last executing test programs:

5m21.315462531s ago: executing program 3 (id=186):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x30, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x6}]}, @NFT_MSG_NEWSETELEM={0x30, 0x1e, 0xa, 0x301, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xa8}}, 0x0)

5m21.252246013s ago: executing program 3 (id=188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000d"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r0}, 0x4)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
recvmmsg(r2, &(0x7f00000023c0)=[{{&(0x7f0000000240)=@isdn, 0x80, &(0x7f0000002500)=[{&(0x7f0000000300)=""/213, 0xd5}, {0x0}, {&(0x7f0000000d40)=""/4096, 0x1000}, {&(0x7f0000000840)=""/155, 0x9b}, {&(0x7f0000000900)=""/162, 0xa2}, {&(0x7f00000009c0)=""/242, 0xf2}, {&(0x7f0000001d40)=""/175, 0xaf}, {&(0x7f0000001e00)=""/83, 0x53}, {&(0x7f0000001e80)=""/105, 0x69}], 0x9}}, {{&(0x7f0000001fc0)=@pppoe, 0x80, &(0x7f00000001c0)=[{&(0x7f0000002040)=""/177, 0xb1}], 0x1, &(0x7f0000002100)=""/65, 0x41}, 0x83}, {{&(0x7f0000002480)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000002200)=""/183, 0xb7}, {&(0x7f0000000400)=""/1, 0x1}, {&(0x7f00000022c0)=""/241, 0xf1}], 0x3, &(0x7f0000000600)=""/20, 0x14}, 0x19}], 0x3, 0x2000, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
unshare(0x68040200)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0)
sendmmsg(r5, &(0x7f0000000180), 0x393, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)

5m20.292652918s ago: executing program 3 (id=202):
r0 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x2, 0x18002)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000600)=@urb_type_iso={0x0, {0xa, 0x1}, 0x122b, 0x80, &(0x7f0000000380)="e6f012c2ad4ae1e2436e68fdc98f4c34fedb22b3ea238c62f0ec252e0e138c271f075793ff6beac5a0151ea74c259492f8fc14967154ea89f21d4f664a", 0x3d, 0xff81, 0xffffffff, 0xe, 0x3, 0x3ff, &(0x7f0000000540)="6ec4a3908ebce60a5517e5aab876a1a985969ba667be5b37fae9709efdb3c8a95d00a1ee9c8ee36c4724d8f319b495f1e6063be4838361a6cb5371ca234e453a72e968ba4c0ee2a5b9b03e09", [{0x0, 0x2, 0x9}, {0x8, 0x3, 0x2}, {0x3, 0xfffffffd, 0x5}, {0x3, 0x9, 0x6a}, {0x69c9, 0x2, 0x7ff800}, {0xffff, 0xffffffff, 0x636}, {0x800, 0x1, 0x80000001}, {0x3, 0xd8a7, 0xde1}, {0x4507, 0xfd6, 0xff}, {0x6, 0x8, 0x7}, {0xdc, 0x4, 0xe26f}, {0x3, 0x2}, {0xc, 0x9, 0x1}, {0x8, 0x80000001, 0x1}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000080)='.\x00', 0x40000, 0x0)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
sendmsg$NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000000880)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000700)={0x150, r4, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}, @NL80211_ATTR_REG_RULES={0x12c, 0x22, 0x0, 0x1, [{0x4}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x9}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x5}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0xec}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x81f}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xae}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xe5b}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xc}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x697}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x3}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x2}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x8bbe}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x6}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x80000000}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3226}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x81}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x18000000}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x3}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xffff35cc}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x1}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9cb0}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x2}]}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x20000880}, 0x84)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000180)=0x7ff, 0x4)
r8 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000008c0)={'gre0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000c00000000000000", @ANYRES32, @ANYBLOB="00000400000040000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open$cgroup(&(0x7f00000000c0)={0xa, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3832, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10048, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r9, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r9, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0x7000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
unshare(0x68040200)

5m20.110925741s ago: executing program 3 (id=206):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x2)
r1 = syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x3, 0x4de, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nUma9Ot1Xl9f32utmlrFYDFp02q7EKSi4EJBrKAuQ5KW2rSRJgVbqkxB6lIK7sWlWxdu1U0RV4LbuhSkUKSbtoI4cmfunZlMZ5ImmWSM+f1gMufcr3POPffcOfeczASwYQ2lf5Ja+GZE7IiIQusGQ7W3e3euTNy/c2UiypXKyd+S6m5303gmO0xszSLDhYjCx0ljRZPZS5fPjk9PT13I4qNz594fnb10+dkzg9mS48ePHjl87Pmx55ZeqDbppeW6u/ejmX17Xn33+usTffnyPLXmcnTLUAy1y0rVU91OrMe2N4WTvh5mhCVJr/+0uvqr7X9HFGOhyiuvYc6A1VapVCoDnVeXK62uPrAEWLdisNc5AHoj/6BPn3/zV7uOwKbV6X703O0TtQegtNz3slfE49WF+ThIf8vzbTcNRcQ75d8/T1+xSuMQAADNvj2R9wRb+n+l2szIHxdvvJi+/yubQylFxL8jYmdE/CcidkXEfyNid0T8LyL+33L8YkRUFkh/qCVeT78+CVW41aWitpX2/17I5rYa/b95GSgVs9j2iLzDPHUoOyfD0T9w6sz01OEF0vju5Z8+7bSuuf+XvtL0875glo9bfS0DdJPjc+PLLnCL21cj9va1lj/pi0jqMwFJROyJiL1LOG6pKXzmmS/31SP987dbvPxVlbbzaF2YZ6p8EfF0rf7LMa/+Gykm8+Ynz42fnjo9dX6sPj85OhjTU4dG06vgUNs0fvjx2hud0l+0/F//0rrLK8e+OZm1rJVL639L0/Uf+fxto/ylJCKpz9fOLj2Naz9/0vGZZrnX/6bkrWo4fy79YHxu7sLhiE3Jaw8uH2vsm8fT9yjXyj98oH3735ntk56JRyIivYgfjYjHovaEmOZ9f0Q8EREHFij/9y89+d7yy7+60vJPttz/ajU/r/4b8/WdAkk2N9hmVfHs/pv3O9w8Hq7+j1ZDw9mS9ve/ZN4tolNO80+7dMmfKz57AAAAsD4UImJb01jStigURkZqY0C7YkthemZ27uCpmYvnJ9N1EaXoL+QjXbXx4P4kH/8sNcXHWuJHsnHjz4qbq/GRiZnpyZ6WHNhabfNJYSTi7WJT+0/92p0hZuDvzPe1YONaqP2nnfjd19cwM8CaevjP/xsfrmpGgDXX1P47fcO/vIz/+wLWAc//QMPiP/TjngHrX0Vbhg1tSe3/oB8BhH+SvnizHi70NCfAWtP/hw1p0e/1ryhQGWi/ajAe3DgGFz5gMZaXjc1t0upJIO1Z9ST1zcvZK/81hY7bRGFpBxyI7tTpqRWejfKF2dO7u37xV7L/le92DX61Ju20XaAntyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICu+ysAAP//+sDgnA==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
r3 = getgid()
r4 = syz_clone(0x81800000, &(0x7f0000000400)="fdc6ebed40dfb336308d0dba605d5d760e097ea4e8f09e1ebf78fb60b5e4c9dd594cfb8408935d007b17ecb9bd0478441e9aebc78bfc424a64c30df5a2a2158f8052ff7db7a79f3e549df7f1475b0b40247812", 0x53, &(0x7f0000000480), &(0x7f00000004c0), &(0x7f0000002140)="f291fb7a819dd3e3954ef6277950e3e07a8a4584c7332cfbcdfb3d561cea93950a7e36d9d05069b0515d17ea742deaf00b4ffd4254340990f09c9d9581ea5c904361ceb7429802f632873f13dbc8706f26570d598f5ded241928e97f5a70e37f1f553291cebfc51c7701e39e8c8155f75bf5ad0e8ee8d13b613ca1a4a5e4cd57400ed979215b4e9c24db7c30cd280f91dd54d28478b5007fbb7f5bf4443805c73ff87640abd2b3b3d9e0cc6b4b5c0a15139f04a5bddae12cfe8ec0cad504575988674cbee2778d64486429ef370baa32db1cb3d8aa15cc8d48cf1e971fd05df930bce12fb774004b830a7b7434e13ffc86a37e1d6f10c44fd3fe28136eceb1ab652b4a730cc58d65485506504f2579be2226310c34c4d159d901c89d0e3500d84f1e9e38062786994a58900b7e4091dbba0f342c8331adfb275ce93969482ea99639502b15a4f08ad592eca106adc9d43e1e120294c0f4273a34bd70e22ff010d3547a148fae91d5f3cb76fa70f3e949ff886401dbfacf6d3fe15b29a02cbee6bad84d9da206a7b15fa69454084a274d24c03aa4cadcbfd1e9587769e415dcf8a75f34e57fc1914cb56b18d5926346596d54aa707c95ef5dfd4a8def8ff898ba9afa0a72c1405907479ad07c69849a0c8887d1122ebf1bb15174f298541a9ab4dc42d0ff6fed3406849a1a8731e450689efe3b605d9b0495095910fa8d481d27c36e8b64d96fb5dd1926fcefff5b0f905f9c5cd780c725eac3bf6410cff40d695c41e6aa08947ab623b75a1598923d94364f9ab625c0e48b118f762bf746cb8d1e0473f73979d35011b6dc3c39e6ffd649d48dee2207ec4c9615b765b47168bb653999949f68a48975305b37c1c60f6b9b19d94247bba95ed1312193e50388f4c73562355245ab20ca56cccf578a1cc936b81aa2d2ab97984dfd3c153f65db6aaef3777c3dccd2f259286c523255840350b4b9c4426ce5ab759eea734576e365afa0e5792f41b1675ee0e91a70e4f0f4b04709995b927bba44e83f756036dcda1b6101f36d7c5b408dcea4bfc163ab7708afc748b5706def86e08f5ebf36ac9061153fe733114ede76d5c45c57985e30c6c813493fba9cb36cdaf0d1f356b597f8ab5a3f4f0e2b6e4fecae9b1c7927e986101990c0d421c386414e7ae5f68b6e50177f512a260c68958d03ab0c364252309d22e308fec8a74e39ca4b0bea92650293489ab3af6d34a19d66068a2e2f8ae29746cd5871c27e8a3dcd6a6dc19e5f893a52e069ce55f4b7623da0d376df4303fb61e566ff40d27cb49035178634b30286e33046c3366d2b3a9f43c209391989c1f50c3d31f40c2617994f8222655857cbc94872d342d976ec985a662fbfe2ee14a1c173ffaef148b90a89472fcbaaccfde5ab9f0344db61d83d47c08884009b5606cbcf2d4e4599043789d49d5c53d73d94460a46bc225b9fb521c205901ae50b85bb7d226e4c2904c45455ef52f82bd13bd48998c2e34e3c565a568e623e1fcabd88fe6ac07de2418503b6b62d042c5610887ef4dba65da0c9805e365f2a6c8c77dced2fbc15c1a68791f32a5e06c0bc02fc52bddce2cd4a29c9a71a7af1015e6ac961d99a30f406ad35fb98978ccbc8414e62d327e535e55266fcab55d4af23f078a04e5966832e8d34e69f04fd4877f29b5e3a50518859f1c91c175c7d8790750537330fcc83e2a054b42bc59f5223559474e1bb693d824e5a15918e0172310d10031b32140b987f7e5eef2486175149f3061e2079481489621463f80163e79fb857379b91d99eed7dad9bf333f312d34398a220a86d065669de59a1ac079001d7b3f0f232c14512fb97a56b3fbaca84b5fd2e8acd2d121f353845e30240346a9666055307cc8eb2b79032687e9f20bd2b055aab4d4b87004666622e36b3f39fc5f8ebe36286edff88b70bc7c03fab73aaee3b0e32ea8603de29515a24cfd40641b7ee7048bdbe1c1c1f5db2739d5c9eb9d78d47e91da2a2c9af22811e9ce55801238396ad27845f385c8819a6eb2e751b9eacb6eff487d99a6b29f1359b6b5afa9927e19e8a52a4fcb3ae7c5e11d02a29b5a568b169eae92a82e4b6a73698f1ae05365f45a70aecbb1bb4f1173bc41177df590fe976483853f43d3228827936b0f346f09d2dd84aa1e84817fb884617e67b8da4c7cc78e1b086e6b47df4e81f10748caf46bf0655d98c44b2f877d0d873abf5c9681f59a0792b57875a545c8cf8b5ab20d286379b666404f0b00025df0a99aae0b5df0ad6723f143204d4a5ec8d59539f44518211d5e4c3b50573483aa90cb50e3f013b0fc18e4726acccc566f0cd5c883736afdb58ce7b4a86f60aa88fda7ad2bf85131873ab829bd13d5be59c24980a2a2ba3a55880dc26ad74ac6dd6f5fe29f44ef104be6fbbb28532630a624a5ac177957b18cdc4c930b2f29d67adb8760aafe8b41b4c162ea07ebd7b998c0250d55cb71720e4c31a70826f77e753812d1c952bfa70e9667188a03b2c3db1c538c09318047d1ef2f83b7a9f751595eb439878f71ea167b844c69f8bfd4c4f198b5a28a96ccc96db4b8607a0497d94f22ff6ecc90e616b6b1a45242a85e1dc8edd09d5019ed7ff684fde9fab9d4f9316d52468e70f9aafca5d055398a0dd3642353cba54cc87830e33482616a7e9852f79fc0c4ba8ecef2e856fbd95751fed99fee8cf841436a766f987e076517b631f5729b54a55e4149db27e8aba61a00f952e819f4d38cba9a514003af2fb87eaf6d0e556b22be90cbaae13daa1147266c2d961afe24d79bcc9367cf230a60ef99e598dacfe985a411f1feeff86f8de1f9c29bec76e05d03aa9c9a23dda5b3571194a3af3fe59e1cf0645380d67c8790ad618db441a8a33cd72801773ceb047db5e7b28b41af19ee848e42ed7e5fa70aebccde123cb9c1a551535a3d76fb62602f4813cc41292974e7a91f2bc9f91f883ca51759df7b5ca7d1f5c3281e93bfdc0359ec7801e39f1cc3d9b776119e24d43da0772524031b182f8e1588d9ab08659c4e7fc0932367c0d6ac2b03c0f36b75e12dec0bb13a1827834e07ee78d6ee8cae263670729258d61feee54db3c0349300f3f2ab0ede5bc49188d637eaf9a6b39b976e360a923ab0abed818d4e0df88e03e961437d8c300cecf70b38722dbbd7f1cd01862ebf10e0804efe248b89797db552691c45bd9f129bd69a5e4092e87b8996ee844db87787cbc449bdf99bff85a0924756596a4b261ac2df2adb9d59f6f09ff0c29351f48a289250549d6d913923620f3be3032bf63b2789620744da72824c77ccad7e6e83184b6b3615309422952cadef4db32765a68ea13623487e47ab0e7e7a098679f31eea8fc6ead26edc3f9f531df849b58e4c5791616d62e77388672806a70e29869c7bf80e48ae7ffa0e41e0fa675fecc5858f0c950868ccaa98d08cb89ca750ced927a05a86d6f4a77a8ec3868a50024f5b1dd8eff798c96600634a811c0879586a61de1fb1e8dd1ad6ef630372d30a7b93d06ff2f7cca64b75a3aa35fe0c5b32f543f2d49fc41c8577d049f9d76219875028cd0599933fbb6337fdbdb1940ee8edc3bf36045a93e1de61b0d367ca6311e90bd7f8dda20aaef2aef7a279080b16c0fbf0793c12c3b62496aafef76afdb12d8051736efe5d2b1ebc3ccf2578b74de82a0771c18536d4451e38febd0a82191fa27f48ebd897a5c738cbedd4dbc017d9fa1f87b2bad91ba928b2b012bcb3511b1051bcb1ff4024b3e21a94bd12384a0c8f350fc1146dd340568954b068b38ae9e6b96ef9ab1e9f42221e221380c4d46ea4bac69e17f0f95fb03a6c23f94f22c49c5fbefe36b2f7f166f6c56a297cd6291283ea7e1c7cf70687987e84371098e68ffaa7baba5e695946bff626eaa3e117cee430e65342876961af6b700623de70fd227bab7e50cabbae50bc8c30383976456680c5ce3640af65d30c8c1d68a061c3fbaa3fbb1e3f793ca7cb75a28b1eff6a8925f6d6300e9853f2753eb914e80ddc346296e7eab573361cc9ae085b7df02bb4ed0ce87c028d77c8728cc48b432472885804ba00c07b239286a734824ded595078d4eb6e38480e9f25481001daeaa924eb250cb1d9aba9fb56020736dbe36b74ef2a53286386b32dfd97e908636185e14c44ab96e02fb82336c32eebdbd6552cde9f9dcda3cbf0015be54af67b631feaee1f0c6f9c07ce3a43e2adec5e0d44633a816d12e2975474ff1f2fb7b92dba73f14d658ff55e3e8e3f7cadbdbd14de8e33462ab45cab3a41175613a039601463eca9a2fdeb67f61a4c02c0d4fd061157b952a015db497f34eb1c9e8f93474f355e198f3436a3f9f6ff150575c3123fd3bd930cc5f52eec302a9e701e1eff6f5d70e29d21b5b23289f08189ec0a3c00a0c426b37d6295bd2ff43bc79fbb96bd214e703c93ef4a8b358a169bad7916d3b89ca2a89bdf222c070a411a467b49b5423e1aef9a50e74fa1083d5326c2d6db2260fde8b2d66056a8e2c0ffb8646c44eed3ed777e372fc38243664f36e08d6907b2c18b7fdc0e68b6e0314537fb8e459e08a7374394ec97ddd637b562d07572979d98e82818b4ba8e4d00a5ff077e5f012539d191c6c4b1e932014769b44862ba4505bb48d05bd7833e983038a7a3ce4d87de64c9f68eb96c64a81af81ede2aeb02049a9c4d9b92524e3541e3a99965c055f005a817324044af148974a8b5cb39b36a86764abe3c687b26359e5c430cd79e67e1661f4bdee26705425125edd39033c425148b17519dfa06a5685d075e7c5c32877e2900f679bc2473f106010d3df71ca67d43452d87c1977f4c0f3d028de847c0e8150bd9e77caccc3945e5d2db49145afe22b4d9c4dfb1423b34af0b3dc958e8ae360c8d2056eb2c7db8801121ebcc598a0bbef8461f17f1925b6315b11c7cc24beaffa0ef6e14c3932554debe72f4056f8b937bbd25f639904d89aa5dbcaa5ac1d3c2b01090544781e262e34e3b7852452879f2bf811b09aacb4a29af0ee09c9b68888f1e466d741c0efcc09ced15ac0895f6800551afae965b2ec908fa1e6426941bd5e644ec21afe0edfc9051b302e83f6ba73f63cecc42a25339cc7718fa8bd4794c6be528e3e2b33ad1402db91c4e11598ce6387ab57bc14a41b039e6c2007c81319d90cadba26e7e6f17cefc5852c7a845d1865aa4174855365b577640ed213d3c1cacc71d425e3f10c020f51db607014c0475fcbaeb28a54343cde63600a0554eda46699d5c77454fcf647cc64b33f33c715c1e8ae81475a15f92285038c486f4726caab56aa93f1ba263c508a17e0706ab30786b3edceaa71cd9528e6646db3483ea792d0c6718ac0b5ba56d21222a6b92d1901cabee2751c73bb2e69964ec0c4625d041ea383451ec708a5068a9d14f6f4f9b957f9a449ad944145930f52dc4664d07027f1bcdc666a1d2367ceb5eaa12e6eaeb291e4fff11ca3344c9bcf154e930ab28808b050d7ec22251cae7bbfc8af425519b867178692e828312cccac5e19e5372c449fc2543c4c4831fac1ed38fd2e2ae753bc43eb507d4946f8507fce4f61fdf5ccd138ee9c5ddfc9bab5da5b732d26569956b16af28026b3cf1d5e3a309b85de0c8fc358717e2fac117f1f338d0ebc1fa53d5c1ac01ebfaff5c3a7cf8a5d00f80e911a3987c48a5938de21eb619dbe6c4a7bbbd03fa24ad2dbd47ee83480ca1a124afc5e0212440a11b209014353cb461ab725665543443933daf4ab28e0e0dc52bff594d83954cf2486d221b5e1772ad5d4df56e594")
r5 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r8=>0x0}, &(0x7f0000cab000)=0xa)
sendmmsg$unix(r6, &(0x7f0000002640)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)=[@cred={{0x1c, 0x1, 0x2, {r5, 0x0, r8}}}], 0x20, 0x20000000}}], 0x1, 0x0)
r9 = syz_clone(0x20000000, &(0x7f0000000500)="9b55709d735a71aa3aebdeda93141a5d8a0a4ed6faf28c1882ba042a54d3c38fab8f35e2114597beae3a71407bcc3d41ff8d5a426251246e1b17ac44fc691862e6d840dfa40e43b92f23de155665aad0a51ad5a6d465013c5a5629cb027567e6c1d9a03971f8e1b11bdf98d351ed368f9ba33a", 0x73, &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600)="56f816d74d2d611c0ef7f4a6c523c3cdd7d7f133e8992dfa8483567bebaf0677eb420bae9c8712c78f8099f655181d26ec04ec4f488ceb5efd7115c325dbe94557f692")
r10 = getuid()
stat(&(0x7f0000000680)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000007c0)={0x0, <r12=>0x0})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000006c0)={0x0, <r13=>0x0}, &(0x7f0000000840)=0xc)
getgroups(0x6, &(0x7f0000000880)=[0xee00, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, <r14=>0xffffffffffffffff])
statx(r1, &(0x7f00000008c0)='./file1\x00', 0x4000, 0x7ff, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, <r15=>0x0})
getgroups(0x7, &(0x7f0000000a00)=[<r16=>0xee01, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff, 0xffffffffffffffff, 0xee01, 0xee01])
r17 = fcntl$getown(r0, 0x9)
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000a40)={{{@in6=@private1, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}}, {{}, 0x0, @in6=@remote}}, &(0x7f0000000b40)=0xe8)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000b80)={0x0, 0x0, <r19=>0x0}, &(0x7f0000000bc0)=0xc)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000c00)={<r20=>0x0}, &(0x7f0000003140)=0xc)
getresuid(&(0x7f0000003180), &(0x7f00000031c0)=<r21=>0x0, &(0x7f0000003200))
stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0})
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f00000009c0)={{}, {0x1, 0x4}, [{0x2, 0x3}, {0x2, 0x6}, {0x2, 0x6}, {0x2, 0x3}, {0x2, 0x4, 0xffffffffffffffff}, {0x2, 0x4}], {0x4, 0x1}, [{0x8, 0x3}, {0x8, 0x5}, {0x8, 0x4}, {0x8, 0x2, 0xee01}, {0x8, 0x4, r22}], {0x10, 0x6}}, 0x7c, 0x2)
r23 = syz_open_dev$loop(&(0x7f0000003240), 0x4, 0x2200)
sendmsg$unix(r2, &(0x7f00000033c0)={&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000040)="c0d942dfd5d83d1bb1a6f72f8c0fa5b5e157eaa8fdcc3c0bcacb98b226f3fd69a07e706caf35ee1875ed810bcdfdb4889383", 0x32}, {&(0x7f0000000140)="11d7364554437028eba14e5ee51eaf33d3990ec5eb16cf344fb24ef23c26b0ac08dd97e1890fe236df9085f50023b309a6e50b874ae3b06c8bcadb4795d22e800bbcf884", 0x44}, {&(0x7f0000000200)="03539337392b3cad398fe1bff45a7d4091f1e560681869537b8da49080daca067c65fd6dafcd7c", 0x27}, {&(0x7f0000000240)="71ca34e47efa6846abde679d1e12203d5abe3e7db3154f8d673c6f724bf5452c83d5419f1d192b928bf6a6446988790f26371d178c9aa28230ca8e000ec16d6f72299557ded3bda20f116afe328f5df25bbb2041a06e4298b359821a020e118c6110256c1119a8f0bee2caf9a28e98c80e0b4fc88ed922ea1b8b544c3215cd0f0afd7dc55fb90c4be2", 0x89}, {&(0x7f0000001140)="9030ec84aa5365396e3f1dc35f0d8d1d1115ec7ba65f35237d98461162c4e9f821937ce27d41e6601ccc7b086b0ca71148aa291c8d57cbdfb505c1b3129a2d2f9bcd301c4cc7b55e2ac9daff38d148f55f55c5d02a0b143ba066908ad69f1ed689bb5819c85a787d0f770f5d16f86e0a33b2d376874302c7b56725347bfb70a8653220b4c8f18eab2565e0cba254a15b807e9ef223225de917e75a2553d01edb117b0b55e103d90eb0bdee0691cbdafd654c815511031ab1e5afd9e12027bcdda4c82f4ededc8991aef8469efd0c0bada5f63c517a6606884d5b9dd739df8447a40034b393346fb4a2b673b75e2aa8f5b3e29af6b46d74981f8d47b26cfa39c82a4339bce8ec9ecb8e2a4d4f640c84e9bfcbb420b5bfc064e3f5b428ca0f0c8ee015b2619adf757f3085c05344239d2bd7f76bbafd2fe7de8fa8dc21bd4c6391b94677662857226392dcf8bf1cb3199e9c4a031e34c1b5376af7c78e87cb55f4cba4669d076f5f57abc95131d935843d86bc8ef2278e468f4c43c6c2ab093495bbe0bab10e69cd11a9ec46b6b970fc945c6fd905bf503c715c91f1aba6e9ea738a018a5aeaa78df2101a3aee5c8dfb5b884b0aec14d55e574f42afd367fae34450e0da25e691dde4b76114d74fcff539dc3d51a11912c0088b173ef27c64aa29c0c5339710b8e3b99e9ce80414a851cf3ce92db888d5d48dcece49feae046f117d2cf1c02ed2840033c20f787cfafb478a98b2abe67e447c9e4bcc5d61cf0bb7791dbe0fdbd50061d3268e67824c290f9cf2a11372c04c8799d8757e350e1c40ba70bf7ac54df875b7b293f7ad129895a786558164a51c821c9e27db417feeaacf88cfad729afb247687bb279b15e8660ab81f0cfd3c93ddf0f2dbb4f6c32da6d0029f0c330eee625bc84b31ce531a7c40e5fd4808d94883176ba05950e6a097618d8b25cd75af663b3690297cefdf49c84fd1b465fee32d58a1a5108d7a638416e164d2478d526dce5f9fc6cbd50417f624566268e858934bdc968fd2c0785b6bfdf11a92a7bee56e6ce2e1471ec02ba85eb757ba6da2fba1f8c23cd43283634a483f0ebb62e4844bbdd4daca8901d55efe8203c348836aaf0ca4309f39d79f0fb9e691886f10f375e5e9ca696c7db0adb66e3876e15e4dbd70fdc7470694cd0fd1a53548e274ee3e0c90d4a9de04d022546674e739e51803ff64fff1e6dac3d8e0433e6e0270aaac6aee8ce7c669ae7683a8846c33ffde1a2ab08536a8a4c97bbd1abaeb72bbc462b0461fd794ef059d3bbc9c3c1bec7d0b37e9097e32e5d4c2b84b259f2b3cdb5f102bbc0c6a853ce264abc0e783ac195e02c518f5d1e4abed2fedd824c5568ff6aad37f4512b7e941a5d38c608e1d9fb195214bcf006bc0f7b1d565cb35fa027f92934fffce54d5ca4503b06ace191b775f1889cb31924a2d32b9a2fe475fb316dbe61ec9d08d0cae553454e41aba33c6fb903bd4adcd52b638236894a12c3accc4e4f3ff9472b4dd605b00a448789b0ab4d7662f14963e76e14d7ff15a9bfceaa575117098d6d1b73d892e0a1c6f43bd870b3fd818ef81fd141494466c3a19da1377e1f9ed2e655b8b8c29bdb27f0ff579c7505bf37de2cb3493845a6d94d204a89232d25fb740bb1dd18c7a37fa549cd82f7b2ef4d4a9755cb582ea3591a42f9e2e971b17c88c5b1839afcabbad597a86eb6c3cfa1454c5b1121e5ae3a823a1192a602ede38ef630d3cea15b8a24682d25fc94273b888ece1b2079a4ef07867fcc7f09eea7daca5f4f9dd3e13b9126d1febe4369f66b662556bd1261935545207899478aa7a5b9afee61ea0e275b854bbec74992d55a4ed12277ce23687889366c15c11d9c5c3760d9a8c50ec3578176253b6b378efdeb1ce7beda7632ee608ec951e84ef3f3e9d2e3807ec94553df5ace24a44f4fb2119f64b4590eea0bb009161d5c8daed4e7f7f17d8dcc9d6ea257f43171ad08d3e1f421d1499cda6f4f4df4331bcd9a42b983a6d0966b8ba51430270d939672dc7126152196eef2638602dacd85932c4f7fddbd09dbccf4d95a3949d207df6daa16d9e57a8b23b665ac36812d332a5a98ad76e357e5159c2c24e519f6009d2a8b4ac7ec7285dd07c05f6c8f1365d317855c3a87dee2287ccfcb05106452284bf3f64f11a98087bef182298dcf84ebcdc481b0e155255d233945717207e665c55678a87d70be4f7716c63273b318650169749c19e880affd5381eb4b2915c7d99bd754c7265c24befb40aaab25385074dba23b47fe5bcc07ea5462075604f16396c7156d0374e4c476b18dccbac1ad100aa764e4b305f4a2267b691cd3683952ca387a3e7ac790904a2af0a7243ab8c846a9f7a42c15d1169b0a9cc46724553181a0ce5b95e6402b5a5f7b813e0720f38e4049b8f5c35de32e3bf6c6c85f049b4c10b11701709f6e928a81b75970dac5b352dfac8155b314b5bd38bb86ec7b08874be6bf290ebe52cc66ae08471bfc11363d17e0a4160572418dd2643202a31daeeb2792b6723b42cfc9bdee8225ceb111b589da1e554b6d4699e0e0519f36210a1fa2d2c7035fdf5d4ad81784e5c9e4cb975c672ecc3873df33ec2f07da43fd80378fbc839d7fb773d35e6a4507bda293fb16e29b0797b5d5cd4f58ee8f3ecbeb00f8e86a5fff215d0adcfb5ee0bca72d36b57757119c4059b27045164d96f76eebc9ecb2d66e7d3b5ce78eddf0f4959a3b0222f3899ae811b0403c125bb9b6b36381a67ea248cf8729c3eeaca618492b54944eda5f2ba3fab52da0257d46e3152db50e1204bd69a33752142345fde97334123e94de0dfe10ea7eb328f679aea7a784a0f61e201253f3b16bc75486bdb20ae2b745948a6376fc9dbbabdd8ec8825c524987931869085458afe9c53ef28d8c98316e7377149d09039ff6518378c7eb9b0465320ba1098d1b1e238be9cece81030ac7dcaf7bf43264de181210453f8373ceecfbd3f8d34bb30f94eaf1d959cabf6eaebc1a4f7278e3b2bc7d53b198d31cc07322b689380f5b1eedda4cf35d9be25e1db7732866de8cd4e1c4b6032fc5b436359698a3068c36236d8b5f006bfb05b26d52d3c1ff26a80094a5da906ceef2287f28388638bc6b656462d09568eeab70024aba3313f92129f3ae19bf1030b1a7c3cf13a2658871e871c29d518a7a12681416b6d3d50c44357c5c98c821ed728d06356e58290191a2fde1cec0589f4ba0c6c734cb1ce0c818801c86085e706678ad95bfe4c2f27dcbb2dcd11d18dc15580ce58636a50f1b10fefe507b134e93a9a1fde2199f1eb05d00d12736cb97982c5a1846b16e3238a20a9e84610ab5303c09863f6be2a24abbea14334682477427e4f27e1586b5bfe5024808a0b4816d75d0d9feda09206765d88b2e656722bd2b15be800d2328efacae13fb5712f07eb9517d86c0733ee601babbb9719a7c3cd3026e1a77e6e2bb4e0db178ef37ebb7895fed1a57955d80fd0842486e8b73c19d3016de0e53881559f4a33ecba651d715cff16c074de0f4800aa04536e5c5b808b9500f6d64e5cd882618c9fc4d5456c54e7283f220bc8b223670e222f334006606912d8018793da40ea7a87223da45ca431f86cbe4e0df74cea865a15ce2cf40c7d949aa99f092a33909bfe63acdea375cba4f296e07133e66fce7d3bf258d3877bffbf3041dd1e9538a8fceee40488e3a8a2aaab51fae0ff6814c367bed7c85c093f9b668705df69978ecb5a2d480fbbafd5b8679ef5599ba413a862d5cc2cbe957fe8be30cb05db76c03f6510227126d116f898a3e37132897e2c9d825fb3685f0f98b02e80d0e23cb00e9050e4b29ded656edb399e240290f8ad2a9f74a66356a2c8cd079104d6a5c03e141983444bfe6a0160daea6f32441968c5788afe4cd3329c2e5cac5d644b0b3650c99fbedaf520305f99b193b03751925f74306c41812448318c8bd1fd801015f01f56c8f9e4f17663c73dea216ef4d0160df5a48150d42aab5160ad312e85775d20e9a830feb7baf231bd90465c66b4a604d35fe4e139e2435a24c9f9affb509c121b2836de618150495b0cfcb224ad86e39f11f556f45479b7d283e1c7c89aab6d2662a1b7078bca8d64c10c36a85f591b83c9dd131340085850054981acc5dd4c0f674c9cb619d9a9359c13eeea2df9de92e813ab3d2cdcbc2d041a1bcf8ed8f0851f4bcc56cec3d4d93f722571183307936301c5cebed93638ef48821b03f54176d2b40344425bd37def8d898c16b13fec35a034ff3c33efd5b45172f98b97cc63201624403ad01dbdc8081fe324de1497d0e4bb9c9e9e8a4d916ec8c645111bedc56b13279e9d0a9b5c562106f9cd2d3829ca66c5d6aee51ddd34545aae36337e51a397114809ba9961583682f4d4b8a1743e30f58d084f0a3ff1d2fc2a89ec7027470c205bee0b0d473008d22b83dd197b9148b66208e4239cf7763947ea2a3f4442eec2b3a286ae1f6d6822de69d76233df3552b12bd4b79751a8350c0c38bff8958106a9217a8c367417ffe8b7361f96e34c5ce65ab6c7cbd4bbead812fd677591b655e97ed69c2d6c2fde364db0b9e1298b67bc56c9b442d700f1cb467c164e13d77d365cce90d3935c2b7dd9c16e356833eb027327d959654dc8f126d4b11207b62d97e01760083dcf9f970ef680cc7f25bdf16851ed9f05b82d7375c2c735bd4a2a77d83caf4f226775f1e586c1511c0edcf4a52e0e720216601a1351728428346726b1985550224ebc1f27c132ca25d6343fa5b518fead636dd2be74767b695f605427b9e3ba7743655b9fba59b2a96c5452e87add0ac7411dc24adaa5126083bf192a46cf440aeb475055dfcec09417186e050334e04df3e07fff5280923197f045e2e865fef4b85cdc10df98a3dace644904454386e56f679bfad35e567444ceac30b6c2c47df96871bbb10e5ccc860acea151597ef435c989a474125b993116324aba8ac0797f604be7c945f4622618868eacd4d955402109cae829bad11f4cc4aca9c4ec474f7ac1cfb8bdc4bd44e30a530e1b7b230d5e77889316cc99d5f380c6419160c576d1607a0825c9fa8c0803ae102cf8d23d6b6b325c597554605038c7231d9cfb8e2d125aff8612b927719b15874da6c21bda54ec8be148ef6610045c627d211d90884be755445b3705feffdf744b51833e8977778d80c4c5d00af25c84d6342cce3aeaf083037079255a6dfe48240398649a7d83d4317258a55f21299f658c16cfe7b438a0c7bfc22625f994ed2856d1f1e2e6c88107e0b0fa2a5255128c748fb79beb78144ff09f2aa7d7915352b93bb741539bfbf6514a8f39ad554f70c7e61713326106a7f290ebe241060152dc68af8c6c84a6c2db7668d039001be248f05428d93fe97f0c072d06a77b747498a832288cbf362e4e7b132e62e0ef3b87aa0244ab2741753f57019249497a846861b64218dc915738a078c264d23fe4bf54fdbb442da092c2a84063c35fa17d83eac47f53e60c128dc9e6be52b2768f8b7661b2e84a6c58616eac5778564a0182da4b04fe0eae8a01a6617dd63c8ec46db9f92f6ffe38df9dd2a2c5b0206bf7d94b8de94e3b62082ba5e04b0b06549846515584c23eb69e57498ce504d7419d12ef84a1a528af1c311e237b4cb278a7a09a374d82a12134b14c044d13cc321c54b6ad7ae5c51e27af735e44d11d60975ca5820796336abc8a6863fd3fb18a30bdbac6961285e199d9898130c52a6b004794c58b9d4c1c499caadab2d57e44a2c8b758ef23ac9e", 0x1000}], 0x5, &(0x7f0000003280)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c, 0x1, 0x2, {r4, 0xffffffffffffffff, r8}}}, @cred={{0x1c, 0x1, 0x2, {r9, r10, r11}}}, @cred={{0x1c, 0x1, 0x2, {r12, r13, r14}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r15, r16}}}, @cred={{0x1c, 0x1, 0x2, {r17, r18, r19}}}, @cred={{0x1c, 0x1, 0x2, {r20, r21, r22}}}, @rights={{0x2c, 0x1, 0x1, [r1, 0xffffffffffffffff, r0, r0, r1, r23, r1]}}], 0x110, 0x800}, 0x44000)
ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000000)={'bridge_slave_1\x00'})
ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000080)=ANY=[@ANYBLOB="d6df74f7dd8ef7000000000000d6"])

5m19.868940285s ago: executing program 3 (id=208):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r3, 0x1}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r2, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {0x0, r3}}, 0x18)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x785, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJImTfO+yQsvaD0FBA2UbkyNrYKHigcRLBT0bLtstqFmky3ZTWlCwBYRvAgqHgS99OyPevPqj6v+Fx7EUjUtVjxIZDYz7bbZ/GySrebzgck+z8xsnue788zMMzsPswHsW8Ppn0LE4Yh4L4kYzOYnEdHTTHVHnFxZ7/bSYjmdkhiIV39NmuvcWlosR8t7UoeyzKMR8e3bEUcKq8utzy9MlarVymyWH21MXxitzy8cPT9dmqxMVmaOj42PHzvxzInjOxfr7z8sDFx//6Unvzj551uPXHv3uyROxkC2rDWOnTIcw9ln0pN+hPd4cacL67Ck0xVgW9Jds2tlL4/DMRhdzRQA8G/2ZkQsAwD7TOL8DwD7TP49wK2lxXI+dfYbib1144WI6FuJP7+/ubKkO7tn19e8D9p/K7nnzkgSEUM7UP5wRHzy1eufpVPs0n1IgHYuX4mIs0PDq4//yaoxC1v11DrLDmSvw/fNd/yDvfN12v95tl3/r3Cn/xNt+j+9bfbd7dhw/z+4A4Ws40ZfxPMtY9tut8SfGerKcv9p9vl6knPnq5X02PbfiBiJnt40P7ZOGSM3/7q51rLW/t9vH7zxaVp++np3jcLP3b33vmei1Cg9SMytblyJeKx7Vfwtlwd9zb5uu/7v6U2W8fJz73y81rI0/jTefFodf2Sjk3bH8tWIJ9pu/7sj2pJ1xyeONpvDaN4o2vjyx4/61yq/dfunU1p+fi2wF9Lt379+/ENJ63jN+tbL+P7q4DdrLds4/vbt/0DyWjOd9yMulRqN2bGIA8krq+cfu/vePJ+vn8Y/8nj7/T8//rVr/+k14dlNxt99/ZfPtx//7krjn9jC9k9nZA3hTovYKHHt9lTXWuVvbvuPN1Mj2ZzNHP82W8EH+OgAAAAAAAAAAAAAAAAAAAAAAAAAYNMKETEQSaF4J10oFIsrv+H9/+gvVGv1xpFztbmZiWj+VvZQ9BTyR10OtjwPdSx7Hn6eP3Zf/umI+F9EfNh7MMmfozjR4dgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHdojd//T/3U2+naAQC7pq/TFQAA9pzzPwDsP87/ALD/9EUklztdCQBgT7n+B4D9x/kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXXb61Kl0Wv5jabGc5icuzs9N1S4enajUp4rTc+ViuTZ7oThZq01WK8VybXqj/1et1S6Mx8zcpdFGpd4Yrc8vnJmuzc00zpyfLk1WzlR69iQqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANia+vzCVKlarcxKbCOx/HBUo/OJrqw5dbYa/Z0pPXkoNsFOJzp8YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4h/g7AAD//7AaJtI=")
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r6 = openat(0xffffffffffffff9c, 0x0, 0x1c5902, 0x0)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x7ffff000)
fallocate(r4, 0x0, 0x0, 0x1001f0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5m17.478194014s ago: executing program 3 (id=233):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@restrict={0x0, 0x0, 0x0, 0xb, 0x2}, @fwd={0x2, 0x0, 0x0, 0x12}]}}, 0x0, 0x32, 0x0, 0x1, 0x726, 0x0, @void, @value}, 0x28) (fail_nth: 4)

5m17.403397855s ago: executing program 32 (id=233):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@restrict={0x0, 0x0, 0x0, 0xb, 0x2}, @fwd={0x2, 0x0, 0x0, 0x12}]}}, 0x0, 0x32, 0x0, 0x1, 0x726, 0x0, @void, @value}, 0x28) (fail_nth: 4)

3m43.459095431s ago: executing program 2 (id=1332):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r3, 0x1}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r2, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {0x0, r3}}, 0x18)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x785, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJImTfO+yQsvaD0FBA2UbkyNrYKHigcRLBT0bLtstqFmky3ZTWlCwBYRvAgqHgS99OyPevPqj6v+Fx7EUjUtVjxIZDYz7bbZ/GySrebzgck+z8xsnue788zMMzsPswHsW8Ppn0LE4Yh4L4kYzOYnEdHTTHVHnFxZ7/bSYjmdkhiIV39NmuvcWlosR8t7UoeyzKMR8e3bEUcKq8utzy9MlarVymyWH21MXxitzy8cPT9dmqxMVmaOj42PHzvxzInjOxfr7z8sDFx//6Unvzj551uPXHv3uyROxkC2rDWOnTIcw9ln0pN+hPd4cacL67Ck0xVgW9Jds2tlL4/DMRhdzRQA8G/2ZkQsAwD7TOL8DwD7TP49wK2lxXI+dfYbib1144WI6FuJP7+/ubKkO7tn19e8D9p/K7nnzkgSEUM7UP5wRHzy1eufpVPs0n1IgHYuX4mIs0PDq4//yaoxC1v11DrLDmSvw/fNd/yDvfN12v95tl3/r3Cn/xNt+j+9bfbd7dhw/z+4A4Ws40ZfxPMtY9tut8SfGerKcv9p9vl6knPnq5X02PbfiBiJnt40P7ZOGSM3/7q51rLW/t9vH7zxaVp++np3jcLP3b33vmei1Cg9SMytblyJeKx7Vfwtlwd9zb5uu/7v6U2W8fJz73y81rI0/jTefFodf2Sjk3bH8tWIJ9pu/7sj2pJ1xyeONpvDaN4o2vjyx4/61yq/dfunU1p+fi2wF9Lt379+/ENJ63jN+tbL+P7q4DdrLds4/vbt/0DyWjOd9yMulRqN2bGIA8krq+cfu/vePJ+vn8Y/8nj7/T8//rVr/+k14dlNxt99/ZfPtx//7krjn9jC9k9nZA3hTovYKHHt9lTXWuVvbvuPN1Mj2ZzNHP82W8EH+OgAAAAAAAAAAAAAAAAAAAAAAAAAYNMKETEQSaF4J10oFIsrv+H9/+gvVGv1xpFztbmZiWj+VvZQ9BTyR10OtjwPdSx7Hn6eP3Zf/umI+F9EfNh7MMmfozjR4dgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHdojd//T/3U2+naAQC7pq/TFQAA9pzzPwDsP87/ALD/9EUklztdCQBgT7n+B4D9x/kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXXb61Kl0Wv5jabGc5icuzs9N1S4enajUp4rTc+ViuTZ7oThZq01WK8VybXqj/1et1S6Mx8zcpdFGpd4Yrc8vnJmuzc00zpyfLk1WzlR69iQqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANia+vzCVKlarcxKbCOx/HBUo/OJrqw5dbYa/Z0pPXkoNsFOJzp8YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4h/g7AAD//7AaJtI=")
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c5902, 0x0)
write(r6, 0x0, 0x0)
sendfile(r6, r5, 0x0, 0x7ffff000)
fallocate(r4, 0x0, 0x0, 0x1001f0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3m43.395790062s ago: executing program 2 (id=1336):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000f200000000000000001860000000000000000000000000000095582d0000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x1e63e3fd40685bf2, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

3m43.365251782s ago: executing program 2 (id=1338):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r0, 0x0, 0x0)

3m43.269972984s ago: executing program 2 (id=1342):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r0}, 0x4)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
recvmmsg(r2, &(0x7f00000023c0)=[{{&(0x7f0000000240)=@isdn, 0x80, &(0x7f0000002500)=[{&(0x7f0000000300)=""/213, 0xd5}, {0x0}, {&(0x7f0000000d40)=""/4096, 0x1000}, {&(0x7f0000000840)=""/155, 0x9b}, {&(0x7f0000000900)=""/162, 0xa2}, {&(0x7f00000009c0)=""/242, 0xf2}, {&(0x7f0000001d40)=""/175, 0xaf}, {&(0x7f0000001e00)=""/83, 0x53}, {&(0x7f0000001e80)=""/105, 0x69}], 0x9}}, {{&(0x7f0000001fc0)=@pppoe, 0x80, &(0x7f00000001c0)=[{&(0x7f0000002040)=""/177, 0xb1}], 0x1, &(0x7f0000002100)=""/65, 0x41}, 0x83}, {{&(0x7f0000002480)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000002200)=""/183, 0xb7}, {&(0x7f0000000400)=""/1, 0x1}, {&(0x7f00000022c0)=""/241, 0xf1}], 0x3, &(0x7f0000000600)=""/20, 0x14}, 0x19}], 0x3, 0x2000, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
unshare(0x68040200)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0)
sendmmsg(r6, &(0x7f0000000180), 0x393, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)

3m41.829206977s ago: executing program 2 (id=1348):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x1}, 0x10)
bind$tipc(r3, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x2, 0x7ffc0002}]})
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x25, &(0x7f0000000000)={0x1})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r6, 0x26, &(0x7f0000000380)={0x0, 0x1, 0x103ff, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)

3m40.867013963s ago: executing program 2 (id=1368):
memfd_create(&(0x7f0000000140)='v\xa6\xf5l/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\x85\xb9\nR\xf5@\x99\xb9\x8a\x0fZ\t\x90\x8b\xab\xf8\x87\x10ti\xba\xc6\xfb\xd2)\x95\x88k\x82\x04s\xb3b\x01\xf4\xach\v\x91\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc]\x11\x95\xf8\xe6\xa7\xc3\xfc\x18+\x92\xa5N\a\xa7\x7fN\x9bM\n\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9dA\x00\x00\x00\x1bC\xd8\x1c\xc5u\x00S\x00'/126, 0x1)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x54}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2}, 0x10)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pipe(&(0x7f0000000180))
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x800008, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000040], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'/25]}, 0x91)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@fallback=r4, 0x26, 0x1, 0x40003, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0]}, 0x40)
write$selinux_load(r3, &(0x7f0000000000)=ANY=[], 0x2000)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r6, @ANYBLOB="0100000000000000240012000c000100627269646765"], 0x44}}, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = socket(0x10, 0x2, 0x45)
sendmsg$nl_route_sched(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x128}}, 0x0)
getsockname$packet(r8, &(0x7f00000001c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa3)
bind$packet(r7, &(0x7f00000000c0)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @multicast}, 0x14)
r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
preadv(r10, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x49, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x50, 0xffffffffffffffff, 0x8000000)
setreuid(0xee01, 0xee01)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

3m25.298919876s ago: executing program 33 (id=1368):
memfd_create(&(0x7f0000000140)='v\xa6\xf5l/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\x85\xb9\nR\xf5@\x99\xb9\x8a\x0fZ\t\x90\x8b\xab\xf8\x87\x10ti\xba\xc6\xfb\xd2)\x95\x88k\x82\x04s\xb3b\x01\xf4\xach\v\x91\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc]\x11\x95\xf8\xe6\xa7\xc3\xfc\x18+\x92\xa5N\a\xa7\x7fN\x9bM\n\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9dA\x00\x00\x00\x1bC\xd8\x1c\xc5u\x00S\x00'/126, 0x1)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x54}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2}, 0x10)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pipe(&(0x7f0000000180))
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x800008, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000040], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'/25]}, 0x91)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@fallback=r4, 0x26, 0x1, 0x40003, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0]}, 0x40)
write$selinux_load(r3, &(0x7f0000000000)=ANY=[], 0x2000)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r6, @ANYBLOB="0100000000000000240012000c000100627269646765"], 0x44}}, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = socket(0x10, 0x2, 0x45)
sendmsg$nl_route_sched(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x128}}, 0x0)
getsockname$packet(r8, &(0x7f00000001c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa3)
bind$packet(r7, &(0x7f00000000c0)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @multicast}, 0x14)
r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
preadv(r10, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x49, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x50, 0xffffffffffffffff, 0x8000000)
setreuid(0xee01, 0xee01)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

2m34.346813333s ago: executing program 5 (id=2263):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000f200000000000000001860000000000000000000000000000095582d0000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x1e63e3fd40685bf2, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

2m34.210321885s ago: executing program 5 (id=2265):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)

2m33.771047013s ago: executing program 5 (id=2268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x1e63e3fd40685bf2, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

2m33.662424204s ago: executing program 5 (id=2270):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000900000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)

2m33.005066565s ago: executing program 5 (id=2277):
open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
acct(&(0x7f0000000140)='./file0\x00')

2m32.993716015s ago: executing program 5 (id=2279):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b0000000500000002000000040000000500", @ANYRES32, @ANYRES32=<r0=>0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000800000000000000000000040000"], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r3 = syz_open_pts(r2, 0x141601)
write(r3, &(0x7f0000000000)="d5", 0xfffffedf)
close_range(r1, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYRES8=r3, @ANYRESHEX=r0, @ANYBLOB="0028f502f07e13"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
syz_clone3(&(0x7f0000000940)={0x107821100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT=r8], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11}, 0x10)
r12 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r12, 0x5608)

2m17.848077971s ago: executing program 34 (id=2279):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b0000000500000002000000040000000500", @ANYRES32, @ANYRES32=<r0=>0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000800000000000000000000040000"], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r3 = syz_open_pts(r2, 0x141601)
write(r3, &(0x7f0000000000)="d5", 0xfffffedf)
close_range(r1, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYRES8=r3, @ANYRESHEX=r0, @ANYBLOB="0028f502f07e13"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
syz_clone3(&(0x7f0000000940)={0x107821100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT=r8], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r11}, 0x10)
r12 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r12, 0x5608)

2m0.749574669s ago: executing program 4 (id=2640):
open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
acct(&(0x7f0000000140)='./file0\x00')

2m0.492120593s ago: executing program 4 (id=2642):
r0 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0}, 0x2, 0x5, 0x6, 0x3, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xeb9e, 0x400, 0x20001, 0x3})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mlock2(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{0x3, 0x2, 0x9, 0x101}, {0x1, 0x9, 0x6, 0x8cd}, {0x8000, 0xcc, 0x5, 0x3}, {0x0, 0xff, 0xa8, 0xffff}]})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x0, 0x0, 0x28b, 0x0, r1})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES8, @ANYRESOCT], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, &(0x7f0000000280)})
r5 = epoll_create1(0x0)
epoll_wait(r5, &(0x7f0000000180)=[{}], 0x1, 0x0)

2m0.195910958s ago: executing program 4 (id=2646):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000002020207b0af8ff00000000bfa100000000000017010000f6ffffffb702000008000000b703000000000000850000002d000000"], &(0x7f0000000300)='GPL\x00', 0x9, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m0.181390398s ago: executing program 4 (id=2647):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)

2m0.04866593s ago: executing program 4 (id=2652):
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
acct(&(0x7f0000000140)='./file0\x00')

1m59.988309281s ago: executing program 4 (id=2653):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_bp={0x0, 0x764922f6ef795283}, 0x8, 0x0, 0x409, 0x4, 0x0, 0x40, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000280)={0x11, 0x7, r5, 0x1, 0xdf, 0x6, @local}, 0x14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYRES16=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xf, '\x00', r5, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r6, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}}, @NFT_MSG_DELOBJ={0x14, 0x14, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x4}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x40054)
syz_open_dev$usbfs(0x0, 0x201, 0x2)
clock_settime(0x0, &(0x7f0000000200)={0x77359400})
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r9, 0x11b, 0x3, &(0x7f0000000440)=0x204208, 0x4)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000540)=ANY=[@ANYRES32=0x0, @ANYBLOB="8e29b5c6d59d9a8fa9f1222c", @ANYRES32, @ANYBLOB="d90f55b2fe87bccaae179697e871353358a10c2f9b664f24e6a9112c9e2e2e3003fa09469b1b", @ANYRES8], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
socket$inet_sctp(0x2, 0x5, 0x84)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r10, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0xffffff7f, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

1m44.837214217s ago: executing program 35 (id=2653):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_bp={0x0, 0x764922f6ef795283}, 0x8, 0x0, 0x409, 0x4, 0x0, 0x40, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000280)={0x11, 0x7, r5, 0x1, 0xdf, 0x6, @local}, 0x14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYRES16=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xf, '\x00', r5, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r6, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}}, @NFT_MSG_DELOBJ={0x14, 0x14, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x4}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x40054)
syz_open_dev$usbfs(0x0, 0x201, 0x2)
clock_settime(0x0, &(0x7f0000000200)={0x77359400})
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r9, 0x11b, 0x3, &(0x7f0000000440)=0x204208, 0x4)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000540)=ANY=[@ANYRES32=0x0, @ANYBLOB="8e29b5c6d59d9a8fa9f1222c", @ANYRES32, @ANYBLOB="d90f55b2fe87bccaae179697e871353358a10c2f9b664f24e6a9112c9e2e2e3003fa09469b1b", @ANYRES8], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
socket$inet_sctp(0x2, 0x5, 0x84)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r10, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0xffffff7f, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

6.697041061s ago: executing program 1 (id=3781):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000140)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000002280)=[{&(0x7f0000000580)="e25f0689", 0x4}], 0x1}, 0x0)
recvmmsg(r1, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/130, 0x82}], 0x1, &(0x7f0000000340)=""/205, 0xcd, 0x3000000}}], 0x1, 0x0, 0x0)

6.622318442s ago: executing program 1 (id=3783):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd6000000000002d", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0xd4}, 0x24008000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x3, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x0, 0x81, 0x0, 0x2, 0x0, 0x7e150a0b, 0xffff, 0x5, 0x0, 0x80000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x1007, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x400000, 0x40000000, 0x0, 0x0, 0x0, 0x1, 0x8, 0x0, 0x3, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e982638, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0xd2d1, 0x0, 0x1, 0x4000b2e, 0x52f7, 0x0, 0x0, 0xfffffffe, 0x0, 0xff, 0x1000, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x26, 0x800, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x80c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x3, 0x8, 0x0, 0x14, 0x1e, 0x0, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1000, 0x100, 0x7f0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0xff, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x153, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x400, 0xfffffff0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0x101, 0x0, 0x0, 0xffffffff}, 0x9, 0xf, 0x2000000}}]}}]}, 0x45c}}, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="1400020064756d6d7930000000000000000000004800018008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00', @ANYRES32, @ANYBLOB="1400020069705f76746930000000000000000000080003000100000008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x42}, 0x4000000)

6.437396515s ago: executing program 1 (id=3785):
socket$kcm(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000e7ffffff0000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x10000002}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x1000003, 0x0, 0x4, 0x722}, 0x10)
write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x24)

6.372239277s ago: executing program 1 (id=3788):
socket$kcm(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000e7ffffff0000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x10000002}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x1000003, 0x0, 0x4, 0x722}, 0x10)
write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x24)

6.287693878s ago: executing program 1 (id=3789):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r3}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r6}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000100)={'ip6gre0\x00', <r8=>0x0, 0x0, 0x81, 0x82, 0x9, 0x9, @local, @local, 0x7, 0x40, 0x3, 0x660b}})
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, r7, 0xfaa0, '\x00', r8, r9, 0x5, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

3.446390044s ago: executing program 7 (id=3826):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r0, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0) (fail_nth: 13)

2.943556502s ago: executing program 7 (id=3834):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket(0x2a, 0x80001, 0x5)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x41, 0x1, 0x2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
setuid(0xee01)

2.812578084s ago: executing program 7 (id=3837):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000800)={0x1, &(0x7f0000000100)=[{0x3, 0x6, 0x0, 0x7fff0001}]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
r4 = dup(r3)
ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000040)={0x23, 0x1, 0x8, 0xbe, 0x0, 0xffffffc0, 0x0})
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r6 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4d31, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0x0)
r7 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r8 = getpid()
r9 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_pressure(0xffffffffffffffff, 0x0, 0x0)
r10 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x1, @perf_config_ext={0x6, 0x7}, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="d800000019008111e0020f060d8107040a60000000010000001455a12a00090008000699e3ffffff14000500fe80817806000567b8b7b94002000009080016060000000000000000d67f6f9400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237ee4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b694138c9f1ac76efb42a9ecbee5de6ccd44242f4d643f6fd0f26187b51980dd6", 0xd8}], 0x1}, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r14 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r13}, 0x10)
readahead(0xffffffffffffffff, 0xc, 0x100)
recvmsg(r1, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
recvmsg(r1, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000005c0)=@nat={'nat\x00', 0x19, 0x5, 0x682, [0x200000001cc0, 0x0, 0x0, 0x2000000021a4, 0x2000000022ca], 0x0, &(0x7f00000001c0), &(0x7f0000001cc0)=ANY=[@ANYBLOB="00000000000000000000000000c10900000000000000000000000000000000000000000000000000ffffffff02000000090000002400000088487866726d3000000000000000000000406e72300000000000000000000000000076657468305f746f5f627269646765006e657464657673696d30000000000000bbbbbbbbbbbbffffff00ff0000000000000000ffffff00ffe60000004e010000860100007265616c6d0000000000000000000000000000000000000000000000000000001000000000000000010000000100000000000000000000006f776e657200000000000000000000000000000000001800000000000000", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="020000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000feffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa170000fdffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa3e0000fdffffff000000000500000001000000001b697036746e6c30000000000000000000766c616e3000000000000000000000006272696467655f736c6176655f3000006d616376746170300000000000000000aaaaaaaaaa28ff00ffff0000aaaaaaaaaaaa0000000000ffe6020000e60200002e030000636f6e6e627974657300000000000000000000000000000000000000000000001800000000000000050000000000000006000000000000000200000000000000627066000000000000000000000000000000000000000000000000000000000010020000000000001800000004000809050000000600060600080000020004030d000000040007080500000008000040010000000200bd01cc00000003000003790000000000000001040000b70d0a0103000000d8be060705000000030003f108000000ad01060902000000ad00080f08000000080002060000000078777f0100800000ff01007f2c050000f9ff81970b000000ff7f04f804000000040010f82d000000450009ff01000000050001010100000000040800faffffff00004080ff9800000d00cd0108000000070001b42502000001010e033700000009000807050000003608f70837000000090002060400000001009b80010000000300ab0300f0ff070800fe0501000000000200056704000003000b40080000000a00057f09000000090002030900000000000401001000000008000c3c0a0000731c08f16c0500001000002d070000000000090700000000090002fa0100000080ff05030300000000080905e1cb0000ff00031f450600000800c500010000001c0707b7c704f7160300800609000000040010070100000001000e040300000009000603020000000700ff00ffffff7f03000e02fcffffff88010308010000800180050100000000010003070100000077510c05070000003fcf05090100000000f8970902000000f5ffc60b0000000001000f050400000007000006feffffff080001090200000000047f05ff0000000000000003000000000000005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a300000000000000000000000008009000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000004000000fcffffff01000000090000000000000088b573797a6b616c6c6572300000000000006e6574706369300000000000000000007465616d5f736c6176655f300000000073797a5f74756e000000000000000000ffffffffffff00ffffff00ff000000000000ffffff00ffffa6000000de0000000e0100006d616300000000000000000000000000000000000000000000000000000000001000000000000000bbbbbbbbbbbb00000100000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000fcffffff000000004e4651554555450000000000000000000000000000000000000000000000000008000000000000004b07000000000000"]}, 0x6f0)
r15 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000002580), 0x2, 0x0)
getresuid(&(0x7f00000025c0)=<r16=>0x0, &(0x7f0000002600), &(0x7f0000002640))
r17 = getgid()
r18 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000ac0), 0x2, 0x0)
fstat(r5, &(0x7f00000026c0)={0x0, 0x0, 0x0, 0x0, <r19=>0x0})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000002740)={0x0, 0x0, <r20=>0x0}, &(0x7f0000002780)=0xc)
sendmmsg$unix(r1, &(0x7f0000002880)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000240)="f16fb3b1af57c5e3f28bbeb6b285758116959ca5bb0c201ff2e6d6452b75c0089f6738eec86fcbb6e7d15186845152fc8d62791e80", 0x35}, {&(0x7f0000000400)="e318b403e171cd98c0", 0x9}, {&(0x7f0000000500)="b9fe5d5d23ec6b5c21d7ce5f059529a3b4ceabba07b97fc469db79880c36e05dd85de18b50f90f409e7c443e1714664ce5ddc2b16964559e0b7bea3f5e8a4ed4cb363dff2b116ef674798045dd12bc858c0ea51f7c897300143d09206ea42130cfa3cca1345e0450e2725f986a4fa92630286122ccaca8b162fd32cfe6f400cdef1cf47b0a12ad26444e04e17775cf955ddc2dbf2caeee6b7eb3a0746a0f7ba1d6a023ab0ceae00f07bdb65e4baa", 0xae}, {&(0x7f00000005c0)="a11c4b7e4992ce144faf6ff436c9baa9de968e2b55adb2e9902818af16c4253296a3000a3794ed4ec87385", 0x2b}, {&(0x7f0000000600)="9dee194b82100314b880f8b4543d40080bb882eaaffd9e8ca7c0b0f888d360a4c156d54be086d7fe0c6287d71b382350ae692ae9c1abb16b0ee281f54b41df44aea319e314", 0x45}, {&(0x7f0000000680)="458efe55f9930a8f5977afcf8f7d1c61f871a2b9704a041d3fe7af02f9d4fc5387d1aa9f2aeb8982693e8ddf026889407fe1a1cebad21540993160241ef561bf831fbd3e69c1a70cecaf6c34d28e77dc2df70e1779f8e47dcfff86f1fba107ca01aa4ec2a8e66312ab8b15cf58c6840fb27ff42a2d9112f9f6bc515528ca40929e82c9aa5e30bc652e369eed3c1147f07226e6385d7cb9def29ef6c14e8a00f87eaa1fec8cf953b00b906db26a24c37a1c3c9983d966a4d0286d87272e737176e7641f0b436e9d436f86eeae55046329382ab724484fab2ff57c7b9b6ddc9153b34c1eb494f1f324", 0xe8}, {&(0x7f0000000780)="1ae8940fa1e3c1a7bdc88aecd500062f0edc4c69681e9458030be1dd8500bbc338d6fb691f13ba4f07f560cbf857c84266b660cfa2e549c49f46d3c4229e87bbb9e51288ff34f89f435f8da9383b679bea02efd3e56157b001d450fbb8f467dc1a2cd87425285e98454ba0a105e4", 0x6e}, {&(0x7f0000000880)="84cb9db77baa3b4c2f8e5e3162adc1385b5ff7a6d67d958d21323538dee1c915fa69357a842b003a08404d9786046270d1b13d41a6dc8ce9180351ed34d2023f229b1697d3e4867fa3ac25e00e1a00188efb33b25a7cdcefd380f921a02884e8bd7dd2e9bf6a407bfa4f36392e049b4754dc61ddf59a04937652ea3e190fa999ba3fe57231f5e0166ff3bbf25a9798c71ab66e5f6802fc8ea9cabaadcdf46bfd463e41c18a73e9bf6cdf4e110896aa2f1913e057b7e607ddda44267b741a064649da0f21a00c6ea3443568d6b1dab3f26354ec766396424c72a777857873d29c3fbd109462bcd0ba7b83dd58a266515d95b45ae2c8e34cfb", 0xf8}], 0x8, &(0x7f0000000c00)=[@rights={{0x2c, 0x1, 0x1, [r2, 0xffffffffffffffff, r6, r3, 0xffffffffffffffff, r11, r9]}}, @cred={{0x1c, 0x1, 0x2, {r8}}}, @cred={{0x1c, 0x1, 0x2, {r8}}}], 0x70, 0x8010}}, {{&(0x7f0000000c80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000f00)=[{&(0x7f0000000b00)="5394bc2eb257523fd6a764fa1c27034503142f50f63a81d811e84ee035a1ef020215e58ef71eb59d771d9aab88092f44be75c1c49e895d3e32d35877718bd9fb2a71dd96c8ab48e7508994b343470b8e830f0af3c7bb64b706", 0x59}, {&(0x7f0000000d80)="dcc4f34aaa22a9c4246f4902b9114077928aec6c3da3cf24f00a4f927737520c2f183c40128c3c2e4b113863574e87bc0b7edbc1f4350c305d6207d62b877234532bfff2d0260a4033649235ff70dd288df48f92ef1628c445475c41178b9c1456d963890a18425fa005d378e9f911c84d5d07fb73c7f1570eda27c26365c89278731cee64c0f9330b505b697899ee3ba46e86c5267fa557040638eccdf19e5c37631aad3ca04eb4d03c2ac2b724fb27112d0fc4b4545e0e02ec26da7f8af9b9bd89e0e24ee9218acc2bed40c030967a4d72f901a6c6374c36be247567c0", 0xde}, {&(0x7f0000000e80)="7eb8b67298cac7bc0148777976d8607fd2290ad909e0e510caa4c3f24d4ccacc5ef3b7f7dc5c6e823b06957e7bae37f9982e5db2a4a5557f66e859b5c7128d50745859d125a51329b774ff08df8d86fdebd5b420cc79cffd02bb13dee97974d9360f968e13e3dc5c0c37b3464f990517392a436da2", 0x75}], 0x3, &(0x7f00000012c0)=[@rights={{0x14, 0x1, 0x1, [r10]}}, @rights={{0x20, 0x1, 0x1, [r14, 0xffffffffffffffff, r10, r2]}}, @rights={{0x24, 0x1, 0x1, [r4, r0, r6, r3, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r14, r0]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [r7, r11]}}, @cred={{0x1c, 0x1, 0x2, {r8}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}], 0xf0, 0x4}}, {{&(0x7f00000013c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000015c0)=[{&(0x7f0000001440)="f457477b8cf6e68902d786eb8a570a13a1dcae6bc370675e2b3f11b75ba3d381a7dd5880209527113a74814416bde59b0c2b43a57ae843b178cb91fbca68709e82529295bf7e815ad83747dd078b5fa75df23d1ab8467b3b82d51b5db395dc28805b86d69bd1b94b3f25ed939a50e516533a35f187ed93a034fe9cc659f9772b95613440c744bfbb", 0x88}, {&(0x7f0000001640)="c86707acaf0dc324b2161ebfb9e86fca70e76fffc4552c9538deb22058c19d9a390cb40b5b6b735cf2aa5ce11bc0edd93c6b684f91355890860323b0f70b6fc7d93f072037682edf7766d419e5cd27d60a4296da0b3cfc30a193cd4134d1d037c8caee0eb9f3cf9f29a9f0e8054df8f3126f00eee686be00ec473c6e7d79c86a4784706fd1fdc6e7a38c1f323cdf1da1753e95c61fee5df565a3f34562b88e66bdad2254b5aa46976137b10efc65f8b7bb466922a07c0e7a0fb484ad5570ac18d59b80178bafa5860990f448a91832ede5bc093dc5c99a6006424be2098ac5ac4595d666e7cdce0ac9726dd99b14a3d2e3be0347f9", 0xf5}, {&(0x7f0000001740)="8e1f3cfa407da9a87683787be155ed1072dbc7c4cda7571acb946745d55493adbd15b0ae9e921a7d3c1f93cc6246beba05108f48959a380ee707802b1df5fc3e5043134887318b42340c2f2ef2b617e75fdaa5a02e2733289370ff57d8a57508ea87068aa5dd789e866ab8d9228b8fc3afb9b0dcf80ffbf580bd2cb07723a1aa098457400007acbd01c8a74128c05c476700c9e0e4163292f1c42791c64e5e5ff850dbdfe9", 0xa5}, {&(0x7f0000001500)="cd7e0e8b6a91fa6ecd3d6ecea4c6e8658501c59684d080402db43b380ce5fa4854fff37149f303b02053d636f9f49a26338c39090be3f72113ff777e4a809f1e783cc71ddea278062376a9aa0d499c7c08e968580ec5264f2b5e997e141096e8e8a1a49e5425846d1f7763ee720c0ea572def416fe34e883", 0x78}], 0x4, 0x0, 0x0, 0x4008800}}, {{&(0x7f0000001800)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001cc0)=[{&(0x7f0000001880)}, {&(0x7f00000018c0)="ec977f572beec63dd7b47d85ce519b2d845bc453ea58aea49a6044de1dfb909b1daf649cc9281e0847c07314a8e885f5697c2e4e21c7a161", 0x38}, {&(0x7f0000001900)="95aa340234c9871beb7f945566667200ede0e829691838768151e24b8ab0c1eb53dd0cd2f9e45ef9f42ed5c6cd6ac1ac11af6ebb64581ac867c19c029b7fa3a075fdb12f730f7f89536fa9ea1e9d418605d90db754eed9f707f3f0f75dc153afc15ee2aba4fc0b06d2ca9aae3232b45d6721145d0d03e60c3b97dda917bc0c629bb0592a2a3d1d02545c8787dc6d95e40cc7522f52c3451a62a09322a3", 0x9d}, {&(0x7f00000019c0)="1f24e341f3f680c6a4bbf114c539053acff2d4f02c93bad93d2798f0b2e69a76f620f30c0737e48a1bc99607c3b065f02b8d6b8aac80e6d847fdba0d03381731272e44d514a966b0b2645d33766867089bf9e890f7e0f203f749873dceb7e5", 0x5f}, {&(0x7f0000001a40)="e40819c2ccc3ed0926d831aa70a3d6a4923c8360e77d182acfd769aeeea48c3014f459980aee8e68b0bdf02bdfe81f7c717dd250bd046ffd195dcd580f9e25af36d8733d7aa6572a7156b37777b39b6a7e6e5c2387a22bfe792e415e9d4933c3dad55f95179a544f5af0c13da669e25450a7d235c3596531c3eb89121b8dc1e0ef926b996e7806aa651b18e560d24a01355b", 0x92}, {&(0x7f0000001b00)="ed83958a3cc315797bde551b5222c30c381e12c1e7f8da1fadfa4658707bfd0163bdc5cef18b438486d9ee6a10b849715c51434b0f995cf4e3127328dc755f45a9b06bf4f5a141c4758613750c2f4ad40c5db41c3270f2ab2340cca123ca2aa79b9836354e9098066cf7cf1b3f850682b995a6b08ccebae8580106c3b505d50e8b90815ffda20c312b2ba24dcb291adf3fa906f00dae1d2c7372decc4279b45d5ed9e7175457516fbd051a0c0c9a81b45ace981b21a48dcb24460e352b42f06bc9c7", 0xc2}, {&(0x7f0000001c00)}, {&(0x7f0000001c40)="0d5ed06db238e43f7222bf54df94b45f8b291bec44", 0x15}, {&(0x7f0000001c80)="98eb369be5a18229f947ee27", 0xc}], 0x9, &(0x7f0000001e80)=[@cred={{0x1c, 0x1, 0x2, {r8}}}, @cred={{0x1c, 0x1, 0x2, {r8, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r8}}}, @rights={{0x2c, 0x1, 0x1, [r6, r11, r3, r3, r0, r5, r11]}}], 0x90, 0x8810}}, {{0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000001f40)="9ea38c6e62ef551dc2ba4f763b29b392d04c3b338182824a501d8815faf5ad49e0c3f7ad0f815441f0e57e8998c291f08a3a0911ba592901d0dc0afe26a149621e625bef9912833f02536d9d8f3d22b28b14c3abb983b16b432059ecbd52195bb5bcf980683b1759a815b13eead4c74bec51e5f3f65ce4127875967a04b1220c8bb16424255b208e190d0c73be246144b8a37aa76f96f61222282351b8a7114d88013dba609b42527030c1dd1963d8517c563bb43fd0726874de999d7b86afb7cc3ec91b6b964e7b8e1a2465f79bb8b6000883", 0xd3}], 0x1, &(0x7f0000002080)=ANY=[@ANYBLOB="2002000000ba43000000000000000000", @ANYRES32=r9, @ANYRES32=r13, @ANYRES32=r0, @ANYRES32=r13], 0x20, 0x20004000}}, {{&(0x7f00000020c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002500)=[{&(0x7f0000002140)="016bdac3578c83c63ac822593acfa56b8bc2e3ddb24426bf93fdd1003593dde5e52c71aca1da751b740ebf13027294a0f43dab8623b95f02382b10014caa340fbd0792335dfd4827db22e98c09cb710bf5fd3c65bb3df21b698b435cbd25543fe2aeec93f71c2dbab833cfddefb3ce70854d109c2f59c09f5ecaef71ab9ab501abe3382b742f0a64debcb47f2415b82a650650b749084ca0ff4e32f7d46572c2e072377ba1e8127ba2f9da1994f8154c74d1aebb8f8ff58b1e163a45d164b82a961b66a3538f32c5", 0xc8}, {&(0x7f0000002240)="77149e5bdbd0974492523d4a57cb4f18e6a5636c5e065077bf1495522e83ff1b1116959f885e6758792efca328724c6bfc5f30e62250573e192a56977cbd9d53d556fe7ecdaf422fd05fbc6e8fffa4430ba21eef0903ed34e8c125d942a786e78bcea5b321e999e27916ef78f67c16ffe07abca9", 0x74}, {&(0x7f0000000a00)="6de5182350e4b3e024a589ca264bd931522aa85ad38e814f26d76d5e501abfbb4ec985db84b7e9bdb78fc9ce68f3556543623f5da424aab588e947447ea639e02634d8", 0x43}, {&(0x7f0000002300)="850ab91b7e54a85a564cebd306fc3ec489458aa3801560a76ffd7a58ec92827df84291a5b4f7ee8e71907363316edd473ab5cfb3297d26d076c61e95cf65de1f3e3e29f68c806136d4bf13663c622c440c1562045dfee14377141afe19d3f74c5cb93e8f8b54a9607a356e9af5e8e6e5086b685f4cf47449b50fccdd0dc51537a4a6c909ea0290bdb59e1d8c774bb6cb04c94084b0", 0x95}, {&(0x7f00000023c0)="4fc000f6f365206c4b57cb8973792b5e06e70675e76ed237be767f3ba72d5e9e96dd42be029bcb9e2d64058cb0434ddc8722d68f28b0829f35301a3924028c223d47e81ad87e4bedd793f4f73ffcc1a32672a5baff698b1ff4ad6757440db7a819445a5103d7399a513c14cc26895673dd24b19d13ff95d3f171e837eb5986492257b8c5975d88c28bc30eacfcbbe40513fabf5d359ed6a93c8b3f63a6ea8a", 0x9f}, {&(0x7f0000002480)="bce40fd2495363aec38ec62cefba706a04c91bf31e3d22766a39f8d92b964592c6a59a9a60756ce8384c9166ca534e6d115664d411ea67c64482eb4979fd9f5ce35a2eed05139fc19f383c3ba743ba3a5ddd7a3c1fd5d6", 0x57}], 0x6, &(0x7f00000027c0)=ANY=[@ANYBLOB="2c000000000000000100000001000000", @ANYRES32=r15, @ANYRES32=r11, @ANYRES32=r7, @ANYRES32=r9, @ANYRES32=r7, @ANYRES32=r11, @ANYRES32=r11, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r8, @ANYRES32=r16, @ANYRES32=r17, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r12, @ANYRES32=r4, @ANYRES32=r18, @ANYRES32=r9, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r8, @ANYRES32=r19, @ANYRES32=r20, @ANYBLOB], 0x98, 0x10000815}}], 0x6, 0x0)

2.506318139s ago: executing program 8 (id=3843):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = epoll_create(0x3ff)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000280)={0x2000000}) (fail_nth: 2)

2.197833874s ago: executing program 8 (id=3844):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = epoll_create(0x3ff)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0000000})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
fcntl$setownex(r2, 0xf, &(0x7f0000000000)={0x2})
r3 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r4)
setfsgid(r4)
stat(&(0x7f0000000280)='./bus\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x50, &(0x7f0000001540)={[{@usrquota}, {}, {@commit}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0xfff}}]}, 0x1, 0x3eb, &(0x7f0000000880)="$eJzs3M1uG0UcAPD/br5I+uEgcUCFQwQIgoCkDgQoQqJw5eMCPICVpKXCbarGSLTkUBAnThwQNw59AQ48QFUhJCRegRdAlSqU5gC3oLV3HTe2Qyw7der8ftLIM+txZv7ezWpmvTsBHFtzEXE+IsYiYikiSvn2NE9xs5Gyeve3Nle2tzZXktjZ+fjvJJJ8W/G3kvz1RF6YTyPSbyOeutne7sb1G59XqtW1a3l5sXb56uLG9RuvXLpcubh2ce1K+Y1z5fLy0pvl1wYW64/PvXhu7L3zZ376s3RneXJyOuvvyfy91jgGZS7mmt/JXsuDbmzIJofdAQAADiTNx/7j9fF/KcbquYZSLG4OtXMAAADAQOy8k78CAAAAIywx9wcAAIARV9wHcH9rc6VIB7pxoHRotyQ8VPfejYjZ3Webt5vxj8djeZ2JQ3y+dS4irj6flLIUh/QcMgBAqzvZ+Odsp/FfGk+21JuKqI+Hpgfc/tyecvv4J7074CYfkI3/3o6I7bbxX1pUmR3LS6fqQ8WJ5MKl6trZiDgdEfMxMZWVy/u08f4/P3/U7b0s/t+SU6eLlLWfve7WSO+OTz34mdVKrdJPzK3ufR1xZrxT/Elz/JtExEwfbYx9deutbu/9f/yHa+dWxAsd9//uyj3J/usTLdaPh8XiqGj37ze/fNit/WHHn+3/mf3jn01a12va6L2N25/98XQ90yGq1vlPL8f/ZPJJPV/My76s1GrXyhGTyQft25d2P1uUi/pZ/PPPdv7/L85/Sb6m1cn8HNCr777/9eX9azTiz1LWfjEXfBiy+Fd72v+9Z16//fun3dpv3f+d48/2f2MNsPl8y0HOfwftYD/fHQAAADwq0vp1jSRdaObTdGGhcb3jiZhJq+sbtZcurH9xZbVx/WM2JtLiSlep5XpoufEzerO8tKf8akQ8HhE/lKbr5YWV9erqsIMHAACAY+JEl/l/5q8RuccfAAAAyH+oBwAAAEab+T8AAACMtH7W9Tu+meybOwLdOPKZZ45GN4aQmYgj0Y0+MsM+MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADza/gsAAP//Bdqy/A==")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
ioctl$TIOCL_SELLOADLUT(r6, 0x541c, &(0x7f0000000200)={0x5, 0x2, 0x10000, 0x4, 0x2})
syz_open_dev$usbfs(&(0x7f0000000040), 0xfffffffffffffef5, 0x2a0000)
getresgid(&(0x7f0000000c40), &(0x7f0000000140), &(0x7f0000000240)=<r8=>0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000700)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX=r8, @ANYBLOB="00006b746769643d0092", @ANYRESDEC, @ANYBLOB="1500bba7d41fabba4332de3ca642acf6f8de847e3f21783608008708a887d30aaf0a14b0691d48445fe3b4d1ddde1b81337b2c3b5f88535d7f6fa931b84783704494cebe49ca9f6269b05edde0246c360d0566b4056f0f02ccab035d3d0a5cde0b31bd424949fe23c0a0a25691738006c5c6acdf101fecdb4f79abdfb95c6afaea03dd5903b5240565f31504c207a9a2aa6c8108fb973081e90412a3c6cfa3b2513693727fad9acd8108acb8b90fab033c9dac0dc3e5a61c513e7b5edc5d76320f0e54045ea2b7b8fb1f78d3d346e26ee5ed6926cea1ffe0a1"], 0x1, 0x1fa, &(0x7f0000000500)="$eJzs2zFrE2EYB/Dn2rRe7GAHJ1E4cHEK6icwSAUxIEQy6GSgurQipEsUxH4eZz+EX8alg2SLXO5om2sLjWdyEn8/ON6H/O/guSF53uHN27sfDvY/Hr3f+nISaZLFRsSTmETs5lUpKdd0Vm/HnCTq+FXraQDgj/T7w27TPbBco1F3eDsidi4kg2+NNAQAAAAAAAAAAEBti5z/34j4Wj3/f7zifgGA+pz/X1/tch2NusN7xf6twvl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDmT6fTWNL/Sci2vGxGRRkQ7Im5GRCsi8s+b7hcAqG8ynZ/7V83/iEgiwvwHgDXw6vWbF91eb6+fZWnEz+PxYDwo1iJ/9ry39zCb2T176mQ8Hmye5o+KPJvPt2b7hjx/fGm+HQ/uF3mePX3Zq+Q7sb/81weA/1InO3Vuvm+WV0Snc1mez+eiOrc/qMzvVtxprew1AIAFHH36fDA8PHw3+utFsthT7bKhq+/53lpWq4prFT+Sf6INRd0ivc7NDf8wAUt39qWvJmkzDQEAAAAAAAAAAAAAABes4i9HTb8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr53cAAAD//8h6UUs=")
setgid(r8)
setgroups(0x2, &(0x7f0000000480)=[r5, r8])
setregid(r4, r5)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000280)={0x2000000})
syz_open_dev$tty20(0xc, 0x4, 0x0)

1.84103279s ago: executing program 7 (id=3845):
r0 = socket$kcm(0x2, 0x5, 0x84)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x10, &(0x7f0000000200)=ANY=[@ANYBLOB="18050000000000000000000000000000b70800000000b7080000020000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000bdd0ffa5cf263ccbd39f36b0f8e33f77fc53ae4d3d9e23365a350f1159a3a6178aa434bb95eb52c93cab", @ANYRES32=r3, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x200000000200}, 0x18)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x3d, 0x0, 0x2}, {0x5}, {0x2}, {0x6, 0x0, 0x0, 0x400}]})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x48810}, 0x0)

1.668095323s ago: executing program 8 (id=3846):
socket$kcm(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x24)

1.637381993s ago: executing program 6 (id=3847):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
mq_notify(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, @tid=0xffffffffffffffff})
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f00000005c0)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e24, 0x8, @private1, 0x6}}, 0x24)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fadvise64(r3, 0x0, 0xd75, 0x0)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000680)={0x1, &(0x7f0000000640)=[{0x8, 0xb, 0x4, 0x97}]})
uname(&(0x7f0000002780)=""/4100)
lseek(r2, 0x9, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x70bd28, 0x24dfdbfe, {0x81, 0x80, 0x0, 0x0, 0xfe}}, 0x1c}}, 0x884)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r6, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000600), r4)

1.626695053s ago: executing program 8 (id=3848):
r0 = msgget$private(0x0, 0x0)
msgsnd(r0, &(0x7f0000000800)=ANY=[@ANYRES8=<r1=>0xffffffffffffffff], 0x401, 0x0)
msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYRES16=r1], 0x401, 0x0)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000000780)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x102, 0x2}, 0x0, 0x0, 0x200, 0x7, 0xfffffffffffff734, 0x40, 0x5, 0x4, 0x0, 0x344c})
msgsnd(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="03000000000000005f15fd8d000eab3596eebe1d45edfe0d71bc205e04aba9a7b54dbfb319e71faebc577cee23e2c8657a021c7d2258cafa4ad34ceeb57dd0e2ec94acbedb19c7921f517e00000000292b7d4ca921872918364a48f2ad96be5514469fc9b41fba32ed53e90bc1a71a52a0ec9616dabd857abf5121c4c5407e25d7d476cde2e3c6591732f9e84a8a88bbcf9dce8d8119e29cbde0c9df448d8812f719904f2b3c294696c2dad3bfb8c6707666d8b8d89e51ee0e56717749935bf38e4dc2fcbe06b1b3fdf7e490e1ccc1df78021fbf50446dca10997f203b4f8ee2f68bd8dd897400da2543275f147a415e6e6fa63c62ef80405f56ce7de43eea41b236572cd107375549ebaba6e486f3cf230ce5c3d21822ded116bcd4eeb3f08a2c2795bba4e1a414"], 0x8, 0x0)
msgctl$IPC_RMID(r0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x74c, &(0x7f0000000f40)="$eJzs3c1rXFUbAPDnTpOmX++bFFxYEQx0YaF0YtNaKohUdCHFSlF3LtrpzDSUzHRKZlKaUNGKIrgSKa79WLnzHxBF0J1LwbUrKRQpFUQQRu70Tpw2M+kkzXRS5/eDG865907Oeebee85JzmEmgJE1nf7IReyLiI+TiMlsfxIR463UWMSJO+fdvnW1mG5JNJtv/J60zknz0fGa1O4s83hEfP9BxMHc6nLrS8vzhUqlvJDlZxrVSzP1peVDF6qFufJc+eLsseeOzB6fffb47KbF+tf7r507+fXLX15/76dfX3/75FNJnIg92bHOODbLdExn78l4+hbe5aXNLmzIkmFXgA1JH81td57y2BeTsa2VAgD+y96JiCYAMGIS/T8AjJj2/wHac3uDmAfbym6+GBE7usU/ls3Z7WjNg+66ndw1M5JExNQmlD8dEVfe+vCbdIsBzUMCdPPutYg4OzW9uv1LVq1ZWK9n+jhn+p689g8enu/S8c/xbuOf3Mr4J7qMfya6PLsbcf/nP3djE4rpKR3/Pd91/LuyaG1qW5b7X2vMN56cv1App23b/yPiQIxPpPnDa5Rx9JMXfux1rHP8l25p+e2xYFaPG2MTd7+mVGgUHiTmTjevRTwx1i3+ZOX6Jz3Gv6f7LKPxw5Nf9Dp2//gHq/l5xNNdr/+/K9qStdcnzrTuh5n2XbFa/qPJvb3KH3b86fXftXb8U0nnes36+sv4+dO/X+l1bKP3//bkzVZ6e7bvSqHRWDgcsT15dfX+jiWk7Xz7/DT+A/vXbv+63f/p34Rn+4x//rOvzm08/sFK4y+t6/qvP7H/l297xtPf9T/aSh3I9vTT/vVbwQd57wAAAAAAAAAAAAAAAAAAAAAAAACgX7mI2BNJLr+SzuXy+Tvf4f1Y7MpVavXGwfO1xYulaH1X9lSM59qfdDnZ8Xmoh7PPw2/nZ+/JH4mIvRFxfWJnK58v1iqlYQcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJndPb7/P/XbxLBrBwAMzI5hVwAAeOj0/wAwevT/ADB69P8AMHr0/wAwevT/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNjpU6fSrfnHravFNF+6vLQ4X7t8qFSuz+eri8V8sbZwKT9Xq81VyvlirXq/31ep1S7NHovFKzONcr0xU19aPlOtLV5snLlQLcyVz5THH0pUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA+9aXl+UKlUl54BBM7I2ILVOMRTvzZ3BLVkNiCiWG3TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACPhn8CAAD//1nfHlc=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
utimes(&(0x7f0000000000)='./file0\x00', 0x0)
msgctl$MSG_INFO(r0, 0xc, &(0x7f0000000040)=""/12)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r6 = socket$kcm(0x2, 0x2, 0x73)
sendmsg$inet(r6, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000340)='+', 0x34000}], 0x1}, 0x900000000000000)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5, <r7=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000500)=0xffffffffffffffff, 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0)={0x0, r4}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="3ca3ffff08000080e97d0f8e007744c0fffcffffff4b0011bc000000000b1f110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003aba1fc8500000082000000"], &(0x7f00000004c0)='GPL\x00', 0x6, 0x1000, &(0x7f00000012c0)=""/4096, 0x41000, 0x2, '\x00', 0x0, 0x0, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x1, 0xa, 0x8}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000580)=[{0x2, 0x5, 0xd, 0xa}, {0x2, 0x2, 0x8, 0x4}, {0x3, 0x1, 0x0, 0x6}, {0x3, 0x4, 0x0, 0xe2cefe64e19e6d47}], 0x10, 0x8001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="440000001300290215d001d5675ee974cdd6d03aca03079afb9efc46ccf2cf11285af10641de1f2439c4b0f23b5b85ce34be26c8f731f36e74bcb907c0f3abe3a32d176d9e6c2e83751c0102ee50593d112200", @ANYRESDEC=r3, @ANYBLOB='\x00\x00\x00'], 0x44}}, 0x0)

1.593838244s ago: executing program 6 (id=3850):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = inotify_init1(0x0)
r3 = dup(r2)
inotify_rm_watch(r3, 0x0)
epoll_pwait(r1, &(0x7f0000000180)=[{}], 0x1, 0xffffffff, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bdaa, 0xffffffff, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {0xc, 0xffe0}, {}, {0x3, 0xa}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x0, 0x7, 0x2}}}]}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x40010}, 0x20040054)

1.406897257s ago: executing program 0 (id=3853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x6b, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000000), &(0x7f0000000040)='%-5lx  \x00'}, 0x20)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000fc0)="5c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3651f60a84c9f4d4938037e70e4509c5bb00000000e513aeac9bf2bee150d5fe86", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)

1.406434937s ago: executing program 0 (id=3854):
r0 = perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x9}, 0x114c58, 0x0, 0x0, 0x1, 0x8, 0x7ff, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r0, 0x0) (async)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, r0, 0x2) (async)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

1.294229959s ago: executing program 8 (id=3855):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getpriority(0x1, 0xffffffffffffffff) (fail_nth: 5)

1.293842209s ago: executing program 0 (id=3856):
io_setup(0x800, &(0x7f0000000440)=<r0=>0x0)
r1 = eventfd(0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xd4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000a80)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={&(0x7f00000002c0), 0x2}, 0x9300, 0x5dd8, 0x3, 0x5, 0x0, 0x8, 0x4, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x9, r2, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b80)={{r2}, &(0x7f0000000b00), &(0x7f0000000b40)=r2}, 0x20)
fcntl$lock(r3, 0x6, &(0x7f0000000200)={0x0, 0x7, 0xef4, 0x74})
socket$packet(0x11, 0xa, 0x300)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x8, 0xc, &(0x7f0000000c80)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0200000000000000b7080000000000007b8af8ff00000000bfa2000000bcf49816020000f8ffffffb70300000800008500000001000000955d5d6d4f18fc44114c0b48252b805e0ce26c00db63d9924c8f51c03594126501ad1583561e20d8f37059c9b45deb5d494673b2f7b9bd23a5ec074f5199355f2cc97b06cba4a722613c4dea5f2a6a66c9c80a1dcda13abb17053b421d7ce61eb4615fe9a702aef23e7ab8beb220db78e0781ad0fe7aa47d9b04af3377bd918188167f4e88abd4c285c62cdeaa88207a0d9973043117775e8ca49413163b0c4313e8058a6ad2c4185e53316d4cfdcca303e9733086bd4fd5f958f31152514317adf3a198e3203d90a6dccf56ce89dca5d738e970568616c3542743bcda2461"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000000), &(0x7f00000005c0)=r5}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
dup2(r2, r2)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r9}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
r10 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r10, 0x2284, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f00000008c0), r2)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000a40)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000900)=ANY=[@ANYBLOB="d8000000", @ANYRES16=r11, @ANYBLOB="10050000000000000025030000003c0005802400028008000200001000000800030004000000080001000d0000000800010000000002140002800800030026cc000008000200e36600003c00098008000200ffff000008000100040000000800020003000000080002000600000008000100ff070000080002000000000008000100000000004c000380080002006380000008000100090000000800030001f0ffff08000200ffff00000800030005000000080002000700000008000100090000000800010004000000080003000f000000"], 0xd8}, 0x1, 0x0, 0x0, 0x2801}, 0x4000000)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x1, 0x513, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//ysA4A0=")
io_submit(r0, 0x1, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0xff, r1, &(0x7f0000000000)="b719bc6456888514b2352447bb60252c968aacdbd497a625aa4274dfee01fd62efadd5825600dc6d8955479411874557a759ee87b4470fa9", 0x38, 0x8001, 0x0, 0x0, r2}])
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff0200000000000000000000000000010400"], 0x0)

1.2000492s ago: executing program 8 (id=3857):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000d"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r0}, 0x4)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
recvmmsg(r2, &(0x7f00000023c0)=[{{&(0x7f0000000240)=@isdn, 0x80, &(0x7f0000002500)=[{&(0x7f0000000300)=""/213, 0xd5}, {0x0}, {&(0x7f0000000d40)=""/4096, 0x1000}, {&(0x7f0000000840)=""/155, 0x9b}, {&(0x7f0000000900)=""/162, 0xa2}, {&(0x7f00000009c0)=""/242, 0xf2}, {&(0x7f0000001d40)=""/175, 0xaf}, {&(0x7f0000001e00)=""/83, 0x53}, {&(0x7f0000001e80)=""/105, 0x69}], 0x9}}, {{&(0x7f0000002480)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000002200)=""/183, 0xb7}, {&(0x7f0000000400)=""/1, 0x1}, {&(0x7f00000022c0)=""/241, 0xf1}], 0x3, &(0x7f0000000600)=""/20, 0x14}, 0x19}], 0x2, 0x2000, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
unshare(0x68040200)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0)
sendmmsg(r6, &(0x7f0000000180), 0x393, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

849.801176ms ago: executing program 7 (id=3858):
socket$kcm(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x24)

735.674908ms ago: executing program 7 (id=3859):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="090000000400"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r0}, 0x4)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, 0x0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r4}, 0x18)
recvmmsg(r2, &(0x7f00000023c0)=[{{&(0x7f0000000240)=@isdn, 0x80, &(0x7f0000002500)=[{&(0x7f0000000300)=""/213, 0xd5}, {0x0}, {&(0x7f0000000d40)=""/4096, 0x1000}, {&(0x7f0000000840)=""/155, 0x9b}, {&(0x7f0000000900)=""/162, 0xa2}, {&(0x7f00000009c0)=""/242, 0xf2}, {&(0x7f0000001d40)=""/175, 0xaf}, {&(0x7f0000001e00)=""/83, 0x53}, {&(0x7f0000001e80)=""/105, 0x69}], 0x9}}, {{&(0x7f0000001fc0)=@pppoe, 0x80, &(0x7f00000001c0)=[{&(0x7f0000002040)=""/177, 0xb1}], 0x1, &(0x7f0000002100)=""/65, 0x41}, 0x83}, {{&(0x7f0000002480)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000002200)=""/183, 0xb7}, {&(0x7f0000000400)=""/1, 0x1}, {0x0}], 0x3, &(0x7f0000000600)=""/20, 0x14}, 0x19}], 0x3, 0x2000, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0)
sendmmsg(r5, &(0x7f0000000180), 0x393, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

566.02234ms ago: executing program 6 (id=3860):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff0200000000000000000000000000010400"], 0x0)

543.735411ms ago: executing program 0 (id=3861):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd6000000000002d", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0xd4}, 0x24008000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x3, 0x0, 0x10000000, 0x0, 0x40000000, 0x1000, 0x0, 0x81, 0x0, 0x2, 0x0, 0x7e150a0b, 0xffff, 0x5, 0x0, 0x80000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x1007, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x400000, 0x40000000, 0x0, 0x0, 0x0, 0x1, 0x8, 0x0, 0x3, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e982638, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0xd2d1, 0x0, 0x1, 0x4000b2e, 0x52f7, 0x0, 0x0, 0xfffffffe, 0x0, 0xff, 0x1000, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x800, 0x26, 0x800, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x80c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x3, 0x8, 0x0, 0x14, 0x1e, 0x0, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1000, 0x100, 0x7f0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0xff, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x153, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x400, 0xfffffff0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0x101, 0x0, 0x0, 0xffffffff}, 0x9, 0xf, 0x2000000}}]}}]}, 0x45c}}, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00012abd7000fbdbdf2511000000200001", @ANYRES32=0x0, @ANYBLOB="1400020064756d6d7930000000000000000000004800018008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00', @ANYRES32, @ANYBLOB="1400020069705f76746930000000000000000000080003000100000008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x42}, 0x4000000)

543.441651ms ago: executing program 6 (id=3862):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = epoll_create(0x3ff)
r3 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000280)={0x2000000}) (fail_nth: 2)

522.661831ms ago: executing program 0 (id=3863):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@errors_remount}, {@abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")

180.984187ms ago: executing program 6 (id=3864):
r0 = getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$can_bcm(0x1d, 0x2, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_pidfd_open(r0, 0x0)
setns(r3, 0x24020000)
syz_clone3(&(0x7f00000008c0)={0x15b42180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0], 0x1}, 0x58)

50.936009ms ago: executing program 0 (id=3865):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40841, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="00001b1de4356c052e79aaaaaaaaaaaa88a800008100000086dd"], 0xfdef)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0xffffffffffffffff]}, 0x8)
close(r5)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r5, 0x84, 0x19, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@initdev, @in6=@ipv4={""/10, ""/2, @remote}}}, {{@in=@dev}, 0x0, @in6=@dev}}, &(0x7f0000000040)=0xffffffffffffff49)
fcntl$setpipe(r4, 0x407, 0x7000000)

6.81061ms ago: executing program 6 (id=3866):
r0 = creat(&(0x7f00000000c0)='./file1\x00', 0x67)
close(r0)
r1 = socket$unix(0x1, 0x2, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x0, 0x200000, 0x7})
setuid(0xee00)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRESOCT=r1], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000048000480440001800c0001007061796c6f6164"], 0x9c}, 0x1, 0x0, 0x0, 0x20000084}, 0x4000040)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1}, 0xc)
listen(r3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})
creat(&(0x7f00000000c0)='./file1\x00', 0x67) (async)
close(r0) (async)
socket$unix(0x1, 0x2, 0x0) (async)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x0, 0x200000, 0x7}) (async)
setuid(0xee00) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRESOCT=r1], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000048000480440001800c0001007061796c6f6164"], 0x9c}, 0x1, 0x0, 0x0, 0x20000084}, 0x4000040) (async)
socket$unix(0x1, 0x1, 0x0) (async)
bind$unix(r3, &(0x7f0000003000)=@file={0x1}, 0xc) (async)
listen(r3, 0x0) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}}) (async)

0s ago: executing program 1 (id=3867):
syz_emit_ethernet(0x16, &(0x7f0000000780)={@local, @local, @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, "bf", "997238", 0x886c}}}}}, 0x0)

kernel console output (not intermixed with test programs):

unted at /130/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  334.082405][T15395] loop0: detected capacity change from 0 to 128
[  334.236054][T15392] ext4 filesystem being mounted at /388/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  334.528981][T15395] ext4 filesystem being mounted at /106/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  334.561370][  T310] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3
[  334.616785][T15392] EXT4-fs error (device loop6): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.6.3441: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  334.703153][T15395] EXT4-fs error (device loop0): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.0.3442: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  334.887893][T15421] loop7: detected capacity change from 0 to 128
[  334.934547][T15426] loop6: detected capacity change from 0 to 128
[  334.947140][T15421] ext4 filesystem being mounted at /211/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  335.015095][T15426] ext4 filesystem being mounted at /392/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  335.082726][T15426] EXT4-fs error (device loop6): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.6.3454: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  335.468238][T15445] loop6: detected capacity change from 0 to 128
[  335.540667][T15445] ext4 filesystem being mounted at /393/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  335.652442][T15450] 9pnet_fd: Insufficient options for proto=fd
[  335.715309][T15455] loop8: detected capacity change from 0 to 128
[  335.762934][T15455] ext4 filesystem being mounted at /130/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  335.941426][T15466] loop7: detected capacity change from 0 to 128
[  336.157101][T15466] ext4 filesystem being mounted at /212/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  336.290120][T15475] loop0: detected capacity change from 0 to 128
[  336.333419][T15477] loop1: detected capacity change from 0 to 128
[  336.363675][T15475] ext4 filesystem being mounted at /113/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  336.409278][T15477] ext4 filesystem being mounted at /137/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  336.479251][T15477] EXT4-fs error (device loop1): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.1.3469: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  337.047862][   T29] kauditd_printk_skb: 170 callbacks suppressed
[  337.047882][   T29] audit: type=1326 audit(1743959761.177:14114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.205902][   T29] audit: type=1326 audit(1743959761.207:14115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.230227][   T29] audit: type=1326 audit(1743959761.207:14116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.254279][   T29] audit: type=1326 audit(1743959761.207:14117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.277975][   T29] audit: type=1326 audit(1743959761.207:14118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.301948][   T29] audit: type=1326 audit(1743959761.207:14119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.325864][   T29] audit: type=1326 audit(1743959761.207:14120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.349632][   T29] audit: type=1326 audit(1743959761.207:14121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.373543][   T29] audit: type=1326 audit(1743959761.307:14122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f09ccaaf087 code=0x7ffc0000
[  337.397431][   T29] audit: type=1326 audit(1743959761.307:14123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15483 comm="syz.8.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  337.462866][T15493] loop8: detected capacity change from 0 to 512
[  337.491554][T15493] EXT4-fs: Ignoring removed oldalloc option
[  337.503131][T15493] EXT4-fs error (device loop8): ext4_xattr_inode_iget:433: comm syz.8.3473: Parent and EA inode have the same ino 15
[  337.538508][T15493] EXT4-fs (loop8): Remounting filesystem read-only
[  337.545207][T15493] EXT4-fs warning (device loop8): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  337.558164][T15495] 9pnet_fd: Insufficient options for proto=fd
[  337.622053][T15493] EXT4-fs (loop8): 1 orphan inode deleted
[  337.634111][T15500] loop7: detected capacity change from 0 to 128
[  337.677050][T15503] loop8: detected capacity change from 0 to 128
[  337.688406][T15500] ext4 filesystem being mounted at /216/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  337.731745][T15503] ext4 filesystem being mounted at /133/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  337.944505][T15513] loop0: detected capacity change from 0 to 128
[  337.953013][T15513] ext4 filesystem being mounted at /114/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  338.033179][T15513] EXT4-fs error (device loop0): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.0.3480: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  338.454450][T15517] loop1: detected capacity change from 0 to 128
[  338.466725][T15517] ext4 filesystem being mounted at /140/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  338.672042][T15529] loop8: detected capacity change from 0 to 128
[  338.676830][T15527] loop0: detected capacity change from 0 to 128
[  338.690087][T15529] ext4 filesystem being mounted at /134/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  338.747846][T15527] ext4 filesystem being mounted at /115/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  339.312721][T15539] loop6: detected capacity change from 0 to 2048
[  339.340747][T15539] ext4 filesystem being mounted at /398/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  339.466701][T15549] FAULT_INJECTION: forcing a failure.
[  339.466701][T15549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.480023][T15549] CPU: 0 UID: 0 PID: 15549 Comm: syz.6.3490 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  339.480057][T15549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  339.480072][T15549] Call Trace:
[  339.480080][T15549]  <TASK>
[  339.480087][T15549]  dump_stack_lvl+0xf6/0x150
[  339.480186][T15549]  dump_stack+0x15/0x1a
[  339.480235][T15549]  should_fail_ex+0x261/0x270
[  339.480269][T15549]  should_fail+0xb/0x10
[  339.480299][T15549]  should_fail_usercopy+0x1a/0x20
[  339.480333][T15549]  copy_fpstate_to_sigframe+0x65d/0x7f0
[  339.480378][T15549]  ? copy_fpstate_to_sigframe+0xed/0x7f0
[  339.480473][T15549]  ? fpu__alloc_mathframe+0x95/0xd0
[  339.480516][T15549]  get_sigframe+0x308/0x440
[  339.480595][T15549]  x64_setup_rt_frame+0xb4/0x5a0
[  339.480666][T15549]  arch_do_signal_or_restart+0x28c/0x4b0
[  339.480772][T15549]  syscall_exit_to_user_mode+0x62/0x120
[  339.480835][T15549]  do_syscall_64+0xd6/0x1c0
[  339.480870][T15549]  ? clear_bhb_loop+0x25/0x80
[  339.480895][T15549]  ? clear_bhb_loop+0x25/0x80
[  339.480923][T15549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.481011][T15549] RIP: 0033:0x7ff62a06d167
[  339.481029][T15549] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  339.481051][T15549] RSP: 002b:00007ff6286cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c1
[  339.481120][T15549] RAX: 00000000000001c1 RBX: 00007ff62a285fa0 RCX: 00007ff62a06d169
[  339.481136][T15549] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000001080
[  339.481151][T15549] RBP: 00007ff6286cf090 R08: 0000000000000001 R09: 0000000000000000
[  339.481165][T15549] R10: 0000200000001100 R11: 0000000000000246 R12: 0000000000000001
[  339.481181][T15549] R13: 0000000000000000 R14: 00007ff62a285fa0 R15: 00007fff4177e9c8
[  339.481204][T15549]  </TASK>
[  339.729163][T15551] loop1: detected capacity change from 0 to 512
[  339.741562][T13259] EXT4-fs unmount: 80 callbacks suppressed
[  339.741579][T13259] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  339.749562][T15551] EXT4-fs: Ignoring removed oldalloc option
[  339.839663][T15551] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.3491: Parent and EA inode have the same ino 15
[  339.903939][T15551] EXT4-fs (loop1): Remounting filesystem read-only
[  339.910585][T15551] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  339.935214][T15551] EXT4-fs (loop1): 1 orphan inode deleted
[  339.961949][T15551] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.058389][T13043] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.102275][T12017] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  340.131028][T15572] loop7: detected capacity change from 0 to 128
[  340.149692][T15572] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  340.162017][T15572] ext4 filesystem being mounted at /217/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  340.339866][T13411] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  340.380056][T15579] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  340.388359][T15579] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  340.591427][T15579] loop0: detected capacity change from 0 to 128
[  340.644819][T15579] +Y‘/: attempt to access beyond end of device
[  340.644819][T15579] loop0: rw=2049, sector=145, nr_sectors = 24 limit=128
[  340.661449][T15579] +Y‘/: attempt to access beyond end of device
[  340.661449][T15579] loop0: rw=2049, sector=177, nr_sectors = 8 limit=128
[  340.674973][T15579] +Y‘/: attempt to access beyond end of device
[  340.674973][T15579] loop0: rw=2049, sector=193, nr_sectors = 8 limit=128
[  340.693604][T15579] +Y‘/: attempt to access beyond end of device
[  340.693604][T15579] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128
[  340.710768][T15579] +Y‘/: attempt to access beyond end of device
[  340.710768][T15579] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128
[  340.805441][T15579] +Y‘/: attempt to access beyond end of device
[  340.805441][T15579] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128
[  340.826418][T15579] +Y‘/: attempt to access beyond end of device
[  340.826418][T15579] loop0: rw=2049, sector=257, nr_sectors = 8 limit=128
[  340.839685][T15579] +Y‘/: attempt to access beyond end of device
[  340.839685][T15579] loop0: rw=2049, sector=273, nr_sectors = 8 limit=128
[  340.853110][T15579] +Y‘/: attempt to access beyond end of device
[  340.853110][T15579] loop0: rw=2049, sector=289, nr_sectors = 8 limit=128
[  340.890852][T15587] loop6: detected capacity change from 0 to 128
[  340.911734][T15587] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  340.932265][T15587] ext4 filesystem being mounted at /403/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  341.028095][T12017] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  341.106885][T15596] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3508'.
[  341.138195][T15596] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  341.243185][T15605] x_tables: duplicate underflow at hook 3
[  341.273441][T15608] loop7: detected capacity change from 0 to 1024
[  341.291984][T15610] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3513'.
[  341.304014][T15608] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.329348][T15608] EXT4-fs (loop7): shut down requested (2)
[  341.393673][T12017] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.463565][T15617] Falling back ldisc for ptm0.
[  341.529675][T15619] loop7: detected capacity change from 0 to 128
[  341.547507][T15619] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  341.570220][T15619] ext4 filesystem being mounted at /223/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  341.741087][T15626] loop0: detected capacity change from 0 to 2048
[  341.787193][ T9318] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  342.040476][T15626] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.054813][T15626] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.198897][T13411] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.498353][T12017] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  342.518700][   T29] kauditd_printk_skb: 138 callbacks suppressed
[  342.518716][   T29] audit: type=1400 audit(1743959766.647:14262): avc:  denied  { create } for  pid=15639 comm="syz.1.3524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  342.549725][   T29] audit: type=1400 audit(1743959766.677:14263): avc:  denied  { write } for  pid=15639 comm="syz.1.3524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  342.596714][T15642] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3522'.
[  342.615895][   T29] audit: type=1400 audit(1743959766.697:14264): avc:  denied  { append } for  pid=15643 comm="syz.6.3526" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  342.639653][   T29] audit: type=1400 audit(1743959766.697:14265): avc:  denied  { create } for  pid=15643 comm="syz.6.3526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  342.695453][T15653] loop0: detected capacity change from 0 to 128
[  342.725267][T15653] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  342.740209][T15653] ext4 filesystem being mounted at /123/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  342.793576][T15664] FAULT_INJECTION: forcing a failure.
[  342.793576][T15664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.806882][T15664] CPU: 0 UID: 0 PID: 15664 Comm: syz.1.3535 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  342.806995][T15664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  342.807057][T15664] Call Trace:
[  342.807065][T15664]  <TASK>
[  342.807074][T15664]  dump_stack_lvl+0xf6/0x150
[  342.807148][T15664]  dump_stack+0x15/0x1a
[  342.807167][T15664]  should_fail_ex+0x261/0x270
[  342.807195][T15664]  should_fail+0xb/0x10
[  342.807223][T15664]  should_fail_usercopy+0x1a/0x20
[  342.807257][T15664]  _copy_from_user+0x1c/0xa0
[  342.807302][T15664]  move_addr_to_kernel+0x8c/0x130
[  342.807336][T15664]  __sys_connect+0x6c/0x1b0
[  342.807369][T15664]  __x64_sys_connect+0x41/0x50
[  342.807395][T15664]  x64_sys_call+0x2030/0x2e10
[  342.807422][T15664]  do_syscall_64+0xc9/0x1c0
[  342.807514][T15664]  ? clear_bhb_loop+0x25/0x80
[  342.807539][T15664]  ? clear_bhb_loop+0x25/0x80
[  342.807565][T15664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.807587][T15664] RIP: 0033:0x7f8e7847d169
[  342.807672][T15664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.807691][T15664] RSP: 002b:00007f8e76adf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  342.807714][T15664] RAX: ffffffffffffffda RBX: 00007f8e78695fa0 RCX: 00007f8e7847d169
[  342.807728][T15664] RDX: 0000000000000010 RSI: 00002000000009c0 RDI: 0000000000000003
[  342.807743][T15664] RBP: 00007f8e76adf090 R08: 0000000000000000 R09: 0000000000000000
[  342.807757][T15664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.807771][T15664] R13: 0000000000000000 R14: 00007f8e78695fa0 R15: 00007ffd57badef8
[  342.807790][T15664]  </TASK>
[  342.882675][   T29] audit: type=1326 audit(1743959766.917:14266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15661 comm="syz.8.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  343.012090][   T29] audit: type=1326 audit(1743959766.917:14267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15661 comm="syz.8.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  343.036198][   T29] audit: type=1326 audit(1743959766.917:14268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15661 comm="syz.8.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  343.060148][   T29] audit: type=1326 audit(1743959766.917:14269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15661 comm="syz.8.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  343.084013][   T29] audit: type=1326 audit(1743959766.917:14270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15661 comm="syz.8.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  343.108330][   T29] audit: type=1326 audit(1743959766.917:14271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15661 comm="syz.8.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f09ccaaf087 code=0x7ffc0000
[  343.183486][T13411] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  343.214775][T15672] loop6: detected capacity change from 0 to 2048
[  343.238519][T15677] loop0: detected capacity change from 0 to 128
[  343.250642][T15672] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.263204][T15672] ext4 filesystem being mounted at /408/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.266064][T15677] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  343.319293][T15677] ext4 filesystem being mounted at /124/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  343.333709][ T9318] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.382658][T15677] EXT4-fs error (device loop0): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.0.3539: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  343.448443][T13411] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  343.460439][T15688] FAULT_INJECTION: forcing a failure.
[  343.460439][T15688] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  343.473851][T15688] CPU: 1 UID: 0 PID: 15688 Comm: syz.8.3544 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  343.473883][T15688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  343.473896][T15688] Call Trace:
[  343.473906][T15688]  <TASK>
[  343.473915][T15688]  dump_stack_lvl+0xf6/0x150
[  343.473946][T15688]  dump_stack+0x15/0x1a
[  343.474035][T15688]  should_fail_ex+0x261/0x270
[  343.474064][T15688]  should_fail+0xb/0x10
[  343.474090][T15688]  should_fail_usercopy+0x1a/0x20
[  343.474124][T15688]  _copy_to_user+0x20/0xa0
[  343.474165][T15688]  rng_dev_read+0x3f4/0x720
[  343.474266][T15688]  vfs_readv+0x3e5/0x660
[  343.474292][T15688]  ? __pfx_rng_dev_read+0x10/0x10
[  343.474328][T15688]  __x64_sys_preadv+0xf9/0x1c0
[  343.474440][T15688]  x64_sys_call+0x1410/0x2e10
[  343.474471][T15688]  do_syscall_64+0xc9/0x1c0
[  343.474507][T15688]  ? clear_bhb_loop+0x25/0x80
[  343.474595][T15688]  ? clear_bhb_loop+0x25/0x80
[  343.474679][T15688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.474703][T15688] RIP: 0033:0x7f09ccaad169
[  343.474720][T15688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.474766][T15688] RSP: 002b:00007f09cb117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  343.474789][T15688] RAX: ffffffffffffffda RBX: 00007f09cccc5fa0 RCX: 00007f09ccaad169
[  343.474804][T15688] RDX: 0000000000000002 RSI: 0000200000000000 RDI: 0000000000000004
[  343.474817][T15688] RBP: 00007f09cb117090 R08: 0000000000000000 R09: 0000000000000000
[  343.474829][T15688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.474841][T15688] R13: 0000000000000000 R14: 00007f09cccc5fa0 R15: 00007fff1cc15b08
[  343.474869][T15688]  </TASK>
[  343.664717][T15686] loop6: detected capacity change from 0 to 128
[  343.685477][T15686] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  343.706730][T15686] ext4 filesystem being mounted at /409/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  343.747482][T15686] EXT4-fs error (device loop6): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.6.3541: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  343.751844][T15693] loop7: detected capacity change from 0 to 2048
[  343.790307][ T9318] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  343.791870][T15695] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3547'.
[  343.814030][T15695] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  343.824954][T15693] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.851806][T15693] ext4 filesystem being mounted at /227/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.883951][T15703] loop0: detected capacity change from 0 to 128
[  343.906722][T15703] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  343.928639][T12017] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.942061][T15703] ext4 filesystem being mounted at /127/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  344.002560][T15706] loop6: detected capacity change from 0 to 128
[  344.073731][T15706] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  344.089010][T15706] ext4 filesystem being mounted at /411/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  344.483883][T15718] loop1: detected capacity change from 0 to 128
[  344.505373][T15716] netlink: 'syz.7.3553': attribute type 21 has an invalid length.
[  344.532436][T15720] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.578464][T15718] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  344.634698][T15718] ext4 filesystem being mounted at /154/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  344.701722][T15718] EXT4-fs error (device loop1): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.1.3554: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  344.738967][T13043] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  344.783607][T13411] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  344.801846][T15720] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.850969][T15733] loop1: detected capacity change from 0 to 512
[  344.868005][T15731] loop7: detected capacity change from 0 to 2048
[  344.875964][T15720] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.900694][T15734] syz_tun: entered promiscuous mode
[  344.920462][T15733] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.926127][T15734] batadv_slave_0: entered promiscuous mode
[  344.940306][T15734] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  344.948241][T15733] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.948842][T15731] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.969646][T15734] Cannot create hsr debugfs directory
[  344.974112][T15731] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.983221][T15734] hsr1: entered allmulticast mode
[  344.992237][T15734] syz_tun: entered allmulticast mode
[  344.997591][T15734] batadv_slave_0: entered allmulticast mode
[  345.006897][T15733] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.3557: Failed to acquire dquot type 1
[  345.019959][T12017] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.031274][T15739] netlink: 'syz.1.3557': attribute type 3 has an invalid length.
[  345.040778][ T9318] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  345.054337][T15720] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.084783][T15743] netlink: 244 bytes leftover after parsing attributes in process `syz.6.3562'.
[  345.127296][T15720] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.140628][T15720] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.154486][T15720] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  345.179547][T15267] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  345.201568][T15720] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  345.251061][T13043] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.269682][T15754] loop8: detected capacity change from 0 to 128
[  345.288683][T15746] netlink: 'syz.6.3562': attribute type 10 has an invalid length.
[  345.297252][T15758] loop7: detected capacity change from 0 to 128
[  345.309778][T15754] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  345.324127][T15758] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  345.336991][T15754] ext4 filesystem being mounted at /151/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  345.382830][T15758] ext4 filesystem being mounted at /234/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  345.414160][T15746] hsr_slave_0: left promiscuous mode
[  345.426220][T15746] hsr_slave_1: left promiscuous mode
[  345.536078][T15771] loop1: detected capacity change from 0 to 512
[  345.543118][T15771] EXT4-fs: Ignoring removed orlov option
[  345.551922][T15771] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  345.560497][T15771] EXT4-fs (loop1): fragment/cluster size (8192) != block size (4096)
[  345.669526][T13259] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  345.738067][T15783] loop1: detected capacity change from 0 to 128
[  345.757411][T15783] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  345.846024][T15783] ext4 filesystem being mounted at /161/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  345.996073][T15789] FAULT_INJECTION: forcing a failure.
[  345.996073][T15789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.009412][T15789] CPU: 1 UID: 0 PID: 15789 Comm: syz.6.3578 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  346.009445][T15789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  346.009461][T15789] Call Trace:
[  346.009468][T15789]  <TASK>
[  346.009550][T15789]  dump_stack_lvl+0xf6/0x150
[  346.009576][T15789]  dump_stack+0x15/0x1a
[  346.009595][T15789]  should_fail_ex+0x261/0x270
[  346.009629][T15789]  should_fail+0xb/0x10
[  346.009657][T15789]  should_fail_usercopy+0x1a/0x20
[  346.009771][T15789]  _copy_from_user+0x1c/0xa0
[  346.009809][T15789]  copy_msghdr_from_user+0x54/0x2b0
[  346.009844][T15789]  ? __fget_files+0x186/0x1c0
[  346.009919][T15789]  __sys_sendmsg+0x141/0x240
[  346.009959][T15789]  __x64_sys_sendmsg+0x46/0x50
[  346.009988][T15789]  x64_sys_call+0x26f3/0x2e10
[  346.010016][T15789]  do_syscall_64+0xc9/0x1c0
[  346.010103][T15789]  ? clear_bhb_loop+0x25/0x80
[  346.010207][T15789]  ? clear_bhb_loop+0x25/0x80
[  346.010232][T15789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.010253][T15789] RIP: 0033:0x7ff62a06d169
[  346.010267][T15789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.010285][T15789] RSP: 002b:00007ff6286cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.010305][T15789] RAX: ffffffffffffffda RBX: 00007ff62a285fa0 RCX: 00007ff62a06d169
[  346.010320][T15789] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  346.010370][T15789] RBP: 00007ff6286cf090 R08: 0000000000000000 R09: 0000000000000000
[  346.010381][T15789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.010392][T15789] R13: 0000000000000000 R14: 00007ff62a285fa0 R15: 00007fff4177e9c8
[  346.010411][T15789]  </TASK>
[  346.227574][T15792] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3579'.
[  346.494053][T15792] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  346.734261][T13043] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  346.806044][T15804] loop0: detected capacity change from 0 to 512
[  346.817498][T15804] EXT4-fs: Ignoring removed oldalloc option
[  346.869686][T15804] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.3585: Parent and EA inode have the same ino 15
[  346.887879][T15810] loop1: detected capacity change from 0 to 512
[  346.894771][T15810] EXT4-fs: Ignoring removed oldalloc option
[  346.916039][T15804] EXT4-fs (loop0): Remounting filesystem read-only
[  346.922677][T15804] EXT4-fs warning (device loop0): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  346.947563][T15810] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.3586: Parent and EA inode have the same ino 15
[  346.984534][T15804] EXT4-fs (loop0): 1 orphan inode deleted
[  346.999956][T15804] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.022514][T15810] EXT4-fs (loop1): Remounting filesystem read-only
[  347.029247][T15810] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  347.038792][T15815] loop8: detected capacity change from 0 to 128
[  347.039432][T15810] EXT4-fs (loop1): 1 orphan inode deleted
[  347.051801][T15810] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.081166][T13043] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.099280][T13411] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.103181][T15817] loop6: detected capacity change from 0 to 128
[  347.137641][T15817] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  347.156958][T15817] ext4 filesystem being mounted at /418/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  347.201545][T15817] EXT4-fs error (device loop6): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.6.3590: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  347.210440][T15819] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.231005][T12017] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  347.232702][T15819] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.267395][T15827] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0
[  347.279353][ T9318] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  347.280775][T15829] loop7: detected capacity change from 0 to 128
[  347.304370][T15829] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  347.317603][T15829] ext4 filesystem being mounted at /235/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  347.351358][T15832] loop6: detected capacity change from 0 to 128
[  347.353924][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.353924][ T5276] loop8: rw=1, sector=153, nr_sectors = 8 limit=128
[  347.361609][T15832] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  347.371970][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.371970][ T5276] loop8: rw=1, sector=169, nr_sectors = 8 limit=128
[  347.384085][T15832] ext4 filesystem being mounted at /419/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  347.435835][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.435835][ T5276] loop8: rw=1, sector=185, nr_sectors = 8 limit=128
[  347.452021][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.452021][ T5276] loop8: rw=1, sector=201, nr_sectors = 8 limit=128
[  347.466855][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.466855][ T5276] loop8: rw=1, sector=217, nr_sectors = 8 limit=128
[  347.483013][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.483013][ T5276] loop8: rw=1, sector=233, nr_sectors = 8 limit=128
[  347.500506][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.500506][ T5276] loop8: rw=1, sector=249, nr_sectors = 8 limit=128
[  347.515308][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.515308][ T5276] loop8: rw=1, sector=265, nr_sectors = 8 limit=128
[  347.533665][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.533665][ T5276] loop8: rw=1, sector=281, nr_sectors = 8 limit=128
[  347.547228][ T5276] kworker/u8:48: attempt to access beyond end of device
[  347.547228][ T5276] loop8: rw=1, sector=297, nr_sectors = 8 limit=128
[  347.603445][   T29] kauditd_printk_skb: 248 callbacks suppressed
[  347.603464][   T29] audit: type=1400 audit(1743959771.727:14518): avc:  denied  { name_connect } for  pid=15838 comm="syz.8.3596" dest=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  347.666571][   T29] audit: type=1400 audit(1743959771.737:14519): avc:  denied  { shutdown } for  pid=15838 comm="syz.8.3596" lport=41606 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  348.203722][T15848] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3598'.
[  348.220201][ T9318] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  348.253677][T15848] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  348.289552][   T29] audit: type=1400 audit(1743959772.407:14520): avc:  denied  { override_creds } for  pid=15838 comm="syz.8.3596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  348.324549][T15851] netlink: 96 bytes leftover after parsing attributes in process `syz.6.3599'.
[  348.353133][T12017] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  348.368810][   T29] audit: type=1400 audit(1743959772.447:14521): avc:  denied  { getopt } for  pid=15838 comm="syz.8.3596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  348.388705][   T29] audit: type=1400 audit(1743959772.447:14522): avc:  denied  { name_connect } for  pid=15838 comm="syz.8.3596" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  348.409090][T15851] 9pnet: Could not find request transport: rdmate
[  348.531329][T15868] loop1: detected capacity change from 0 to 2048
[  348.539936][T15866] loop8: detected capacity change from 0 to 128
[  348.557604][T15866] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  348.579045][T15866] ext4 filesystem being mounted at /159/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  348.581169][T15868] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.624480][T15868] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.677496][T13043] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.739733][T15882] loop0: detected capacity change from 0 to 128
[  348.755874][T15882] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  348.770068][T15882] ext4 filesystem being mounted at /138/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  348.807292][T15888] loop1: detected capacity change from 0 to 128
[  349.150065][T15888] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  349.219261][T15888] ext4 filesystem being mounted at /167/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  349.384838][T15899] loop7: detected capacity change from 0 to 16384
[  349.411711][T13259] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  349.878421][   T29] audit: type=1400 audit(1743959774.007:14523): avc:  denied  { create } for  pid=15898 comm="syz.6.3613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  349.898368][   T29] audit: type=1400 audit(1743959774.007:14524): avc:  denied  { connect } for  pid=15898 comm="syz.6.3613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  349.932857][T15904] loop6: detected capacity change from 0 to 1024
[  349.942689][T13043] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  349.953460][T13411] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  349.965895][T15899] I/O error, dev loop7, sector 10240 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0
[  349.994231][T15901] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  350.004002][T15901] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  350.012506][T15901] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  350.021003][T15901] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  350.029597][T15901] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  350.038185][T15901] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  350.046783][T15901] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  350.048076][T15899] I/O error, dev loop7, sector 10240 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  350.055124][T15901] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  350.055150][T15901] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  350.064645][T15899] Buffer I/O error on dev loop7, logical block 1280, async page read
[  350.072968][T15901] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  350.080442][T15901] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  350.124329][T15901] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  350.135378][   T29] audit: type=1326 audit(1743959774.247:14525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15910 comm="syz.1.3616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7847d169 code=0x7ffc0000
[  350.159369][   T29] audit: type=1326 audit(1743959774.247:14526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15910 comm="syz.1.3616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f8e7847d169 code=0x7ffc0000
[  350.162047][T15901] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  350.183023][   T29] audit: type=1326 audit(1743959774.247:14527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15910 comm="syz.1.3616" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e7847d169 code=0x7ffc0000
[  350.237713][T15901] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  350.251284][T15901] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  350.264204][T15901] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  350.284687][T15901] I/O error, dev loop7, sector 7168 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  350.339768][T15921] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3621'.
[  350.342844][T15901]  loop7: unable to read partition table
[  350.354597][T15901] loop_reread_partitions: partition scan of loop7 ((õÉêä¾A«¾3½åŒ×¯@ýpªÁ.½[ºvcÄB¯ù¿Ýתà~ó_Á

“;Ûo×ÿ) failed (rc=-5)
[  350.355899][T15921] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  350.470062][T15929] loop6: detected capacity change from 0 to 128
[  350.501735][T15929] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  350.555156][T15936] loop7: detected capacity change from 0 to 128
[  350.566666][T15929] ext4 filesystem being mounted at /428/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  350.634141][T15936] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  350.654143][T15936] ext4 filesystem being mounted at /242/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  350.731574][T15944] loop0: detected capacity change from 0 to 128
[  350.740219][T15944] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  350.754500][T15944] ext4 filesystem being mounted at /142/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  351.924119][T15957] loop1: detected capacity change from 0 to 512
[  351.940204][T15957] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.286270][T15957] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.620022][T15965] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  352.671780][T15969] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3640'.
[  352.681032][T15969] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  352.684169][ T9318] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  352.735807][T15971] loop0: detected capacity change from 0 to 128
[  352.750137][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  352.750156][   T29] audit: type=1400 audit(1743959776.877:14537): avc:  denied  { read write } for  pid=15970 comm="syz.0.3641" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  352.783078][T15971] program syz.0.3641 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  352.805829][T15971] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  352.832676][   T29] audit: type=1400 audit(1743959776.907:14538): avc:  denied  { ioctl } for  pid=15970 comm="syz.0.3641" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  352.866264][T15979] loop6: detected capacity change from 0 to 764
[  352.888882][   T29] audit: type=1326 audit(1743959776.987:14539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15978 comm="syz.6.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff62a06d169 code=0x7ffc0000
[  352.912640][   T29] audit: type=1326 audit(1743959776.987:14540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15978 comm="syz.6.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff62a06d169 code=0x7ffc0000
[  352.936337][   T29] audit: type=1326 audit(1743959776.987:14541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15978 comm="syz.6.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff62a06d1a3 code=0x7ffc0000
[  352.942754][T15982] loop1: detected capacity change from 0 to 128
[  352.959812][   T29] audit: type=1326 audit(1743959776.987:14542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15978 comm="syz.6.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff62a06bc1f code=0x7ffc0000
[  352.989907][   T29] audit: type=1326 audit(1743959776.987:14543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15978 comm="syz.6.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ff62a06d1f7 code=0x7ffc0000
[  353.013701][   T29] audit: type=1326 audit(1743959776.997:14544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15978 comm="syz.6.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff62a06bad0 code=0x7ffc0000
[  353.037333][   T29] audit: type=1326 audit(1743959776.997:14545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15978 comm="syz.6.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff62a06cd6b code=0x7ffc0000
[  353.060993][   T29] audit: type=1400 audit(1743959776.997:14546): avc:  denied  { block_suspend } for  pid=15970 comm="syz.0.3641" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  353.097089][T15982] ext4 filesystem being mounted at /174/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  353.207306][T15992] loop1: detected capacity change from 0 to 128
[  353.210706][T15989] loop7: detected capacity change from 0 to 512
[  353.222375][T15989] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  353.234368][T15992] ext4 filesystem being mounted at /175/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  353.369090][T15989] EXT4-fs (loop7): orphan cleanup on readonly fs
[  353.381283][T15989] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:517: comm syz.7.3646: Block bitmap for bg 0 marked uninitialized
[  353.400538][T15989] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  353.420942][T15989] EXT4-fs (loop7): 1 orphan inode deleted
[  353.932685][T16024] 9pnet_fd: Insufficient options for proto=fd
[  353.984432][T16027] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  354.011494][T16031] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3657'.
[  354.020786][T16031] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  354.124738][T16037] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.127005][T16034] loop0: detected capacity change from 0 to 512
[  354.142952][T16034] EXT4-fs: Ignoring removed oldalloc option
[  354.160921][T16034] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.3658: Parent and EA inode have the same ino 15
[  354.161066][T16034] EXT4-fs (loop0): Remounting filesystem read-only
[  354.180155][T16034] EXT4-fs warning (device loop0): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  354.191888][T16037] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.195993][T16034] EXT4-fs (loop0): 1 orphan inode deleted
[  354.230854][T16041] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.247841][T16037] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.271317][T16039] netlink: 'syz.1.3659': attribute type 10 has an invalid length.
[  354.279287][T16039] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3659'.
[  354.300541][T16041] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.320345][T16039] team0: Failed to send port change of device geneve1 via netlink (err -105)
[  354.329940][T16039] team0: Failed to send options change via netlink (err -105)
[  354.337568][T16039] team0: Port device geneve1 added
[  354.350347][T16047] netlink: 'syz.0.3663': attribute type 66 has an invalid length.
[  354.366230][T16037] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.400861][T16041] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.441308][T16056] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  354.453012][T16037] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  354.466894][T16037] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  354.479835][T16037] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  354.491710][T16041] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.517346][T16060] loop7: detected capacity change from 0 to 128
[  354.530683][T16037] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  354.553897][T16063] geneve0: entered allmulticast mode
[  354.561496][T16060] ext4 filesystem being mounted at /254/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  354.650334][T16073] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3674'.
[  354.706011][T16073] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  354.732794][T16041] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  354.745244][T16041] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  354.781250][T16041] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.140731][T16089] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  355.222085][T16041] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  355.313893][T16099] FAULT_INJECTION: forcing a failure.
[  355.313893][T16099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.327345][T16099] CPU: 0 UID: 0 PID: 16099 Comm: syz.8.3683 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  355.327387][T16099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  355.327399][T16099] Call Trace:
[  355.327405][T16099]  <TASK>
[  355.327413][T16099]  dump_stack_lvl+0xf6/0x150
[  355.327441][T16099]  dump_stack+0x15/0x1a
[  355.327475][T16099]  should_fail_ex+0x261/0x270
[  355.327505][T16099]  should_fail+0xb/0x10
[  355.327534][T16099]  should_fail_usercopy+0x1a/0x20
[  355.327574][T16099]  strncpy_from_user+0x25/0x230
[  355.327676][T16099]  ? getname_flags+0x81/0x3b0
[  355.327704][T16099]  getname_flags+0xb0/0x3b0
[  355.327730][T16099]  user_path_at+0x26/0x140
[  355.327756][T16099]  __se_sys_name_to_handle_at+0xfa/0x580
[  355.327816][T16099]  ? fput+0x99/0xd0
[  355.327844][T16099]  ? ksys_write+0x180/0x1b0
[  355.327880][T16099]  __x64_sys_name_to_handle_at+0x67/0x80
[  355.327977][T16099]  x64_sys_call+0x2739/0x2e10
[  355.328003][T16099]  do_syscall_64+0xc9/0x1c0
[  355.328038][T16099]  ? clear_bhb_loop+0x25/0x80
[  355.328064][T16099]  ? clear_bhb_loop+0x25/0x80
[  355.328136][T16099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.328163][T16099] RIP: 0033:0x7f09ccaad169
[  355.328178][T16099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.328196][T16099] RSP: 002b:00007f09cb117038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  355.328215][T16099] RAX: ffffffffffffffda RBX: 00007f09cccc5fa0 RCX: 00007f09ccaad169
[  355.328227][T16099] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffffff
[  355.328239][T16099] RBP: 00007f09cb117090 R08: 0000000000001000 R09: 0000000000000000
[  355.328254][T16099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.328288][T16099] R13: 0000000000000000 R14: 00007f09cccc5fa0 R15: 00007fff1cc15b08
[  355.328312][T16099]  </TASK>
[  355.334970][T16100] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  355.335998][T16098] FAULT_INJECTION: forcing a failure.
[  355.335998][T16098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.361835][T16100] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  355.363722][T16098] CPU: 0 UID: 0 PID: 16098 Comm: syz.1.3681 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  355.363749][T16098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  355.363763][T16098] Call Trace:
[  355.363771][T16098]  <TASK>
[  355.363781][T16098]  dump_stack_lvl+0xf6/0x150
[  355.363813][T16098]  dump_stack+0x15/0x1a
[  355.363873][T16098]  should_fail_ex+0x261/0x270
[  355.363910][T16098]  should_fail+0xb/0x10
[  355.364081][T16098]  should_fail_usercopy+0x1a/0x20
[  355.364117][T16098]  strncpy_from_user+0x25/0x230
[  355.364183][T16098]  ? getname_flags+0x81/0x3b0
[  355.364210][T16098]  getname_flags+0xb0/0x3b0
[  355.364236][T16098]  user_path_at+0x26/0x140
[  355.364267][T16098]  __se_sys_quotactl+0xbe/0x650
[  355.364403][T16098]  __x64_sys_quotactl+0x55/0x70
[  355.364442][T16098]  x64_sys_call+0x265d/0x2e10
[  355.364471][T16098]  do_syscall_64+0xc9/0x1c0
[  355.364535][T16098]  ? clear_bhb_loop+0x25/0x80
[  355.364594][T16098]  ? clear_bhb_loop+0x25/0x80
[  355.364659][T16098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.364687][T16098] RIP: 0033:0x7f8e7847d169
[  355.364706][T16098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.364730][T16098] RSP: 002b:00007f8e76adf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  355.364754][T16098] RAX: ffffffffffffffda RBX: 00007f8e78695fa0 RCX: 00007f8e7847d169
[  355.364769][T16098] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffff80000201
[  355.364780][T16098] RBP: 00007f8e76adf090 R08: 0000000000000000 R09: 0000000000000000
[  355.364852][T16098] R10: 0000200000002040 R11: 0000000000000246 R12: 0000000000000001
[  355.364867][T16098] R13: 0000000000000000 R14: 00007f8e78695fa0 R15: 00007ffd57badef8
[  355.364891][T16098]  </TASK>
[  355.788422][T16100] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3682'.
[  355.883447][T16122] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  355.989357][T16126] loop1: detected capacity change from 0 to 512
[  356.001493][T16126] EXT4-fs: Ignoring removed oldalloc option
[  356.022373][T16126] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.3691: Parent and EA inode have the same ino 15
[  356.037682][T16126] EXT4-fs (loop1): Remounting filesystem read-only
[  356.044313][T16126] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  356.055247][T16126] EXT4-fs (loop1): 1 orphan inode deleted
[  356.141995][T16131] loop1: detected capacity change from 0 to 128
[  356.169286][T16131] ext4 filesystem being mounted at /181/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  356.318170][T16139] FAULT_INJECTION: forcing a failure.
[  356.318170][T16139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.331299][T16139] CPU: 0 UID: 0 PID: 16139 Comm: syz.6.3696 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  356.331477][T16139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  356.331490][T16139] Call Trace:
[  356.331497][T16139]  <TASK>
[  356.331506][T16139]  dump_stack_lvl+0xf6/0x150
[  356.331539][T16139]  dump_stack+0x15/0x1a
[  356.331559][T16139]  should_fail_ex+0x261/0x270
[  356.331629][T16139]  should_fail+0xb/0x10
[  356.331659][T16139]  should_fail_usercopy+0x1a/0x20
[  356.331693][T16139]  _copy_from_user+0x1c/0xa0
[  356.331839][T16139]  move_addr_to_kernel+0x8c/0x130
[  356.331918][T16139]  __sys_bind+0xa3/0x190
[  356.332013][T16139]  __x64_sys_bind+0x41/0x50
[  356.332033][T16139]  x64_sys_call+0x1e4a/0x2e10
[  356.332057][T16139]  do_syscall_64+0xc9/0x1c0
[  356.332130][T16139]  ? clear_bhb_loop+0x25/0x80
[  356.332166][T16139]  ? clear_bhb_loop+0x25/0x80
[  356.332205][T16139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.332231][T16139] RIP: 0033:0x7ff62a06d169
[  356.332251][T16139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.332346][T16139] RSP: 002b:00007ff6286cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  356.332370][T16139] RAX: ffffffffffffffda RBX: 00007ff62a285fa0 RCX: 00007ff62a06d169
[  356.332447][T16139] RDX: 0000000000000006 RSI: 0000200000000040 RDI: 0000000000000009
[  356.332463][T16139] RBP: 00007ff6286cf090 R08: 0000000000000000 R09: 0000000000000000
[  356.332479][T16139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.332494][T16139] R13: 0000000000000000 R14: 00007ff62a285fa0 R15: 00007fff4177e9c8
[  356.332518][T16139]  </TASK>
[  356.522188][T16141] loop0: detected capacity change from 0 to 128
[  356.565340][T16141] ext4 filesystem being mounted at /157/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  357.122952][T16147] serio: Serial port ttyS3
[  357.220859][T16156] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  357.329846][T16160] loop8: detected capacity change from 0 to 512
[  357.376796][T16160] EXT4-fs: Ignoring removed oldalloc option
[  357.404583][T16160] EXT4-fs error (device loop8): ext4_xattr_inode_iget:433: comm syz.8.3704: Parent and EA inode have the same ino 15
[  357.427008][T16160] EXT4-fs (loop8): Remounting filesystem read-only
[  357.433592][T16160] EXT4-fs warning (device loop8): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  357.464579][T16160] EXT4-fs (loop8): 1 orphan inode deleted
[  357.543807][T16173] loop8: detected capacity change from 0 to 512
[  357.556047][T16173] EXT4-fs: Ignoring removed oldalloc option
[  357.583204][T16173] EXT4-fs error (device loop8): ext4_xattr_inode_iget:433: comm syz.8.3707: Parent and EA inode have the same ino 15
[  357.619276][T16173] EXT4-fs (loop8): Remounting filesystem read-only
[  357.619474][T16179] loop0: detected capacity change from 0 to 4096
[  357.626004][T16173] EXT4-fs warning (device loop8): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  357.644933][T16173] EXT4-fs (loop8): 1 orphan inode deleted
[  357.652796][T16179] EXT4-fs: Ignoring removed orlov option
[  357.658767][T16179] EXT4-fs: Ignoring removed nomblk_io_submit option
[  357.822122][T16188] FAULT_INJECTION: forcing a failure.
[  357.822122][T16188] name failslab, interval 1, probability 0, space 0, times 0
[  357.835259][T16188] CPU: 1 UID: 0 PID: 16188 Comm: syz.8.3710 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  357.835308][T16188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  357.835323][T16188] Call Trace:
[  357.835329][T16188]  <TASK>
[  357.835336][T16188]  dump_stack_lvl+0xf6/0x150
[  357.835362][T16188]  dump_stack+0x15/0x1a
[  357.835379][T16188]  should_fail_ex+0x261/0x270
[  357.835449][T16188]  should_failslab+0x8f/0xb0
[  357.835488][T16188]  __kvmalloc_node_noprof+0x12c/0x520
[  357.835515][T16188]  ? cgroup_pidlist_start+0x1c0/0x800
[  357.835543][T16188]  ? __rcu_read_unlock+0x4e/0x70
[  357.835581][T16188]  cgroup_pidlist_start+0x1c0/0x800
[  357.835644][T16188]  cgroup_seqfile_start+0x55/0x70
[  357.835678][T16188]  kernfs_seq_start+0x79/0x130
[  357.835776][T16188]  traverse+0xf3/0x3c0
[  357.835810][T16188]  seq_read_iter+0x89f/0x970
[  357.835954][T16188]  ? _parse_integer+0x27/0x30
[  357.835986][T16188]  kernfs_fop_read_iter+0xc3/0x320
[  357.836009][T16188]  ? kstrtouint+0x7b/0xc0
[  357.836030][T16188]  ? __import_iovec+0x422/0x540
[  357.836049][T16188]  do_iter_readv_writev+0x40d/0x4b0
[  357.836119][T16188]  vfs_readv+0x1e1/0x660
[  357.836148][T16188]  __x64_sys_preadv+0xf9/0x1c0
[  357.836219][T16188]  x64_sys_call+0x1410/0x2e10
[  357.836247][T16188]  do_syscall_64+0xc9/0x1c0
[  357.836326][T16188]  ? clear_bhb_loop+0x25/0x80
[  357.836348][T16188]  ? clear_bhb_loop+0x25/0x80
[  357.836373][T16188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.836399][T16188] RIP: 0033:0x7f09ccaad169
[  357.836418][T16188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.836505][T16188] RSP: 002b:00007f09cb117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  357.836537][T16188] RAX: ffffffffffffffda RBX: 00007f09cccc5fa0 RCX: 00007f09ccaad169
[  357.836550][T16188] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000006
[  357.836562][T16188] RBP: 00007f09cb117090 R08: 0000000000000002 R09: 0000000000000000
[  357.836574][T16188] R10: 0000000000000401 R11: 0000000000000246 R12: 0000000000000001
[  357.836588][T16188] R13: 0000000000000000 R14: 00007f09cccc5fa0 R15: 00007fff1cc15b08
[  357.836612][T16188]  </TASK>
[  358.133035][T16190] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3712'.
[  358.157566][T16190] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  358.203419][T16192] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  358.267535][T16194] loop6: detected capacity change from 0 to 128
[  358.279800][T16194] ext4 filesystem being mounted at /443/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  358.415836][   T29] kauditd_printk_skb: 175 callbacks suppressed
[  358.415855][   T29] audit: type=1400 audit(1743959782.537:14722): avc:  denied  { write } for  pid=16202 comm="syz.8.3718" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  358.443138][T16206] loop0: detected capacity change from 0 to 512
[  358.445761][   T29] audit: type=1400 audit(1743959782.567:14723): avc:  denied  { open } for  pid=16202 comm="syz.8.3718" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  358.794165][T16206] EXT4-fs error (device loop0): ext4_orphan_get:1390: inode #15: comm syz.0.3719: casefold flag without casefold feature
[  358.821537][T16218] loop8: detected capacity change from 0 to 128
[  358.846900][T16206] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.3719: couldn't read orphan inode 15 (err -117)
[  358.886710][T16218] ext4 filesystem being mounted at /191/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  358.954531][   T29] audit: type=1400 audit(1743959783.077:14724): avc:  denied  { append } for  pid=16205 comm="syz.0.3719" path="/160/file0/blkio.bfq.avg_queue_size" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  358.979403][   T29] audit: type=1400 audit(1743959783.077:14725): avc:  denied  { ioctl } for  pid=16205 comm="syz.0.3719" path="/160/file0/blkio.bfq.avg_queue_size" dev="loop0" ino=18 ioctlcmd=0xf501 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  359.119633][T16229] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  359.144834][   T29] audit: type=1400 audit(1743959783.267:14726): avc:  denied  { create } for  pid=16231 comm="syz.1.3726" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  359.172416][T16232] loop1: detected capacity change from 0 to 128
[  359.180061][   T29] audit: type=1400 audit(1743959783.307:14727): avc:  denied  { mounton } for  pid=16231 comm="+}[@" path="/189/file0" dev="tmpfs" ino=1048 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  359.205132][T16232] ext4 filesystem being mounted at /189/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.218078][T16236] FAULT_INJECTION: forcing a failure.
[  359.218078][T16236] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  359.231303][T16236] CPU: 1 UID: 0 PID: 16236 Comm: syz.0.3724 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  359.231399][T16236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  359.231414][T16236] Call Trace:
[  359.231423][T16236]  <TASK>
[  359.231433][T16236]  dump_stack_lvl+0xf6/0x150
[  359.231462][T16236]  dump_stack+0x15/0x1a
[  359.231480][T16236]  should_fail_ex+0x261/0x270
[  359.231513][T16236]  should_fail+0xb/0x10
[  359.231604][T16236]  should_fail_usercopy+0x1a/0x20
[  359.231640][T16236]  _copy_from_user+0x1c/0xa0
[  359.231677][T16236]  input_event_from_user+0x128/0x1f0
[  359.231804][T16236]  ? input_inject_event+0xeb/0x110
[  359.231834][T16236]  evdev_write+0x29f/0x440
[  359.231893][T16236]  ? __pfx_evdev_write+0x10/0x10
[  359.231924][T16236]  vfs_write+0x295/0x950
[  359.231995][T16236]  ? putname+0xe1/0x100
[  359.232018][T16236]  ? __fget_files+0x186/0x1c0
[  359.232043][T16236]  ksys_write+0xeb/0x1b0
[  359.232084][T16236]  __x64_sys_write+0x42/0x50
[  359.232113][T16236]  x64_sys_call+0x2a45/0x2e10
[  359.232195][T16236]  do_syscall_64+0xc9/0x1c0
[  359.232225][T16236]  ? clear_bhb_loop+0x25/0x80
[  359.232247][T16236]  ? clear_bhb_loop+0x25/0x80
[  359.232269][T16236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.232297][T16236] RIP: 0033:0x7f9f1075d169
[  359.232379][T16236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.232399][T16236] RSP: 002b:00007f9f0edc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  359.232422][T16236] RAX: ffffffffffffffda RBX: 00007f9f10975fa0 RCX: 00007f9f1075d169
[  359.232436][T16236] RDX: 0000000000002778 RSI: 0000200000000040 RDI: 0000000000000003
[  359.232450][T16236] RBP: 00007f9f0edc7090 R08: 0000000000000000 R09: 0000000000000000
[  359.232478][T16236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.232494][T16236] R13: 0000000000000000 R14: 00007f9f10975fa0 R15: 00007ffe1ace89d8
[  359.232518][T16236]  </TASK>
[  359.470956][T16244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3728'.
[  359.480510][T16244] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  359.521496][   T29] audit: type=1400 audit(1743959783.647:14728): avc:  denied  { unlink } for  pid=13043 comm="syz-executor" name="file0" dev="tmpfs" ino=1048 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  359.552061][T16248] SET target dimension over the limit!
[  359.563564][T16248] loop6: detected capacity change from 0 to 128
[  359.571762][T16248] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  359.584735][    C1] blk_print_req_error: 4 callbacks suppressed
[  359.584759][    C1] operation not supported error, dev loop6, sector 0 op 0x9:(WRITE_ZEROES) flags 0x10000800 phys_seg 0 prio class 0
[  359.623249][   T29] audit: type=1400 audit(1743959783.747:14729): avc:  denied  { unmount } for  pid=9318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  359.683674][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.691435][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.696421][   T29] audit: type=1400 audit(1743959783.807:14730): avc:  denied  { read write } for  pid=16251 comm="syz.1.3732" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  359.698931][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.722676][   T29] audit: type=1400 audit(1743959783.807:14731): avc:  denied  { open } for  pid=16251 comm="syz.1.3732" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  359.730719][T16256] netlink: 56 bytes leftover after parsing attributes in process `syz.6.3733'.
[  359.764344][T16256] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3733'.
[  359.767533][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.773439][T16256] netlink: 31 bytes leftover after parsing attributes in process `syz.6.3733'.
[  359.780786][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.789675][T16256] netlink: 'syz.6.3733': attribute type 2 has an invalid length.
[  359.789706][T16256] netlink: 31 bytes leftover after parsing attributes in process `syz.6.3733'.
[  359.797224][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.797251][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.797274][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.813396][T16256] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3733'.
[  359.814079][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.825744][T16256] vlan2: entered allmulticast mode
[  359.829115][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.866343][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.873837][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.881458][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.891948][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.899458][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.907067][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.914725][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.922227][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.929013][T16262] loop8: detected capacity change from 0 to 128
[  359.929663][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.943501][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.945479][T16262] netlink: 'syz.8.3734': attribute type 10 has an invalid length.
[  359.951013][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.951047][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.951068][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.951089][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.988709][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  359.996239][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  360.003765][ T3381] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  360.012190][ T3381] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  360.023776][T16262] 8021q: adding VLAN 0 to HW filter on device batadv0
[  360.040411][T16262] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  360.058751][T16266] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  360.079080][T16268] loop7: detected capacity change from 0 to 128
[  360.092023][T16268] ext4 filesystem being mounted at /260/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  360.263633][T16282] loop6: detected capacity change from 0 to 512
[  360.270259][T16282] EXT4-fs: Ignoring removed oldalloc option
[  360.278979][T16282] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  360.308895][T16282] EXT4-fs (loop6): 1 truncate cleaned up
[  360.705530][T16296] FAULT_INJECTION: forcing a failure.
[  360.705530][T16296] name failslab, interval 1, probability 0, space 0, times 0
[  360.718263][T16296] CPU: 0 UID: 0 PID: 16296 Comm: syz.1.3748 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  360.718314][T16296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  360.718329][T16296] Call Trace:
[  360.718337][T16296]  <TASK>
[  360.718346][T16296]  dump_stack_lvl+0xf6/0x150
[  360.718378][T16296]  dump_stack+0x15/0x1a
[  360.718399][T16296]  should_fail_ex+0x261/0x270
[  360.718440][T16296]  should_failslab+0x8f/0xb0
[  360.718474][T16296]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  360.718544][T16296]  ? __alloc_skb+0x10d/0x320
[  360.718575][T16296]  __alloc_skb+0x10d/0x320
[  360.718605][T16296]  netlink_alloc_large_skb+0xad/0xe0
[  360.718631][T16296]  netlink_sendmsg+0x3da/0x720
[  360.718660][T16296]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.718690][T16296]  __sock_sendmsg+0x140/0x180
[  360.718732][T16296]  ____sys_sendmsg+0x350/0x4e0
[  360.718771][T16296]  __sys_sendmsg+0x1a0/0x240
[  360.718866][T16296]  __x64_sys_sendmsg+0x46/0x50
[  360.718899][T16296]  x64_sys_call+0x26f3/0x2e10
[  360.718928][T16296]  do_syscall_64+0xc9/0x1c0
[  360.719026][T16296]  ? clear_bhb_loop+0x25/0x80
[  360.719059][T16296]  ? clear_bhb_loop+0x25/0x80
[  360.719137][T16296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.719218][T16296] RIP: 0033:0x7f8e7847d169
[  360.719237][T16296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.719259][T16296] RSP: 002b:00007f8e76adf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  360.719295][T16296] RAX: ffffffffffffffda RBX: 00007f8e78695fa0 RCX: 00007f8e7847d169
[  360.719308][T16296] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  360.719320][T16296] RBP: 00007f8e76adf090 R08: 0000000000000000 R09: 0000000000000000
[  360.719335][T16296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  360.719349][T16296] R13: 0000000000000000 R14: 00007f8e78695fa0 R15: 00007ffd57badef8
[  360.719373][T16296]  </TASK>
[  360.950956][T16301] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  360.999474][T16307] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3747'.
[  361.008918][T16307] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  361.027339][T16309] Invalid ELF header magic: != ELF
[  361.039372][T16309] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  361.057398][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x1
[  361.064877][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.072341][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.079802][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.087263][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.094668][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.118344][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.125838][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.133401][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.140866][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x2
[  361.148436][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.155882][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.163399][T14019] hid-generic C990:0003:007F.0002: unknown main item tag 0x0
[  361.173830][T14019] hid-generic C990:0003:007F.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  361.183499][T16315] FAULT_INJECTION: forcing a failure.
[  361.183499][T16315] name failslab, interval 1, probability 0, space 0, times 0
[  361.183531][T16315] CPU: 0 UID: 0 PID: 16315 Comm: syz.1.3751 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  361.183563][T16315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  361.183580][T16315] Call Trace:
[  361.183588][T16315]  <TASK>
[  361.183598][T16315]  dump_stack_lvl+0xf6/0x150
[  361.183689][T16315]  dump_stack+0x15/0x1a
[  361.183711][T16315]  should_fail_ex+0x261/0x270
[  361.183758][T16315]  should_failslab+0x8f/0xb0
[  361.183799][T16315]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  361.183872][T16315]  ? __alloc_skb+0x10d/0x320
[  361.183904][T16315]  __alloc_skb+0x10d/0x320
[  361.183934][T16315]  __ip_append_data+0x19cd/0x2490
[  361.183988][T16315]  ? __pfx_raw_getfrag+0x10/0x10
[  361.184056][T16315]  ? xfrm_lookup_with_ifid+0x100d/0x1360
[  361.184214][T16315]  ? __rcu_read_unlock+0x4e/0x70
[  361.184254][T16315]  ? __pfx_raw_getfrag+0x10/0x10
[  361.184329][T16315]  ip_append_data+0x11f/0x150
[  361.184447][T16315]  raw_sendmsg+0xd3b/0xee0
[  361.184503][T16315]  ? __pfx_raw_sendmsg+0x10/0x10
[  361.184529][T16315]  inet_sendmsg+0xc5/0xd0
[  361.184623][T16315]  __sock_sendmsg+0x102/0x180
[  361.184731][T16315]  ____sys_sendmsg+0x350/0x4e0
[  361.184771][T16315]  __sys_sendmmsg+0x22a/0x4b0
[  361.184908][T16315]  __x64_sys_sendmmsg+0x57/0x70
[  361.184942][T16315]  x64_sys_call+0x2b53/0x2e10
[  361.184971][T16315]  do_syscall_64+0xc9/0x1c0
[  361.185028][T16315]  ? clear_bhb_loop+0x25/0x80
[  361.185057][T16315]  ? clear_bhb_loop+0x25/0x80
[  361.185085][T16315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.185114][T16315] RIP: 0033:0x7f8e7847d169
[  361.185133][T16315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  361.185155][T16315] RSP: 002b:00007f8e76abe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  361.185179][T16315] RAX: ffffffffffffffda RBX: 00007f8e78696080 RCX: 00007f8e7847d169
[  361.185213][T16315] RDX: 0000000004000095 RSI: 0000200000005240 RDI: 0000000000000007
[  361.185309][T16315] RBP: 00007f8e76abe090 R08: 0000000000000000 R09: 0000000000000000
[  361.185325][T16315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  361.185354][T16315] R13: 0000000000000000 R14: 00007f8e78696080 R15: 00007ffd57badef8
[  361.185378][T16315]  </TASK>
[  361.199055][T16315] loop1: detected capacity change from 0 to 512
[  361.249447][T16317] loop7: detected capacity change from 0 to 128
[  361.328858][T16312] x_tables: unsorted underflow at hook 2
[  361.372624][T16317] ext4 filesystem being mounted at /262/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  361.386247][T16315] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  361.505334][T16327] loop0: detected capacity change from 0 to 2048
[  361.581123][T16331] loop6: detected capacity change from 0 to 128
[  361.599079][T16334] loop1: detected capacity change from 0 to 128
[  361.601817][T16331] ext4 filesystem being mounted at /451/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  361.637160][T16334] ext4 filesystem being mounted at /196/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  362.162613][T16339] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  362.211661][T16343] loop7: detected capacity change from 0 to 512
[  362.228321][T16345] Cannot find map_set index 0 as target
[  362.236308][T16343] EXT4-fs: Ignoring removed oldalloc option
[  362.255681][T16343] EXT4-fs error (device loop7): ext4_xattr_inode_iget:433: comm syz.7.3760: Parent and EA inode have the same ino 15
[  362.274824][T16343] EXT4-fs (loop7): Remounting filesystem read-only
[  362.281479][T16343] EXT4-fs warning (device loop7): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  362.298100][T16343] EXT4-fs (loop7): 1 orphan inode deleted
[  362.304711][T16348] loop8: detected capacity change from 0 to 2048
[  362.317491][T16348] ext4 filesystem being mounted at /201/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.648639][T16361] netlink: 3 bytes leftover after parsing attributes in process `syz.0.3765'.
[  362.674810][T16361] batadv1: entered allmulticast mode
[  362.883027][T16367] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.961543][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x1
[  362.969046][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  362.976463][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  362.983886][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  362.991468][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  362.999054][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  363.041144][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  363.048704][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  363.056275][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  363.063675][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x2
[  363.071110][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  363.078630][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  363.086094][    T9] hid-generic C990:0003:007F.0003: unknown main item tag 0x0
[  363.096214][T16367] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.124516][    T9] hid-generic C990:0003:007F.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  363.157609][T16367] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.195143][T16370] loop8: detected capacity change from 0 to 512
[  363.207512][T16367] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.223570][T16370] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.295869][T16385] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  363.323877][T16367] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  363.351384][T16392] FAULT_INJECTION: forcing a failure.
[  363.351384][T16392] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.364746][T16392] CPU: 0 UID: 0 PID: 16392 Comm: syz.8.3774 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  363.364789][T16392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  363.364802][T16392] Call Trace:
[  363.364809][T16392]  <TASK>
[  363.364833][T16392]  dump_stack_lvl+0xf6/0x150
[  363.364911][T16392]  dump_stack+0x15/0x1a
[  363.364930][T16392]  should_fail_ex+0x261/0x270
[  363.364964][T16392]  should_fail+0xb/0x10
[  363.365019][T16392]  should_fail_usercopy+0x1a/0x20
[  363.365051][T16392]  _copy_from_iter+0xd8/0xd10
[  363.365157][T16392]  ? kmalloc_reserve+0x16e/0x190
[  363.365185][T16392]  ? __build_skb_around+0x199/0x1f0
[  363.365213][T16392]  ? __alloc_skb+0x227/0x320
[  363.365239][T16392]  ? __virt_addr_valid+0x1ed/0x250
[  363.365275][T16392]  ? __check_object_size+0x367/0x510
[  363.365305][T16392]  netlink_sendmsg+0x492/0x720
[  363.365409][T16392]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.365439][T16392]  __sock_sendmsg+0x140/0x180
[  363.365481][T16392]  ____sys_sendmsg+0x350/0x4e0
[  363.365524][T16392]  __sys_sendmsg+0x1a0/0x240
[  363.365574][T16392]  __x64_sys_sendmsg+0x46/0x50
[  363.365607][T16392]  x64_sys_call+0x26f3/0x2e10
[  363.365664][T16392]  do_syscall_64+0xc9/0x1c0
[  363.365732][T16392]  ? clear_bhb_loop+0x25/0x80
[  363.365759][T16392]  ? clear_bhb_loop+0x25/0x80
[  363.365783][T16392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.365808][T16392] RIP: 0033:0x7f09ccaad169
[  363.365832][T16392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.365853][T16392] RSP: 002b:00007f09cb117038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.365872][T16392] RAX: ffffffffffffffda RBX: 00007f09cccc5fa0 RCX: 00007f09ccaad169
[  363.365886][T16392] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  363.365911][T16392] RBP: 00007f09cb117090 R08: 0000000000000000 R09: 0000000000000000
[  363.365942][T16392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.365956][T16392] R13: 0000000000000000 R14: 00007f09cccc5fa0 R15: 00007fff1cc15b08
[  363.366048][T16392]  </TASK>
[  363.577115][T16367] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  363.589701][T16367] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  363.609549][T16367] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  363.656949][T16397] loop7: detected capacity change from 0 to 128
[  363.671992][T16399] loop1: detected capacity change from 0 to 2048
[  363.697724][T16397] ext4 filesystem being mounted at /265/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  363.759819][T16399] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.905320][T16418] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  364.157462][   T29] kauditd_printk_skb: 100 callbacks suppressed
[  364.157480][   T29] audit: type=1326 audit(1743959788.287:14832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.241574][   T29] audit: type=1326 audit(1743959788.317:14833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.265383][   T29] audit: type=1326 audit(1743959788.317:14834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.289021][   T29] audit: type=1326 audit(1743959788.317:14835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.312687][   T29] audit: type=1326 audit(1743959788.317:14836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.336472][   T29] audit: type=1326 audit(1743959788.317:14837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.360080][   T29] audit: type=1326 audit(1743959788.317:14838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9f1075f087 code=0x7ffc0000
[  364.360156][   T29] audit: type=1326 audit(1743959788.317:14839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.360183][   T29] audit: type=1326 audit(1743959788.317:14840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.360210][   T29] audit: type=1326 audit(1743959788.317:14841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16426 comm="syz.0.3787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1075d169 code=0x7ffc0000
[  364.423696][T16434] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.499222][T16439] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.515554][T16434] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.568317][T16434] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.582972][T16441] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3792'.
[  364.598375][T16439] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.618947][T16441] netlink: 'syz.7.3792': attribute type 1 has an invalid length.
[  364.620345][T16445] loop6: detected capacity change from 0 to 1024
[  364.638280][T16434] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.658738][T16450] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  364.690748][T16439] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.751619][T16439] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.804815][T16439] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  364.817621][T16439] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  364.831054][T16439] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  364.843750][T16439] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  364.892745][T16466] FAULT_INJECTION: forcing a failure.
[  364.892745][T16466] name fail_futex, interval 1, probability 0, space 0, times 1
[  364.905871][T16466] CPU: 1 UID: 0 PID: 16466 Comm: syz.6.3801 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  364.905904][T16466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  364.905922][T16466] Call Trace:
[  364.905932][T16466]  <TASK>
[  364.905942][T16466]  dump_stack_lvl+0xf6/0x150
[  364.905975][T16465] loop0: detected capacity change from 0 to 128
[  364.906056][T16466]  dump_stack+0x15/0x1a
[  364.906081][T16466]  should_fail_ex+0x261/0x270
[  364.906150][T16466]  should_fail+0xb/0x10
[  364.906180][T16466]  get_futex_key+0x4ff/0x750
[  364.906221][T16466]  futex_lock_pi+0xff/0x710
[  364.906280][T16466]  ? __pfx_futex_wake_mark+0x10/0x10
[  364.906332][T16466]  do_futex+0x214/0x370
[  364.906449][T16466]  __se_sys_futex+0x23f/0x370
[  364.906494][T16466]  __x64_sys_futex+0x78/0x90
[  364.906534][T16466]  x64_sys_call+0x126a/0x2e10
[  364.906563][T16466]  do_syscall_64+0xc9/0x1c0
[  364.906715][T16466]  ? clear_bhb_loop+0x25/0x80
[  364.906744][T16466]  ? clear_bhb_loop+0x25/0x80
[  364.906773][T16466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.906810][T16466] RIP: 0033:0x7ff62a06d169
[  364.906832][T16466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.906873][T16466] RSP: 002b:00007ff6286ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  364.906898][T16466] RAX: ffffffffffffffda RBX: 00007ff62a286080 RCX: 00007ff62a06d169
[  364.906913][T16466] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 000020000000cffc
[  364.906977][T16466] RBP: 00007ff6286ae090 R08: 0000000000000000 R09: 0000000000000000
[  364.907024][T16466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  364.907039][T16466] R13: 0000000000000001 R14: 00007ff62a286080 R15: 00007fff4177e9c8
[  364.907064][T16466]  </TASK>
[  365.109475][T16465] ext4 filesystem being mounted at /177/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  365.183307][T16471] FAULT_INJECTION: forcing a failure.
[  365.183307][T16471] name failslab, interval 1, probability 0, space 0, times 0
[  365.196260][T16471] CPU: 1 UID: 0 PID: 16471 Comm: syz.8.3804 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  365.196295][T16471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  365.196328][T16471] Call Trace:
[  365.196334][T16471]  <TASK>
[  365.196343][T16471]  dump_stack_lvl+0xf6/0x150
[  365.196428][T16471]  dump_stack+0x15/0x1a
[  365.196445][T16471]  should_fail_ex+0x261/0x270
[  365.196474][T16471]  should_failslab+0x8f/0xb0
[  365.196588][T16471]  kmem_cache_alloc_noprof+0x59/0x340
[  365.196613][T16471]  ? getname_flags+0x81/0x3b0
[  365.196634][T16471]  getname_flags+0x81/0x3b0
[  365.196654][T16471]  __se_sys_move_mount+0x183/0x410
[  365.196699][T16471]  __x64_sys_move_mount+0x67/0x80
[  365.196723][T16471]  x64_sys_call+0x1dce/0x2e10
[  365.196751][T16471]  do_syscall_64+0xc9/0x1c0
[  365.196789][T16471]  ? clear_bhb_loop+0x25/0x80
[  365.196887][T16471]  ? clear_bhb_loop+0x25/0x80
[  365.196912][T16471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.196935][T16471] RIP: 0033:0x7f09ccaad169
[  365.196985][T16471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.197007][T16471] RSP: 002b:00007f09cb117038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  365.197030][T16471] RAX: ffffffffffffffda RBX: 00007f09cccc5fa0 RCX: 00007f09ccaad169
[  365.197045][T16471] RDX: ffffffffffffff9c RSI: 0000200000000140 RDI: ffffffffffffffff
[  365.197061][T16471] RBP: 00007f09cb117090 R08: 0000000000000000 R09: 0000000000000000
[  365.197114][T16471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.197129][T16471] R13: 0000000000000000 R14: 00007f09cccc5fa0 R15: 00007fff1cc15b08
[  365.197159][T16471]  </TASK>
[  365.440191][T16476] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  366.146178][T16507] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  366.321319][T16508] loop0: detected capacity change from 0 to 512
[  366.330676][T16508] journal_path: Non-blockdev passed as './bus'
[  366.336956][T16508] EXT4-fs: error: could not find journal device path
[  366.423811][T16521] loop0: detected capacity change from 0 to 128
[  366.432710][T16521] ext4 filesystem being mounted at /183/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  367.074821][T16533] binfmt_misc: register: failed to install interpreter file ./file2
[  367.076263][T16535] FAULT_INJECTION: forcing a failure.
[  367.076263][T16535] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  367.096568][T16535] CPU: 1 UID: 0 PID: 16535 Comm: syz.7.3826 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  367.096615][T16535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  367.096628][T16535] Call Trace:
[  367.096634][T16535]  <TASK>
[  367.096642][T16535]  dump_stack_lvl+0xf6/0x150
[  367.096672][T16535]  dump_stack+0x15/0x1a
[  367.096692][T16535]  should_fail_ex+0x261/0x270
[  367.096750][T16535]  should_fail_alloc_page+0xfd/0x110
[  367.096790][T16535]  __alloc_frozen_pages_noprof+0x11d/0x360
[  367.096860][T16535]  alloc_pages_mpol+0xb6/0x260
[  367.096909][T16535]  vma_alloc_folio_noprof+0x19c/0x300
[  367.096942][T16535]  handle_mm_fault+0xdda/0x2e80
[  367.097051][T16535]  exc_page_fault+0x296/0x6a0
[  367.097086][T16535]  asm_exc_page_fault+0x26/0x30
[  367.097111][T16535] RIP: 0010:rep_stos_alternative+0x40/0x80
[  367.097136][T16535] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  367.097222][T16535] RSP: 0018:ffffc90000f23c00 EFLAGS: 00050202
[  367.097240][T16535] RAX: 0000000000000000 RBX: 000020000000d380 RCX: 0000000000000380
[  367.097256][T16535] RDX: 0000000000000000 RSI: 000020000000d380 RDI: 000020000000e000
[  367.097269][T16535] RBP: 00007ffffffff000 R08: ffffffff81e575c9 R09: 0000000000000000
[  367.097284][T16535] R10: 0001ffffffffffff R11: ffff8881024d9080 R12: ffffc90000f23da0
[  367.097297][T16535] R13: 0000000000001000 R14: ffffffff88df0020 R15: 000020000000e380
[  367.097312][T16535]  ? iov_iter_zero+0x269/0xca0
[  367.097373][T16535]  iov_iter_zero+0x288/0xca0
[  367.097470][T16535]  ? _parse_integer+0x27/0x30
[  367.097498][T16535]  ? iovec_from_user+0x17e/0x210
[  367.097561][T16535]  read_iter_zero+0x5e/0x1e0
[  367.097625][T16535]  do_iter_readv_writev+0x40d/0x4b0
[  367.097657][T16535]  vfs_readv+0x1e1/0x660
[  367.097674][T16535]  ? proc_fail_nth_write+0x12d/0x160
[  367.097698][T16535]  __se_sys_preadv2+0x103/0x1d0
[  367.097739][T16535]  __x64_sys_preadv2+0x78/0x90
[  367.097802][T16535]  x64_sys_call+0x27f7/0x2e10
[  367.097822][T16535]  do_syscall_64+0xc9/0x1c0
[  367.097857][T16535]  ? clear_bhb_loop+0x25/0x80
[  367.097875][T16535]  ? clear_bhb_loop+0x25/0x80
[  367.097893][T16535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.097911][T16535] RIP: 0033:0x7febbe04d169
[  367.097924][T16535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.097987][T16535] RSP: 002b:00007febbc6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[  367.098002][T16535] RAX: ffffffffffffffda RBX: 00007febbe265fa0 RCX: 00007febbe04d169
[  367.098013][T16535] RDX: 0000000000000002 RSI: 0000200000001540 RDI: 0000000000000003
[  367.098023][T16535] RBP: 00007febbc6b7090 R08: 0000000000000000 R09: 0000000000000000
[  367.098034][T16535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  367.098044][T16535] R13: 0000000000000000 R14: 00007febbe265fa0 R15: 00007fffa2fbbe78
[  367.098081][T16535]  </TASK>
[  367.432305][T16542] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  367.545176][T16552] loop0: detected capacity change from 0 to 128
[  367.576372][T16552] ext4 filesystem being mounted at /184/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  367.621138][T16560] loop8: detected capacity change from 0 to 1024
[  367.630701][T16559] loop6: detected capacity change from 0 to 512
[  367.638185][T16560] EXT4-fs: quotafile must be on filesystem root
[  367.665159][T16564] vhci_hcd: invalid port number 190
[  367.670512][T16564] vhci_hcd: invalid port number 190
[  367.680299][T16559] EXT4-fs (loop6): 1 orphan inode deleted
[  367.686913][T16564] netlink: 144 bytes leftover after parsing attributes in process `syz.7.3837'.
[  367.700286][ T5233] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:12: Failed to release dquot type 1
[  367.721873][T16559] ext4 filesystem being mounted at /467/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  367.799391][T16559] netlink: 'syz.6.3835': attribute type 10 has an invalid length.
[  367.868418][ T5274] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:46: Failed to release dquot type 1
[  367.942893][T16582] loop6: detected capacity change from 0 to 128
[  367.951835][T16582] ext4 filesystem being mounted at /470/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  367.991004][T16585] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  368.074280][T16587] FAULT_INJECTION: forcing a failure.
[  368.074280][T16587] name failslab, interval 1, probability 0, space 0, times 0
[  368.087131][T16587] CPU: 1 UID: 0 PID: 16587 Comm: syz.8.3843 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  368.087158][T16587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  368.087246][T16587] Call Trace:
[  368.087253][T16587]  <TASK>
[  368.087262][T16587]  dump_stack_lvl+0xf6/0x150
[  368.087302][T16587]  dump_stack+0x15/0x1a
[  368.087319][T16587]  should_fail_ex+0x261/0x270
[  368.087353][T16587]  should_failslab+0x8f/0xb0
[  368.087391][T16587]  __kmalloc_cache_noprof+0x55/0x320
[  368.087419][T16587]  ? kobject_uevent_env+0x1a4/0x550
[  368.087497][T16587]  ? __pfx_dev_uevent_name+0x10/0x10
[  368.087527][T16587]  kobject_uevent_env+0x1a4/0x550
[  368.087550][T16587]  ? device_remove_attrs+0x14f/0x190
[  368.087631][T16587]  kobject_uevent+0x1c/0x30
[  368.087653][T16587]  device_del+0x6fc/0x780
[  368.087673][T16587]  ? __try_to_del_timer_sync+0x14a/0x160
[  368.087724][T16587]  device_unregister+0x15/0x40
[  368.087809][T16587]  wakeup_source_sysfs_remove+0x25/0x30
[  368.087833][T16587]  wakeup_source_unregister+0xee/0x110
[  368.087872][T16587]  ep_destroy_wakeup_source+0x3a/0x50
[  368.087897][T16587]  ep_modify+0xab/0x440
[  368.087919][T16587]  do_epoll_ctl+0x4bb/0x920
[  368.087962][T16587]  __x64_sys_epoll_ctl+0xcb/0xf0
[  368.087987][T16587]  x64_sys_call+0x2789/0x2e10
[  368.088010][T16587]  do_syscall_64+0xc9/0x1c0
[  368.088040][T16587]  ? clear_bhb_loop+0x25/0x80
[  368.088062][T16587]  ? clear_bhb_loop+0x25/0x80
[  368.088112][T16587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.088138][T16587] RIP: 0033:0x7f09ccaad169
[  368.088155][T16587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.088225][T16587] RSP: 002b:00007f09cb117038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  368.088245][T16587] RAX: ffffffffffffffda RBX: 00007f09cccc5fa0 RCX: 00007f09ccaad169
[  368.088258][T16587] RDX: 0000000000000005 RSI: 0000000000000003 RDI: 0000000000000004
[  368.088325][T16587] RBP: 00007f09cb117090 R08: 0000000000000000 R09: 0000000000000000
[  368.088338][T16587] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  368.088350][T16587] R13: 0000000000000000 R14: 00007f09cccc5fa0 R15: 00007fff1cc15b08
[  368.088412][T16587]  </TASK>
[  368.331456][T16590] loop8: detected capacity change from 0 to 512
[  368.338062][T16590] EXT4-fs: Ignoring removed mblk_io_submit option
[  368.703482][T16590] loop8: detected capacity change from 0 to 256
[  368.715345][T16590] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  368.813537][T16596] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3845'.
[  368.989615][T16610] ipt_REJECT: TCP_RESET invalid for non-tcp
[  369.070938][T16602] loop8: detected capacity change from 0 to 2048
[  369.139687][T16602] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3848'.
[  369.181475][   T29] kauditd_printk_skb: 287 callbacks suppressed
[  369.181497][   T29] audit: type=1326 audit(1743959793.307:15127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.8.3855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  369.181760][T16624] FAULT_INJECTION: forcing a failure.
[  369.181760][T16624] name failslab, interval 1, probability 0, space 0, times 0
[  369.211517][   T29] audit: type=1326 audit(1743959793.307:15128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.8.3855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f09ccaabad0 code=0x7ffc0000
[  369.211560][   T29] audit: type=1326 audit(1743959793.307:15129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.8.3855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f09ccaabc1f code=0x7ffc0000
[  369.224402][T16624] CPU: 1 UID: 0 PID: 16624 Comm: syz.8.3855 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  369.224440][T16624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  369.224456][T16624] Call Trace:
[  369.224467][T16624]  <TASK>
[  369.224503][T16624]  dump_stack_lvl+0xf6/0x150
[  369.224535][T16624]  dump_stack+0x15/0x1a
[  369.224619][T16624]  should_fail_ex+0x261/0x270
[  369.224656][T16624]  should_failslab+0x8f/0xb0
[  369.224750][T16624]  __kmalloc_cache_noprof+0x55/0x320
[  369.224780][T16624]  ? audit_log_d_path+0x8e/0x150
[  369.224813][T16624]  audit_log_d_path+0x8e/0x150
[  369.224843][T16624]  audit_log_d_path_exe+0x42/0x70
[  369.224873][T16624]  audit_log_task+0x1f1/0x250
[  369.224945][T16624]  audit_seccomp+0x68/0x130
[  369.225037][T16624]  __seccomp_filter+0x694/0x10e0
[  369.225077][T16624]  ? vfs_write+0x669/0x950
[  369.225122][T16624]  __secure_computing+0x7e/0x160
[  369.225159][T16624]  syscall_trace_enter+0xcf/0x1f0
[  369.225268][T16624]  ? fpregs_assert_state_consistent+0x83/0xa0
[  369.225358][T16624]  do_syscall_64+0xaa/0x1c0
[  369.225396][T16624]  ? clear_bhb_loop+0x25/0x80
[  369.225424][T16624]  ? clear_bhb_loop+0x25/0x80
[  369.225504][T16624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.225532][T16624] RIP: 0033:0x7f09ccaad169
[  369.225553][T16624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.225576][T16624] RSP: 002b:00007f09cb117038 EFLAGS: 00000246 ORIG_RAX: 000000000000008c
[  369.225657][T16624] RAX: ffffffffffffffda RBX: 00007f09cccc5fa0 RCX: 00007f09ccaad169
[  369.225673][T16624] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000001
[  369.225692][T16624] RBP: 00007f09cb117090 R08: 0000000000000000 R09: 0000000000000000
[  369.225708][T16624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.225724][T16624] R13: 0000000000000000 R14: 00007f09cccc5fa0 R15: 00007fff1cc15b08
[  369.225750][T16624]  </TASK>
[  369.331215][T16628] loop8: detected capacity change from 0 to 128
[  369.333620][   T29] audit: type=1326 audit(1743959793.307:15130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.8.3855" exe="<no_memory>" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  369.463935][T16629] sd 0:0:1:0: device reset
[  369.467417][   T29] audit: type=1326 audit(1743959793.357:15131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.8.3855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f09ccaabb7c code=0x7ffc0000
[  369.467452][   T29] audit: type=1326 audit(1743959793.357:15132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.8.3855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f09ccaabc1f code=0x7ffc0000
[  369.511385][T16629] loop0: detected capacity change from 0 to 512
[  369.528306][   T29] audit: type=1326 audit(1743959793.357:15133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.8.3855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f09ccaabdca code=0x7ffc0000
[  369.554744][T16629] EXT4-fs: Ignoring removed nobh option
[  369.557987][   T29] audit: type=1326 audit(1743959793.357:15134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.8.3855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09ccaad169 code=0x7ffc0000
[  369.558026][   T29] audit: type=1400 audit(1743959793.417:15135): avc:  denied  { lock } for  pid=16625 comm="syz.0.3856" path="socket:[51455]" dev="sockfs" ino=51455 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  369.589744][T16628] ext4 filesystem being mounted at /230/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  369.674066][T16629] EXT4-fs error (device loop0): ext4_do_update_inode:5182: inode #16: comm syz.0.3856: corrupted inode contents
[  369.691707][T16629] EXT4-fs (loop0): Remounting filesystem read-only
[  369.698521][T16629] EXT4-fs (loop0): 1 truncate cleaned up
[  369.704811][T16629] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  369.718735][ T5259] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  369.729572][ T5259] Quota error (device loop0): write_blk: dquota write failed
[  369.737026][ T5259] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  369.772045][ T5259] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  369.789875][T16637] loop7: detected capacity change from 0 to 128
[  369.808680][T16637] EXT4-fs mount: 72 callbacks suppressed
[  369.808701][T16637] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  369.829114][T16637] ext4 filesystem being mounted at /280/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  369.977526][T16645] sch_tbf: burst 2784 is lower than device lo mtu (65550) !
[  370.009784][T16647] FAULT_INJECTION: forcing a failure.
[  370.009784][T16647] name failslab, interval 1, probability 0, space 0, times 0
[  370.022633][T16647] CPU: 0 UID: 0 PID: 16647 Comm: syz.6.3862 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  370.022669][T16647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  370.022685][T16647] Call Trace:
[  370.022695][T16647]  <TASK>
[  370.022705][T16647]  dump_stack_lvl+0xf6/0x150
[  370.022753][T16647]  dump_stack+0x15/0x1a
[  370.022836][T16647]  should_fail_ex+0x261/0x270
[  370.022872][T16647]  should_failslab+0x8f/0xb0
[  370.022972][T16647]  __kmalloc_cache_noprof+0x55/0x320
[  370.023002][T16647]  ? kobject_uevent_env+0x1a4/0x550
[  370.023032][T16647]  ? __pfx_dev_uevent_name+0x10/0x10
[  370.023063][T16647]  kobject_uevent_env+0x1a4/0x550
[  370.023134][T16647]  ? device_remove_attrs+0x14f/0x190
[  370.023235][T16647]  kobject_uevent+0x1c/0x30
[  370.023258][T16647]  device_del+0x6fc/0x780
[  370.023281][T16647]  ? __try_to_del_timer_sync+0x14a/0x160
[  370.023313][T16647]  device_unregister+0x15/0x40
[  370.023337][T16647]  wakeup_source_sysfs_remove+0x25/0x30
[  370.023372][T16647]  wakeup_source_unregister+0xee/0x110
[  370.023431][T16647]  ep_destroy_wakeup_source+0x3a/0x50
[  370.023457][T16647]  ep_modify+0xab/0x440
[  370.023519][T16647]  do_epoll_ctl+0x4bb/0x920
[  370.023546][T16647]  __x64_sys_epoll_ctl+0xcb/0xf0
[  370.023570][T16647]  x64_sys_call+0x2789/0x2e10
[  370.023594][T16647]  do_syscall_64+0xc9/0x1c0
[  370.023631][T16647]  ? clear_bhb_loop+0x25/0x80
[  370.023693][T16647]  ? clear_bhb_loop+0x25/0x80
[  370.023720][T16647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.023747][T16647] RIP: 0033:0x7ff62a06d169
[  370.023764][T16647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.023896][T16647] RSP: 002b:00007ff6286cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  370.023920][T16647] RAX: ffffffffffffffda RBX: 00007ff62a285fa0 RCX: 00007ff62a06d169
[  370.023932][T16647] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000005
[  370.023944][T16647] RBP: 00007ff6286cf090 R08: 0000000000000000 R09: 0000000000000000
[  370.023957][T16647] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  370.023970][T16647] R13: 0000000000000000 R14: 00007ff62a285fa0 R15: 00007fff4177e9c8
[  370.023990][T16647]  </TASK>
[  370.257445][T16650] loop0: detected capacity change from 0 to 512
[  370.264315][T16650] EXT4-fs: Ignoring removed oldalloc option
[  370.278037][T16650] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.3863: Parent and EA inode have the same ino 15
[  370.308356][T16650] EXT4-fs (loop0): Remounting filesystem read-only
[  370.314955][T16650] EXT4-fs warning (device loop0): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  370.394315][T16434] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.407831][T16650] EXT4-fs (loop0): 1 orphan inode deleted
[  370.415180][T16650] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.419538][T16434] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.439177][T16434] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.453007][T16434] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.471798][T13411] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.520747][T16660] ==================================================================
[  370.528890][T16660] BUG: KCSAN: data-race in call_rcu / mtree_range_walk
[  370.535762][T16660] 
[  370.538097][T16660] write to 0xffff88810433e210 of 8 bytes by task 16657 on cpu 1:
[  370.545844][T16660]  call_rcu+0x3d/0x430
[  370.549937][T16660]  mas_replace_node+0x2fd/0x430
[  370.554799][T16660]  mas_wr_store_entry+0x1e80/0x2460
[  370.560013][T16660]  mas_store_prealloc+0x6d5/0x960
[  370.565053][T16660]  vma_iter_store_new+0x1d3/0x210
[  370.570083][T16660]  vma_complete+0x12b/0x570
[  370.574610][T16660]  __split_vma+0x56c/0x630
[  370.579038][T16660]  vma_modify+0x105/0x200
[  370.583385][T16660]  vma_modify_flags+0x10a/0x140
[  370.588255][T16660]  mprotect_fixup+0x30f/0x5d0
[  370.592936][T16660]  do_mprotect_pkey+0x6ce/0x9a0
[  370.597881][T16660]  __x64_sys_mprotect+0x48/0x60
[  370.603006][T16660]  x64_sys_call+0x272f/0x2e10
[  370.607696][T16660]  do_syscall_64+0xc9/0x1c0
[  370.612226][T16660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.618130][T16660] 
[  370.620455][T16660] read to 0xffff88810433e210 of 8 bytes by task 16660 on cpu 0:
[  370.628193][T16660]  mtree_range_walk+0x1b3/0x460
[  370.633066][T16660]  mas_walk+0x16e/0x320
[  370.637232][T16660]  lock_vma_under_rcu+0xa7/0x340
[  370.642200][T16660]  exc_page_fault+0x150/0x6a0
[  370.647075][T16660]  asm_exc_page_fault+0x26/0x30
[  370.651964][T16660] 
[  370.654297][T16660] value changed: 0x000000110e22ffff -> 0xffffffff85629830
[  370.661436][T16660] 
[  370.663766][T16660] Reported by Kernel Concurrency Sanitizer on:
[  370.669927][T16660] CPU: 0 UID: 0 PID: 16660 Comm: syz.6.3866 Not tainted 6.14.0-syzkaller-13524-gf4d2ef48250a #0 PREEMPT(voluntary) 
[  370.682100][T16660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  370.692287][T16660] ==================================================================
[  370.818853][T12017] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  370.945134][T13259] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.