207.584173][T12437]  do_readv+0xe7/0x210
[  207.584200][T12437]  __x64_sys_readv+0x45/0x50
[  207.584222][T12437]  x64_sys_call+0x29af/0x2fb0
[  207.584315][T12437]  do_syscall_64+0xd2/0x200
[  207.584337][T12437]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  207.584402][T12437]  ? clear_bhb_loop+0x40/0x90
[  207.584424][T12437]  ? clear_bhb_loop+0x40/0x90
[  207.584445][T12437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.584470][T12437] RIP: 0033:0x7fb6208de929
[  207.584487][T12437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.584553][T12437] RSP: 002b:00007fb61ef47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  207.584576][T12437] RAX: ffffffffffffffda RBX: 00007fb620b05fa0 RCX: 00007fb6208de929
[  207.584591][T12437] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000007
[  207.584632][T12437] RBP: 00007fb61ef47090 R08: 0000000000000000 R09: 0000000000000000
[  207.584644][T12437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.584655][T12437] R13: 0000000000000000 R14: 00007fb620b05fa0 R15: 00007fffd7c9f638
[  207.584673][T12437]  </TASK>
[  207.611369][T12433] FAT-fs (loop4): Directory bread(block 1285) failed
[  207.618515][T12441] loop1: detected capacity change from 0 to 512
[  207.694348][T12443] loop7: detected capacity change from 0 to 256
[  207.710567][T12441] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.2517: dx entry: limit 0 != root limit 125
[  207.822868][T12441] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.2517: Corrupt directory, running e2fsck is recommended
[  207.836128][T12441] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  207.846613][T12441] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.2517: corrupted in-inode xattr: invalid ea_ino
[  207.870583][T12446] loop2: detected capacity change from 0 to 512
[  207.879346][T12441] EXT4-fs (loop1): Remounting filesystem read-only
[  207.904490][T12446] journal_path: Non-blockdev passed as './bus'
[  207.910808][T12446] EXT4-fs: error: could not find journal device path
[  207.922999][T12448] loop6: detected capacity change from 0 to 512
[  207.941452][T12441] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.2517: dx entry: limit 0 != root limit 125
[  207.953311][T12441] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.2517: Corrupt directory, running e2fsck is recommended
[  207.967204][T12448] EXT4-fs: Ignoring removed nomblk_io_submit option
[  207.974741][T12443] FAT-fs (loop7): Directory bread(block 1285) failed
[  207.983242][T12448] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  207.991299][T12448] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[  208.013324][T12448] System zones: 0-1, 15-15, 18-18, 34-34
[  208.019503][T12448] EXT4-fs (loop6): orphan cleanup on readonly fs
[  208.061691][T12448] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #16: comm syz.6.2518: casefold flag without casefold feature
[  208.076937][T12448] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2518: couldn't read orphan inode 16 (err -117)
[  208.085803][T12455] loop2: detected capacity change from 0 to 1024
[  208.104985][T12460] loop4: detected capacity change from 0 to 512
[  208.112022][T12448] netlink: 'syz.6.2518': attribute type 4 has an invalid length.
[  208.112833][T12455] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  208.119823][T12448] netlink: 'syz.6.2518': attribute type 2 has an invalid length.
[  208.138868][T12455] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  208.150132][T12455] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  208.159605][T12460] ext4 filesystem being mounted at /520/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.198698][T12455] EXT4-fs (loop2): orphan cleanup on readonly fs
[  208.252940][T12455] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.2522: Inode bitmap for bg 0 marked uninitialized
[  208.295729][T12475] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12475 comm=syz.4.2527
[  208.351862][T12478] loop6: detected capacity change from 0 to 512
[  208.387053][T12478] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  208.405441][T12478] EXT4-fs (loop6): orphan cleanup on readonly fs
[  208.411927][T12478] EXT4-fs error (device loop6): ext4_quota_enable:7120: comm syz.6.2528: Bad quota inum: 4294967295, type: 0
[  208.441020][T12478] EXT4-fs (loop6): Remounting filesystem read-only
[  208.447640][T12478] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967295). Please run e2fsck to fix.
[  208.463102][T12478] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  208.667524][T12497] loop7: detected capacity change from 0 to 16384
[  208.975776][T12502] IPv6: Can't replace route, no match found
[  209.061214][T12508] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12508 comm=syz.2.2540
[  209.101219][T12512] loop6: detected capacity change from 0 to 512
[  209.114158][T12504] loop1: detected capacity change from 0 to 128
[  209.143636][T12512] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  209.165772][T12512] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.2541: corrupted inode contents
[  209.181776][   T29] kauditd_printk_skb: 289 callbacks suppressed
[  209.181794][   T29] audit: type=1326 audit(1752726891.195:9975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.186459][T12512] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #2: comm syz.6.2541: mark_inode_dirty error
[  209.188079][   T29] audit: type=1326 audit(1752726891.195:9976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.214027][T12512] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.2541: corrupted inode contents
[  209.223057][   T29] audit: type=1326 audit(1752726891.195:9977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.282092][   T29] audit: type=1326 audit(1752726891.195:9978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.305652][   T29] audit: type=1326 audit(1752726891.195:9979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.329526][   T29] audit: type=1400 audit(1752726891.195:9980): avc:  denied  { setopt } for  pid=12519 comm="syz.7.2542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  209.331183][T12518] can0: slcan on ttyS3.
[  209.350457][   T29] audit: type=1326 audit(1752726891.325:9981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.378202][   T29] audit: type=1326 audit(1752726891.325:9982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.401892][   T29] audit: type=1326 audit(1752726891.325:9983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.418145][T12518] loop2: detected capacity change from 0 to 1024
[  209.425473][   T29] audit: type=1326 audit(1752726891.325:9984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12517 comm="syz.2.2543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  209.466114][T12518] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  209.478645][T12518] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  209.491230][T12518] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  209.499446][T12518] EXT4-fs (loop2): orphan cleanup on readonly fs
[  209.506496][T12518] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.2543: Inode bitmap for bg 0 marked uninitialized
[  209.529022][T12512] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.2541: corrupted inode contents
[  209.541151][T12512] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #2: comm syz.6.2541: mark_inode_dirty error
[  209.554850][T12512] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.2541: corrupted inode contents
[  209.567208][T12512] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.2541: mark_inode_dirty error
[  209.579287][T12512] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.2541: corrupted inode contents
[  209.591612][T12512] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #2: comm syz.6.2541: mark_inode_dirty error
[  209.615857][T12517] can0 (unregistered): slcan off ttyS3.
[  209.700106][T12537] loop2: detected capacity change from 0 to 512
[  209.708189][T12538] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.2541: corrupted inode contents
[  209.721912][T12537] journal_path: Non-blockdev passed as './bus'
[  209.728198][T12537] EXT4-fs: error: could not find journal device path
[  209.860864][T12545] loop2: detected capacity change from 0 to 256
[  209.927360][T12545] FAT-fs (loop2): Directory bread(block 1285) failed
[  211.607925][T12578] loop4: detected capacity change from 0 to 164
[  211.616481][T12579] loop1: detected capacity change from 0 to 256
[  211.625926][T12578] Unable to read rock-ridge attributes
[  211.664242][T12582] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2562'.
[  211.678561][T12582] 9pnet_fd: Insufficient options for proto=fd
[  211.789677][T12587] loop2: detected capacity change from 0 to 1024
[  211.960022][T12594] loop6: detected capacity change from 0 to 256
[  212.225047][T12603] loop4: detected capacity change from 0 to 512
[  212.260607][T12594] FAT-fs (loop6): Directory bread(block 1285) failed
[  212.309024][T12603] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  212.392259][T12603] EXT4-fs (loop4): failed to initialize system zone (-117)
[  212.473398][T12603] EXT4-fs (loop4): mount failed
[  212.500269][T12579] FAT-fs (loop1): Directory bread(block 1285) failed
[  212.517460][T12606] loop7: detected capacity change from 0 to 512
[  212.546704][T12606] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  212.554806][T12606] EXT4-fs (loop7): orphan cleanup on readonly fs
[  212.561318][T12606] EXT4-fs error (device loop7): ext4_quota_enable:7120: comm syz.7.2569: Bad quota inum: 4294967295, type: 0
[  212.594330][T12606] EXT4-fs (loop7): Remounting filesystem read-only
[  212.600983][T12606] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967295). Please run e2fsck to fix.
[  212.616615][T12606] EXT4-fs (loop7): Cannot turn on quotas: error -117
[  212.799765][T12622] loop2: detected capacity change from 0 to 1024
[  212.849160][T12622] EXT4-fs: Ignoring removed orlov option
[  212.855900][T12627] loop6: detected capacity change from 0 to 512
[  212.864229][T12627] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  212.926880][T12627] EXT4-fs (loop6): 1 truncate cleaned up
[  212.948825][T12634] loop1: detected capacity change from 0 to 128
[  212.962551][T12627] EXT4-fs error (device loop6): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.6.2576: path /92/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  213.060041][T12627] EXT4-fs (loop6): Remounting filesystem read-only
[  213.237215][T12642] loop2: detected capacity change from 0 to 512
[  213.243885][T12642] journal_path: Non-blockdev passed as './bus'
[  213.250217][T12642] EXT4-fs: error: could not find journal device path
[  213.343783][T12649] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2580'.
[  213.358287][T12650] loop2: detected capacity change from 0 to 512
[  213.365214][T12650] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  213.377066][T12650] EXT4-fs (loop2): failed to initialize system zone (-117)
[  213.384493][T12650] EXT4-fs (loop2): mount failed
[  213.465391][T12659] loop2: detected capacity change from 0 to 512
[  213.472258][T12659] journal_path: Non-blockdev passed as './bus'
[  213.478620][T12659] EXT4-fs: error: could not find journal device path
[  213.504637][T12660] netlink: 'syz.4.2584': attribute type 27 has an invalid length.
[  213.550110][T12663] loop7: detected capacity change from 0 to 512
[  213.560795][T12663] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  213.572933][T12663] EXT4-fs (loop7): 1 truncate cleaned up
[  213.581755][T12663] EXT4-fs error (device loop7): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.7.2586: path /101/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  213.591124][T12664] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.605095][T12663] EXT4-fs (loop7): Remounting filesystem read-only
[  213.618910][T12664] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  213.738580][T12658] loop4: detected capacity change from 0 to 512
[  213.757539][T12658] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  213.773253][T12658] EXT4-fs (loop4): orphan cleanup on readonly fs
[  213.791310][T12658] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2584: corrupted inode contents
[  213.819492][T12658] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #16: comm syz.4.2584: mark_inode_dirty error
[  213.833684][T12658] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2584: corrupted inode contents
[  213.847110][T12658] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.2584: mark_inode_dirty error
[  213.861244][T12682] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2592'.
[  213.873696][T12682] 9pnet_fd: Insufficient options for proto=fd
[  213.884669][T12658] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2584: corrupted inode contents
[  213.925774][T12658] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  213.946811][T12658] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.2584: corrupted inode contents
[  213.963998][T12658] EXT4-fs error (device loop4): ext4_truncate:4597: inode #16: comm syz.4.2584: mark_inode_dirty error
[  213.984273][T12658] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  213.996544][T12658] EXT4-fs (loop4): 1 truncate cleaned up
[  214.002513][T10735] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:17: Failed to release dquot type 1
[  214.025624][T12695] loop1: detected capacity change from 0 to 512
[  214.027460][T12694] loop7: detected capacity change from 0 to 256
[  214.032775][T12695] EXT4-fs: Ignoring removed nomblk_io_submit option
[  214.057865][T12695] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  214.065887][T12695] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[  214.077105][T12695] System zones: 0-1, 15-15, 18-18, 34-34
[  214.083169][T12695] EXT4-fs (loop1): orphan cleanup on readonly fs
[  214.090564][T12695] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #16: comm syz.1.2596: casefold flag without casefold feature
[  214.112791][T12695] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2596: couldn't read orphan inode 16 (err -117)
[  214.131407][T12698] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12698 comm=syz.4.2597
[  214.182182][T12694] FAT-fs (loop7): Directory bread(block 1285) failed
[  214.303375][T12708] loop7: detected capacity change from 0 to 512
[  214.338354][T12708] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.2601: casefold flag without casefold feature
[  214.351365][T12708] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.2601: couldn't read orphan inode 15 (err -117)
[  214.407040][T12710] FAULT_INJECTION: forcing a failure.
[  214.407040][T12710] name failslab, interval 1, probability 0, space 0, times 0
[  214.419818][T12710] CPU: 0 UID: 0 PID: 12710 Comm: syz.4.2599 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  214.419848][T12710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  214.419864][T12710] Call Trace:
[  214.419873][T12710]  <TASK>
[  214.419882][T12710]  __dump_stack+0x1d/0x30
[  214.419907][T12710]  dump_stack_lvl+0xe8/0x140
[  214.419931][T12710]  dump_stack+0x15/0x1b
[  214.419952][T12710]  should_fail_ex+0x265/0x280
[  214.419984][T12710]  should_failslab+0x8c/0xb0
[  214.420011][T12710]  kmem_cache_alloc_noprof+0x50/0x310
[  214.420042][T12710]  ? mas_alloc_nodes+0x265/0x520
[  214.420067][T12710]  mas_alloc_nodes+0x265/0x520
[  214.420093][T12710]  mas_preallocate+0x33e/0x520
[  214.420130][T12710]  commit_merge+0x3a5/0x730
[  214.420152][T12710]  vma_modify+0xad7/0xc80
[  214.420180][T12710]  vma_modify_flags+0x101/0x130
[  214.420207][T12710]  mlock_fixup+0x11d/0x210
[  214.420234][T12710]  apply_mlockall_flags+0x1f9/0x280
[  214.420270][T12710]  __se_sys_mlockall+0x24a/0x3d0
[  214.420301][T12710]  __x64_sys_mlockall+0x1f/0x30
[  214.420332][T12710]  x64_sys_call+0x290a/0x2fb0
[  214.420359][T12710]  do_syscall_64+0xd2/0x200
[  214.420380][T12710]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  214.420409][T12710]  ? clear_bhb_loop+0x40/0x90
[  214.420430][T12710]  ? clear_bhb_loop+0x40/0x90
[  214.420456][T12710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.420480][T12710] RIP: 0033:0x7f0047ffe929
[  214.420499][T12710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.420521][T12710] RSP: 002b:00007f004663e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  214.420549][T12710] RAX: ffffffffffffffda RBX: 00007f0048226080 RCX: 00007f0047ffe929
[  214.420565][T12710] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  214.420580][T12710] RBP: 00007f004663e090 R08: 0000000000000000 R09: 0000000000000000
[  214.420595][T12710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.420610][T12710] R13: 0000000000000000 R14: 00007f0048226080 R15: 00007ffe287bec48
[  214.420633][T12710]  </TASK>
[  214.427521][   T29] kauditd_printk_skb: 221 callbacks suppressed
[  214.427540][   T29] audit: type=1326 audit(1752726896.445:10205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.7.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  214.489432][T12704] macsec0: entered allmulticast mode
[  214.503622][   T29] audit: type=1326 audit(1752726896.505:10206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.7.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  214.506649][T12704] bond0: entered allmulticast mode
[  214.506668][T12704] 
@ÿ: entered allmulticast mode
[  214.511526][   T29] audit: type=1326 audit(1752726896.505:10207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.7.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  214.515965][T12704] bond_slave_1: entered allmulticast mode
[  214.732145][   T29] audit: type=1326 audit(1752726896.745:10208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12718 comm="syz.7.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  214.765519][T12704] bond0: left allmulticast mode
[  214.765741][   T29] audit: type=1326 audit(1752726896.755:10209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12718 comm="syz.7.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  214.770458][T12704] 
@ÿ: left allmulticast mode
[  214.794018][   T29] audit: type=1326 audit(1752726896.755:10210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12718 comm="syz.7.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  214.798796][T12704] bond_slave_1: left allmulticast mode
[  214.822650][   T29] audit: type=1326 audit(1752726896.755:10211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12718 comm="syz.7.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  214.916277][T12727] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2606'.
[  214.931361][T12727] loop2: detected capacity change from 0 to 128
[  214.966060][   T29] audit: type=1326 audit(1752726896.975:10212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12718 comm="syz.7.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  214.989900][   T29] audit: type=1326 audit(1752726896.975:10213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12718 comm="syz.7.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14adb2e929 code=0x7ffc0000
[  215.051326][T12735] loop2: detected capacity change from 0 to 164
[  215.065929][T12735] Unable to read rock-ridge attributes
[  215.132505][   T29] audit: type=1326 audit(1752726897.145:10214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12744 comm="syz.6.2612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6208de929 code=0x7ffc0000
[  215.158322][T12743] 9pnet_fd: Insufficient options for proto=fd
[  215.172191][T12749] loop1: detected capacity change from 0 to 512
[  215.191331][T12753] loop4: detected capacity change from 0 to 1024
[  215.218193][T12749] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2615: casefold flag without casefold feature
[  215.232405][T12749] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2615: couldn't read orphan inode 15 (err -117)
[  215.244137][T12753] EXT4-fs: Ignoring removed orlov option
[  215.321550][T12770] loop7: detected capacity change from 0 to 164
[  215.335796][T12770] Unable to read rock-ridge attributes
[  215.431530][T12781] 9pnet_fd: Insufficient options for proto=fd
[  215.489631][T12792] loop6: detected capacity change from 0 to 512
[  215.499905][T12792] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.2631: casefold flag without casefold feature
[  215.514049][T12792] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2631: couldn't read orphan inode 15 (err -117)
[  215.614633][T12795] loop7: detected capacity change from 0 to 128
[  215.626134][T12808] loop2: detected capacity change from 0 to 512
[  215.638158][T12809] loop1: detected capacity change from 0 to 256
[  215.645960][T12808] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  215.662624][T12808] EXT4-fs (loop2): 1 truncate cleaned up
[  215.671273][T12808] EXT4-fs error (device loop2): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.2.2636: path /544/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  215.694421][T12808] EXT4-fs (loop2): Remounting filesystem read-only
[  215.755808][T12821] can0: slcan on ttyS3.
[  215.771464][T12822] loop4: detected capacity change from 0 to 512
[  215.774491][T12821] loop6: detected capacity change from 0 to 1024
[  215.786484][T12821] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  215.792400][T12822] journal_path: Non-blockdev passed as './bus'
[  215.796542][T12821] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.802518][T12822] EXT4-fs: error: could not find journal device path
[  215.814803][T12821] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  215.830081][T12821] EXT4-fs (loop6): orphan cleanup on readonly fs
[  215.836808][T12821] EXT4-fs error (device loop6): ext4_read_inode_bitmap:167: comm syz.6.2641: Inode bitmap for bg 0 marked uninitialized
[  215.864256][T12809] FAT-fs (loop1): Directory bread(block 1285) failed
[  215.895608][T12820] can0 (unregistered): slcan off ttyS3.
[  215.997165][T12834] loop4: detected capacity change from 0 to 256
[  216.116180][T12842] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12842 comm=syz.6.2646
[  216.131149][T12843] loop1: detected capacity change from 0 to 256
[  216.160525][T12834] FAT-fs (loop4): Directory bread(block 1285) failed
[  216.273522][T12843] FAT-fs (loop1): Directory bread(block 1285) failed
[  216.322974][T12849] loop6: detected capacity change from 0 to 256
[  216.380865][T12853] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12853 comm=syz.7.2649
[  216.411190][T12855] loop4: detected capacity change from 0 to 512
[  216.427163][T12855] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  216.438542][T12855] EXT4-fs (loop4): 1 truncate cleaned up
[  216.448083][T12855] EXT4-fs error (device loop4): ext4_read_inline_dir:1502: inode #12: block 7: comm syz.4.2650: path /545/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  216.527781][T12864] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2653'.
[  216.539617][T12864] loop1: detected capacity change from 0 to 128
[  216.556090][T12855] EXT4-fs (loop4): Remounting filesystem read-only
[  216.576922][T12849] FAT-fs (loop6): Directory bread(block 1285) failed
[  216.603247][T12866] loop2: detected capacity change from 0 to 512
[  216.635979][T12866] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2655: casefold flag without casefold feature
[  216.653521][T12871] 9pnet_fd: Insufficient options for proto=fd
[  216.678985][T12866] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2655: couldn't read orphan inode 15 (err -117)
[  216.804989][T12879] FAULT_INJECTION: forcing a failure.
[  216.804989][T12879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.818312][T12879] CPU: 1 UID: 0 PID: 12879 Comm: syz.1.2657 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  216.818387][T12879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  216.818402][T12879] Call Trace:
[  216.818409][T12879]  <TASK>
[  216.818485][T12879]  __dump_stack+0x1d/0x30
[  216.818510][T12879]  dump_stack_lvl+0xe8/0x140
[  216.818531][T12879]  dump_stack+0x15/0x1b
[  216.818546][T12879]  should_fail_ex+0x265/0x280
[  216.818577][T12879]  should_fail+0xb/0x20
[  216.818615][T12879]  should_fail_usercopy+0x1a/0x20
[  216.818655][T12879]  _copy_from_user+0x1c/0xb0
[  216.818679][T12879]  ___sys_sendmsg+0xc1/0x1d0
[  216.818737][T12879]  __sys_sendmmsg+0x178/0x300
[  216.818800][T12879]  __x64_sys_sendmmsg+0x57/0x70
[  216.818864][T12879]  x64_sys_call+0x2f2f/0x2fb0
[  216.818887][T12879]  do_syscall_64+0xd2/0x200
[  216.818904][T12879]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  216.818928][T12879]  ? clear_bhb_loop+0x40/0x90
[  216.818969][T12879]  ? clear_bhb_loop+0x40/0x90
[  216.818997][T12879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.819019][T12879] RIP: 0033:0x7f20ccc5e929
[  216.819075][T12879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.819113][T12879] RSP: 002b:00007f20cb2c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  216.819137][T12879] RAX: ffffffffffffffda RBX: 00007f20cce85fa0 RCX: 00007f20ccc5e929
[  216.819227][T12879] RDX: 0000000000000001 RSI: 0000200000001100 RDI: 0000000000000005
[  216.819243][T12879] RBP: 00007f20cb2c7090 R08: 0000000000000000 R09: 0000000000000000
[  216.819261][T12879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.819274][T12879] R13: 0000000000000000 R14: 00007f20cce85fa0 R15: 00007fff1251ff28
[  216.819299][T12879]  </TASK>
[  217.140617][T12881] loop4: detected capacity change from 0 to 1024
[  217.156189][T12881] EXT4-fs: Ignoring removed orlov option
[  217.182075][T12890] can0: slcan on ttyS3.
[  217.207082][T12893] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12893 comm=syz.1.2662
[  217.207765][T12890] loop2: detected capacity change from 0 to 1024
[  217.229237][T12890] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  217.239258][T12890] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  217.261244][T12885] loop6: detected capacity change from 0 to 128
[  217.273031][T12890] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  217.281764][T12890] EXT4-fs (loop2): orphan cleanup on readonly fs
[  217.290034][T12890] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.2661: Inode bitmap for bg 0 marked uninitialized
[  217.312866][T12902] loop4: detected capacity change from 0 to 512
[  217.327252][T12902] ext4 filesystem being mounted at /548/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.355418][T12888] can0 (unregistered): slcan off ttyS3.
[  217.453447][T12913] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2668'.
[  217.498680][T12929] loop7: detected capacity change from 0 to 1024
[  217.505619][T12929] EXT4-fs: Ignoring removed orlov option
[  217.684560][T12941] loop7: detected capacity change from 0 to 512
[  217.697637][T12941] EXT4-fs (loop7): 1 orphan inode deleted
[  217.704279][T12941] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.715827][T10735] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:17: Failed to release dquot type 1
[  218.006545][T12946] can0: slcan on ttyS3.
[  218.038188][T12946] loop4: detected capacity change from 0 to 1024
[  218.047407][T12946] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  218.057848][T12946] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  218.069820][T12946] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  218.078465][T12946] EXT4-fs (loop4): orphan cleanup on readonly fs
[  218.085246][T12946] EXT4-fs error (device loop4): ext4_read_inode_bitmap:167: comm syz.4.2677: Inode bitmap for bg 0 marked uninitialized
[  218.155401][T12945] can0 (unregistered): slcan off ttyS3.
[  218.193695][T12958] can0: slcan on ttyS3.
[  218.199904][T12960] FAULT_INJECTION: forcing a failure.
[  218.199904][T12960] name failslab, interval 1, probability 0, space 0, times 0
[  218.212768][T12960] CPU: 0 UID: 0 PID: 12960 Comm: syz.4.2683 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  218.212804][T12960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.212819][T12960] Call Trace:
[  218.212827][T12960]  <TASK>
[  218.212836][T12960]  __dump_stack+0x1d/0x30
[  218.212863][T12960]  dump_stack_lvl+0xe8/0x140
[  218.212921][T12960]  dump_stack+0x15/0x1b
[  218.212942][T12960]  should_fail_ex+0x265/0x280
[  218.213059][T12960]  should_failslab+0x8c/0xb0
[  218.213096][T12960]  __kmalloc_noprof+0xa5/0x3e0
[  218.213125][T12960]  ? copy_splice_read+0xc2/0x5f0
[  218.213159][T12960]  copy_splice_read+0xc2/0x5f0
[  218.213197][T12960]  ? __pfx_shmem_file_splice_read+0x10/0x10
[  218.213223][T12960]  splice_direct_to_actor+0x290/0x680
[  218.213258][T12960]  ? __pfx_direct_splice_actor+0x10/0x10
[  218.213369][T12960]  do_splice_direct+0xda/0x150
[  218.213401][T12960]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  218.213441][T12960]  do_sendfile+0x380/0x650
[  218.213487][T12960]  __x64_sys_sendfile64+0x105/0x150
[  218.213514][T12960]  x64_sys_call+0xb39/0x2fb0
[  218.213539][T12960]  do_syscall_64+0xd2/0x200
[  218.213586][T12960]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  218.213617][T12960]  ? clear_bhb_loop+0x40/0x90
[  218.213642][T12960]  ? clear_bhb_loop+0x40/0x90
[  218.213667][T12960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.213693][T12960] RIP: 0033:0x7f0047ffe929
[  218.213758][T12960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.213779][T12960] RSP: 002b:00007f004665f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  218.213807][T12960] RAX: ffffffffffffffda RBX: 00007f0048225fa0 RCX: 00007f0047ffe929
[  218.213822][T12960] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  218.213864][T12960] RBP: 00007f004665f090 R08: 0000000000000000 R09: 0000000000000000
[  218.213877][T12960] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  218.213892][T12960] R13: 0000000000000000 R14: 00007f0048225fa0 R15: 00007ffe287bec48
[  218.213914][T12960]  </TASK>
[  218.455746][T12958] loop6: detected capacity change from 0 to 1024
[  218.464401][T12958] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  218.476590][T12958] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  218.499401][T12967] loop1: detected capacity change from 0 to 164
[  218.508212][T12967] Unable to read rock-ridge attributes
[  218.514238][T12969] loop7: detected capacity change from 0 to 16384
[  218.530379][T12958] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  218.545717][T12958] EXT4-fs (loop6): orphan cleanup on readonly fs
[  218.552436][T12958] EXT4-fs error (device loop6): ext4_read_inode_bitmap:167: comm syz.6.2682: Inode bitmap for bg 0 marked uninitialized
[  218.635462][T12957] can0 (unregistered): slcan off ttyS3.
[  218.878095][T13001] FAULT_INJECTION: forcing a failure.
[  218.878095][T13001] name failslab, interval 1, probability 0, space 0, times 0
[  218.890921][T13001] CPU: 1 UID: 0 PID: 13001 Comm: syz.4.2700 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  218.891012][T13001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.891026][T13001] Call Trace:
[  218.891044][T13001]  <TASK>
[  218.891053][T13001]  __dump_stack+0x1d/0x30
[  218.891077][T13001]  dump_stack_lvl+0xe8/0x140
[  218.891098][T13001]  dump_stack+0x15/0x1b
[  218.891116][T13001]  should_fail_ex+0x265/0x280
[  218.891165][T13001]  should_failslab+0x8c/0xb0
[  218.891189][T13001]  kmem_cache_alloc_noprof+0x50/0x310
[  218.891215][T13001]  ? getname_flags+0x80/0x3b0
[  218.891239][T13001]  getname_flags+0x80/0x3b0
[  218.891309][T13001]  user_path_at+0x28/0x130
[  218.891336][T13001]  __se_sys_mount+0x25b/0x2e0
[  218.891503][T13001]  ? fput+0x8f/0xc0
[  218.891529][T13001]  __x64_sys_mount+0x67/0x80
[  218.891563][T13001]  x64_sys_call+0xd36/0x2fb0
[  218.891607][T13001]  do_syscall_64+0xd2/0x200
[  218.891626][T13001]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  218.891656][T13001]  ? clear_bhb_loop+0x40/0x90
[  218.891678][T13001]  ? clear_bhb_loop+0x40/0x90
[  218.891701][T13001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.891724][T13001] RIP: 0033:0x7f0047ffe929
[  218.891773][T13001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.891793][T13001] RSP: 002b:00007f004665f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  218.891814][T13001] RAX: ffffffffffffffda RBX: 00007f0048225fa0 RCX: 00007f0047ffe929
[  218.891828][T13001] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000
[  218.891872][T13001] RBP: 00007f004665f090 R08: 00002000000004c0 R09: 0000000000000000
[  218.891885][T13001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.891898][T13001] R13: 0000000000000000 R14: 00007f0048225fa0 R15: 00007ffe287bec48
[  218.891920][T13001]  </TASK>
[  219.072404][T12989] unsupported nla_type 52263
[  219.341305][T13020] loop7: detected capacity change from 0 to 256
[  219.369047][T13024] loop2: detected capacity change from 0 to 512
[  219.402145][T13024] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  219.408778][T13031] FAULT_INJECTION: forcing a failure.
[  219.408778][T13031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.425310][T13031] CPU: 0 UID: 0 PID: 13031 Comm: syz.7.2709 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  219.425376][T13031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.425392][T13031] Call Trace:
[  219.425402][T13031]  <TASK>
[  219.425411][T13031]  __dump_stack+0x1d/0x30
[  219.425439][T13031]  dump_stack_lvl+0xe8/0x140
[  219.425539][T13031]  dump_stack+0x15/0x1b
[  219.425561][T13031]  should_fail_ex+0x265/0x280
[  219.425627][T13031]  should_fail+0xb/0x20
[  219.425732][T13031]  should_fail_usercopy+0x1a/0x20
[  219.425767][T13031]  _copy_from_user+0x1c/0xb0
[  219.425792][T13031]  ___sys_sendmsg+0xc1/0x1d0
[  219.425909][T13031]  __sys_sendmmsg+0x178/0x300
[  219.425965][T13031]  __x64_sys_sendmmsg+0x57/0x70
[  219.426001][T13031]  x64_sys_call+0x2f2f/0x2fb0
[  219.426022][T13031]  do_syscall_64+0xd2/0x200
[  219.426039][T13031]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.426090][T13031]  ? clear_bhb_loop+0x40/0x90
[  219.426181][T13031]  ? clear_bhb_loop+0x40/0x90
[  219.426209][T13031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.426237][T13031] RIP: 0033:0x7f14adb2e929
[  219.426257][T13031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.426280][T13031] RSP: 002b:00007f14ac197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  219.426312][T13031] RAX: ffffffffffffffda RBX: 00007f14add55fa0 RCX: 00007f14adb2e929
[  219.426389][T13031] RDX: 0400000000000181 RSI: 00002000000030c0 RDI: 0000000000000003
[  219.426407][T13031] RBP: 00007f14ac197090 R08: 0000000000000000 R09: 0000000000000000
[  219.426423][T13031] R10: 9200000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.426450][T13031] R13: 0000000000000000 R14: 00007f14add55fa0 R15: 00007fff0b671ef8
[  219.426477][T13031]  </TASK>
[  219.629620][T13024] EXT4-fs (loop2): failed to initialize system zone (-117)
[  219.638036][T13024] EXT4-fs (loop2): mount failed
[  219.681978][T13037] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13037 comm=syz.6.2712
[  219.720177][   T29] kauditd_printk_skb: 416 callbacks suppressed
[  219.720193][   T29] audit: type=1326 audit(1752726901.735:10630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.759664][T13045] can0: slcan on ttyS3.
[  219.766484][   T29] audit: type=1326 audit(1752726901.765:10631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.790138][   T29] audit: type=1326 audit(1752726901.765:10632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.814006][   T29] audit: type=1326 audit(1752726901.765:10633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.815733][T13045] loop2: detected capacity change from 0 to 1024
[  219.837657][   T29] audit: type=1326 audit(1752726901.765:10634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.867806][   T29] audit: type=1326 audit(1752726901.765:10635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.874876][T13045] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  219.891664][   T29] audit: type=1326 audit(1752726901.765:10636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.904004][T13045] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  219.924777][   T29] audit: type=1326 audit(1752726901.765:10637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.948679][T13055] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2711'.
[  219.958683][   T29] audit: type=1326 audit(1752726901.765:10638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  219.991307][   T29] audit: type=1326 audit(1752726901.765:10639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13043 comm="syz.2.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c15cee929 code=0x7ffc0000
[  220.031526][T13045] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  220.047608][T13045] EXT4-fs (loop2): orphan cleanup on readonly fs
[  220.057126][T13045] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.2714: Inode bitmap for bg 0 marked uninitialized
[  220.084787][T13062] loop6: detected capacity change from 0 to 512
[  220.109125][T13068] loop1: detected capacity change from 0 to 512
[  220.116409][T13062] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.2718: casefold flag without casefold feature
[  220.137481][T13062] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2718: couldn't read orphan inode 15 (err -117)
[  220.155078][T13072] loop7: detected capacity change from 0 to 16384
[  220.164390][T13068] ext4 filesystem being mounted at /534/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.224513][T13081] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13081 comm=syz.6.2725
[  220.225573][T13043] can0 (unregistered): slcan off ttyS3.
[  220.322268][T13089] loop6: detected capacity change from 0 to 164
[  220.330152][T13089] Unable to read rock-ridge attributes
[  220.391481][T13072] ==================================================================
[  220.399718][T13072] BUG: KCSAN: data-race in xas_clear_mark / xas_find_marked
[  220.407061][T13072] 
[  220.409414][T13072] read-write to 0xffff888106a59fe0 of 8 bytes by task 13087 on cpu 0:
[  220.417606][T13072]  xas_clear_mark+0x91/0x180
[  220.422246][T13072]  __folio_start_writeback+0x2e7/0x440
[  220.427733][T13072]  __block_write_full_folio+0x53a/0x8f0
[  220.433316][T13072]  block_write_full_folio+0x2c2/0x2e0
[  220.438712][T13072]  blkdev_writepages+0x88/0x100
[  220.443598][T13072]  do_writepages+0x1c3/0x310
[  220.448216][T13072]  filemap_write_and_wait_range+0x144/0x340
[  220.454137][T13072]  sync_blockdev+0x35/0x50
[  220.458757][T13072]  bdev_disk_changed+0xdb/0xcb0
[  220.463644][T13072]  blkdev_get_whole+0x1f5/0x2d0
[  220.468611][T13072]  bdev_open+0x280/0x7e0
[  220.472873][T13072]  blkdev_open+0x259/0x290
[  220.477310][T13072]  do_dentry_open+0x649/0xa20
[  220.482009][T13072]  vfs_open+0x37/0x1e0
[  220.486099][T13072]  path_openat+0x1c5e/0x2170
[  220.490712][T13072]  do_filp_open+0x109/0x230
[  220.495239][T13072]  do_sys_openat2+0xa6/0x110
[  220.499850][T13072]  __x64_sys_openat+0xf2/0x120
[  220.504636][T13072]  x64_sys_call+0x1af/0x2fb0
[  220.509242][T13072]  do_syscall_64+0xd2/0x200
[  220.513765][T13072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.519673][T13072] 
[  220.522013][T13072] read to 0xffff888106a59fe0 of 8 bytes by task 13072 on cpu 1:
[  220.529657][T13072]  xas_find_marked+0x218/0x620
[  220.534441][T13072]  find_get_entry+0x5d/0x380
[  220.539062][T13072]  filemap_get_folios_tag+0x13b/0x210
[  220.544462][T13072]  writeback_iter+0x4bb/0x820
[  220.549249][T13072]  blkdev_writepages+0xa7/0x100
[  220.554134][T13072]  do_writepages+0x1c3/0x310
[  220.558740][T13072]  filemap_write_and_wait_range+0x144/0x340
[  220.564657][T13072]  bdev_release+0xeb/0x3d0
[  220.569096][T13072]  blkdev_release+0x15/0x20
[  220.573624][T13072]  __fput+0x29b/0x650
[  220.577629][T13072]  ____fput+0x1c/0x30
[  220.581631][T13072]  task_work_run+0x131/0x1a0
[  220.586341][T13072]  do_exit+0x483/0x1590
[  220.590524][T13072]  do_group_exit+0xff/0x140
[  220.595055][T13072]  get_signal+0xe59/0xf70
[  220.599418][T13072]  arch_do_signal_or_restart+0x96/0x480
[  220.604978][T13072]  exit_to_user_mode_loop+0x7a/0x100
[  220.610284][T13072]  do_syscall_64+0x1d6/0x200
[  220.614899][T13072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.620823][T13072] 
[  220.623155][T13072] value changed: 0xfffffffffc000000 -> 0xffffffffe0000000
[  220.630276][T13072] 
[  220.632705][T13072] Reported by Kernel Concurrency Sanitizer on:
[  220.638866][T13072] CPU: 1 UID: 0 PID: 13072 Comm: syz.4.2722 Not tainted 6.16.0-rc6-syzkaller-00037-ge2291551827f #0 PREEMPT(voluntary) 
[  220.651391][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.661467][T13072] ==================================================================
[  220.681077][T13095] loop1: detected capacity change from 0 to 256
[  220.809413][T13095] FAT-fs (loop1): Directory bread(block 1285) failed