last executing test programs:

3.089761429s ago: executing program 3 (id=209):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x9}, 0x0, 0x10000, 0x0, 0x6, 0x2000000000008, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x18)
r3 = memfd_create(&(0x7f0000000280)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r3, &(0x7f0000001880)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@fadd={0x58, 0x114, 0x6, {{0x5, 0x6}, &(0x7f0000000400)=0x7, 0x0, 0xf, 0x4, 0x9, 0xfffffffffffffff9, 0x22, 0x7}}], 0x58, 0x8000}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000200)={0x1, &(0x7f0000000240)=[{0x4, 0x0, 0x2, 0x7ffc1ffb}]})
openat$tun(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
keyctl$session_to_parent(0x12)
sched_setscheduler(0x0, 0x5, &(0x7f0000000080)=0x3)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000040))
socket(0x10, 0x80002, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x789, &(0x7f0000000fc0)="$eJzs3c1rXFUbAPDnTpKmTfu+iSBo3RgQNFA6MTW2CgoVFyJYKOjadphMQ80kUzKT0oSALSK4EVRcCLrpyoUfdefWj63+Fy7EUjUtVlxI5E5m0kkzk07SZCaa3w9u5px77+ScZ879ODPncm8Ae9Zw+icTcTgi3ksiBmvzk4joq6Z6I06urHd7aTGfTkksL7/6W1Jd59bSYj4a3pM6WMs8HBHfvR1xJLO+3PL8wlSuWCzM1vKjlekLo+X5haPnp3OThcnCzPGx8fFjJ54+cXz7Yv3jx4VD199/6YkvT/711kPX3v0+iZNxqLasMY4te35tdjiGa59JX/oRrvHifRe2uyTdrgBbku6aPSt7eRyOweippgCA/7I3I2IZANhjEud/ANhj6r8D3FpazNen7v4i0Vk3XoiI/Svx18c3V5b01sbs9lfHQQduJWtGRpKIGNqG8ocj4pOvX/88nWK7xiEB2nD5SkScHRpef/xP1l2zsFlPbrBsX+11+K75aflGoKEzvkn7P8806/9lVvs/0aT/099k392KZvt/EnF5dcaBbShkAzc+jXiu4dq22w3x1wz11HL/q/b5+pJz54uF9Nj2/4gYib7+ND+2QRkjN/++2WpZY//v9w/e+CwtP329s0bml97+te+ZyFVy9xNzoxtXIh7pbRZ/str+SYv+7+k2y3j52Xc+brUsjT+Ntz6ti7/a/jt3Rli+GvF40/a/c0VbsuH1iaPVzWG0vlE08dVPHw20Kr+x/dMpLb/+XaAT0vYf2Dj+oaTxes3y5sv44ergt62W3Tv+5tv/vuS1arrej7iUq1RmxyL2Ja+sn3/sznsv5R6tpVbWT+Mfeaz5/r/R9p9+JzzbZvy913/9Yuvx76w0/olNtf/mE9duT/W0Kr+99h+vpkZqc9o5/rVbwfv57AAAAAAAAAAAAAAAAAAAAAAAAACgXZmIOBRJJruazmSy2ZVneD8YA5liqVw5cq40NzMR1WdlD0Vfpn6ry8GG+6GO1e6HX88fuyv/VEQ8EBEf9h9I6vdRnOhy7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQd7DF8/9TP/d3u3YAwI7Z3+0KAAAd5/wPAHuP8z8A7D3tnf97drweAEDn+P4PAHuP8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA77PSpU+m0/OfSYj7NT1ycn5sqXTw6UShPZafn8tl8afZCdrJUmiwWsvnS9L3+X7FUujAeM3OXRiuFcmW0PL9wZro0N1M5c346N1k4U+jrSFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDnl+YWpXLFYmJXYQmJ5d1Sj+4me2ua0W+rT0USyO6qxzYkuH5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/iX+CQAA//8vWSHt")
socket$nl_generic(0x10, 0x3, 0x10)

2.212786445s ago: executing program 3 (id=218):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
socket$inet6(0xa, 0x2, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b90402000000008000000000150010001400259070f409000d2000000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee05e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5e08001b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6cce50dd6e4edef3d939acd92954b43370e970100"/216, 0xd8}], 0x1}, 0x0)

1.997575997s ago: executing program 3 (id=220):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="160000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0x2000000000000101, &(0x7f0000000640)=ANY=[], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x0, 0x0})
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
io_setup(0x8f0, &(0x7f0000002400))

1.860800928s ago: executing program 3 (id=223):
r0 = socket(0x25, 0x5, 0x0)
sendmsg$inet_sctp(r0, &(0x7f0000001640)={0x0, 0x0, 0x0}, 0x280400d5)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000380)=r4}, 0x20)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r6, 0x84, 0x6e, &(0x7f0000000040)=[@in={0x2, 0x4e21, @private=0xa010101}], 0x10)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f0000000200)=0x2, 0x4)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f0000000100)=0x2, 0x4)
recvmsg$unix(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000009c0)=""/181, 0xb5}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x511a01, 0x80)

1.62839675s ago: executing program 1 (id=227):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x2, &(0x7f0000000000)=[{0x8, 0x80, 0x3, 0x5}, {0xea, 0x9, 0x9, 0x8}]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000140)=@fragment={0xb6, 0x0, 0x92, 0x0, 0x0, 0x1b, 0x65}, 0x8)
sendto$inet6(r1, 0x0, 0xffffffffffffff2e, 0x404cc40, &(0x7f0000000040)={0xa, 0x4e22, 0xffffff7c, @mcast2, 0x7}, 0x1c)
r2 = gettid()
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r5)
sendmsg$IEEE802154_LIST_PHY(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x14, r7, 0x30b, 0x0, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4044}, 0x20000004)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000022007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file2\x00', 0xc8d0, &(0x7f0000000100)=ANY=[@ANYRES8], 0x1, 0x30e, &(0x7f0000000ac0)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{0x5, 0x2, 0x80, 0xfffffff1}]})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='netfs_rreq\x00', r8, 0x0, 0x5}, 0x18)
truncate(&(0x7f0000000900)='./file1\x00', 0x24b9)

1.389464141s ago: executing program 0 (id=230):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
socket$inet6(0xa, 0x2, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b90402000000008000000000150010001400259070f409000d2000000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee05e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5e08001b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6cce50dd6e4edef3d939acd92954b43370e970100"/216, 0xd8}], 0x1}, 0x0)

1.359037412s ago: executing program 0 (id=231):
r0 = gettid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
read$qrtrtun(r6, 0x0, 0xeffd)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10)

1.060684313s ago: executing program 4 (id=233):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = accept(r0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r1)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x5c, r3, 0x20, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}]}, 0x5c}}, 0x40024)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffe97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f00005a4000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x2c, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x8000)
io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000004700)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r9, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)

997.292014ms ago: executing program 4 (id=234):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x6, 0x3, 0x7ffcfffc}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000400)={0x0, 0x1, 0xffffffffffffffff, 0x4, 0x80000})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x4})
epoll_pwait(r4, &(0x7f0000002500)=[{}], 0x1, 0x30, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0x40505330, &(0x7f0000000bc0)={{0x0, 0x1}, {0xe}, 0x2, 0x6, 0x2e})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000a00)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r6, 0x0, 0x10000001}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1002430, &(0x7f0000000440)={[{@quota}, {@noquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r8)
rmdir(&(0x7f0000000000)='./file0\x00')

992.809274ms ago: executing program 3 (id=235):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="80000000", @ANYRES16=r2, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900040000005300000057000e"], 0x80}}, 0x0)
r3 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="14000000f303010000000000000000000a00000a1400"], 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0xb8, r2, 0x800, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x8e, 0x5b, "abaf9631b81f11154c4224db5b8ae76256d47c186c44cf9387625688c2398fec9a4f7d9685a0f410f325e5b02a3833910d16aff365622d03288587a5983ba843fcfa5ac0ea3482d1f20f417ccc9bb816206ac96bd14e0f1353a7c67964f14befec4e3ee5ebe10c09188d88db74d912b1af611ebe38d4802c11e89bb9bf4dffbd046ca69ce8de48e2d3d7"}, @NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x8000}]}, 0xb8}, 0x1, 0x0, 0x0, 0x190}, 0x20000000)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)={0x220000, 0x3, 0xffffeffe, 0x4, 0xebe, 0xcd})
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r5, &(0x7f0000000280)={0x1f, @none}, 0x8)
listen(r5, 0x7)
connect$bt_sco(r5, &(0x7f0000000000)={0x1f, @none}, 0x8)
io_setup(0x202, &(0x7f0000000200))
r6 = socket$kcm(0x1e, 0x4, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000480)='skb_copy_datagram_iovec\x00', r8, 0x0, 0x8}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
shmctl$IPC_RMID(0x0, 0x13)
setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r9 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r9, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r10 = timerfd_create(0x0, 0x0)
timerfd_settime(r10, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
read(r10, &(0x7f0000000240)=""/123, 0x7b)
clock_adjtime(0x0, &(0x7f0000000040)={0xd51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xe438, 0x0, 0x3})
write$cgroup_subtree(r9, &(0x7f0000000040)=ANY=[], 0x101d0)
sendmsg$kcm(r9, &(0x7f00000001c0)={&(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x3, {{0x41}, 0x5}}, 0x80, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0x1458}, 0x48800)

944.099674ms ago: executing program 4 (id=237):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000001000000070000000c"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)='%-5lx  \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x18)
iopl(0x63)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000a80)=ANY=[@ANYBLOB="7f454c4600070284ff7f0000000000000300060003000000a400000038000000aa00000007000000a70b2000010026840400000800000000030000000700000000000000ff070000c300000000020000020000000d000000"], 0x58)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='.\x00', 0x2000775)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000040)={0x0, 0x10000, 0x1000, 0x101, 0x1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x0, &(0x7f0000000000/0x400000)=nil)
r4 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x59d6, 0x2, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
write$P9_RREADLINK(r6, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
r7 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r7, 0x400, 0x1)
fremovexattr(r7, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48)

799.742135ms ago: executing program 2 (id=239):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000001380)=@sr0, 0x0, &(0x7f0000001680)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000680)='sched_switch\x00', r0}, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x187842, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000100)={0x3920e, r3, 0x10004, 0x4, 0x3, 0x86})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x60263, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f00000003c0)=[{0x0}], 0x1)
writev(r7, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb07000000000000000000010000004500000025000000190004000400ad0002000000000000060400", 0x32}], 0x1)
socket$netlink(0x10, 0x3, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000002c0)={0x4, &(0x7f0000000000)=[{0x7, 0x9, 0x5, 0x28a}, {0x3, 0x2, 0x84, 0x197df479}, {0x5, 0x5, 0x87, 0x5}, {0x4, 0x9, 0x3f}]})
close_range(r8, 0xffffffffffffffff, 0x0)
sendmsg$inet(r5, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/13, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

762.801306ms ago: executing program 2 (id=240):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x1002002, 0x0)
r1 = dup(r0)
r2 = open(0x0, 0x40542, 0x0)
ftruncate(r2, 0xee72)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0, 0x3}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x14d9, &(0x7f0000000480)={0x0, 0x5121, 0x0, 0x3, 0x257}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000080)=@IORING_OP_SYMLINKAT={0x26, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)='./file1\x00'})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa20000000001f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070011000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r11, 0x0, 0x3}, 0x18)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000100)='./bus\x00', &(0x7f0000000400)='efivarfs\x00', 0x280004, &(0x7f0000000300)='&}\\o+\\&{\x00')
sendfile(r1, r2, 0x0, 0x8000fffffffe)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a0b0400000000000000000200000018000480140001800a0001006d61746368000000040002800900020073797a320000000009004a0073797a3000000000140000001100000000000000000000000a"], 0x6c}}, 0x4048010)

716.327076ms ago: executing program 4 (id=241):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r3 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="14000000f303010000000000000000000a00000a1400"], 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0xb8, r2, 0x800, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x8e, 0x5b, "abaf9631b81f11154c4224db5b8ae76256d47c186c44cf9387625688c2398fec9a4f7d9685a0f410f325e5b02a3833910d16aff365622d03288587a5983ba843fcfa5ac0ea3482d1f20f417ccc9bb816206ac96bd14e0f1353a7c67964f14befec4e3ee5ebe10c09188d88db74d912b1af611ebe38d4802c11e89bb9bf4dffbd046ca69ce8de48e2d3d7"}, @NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x8000}]}, 0xb8}, 0x1, 0x0, 0x0, 0x190}, 0x20000000)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)={0x220000, 0x3, 0xffffeffe, 0x4, 0xebe, 0xcd})
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r5, &(0x7f0000000280)={0x1f, @none}, 0x8)
listen(r5, 0x7)
connect$bt_sco(r5, &(0x7f0000000000)={0x1f, @none}, 0x8)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffa)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000480)='skb_copy_datagram_iovec\x00', r7, 0x0, 0x8}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
shmctl$IPC_RMID(0x0, 0x13)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r8 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r8, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r9 = timerfd_create(0x0, 0x0)
timerfd_settime(r9, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
sendmsg$kcm(r8, &(0x7f00000001c0)={&(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x3, {{0x41}, 0x5}}, 0x80, 0x0, 0x0, &(0x7f0000000900)=ANY=[], 0x1458}, 0x48800)

650.399546ms ago: executing program 1 (id=242):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000134c0)={[{@dioread_nolock}, {@noauto_da_alloc}, {@inlinecrypt}, {@sysvgroups}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x7f}}, {@data_err_ignore}, {@grpquota}, {@dioread_nolock}, {@user_xattr}, {@resuid}, {@quota}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305828, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x100, 0x100000002})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000140), &(0x7f0000000040)='%pI4   \x00'}, 0x2a)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xe7c)

596.062687ms ago: executing program 2 (id=243):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="80000000", @ANYRES16=r2, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900040000005300000057000e"], 0x80}}, 0x0)
r3 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="14000000f303010000000000000000000a00000a1400"], 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0xb8, r2, 0x800, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x8e, 0x5b, "abaf9631b81f11154c4224db5b8ae76256d47c186c44cf9387625688c2398fec9a4f7d9685a0f410f325e5b02a3833910d16aff365622d03288587a5983ba843fcfa5ac0ea3482d1f20f417ccc9bb816206ac96bd14e0f1353a7c67964f14befec4e3ee5ebe10c09188d88db74d912b1af611ebe38d4802c11e89bb9bf4dffbd046ca69ce8de48e2d3d7"}, @NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x8000}]}, 0xb8}, 0x1, 0x0, 0x0, 0x190}, 0x20000000)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)={0x220000, 0x3, 0xffffeffe, 0x4, 0xebe, 0xcd})
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r5, &(0x7f0000000280)={0x1f, @none}, 0x8)
connect$bt_sco(r5, &(0x7f0000000000)={0x1f, @none}, 0x8)
io_setup(0x202, &(0x7f0000000200))
r6 = socket$kcm(0x1e, 0x4, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000480)='skb_copy_datagram_iovec\x00', r8, 0x0, 0x8}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
shmctl$IPC_RMID(0x0, 0x13)
setsockopt$sock_attach_bpf(r6, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r9 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r9, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r10 = timerfd_create(0x0, 0x0)
timerfd_settime(r10, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000040)={0xd51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xe438, 0x0, 0x3})

464.904637ms ago: executing program 4 (id=244):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="160000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0x2000000000000101, &(0x7f0000000640)=ANY=[], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x0, 0x0})
bind$inet(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
io_setup(0x8f0, &(0x7f0000002400))

439.805388ms ago: executing program 1 (id=245):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = accept(r0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r1)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x5c, r3, 0x20, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}]}, 0x5c}}, 0x40024)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffe97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f00005a4000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x2c, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x18)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x8000)
io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000004700)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r9, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)

438.928048ms ago: executing program 0 (id=246):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xfdffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="0000000000000000b703000000030000850000001b000000b700000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x4}, 0x18)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x3e}, @remote, @remote, 0x3, 0x2, 0x0, 0x0, 0xb7, 0x2000213, r4})
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'macvlan1\x00', <r6=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000004c0)={r6, 0x3, 0x6, @random="5e1cf8b4c253"}, 0x10)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/vlan/vlan0\x00')
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000000c0)={r6, 0x3, 0x6, @random="cea0300a1672"}, 0x10)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r7, 0x8955, &(0x7f0000000180)={{0x2, 0x4e21, @empty}, {0x20000010304, @local}, 0x4, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x2e}}})

421.238558ms ago: executing program 2 (id=247):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x6, 0x3, 0x7ffcfffc}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000400)={0x0, 0x1, 0xffffffffffffffff, 0x4, 0x80000})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x4})
epoll_pwait(r4, &(0x7f0000002500)=[{}], 0x1, 0x30, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0x40505330, &(0x7f0000000bc0)={{0x0, 0x1}, {0xe}, 0x2, 0x6, 0x2e})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000a00)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r6, 0x0, 0x10000001}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1002430, &(0x7f0000000440)={[{@quota}, {@noquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r8)
rmdir(&(0x7f0000000000)='./file0\x00')

378.235148ms ago: executing program 4 (id=248):
r0 = gettid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
read$qrtrtun(r5, 0x0, 0xeffd)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
sync_file_range(r6, 0x2, 0x8, 0xb)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r7}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
setsockopt$CAN_RAW_FD_FRAMES(r7, 0x65, 0x5, &(0x7f0000000080), 0x4)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000400)={@local, @remote, 0x1, 0x6, [@local, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @broadcast, @dev={0xac, 0x14, 0x14, 0x14}, @rand_addr=0x64010102]}, 0x28)

367.108768ms ago: executing program 0 (id=249):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = dup(r1)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4)

317.580209ms ago: executing program 2 (id=250):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000001000000070000000c"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)='%-5lx  \x00'}, 0x20)
iopl(0x63)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000a80)=ANY=[@ANYBLOB="7f454c4600070284ff7f0000000000000300060003000000a400000038000000aa00000007000000a70b2000010026840400000800000000030000000700000000000000ff070000c300000000020000020000000d000000"], 0x58)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={0x0, 0x10000, 0x1000, 0x101, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x59d6, 0x2, 0x2})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x2000)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080))

295.713199ms ago: executing program 0 (id=251):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000001000000070000000c"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)='%-5lx  \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x18)
iopl(0x63)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000a80)=ANY=[@ANYBLOB="7f454c4600070284ff7f0000000000000300060003000000a400000038000000aa00000007000000a70b2000010026840400000800000000030000000700000000000000ff070000c300000000020000020000000d000000"], 0x58)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='.\x00', 0x2000775)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000040)={0x0, 0x10000, 0x1000, 0x101, 0x1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x0, &(0x7f0000000000/0x400000)=nil)
r4 = io_uring_setup(0x6c4, &(0x7f0000000080)={0x0, 0x59d6, 0x2, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
write$P9_RREADLINK(r6, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
r7 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r7, 0x400, 0x1)
fremovexattr(r7, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48)

283.075958ms ago: executing program 2 (id=252):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x9}, 0x0, 0x10000, 0x0, 0x6, 0x2000000000008, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x18)
r3 = memfd_create(&(0x7f0000000280)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r3, &(0x7f0000001880)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000800)=[@fadd={0x58, 0x114, 0x6, {{0x5, 0x6}, &(0x7f0000000400)=0x7, 0x0, 0xf, 0x4, 0x9, 0xfffffffffffffff9, 0x22, 0x7}}], 0x58, 0x8000}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000200)={0x1, &(0x7f0000000240)=[{0x4, 0x0, 0x2, 0x7ffc1ffb}]})
openat$tun(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
keyctl$session_to_parent(0x12)
sched_setscheduler(0x0, 0x5, &(0x7f0000000080)=0x3)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000040))
socket(0x10, 0x80002, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x789, &(0x7f0000000fc0)="$eJzs3c1rXFUbAPDnTpKmTfu+iSBo3RgQNFA6MTW2CgoVFyJYKOjadphMQ80kUzKT0oSALSK4EVRcCLrpyoUfdefWj63+Fy7EUjUtVlxI5E5m0kkzk07SZCaa3w9u5px77+ScZ879ODPncm8Ae9Zw+icTcTgi3ksiBmvzk4joq6Z6I06urHd7aTGfTkksL7/6W1Jd59bSYj4a3pM6WMs8HBHfvR1xJLO+3PL8wlSuWCzM1vKjlekLo+X5haPnp3OThcnCzPGx8fFjJ54+cXz7Yv3jx4VD199/6YkvT/711kPX3v0+iZNxqLasMY4te35tdjiGa59JX/oRrvHifRe2uyTdrgBbku6aPSt7eRyOweippgCA/7I3I2IZANhjEud/ANhj6r8D3FpazNen7v4i0Vk3XoiI/Svx18c3V5b01sbs9lfHQQduJWtGRpKIGNqG8ocj4pOvX/88nWK7xiEB2nD5SkScHRpef/xP1l2zsFlPbrBsX+11+K75aflGoKEzvkn7P8806/9lVvs/0aT/099k392KZvt/EnF5dcaBbShkAzc+jXiu4dq22w3x1wz11HL/q/b5+pJz54uF9Nj2/4gYib7+ND+2QRkjN/++2WpZY//v9w/e+CwtP329s0bml97+te+ZyFVy9xNzoxtXIh7pbRZ/str+SYv+7+k2y3j52Xc+brUsjT+Ntz6ti7/a/jt3Rli+GvF40/a/c0VbsuH1iaPVzWG0vlE08dVPHw20Kr+x/dMpLb/+XaAT0vYf2Dj+oaTxes3y5sv44ergt62W3Tv+5tv/vuS1arrej7iUq1RmxyL2Ja+sn3/sznsv5R6tpVbWT+Mfeaz5/r/R9p9+JzzbZvy913/9Yuvx76w0/olNtf/mE9duT/W0Kr+99h+vpkZqc9o5/rVbwfv57AAAAAAAAAAAAAAAAAAAAAAAAACgXZmIOBRJJruazmSy2ZVneD8YA5liqVw5cq40NzMR1WdlD0Vfpn6ry8GG+6GO1e6HX88fuyv/VEQ8EBEf9h9I6vdRnOhy7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQd7DF8/9TP/d3u3YAwI7Z3+0KAAAd5/wPAHuP8z8A7D3tnf97drweAEDn+P4PAHuP8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA77PSpU+m0/OfSYj7NT1ycn5sqXTw6UShPZafn8tl8afZCdrJUmiwWsvnS9L3+X7FUujAeM3OXRiuFcmW0PL9wZro0N1M5c346N1k4U+jrSFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDnl+YWpXLFYmJXYQmJ5d1Sj+4me2ua0W+rT0USyO6qxzYkuH5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/iX+CQAA//8vWSHt")
socket$nl_generic(0x10, 0x3, 0x10)

270.569639ms ago: executing program 1 (id=253):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x1002002, 0x0)
r1 = dup(r0)
r2 = open(0x0, 0x40542, 0x0)
ftruncate(r2, 0xee72)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0, 0x3}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x14d9, &(0x7f0000000480)={0x0, 0x5121, 0x0, 0x3, 0x257}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000080)=@IORING_OP_SYMLINKAT={0x26, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)='./file1\x00'})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa20000000001f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070011000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r11, 0x0, 0x3}, 0x18)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000100)='./bus\x00', &(0x7f0000000400)='efivarfs\x00', 0x280004, &(0x7f0000000300)='&}\\o+\\&{\x00')
sendfile(r1, r2, 0x0, 0x8000fffffffe)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a0b0400000000000000000200000018000480140001800a0001006d61746368000000040002800900020073797a320000000009004a0073797a3000000000140000001100000000000000000000000a"], 0x6c}}, 0x4048010)

125.37797ms ago: executing program 0 (id=254):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
r3 = socket$inet6(0xa, 0x2, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = dup(r3)
bind$unix(r4, &(0x7f00000002c0)=@abs={0xa, 0x2}, 0x6e)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r5=>0xffffffffffffffff})
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8100036c00fc08000000000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b90402000000008000000000150010001400259070f409000d2000000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee05e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5e08001b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6cce50dd6e4edef3d939acd92954b43370e970100"/216, 0xd8}], 0x1}, 0x0)

69.48293ms ago: executing program 1 (id=255):
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x50)
setitimer(0x1, &(0x7f0000000000)={{0x77359400}, {0x20000000000000}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
pipe(&(0x7f00000045c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(r5, &(0x7f0000000240)=[{&(0x7f00000000c0)="3b256c7a40ff8cf30d776a89d5cfc3ce7467bd24", 0x14}], 0x1, 0x0)
r6 = socket$inet(0x2, 0x3, 0x7f)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r6, 0x0, 0x3, 0x0, 0x0)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r4, 0x0, r6, 0x0, 0x8000, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x40000041, 0x4, 0x3, 0x3}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)
symlinkat(0x0, 0xffffffffffffffff, 0x0)

18.93935ms ago: executing program 1 (id=256):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x101}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioprio_get$uid(0x3, 0xffffffffffffffff)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x2000004, 0x10, 0xffffffffffffffff, 0x8000000)
r3 = open$dir(&(0x7f0000000040)='./file2\x00', 0x0, 0x20)
syz_io_uring_submit(r2, 0x0, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x10, 0x0, r3, &(0x7f00000000c0)='./file2\x00', &(0x7f0000000280)='./file2\x00', 0xffffffffffffffff, 0x400})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000c40)=ANY=[@ANYBLOB="9feb0100180000000000000030000000300000000400000002000000000000110300000001000000000000000100000d000000000000000000000000020000000000000c02000000000061"], 0x0, 0x4c, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x65, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r4}, 0x38)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, &(0x7f0000000580), &(0x7f00000005c0)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x115}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000440))
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6e}}, {@user_xattr}, {@lazytime}, {@quota}]}, 0x3, 0x441, &(0x7f0000000440)="$eJzs3MtvG0UYAPBv10lLXyRUpdAHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QXWQaBRBQKgcUSXuiCMSfwEHBBcEnJC4wh1VqlAuLZyM1vYmjmuncepkC/79pI1ndseZ+bw79sxOnAD61kj2I4nYHRG/R8RQPbu6wEj94ebSwtTfSwtTSVSrb/6V1MrdWFqYyovmz9uVZwYi0k+TONSm3srl+fOT5fLMpUZ+bO7Ce2OVy/PPnrsweXbm7MzFiVOnThwff/7kxHM9iTOL68bBD2cPH3j17auvT52++s7P3yR5/C1x9MjIWgefqFZ7XF2x9jSlk4ECG0JXSvVuGoO1/j8UpVg5eUPxyieFNg7YVNVqtbo/4rsOhxerwP9YEkW3AChG/kGfzX/zbetGH8W7/mJ9ApTFfbOx1Y8MRNooM9gyv+2lkYg4vfjPl9kWm3MfAgBgle+z8c8z7cZ/aexvKndvYw1lOCLui4i9EXEyIvZFxP0RtbIPRMSDXdbfukhy6/gnvdb+mdu7rKm9bPz3QmNta/X4Lx/9xXCpkdtTi38wOXOuPHOs8ZocjcHtWX58jTp+ePm3zzsdax7/ZVtWf/a4sjqUXhtoCXV6cm7yjoJucv3jiIMD7eJPllcCkog4EBEHN1jHuae+PtzpWKf41/WLe7DOVP0q4sn6+V+Mlvhzydrrk2P3RHnm2Fh+Vdzql1+vvNGp/juKvwey87+z7fW/HP9w0rxeW+m+jit/fNZxTnP7+Ntf/9uSt1bt+2Bybu7SeMS25LV6o5v3T7SUm1gpn8V/9Ej7/r83Vl6JQxGRXcQPRcTDEfFIo+2PRsRjEXFkjfh/eunxdzce/+bK4p/u6vyvJLZF6572idL5H79dVelwN/Fn5/9ELXW0sWc973/radfGrmYAAAD470kjYnck6ehyOk1HR+t/w78vdqbl2crc02dm3784Xf+OwHAMpvmdrqGm+6HjjWl9np9oyR9v3Df+orSjlh+dmi1PFx089LldHfp/5s9S0a0DNp3va0H/0v+hf+n/0L/0f+hfbfr/jiLaAWy9dp//HxXQDmDrtfR/y37QR8z/oX/p/9C/9H/oS5UdcfsvyUsUncj/GcPd0p7K5flI74pmSGxSouA3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB75NwAA//9wCOUr")

0s ago: executing program 3 (id=257):
r0 = gettid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
read$qrtrtun(r5, 0x0, 0xeffd)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
sync_file_range(r6, 0x2, 0x8, 0xb)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
setsockopt$CAN_RAW_FD_FRAMES(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000080), 0x4)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000400)={@local, @remote, 0x1, 0x6, [@local, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @broadcast, @dev={0xac, 0x14, 0x14, 0x14}, @rand_addr=0x64010102]}, 0x28)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.86' (ED25519) to the list of known hosts.
[   35.530851][   T29] audit: type=1400 audit(1762811906.041:62): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   35.553922][   T29] audit: type=1400 audit(1762811906.061:63): avc:  denied  { mount } for  pid=3303 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   35.554916][ T3303] cgroup: Unknown subsys name 'net'
[   35.581714][   T29] audit: type=1400 audit(1762811906.091:64): avc:  denied  { unmount } for  pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   35.756944][ T3303] cgroup: Unknown subsys name 'cpuset'
[   35.763420][ T3303] cgroup: Unknown subsys name 'rlimit'
[   35.894572][   T29] audit: type=1400 audit(1762811906.401:65): avc:  denied  { setattr } for  pid=3303 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   35.917999][   T29] audit: type=1400 audit(1762811906.401:66): avc:  denied  { create } for  pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   35.938564][   T29] audit: type=1400 audit(1762811906.401:67): avc:  denied  { write } for  pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   35.959247][   T29] audit: type=1400 audit(1762811906.401:68): avc:  denied  { read } for  pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   35.970579][ T3306] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   35.979566][   T29] audit: type=1400 audit(1762811906.401:69): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   36.012936][   T29] audit: type=1400 audit(1762811906.401:70): avc:  denied  { mount } for  pid=3303 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   36.036413][   T29] audit: type=1400 audit(1762811906.501:71): avc:  denied  { relabelto } for  pid=3306 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   36.073361][ T3303] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   38.024798][ T3314] chnl_net:caif_netlink_parms(): no params data found
[   38.057211][ T3317] chnl_net:caif_netlink_parms(): no params data found
[   38.075646][ T3322] chnl_net:caif_netlink_parms(): no params data found
[   38.124450][ T3320] chnl_net:caif_netlink_parms(): no params data found
[   38.155106][ T3313] chnl_net:caif_netlink_parms(): no params data found
[   38.189613][ T3314] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.196714][ T3314] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.204051][ T3314] bridge_slave_0: entered allmulticast mode
[   38.210712][ T3314] bridge_slave_0: entered promiscuous mode
[   38.234366][ T3314] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.241540][ T3314] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.248863][ T3314] bridge_slave_1: entered allmulticast mode
[   38.255426][ T3314] bridge_slave_1: entered promiscuous mode
[   38.286837][ T3322] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.293959][ T3322] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.301166][ T3322] bridge_slave_0: entered allmulticast mode
[   38.307592][ T3322] bridge_slave_0: entered promiscuous mode
[   38.321983][ T3317] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.329135][ T3317] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.336615][ T3317] bridge_slave_0: entered allmulticast mode
[   38.343070][ T3317] bridge_slave_0: entered promiscuous mode
[   38.354469][ T3322] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.361602][ T3322] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.368865][ T3322] bridge_slave_1: entered allmulticast mode
[   38.375219][ T3322] bridge_slave_1: entered promiscuous mode
[   38.393275][ T3317] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.400425][ T3317] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.407704][ T3317] bridge_slave_1: entered allmulticast mode
[   38.414109][ T3317] bridge_slave_1: entered promiscuous mode
[   38.421660][ T3314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.437631][ T3320] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.444697][ T3320] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.451852][ T3320] bridge_slave_0: entered allmulticast mode
[   38.458480][ T3320] bridge_slave_0: entered promiscuous mode
[   38.465985][ T3314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.486794][ T3322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.505623][ T3320] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.512752][ T3320] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.519905][ T3320] bridge_slave_1: entered allmulticast mode
[   38.526358][ T3320] bridge_slave_1: entered promiscuous mode
[   38.543239][ T3322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.552395][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.559665][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.566988][ T3313] bridge_slave_0: entered allmulticast mode
[   38.573460][ T3313] bridge_slave_0: entered promiscuous mode
[   38.580197][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.587326][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.594462][ T3313] bridge_slave_1: entered allmulticast mode
[   38.601090][ T3313] bridge_slave_1: entered promiscuous mode
[   38.613024][ T3314] team0: Port device team_slave_0 added
[   38.620170][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.629999][ T3314] team0: Port device team_slave_1 added
[   38.652264][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.676467][ T3320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.695973][ T3322] team0: Port device team_slave_0 added
[   38.703121][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.713420][ T3320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.723573][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.738489][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.745447][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   38.771389][ T3314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.782862][ T3322] team0: Port device team_slave_1 added
[   38.799364][ T3317] team0: Port device team_slave_0 added
[   38.811065][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.818032][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   38.844021][ T3314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.865075][ T3317] team0: Port device team_slave_1 added
[   38.871766][ T3313] team0: Port device team_slave_0 added
[   38.880634][ T3313] team0: Port device team_slave_1 added
[   38.892236][ T3320] team0: Port device team_slave_0 added
[   38.913240][ T3322] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.920362][ T3322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   38.946301][ T3322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.957685][ T3320] team0: Port device team_slave_1 added
[   38.969639][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.976682][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   39.002794][ T3317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.014072][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.021058][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   39.047014][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.058005][ T3322] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.064955][ T3322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   39.091012][ T3322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.112933][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.120004][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   39.146074][ T3317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.162990][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.169974][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   39.195938][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.225995][ T3314] hsr_slave_0: entered promiscuous mode
[   39.232062][ T3314] hsr_slave_1: entered promiscuous mode
[   39.240423][ T3320] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.247494][ T3320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   39.273428][ T3320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.302442][ T3313] hsr_slave_0: entered promiscuous mode
[   39.308509][ T3313] hsr_slave_1: entered promiscuous mode
[   39.314418][ T3313] debugfs: 'hsr0' already exists in 'hsr'
[   39.320181][ T3313] Cannot create hsr debugfs directory
[   39.325913][ T3320] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.332994][ T3320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   39.358917][ T3320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.397100][ T3322] hsr_slave_0: entered promiscuous mode
[   39.403276][ T3322] hsr_slave_1: entered promiscuous mode
[   39.409380][ T3322] debugfs: 'hsr0' already exists in 'hsr'
[   39.415106][ T3322] Cannot create hsr debugfs directory
[   39.452008][ T3320] hsr_slave_0: entered promiscuous mode
[   39.458139][ T3320] hsr_slave_1: entered promiscuous mode
[   39.464148][ T3320] debugfs: 'hsr0' already exists in 'hsr'
[   39.470015][ T3320] Cannot create hsr debugfs directory
[   39.477951][ T3317] hsr_slave_0: entered promiscuous mode
[   39.484087][ T3317] hsr_slave_1: entered promiscuous mode
[   39.489948][ T3317] debugfs: 'hsr0' already exists in 'hsr'
[   39.495798][ T3317] Cannot create hsr debugfs directory
[   39.681630][ T3314] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   39.698186][ T3314] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   39.713076][ T3314] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   39.721903][ T3314] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   39.742701][ T3313] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   39.751540][ T3313] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   39.761711][ T3313] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   39.770571][ T3313] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   39.807445][ T3320] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   39.824538][ T3320] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   39.834932][ T3320] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   39.848727][ T3320] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   39.883979][ T3322] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   39.893794][ T3322] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   39.902818][ T3322] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   39.911696][ T3322] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   39.925543][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0
[   39.956923][ T3314] 8021q: adding VLAN 0 to HW filter on device team0
[   39.979441][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.986541][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.006689][ T3317] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   40.018016][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.027528][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.036083][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.043181][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.051357][ T3317] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   40.060273][ T3317] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   40.073635][ T3317] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   40.097151][ T3320] 8021q: adding VLAN 0 to HW filter on device team0
[   40.111630][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.118900][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.130617][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   40.151960][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.159095][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.183243][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.190347][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.199778][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.207302][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.251682][ T3322] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.266888][ T3322] 8021q: adding VLAN 0 to HW filter on device team0
[   40.281911][ T3320] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.299269][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.306462][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.345756][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.352914][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.389953][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.411099][ T3317] 8021q: adding VLAN 0 to HW filter on device team0
[   40.421941][ T3314] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.445535][ T1606] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.452639][ T1606] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.470883][ T3322] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   40.481390][ T3322] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.500236][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.510635][ T1606] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.517751][ T1606] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.536599][ T3320] veth0_vlan: entered promiscuous mode
[   40.559884][ T3317] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   40.570428][ T3317] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.603165][ T3320] veth1_vlan: entered promiscuous mode
[   40.651635][ T3322] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.671926][ T3320] veth0_macvtap: entered promiscuous mode
[   40.695376][ T3314] veth0_vlan: entered promiscuous mode
[   40.716116][ T3320] veth1_macvtap: entered promiscuous mode
[   40.724648][ T3314] veth1_vlan: entered promiscuous mode
[   40.749693][ T3320] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.765796][ T3317] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.774628][ T3313] veth0_vlan: entered promiscuous mode
[   40.791769][ T3320] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.800384][ T3313] veth1_vlan: entered promiscuous mode
[   40.813378][ T3314] veth0_macvtap: entered promiscuous mode
[   40.822538][ T1606] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.836025][ T1606] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.845089][ T3314] veth1_macvtap: entered promiscuous mode
[   40.859349][ T1606] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.873295][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.885301][ T3313] veth0_macvtap: entered promiscuous mode
[   40.899373][ T1606] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.914886][ T3313] veth1_macvtap: entered promiscuous mode
[   40.922794][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.941227][ T3322] veth0_vlan: entered promiscuous mode
[   40.957490][ T3317] veth0_vlan: entered promiscuous mode
[   40.964725][ T3322] veth1_vlan: entered promiscuous mode
[   40.972814][   T31] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.982983][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.992208][ T3317] veth1_vlan: entered promiscuous mode
[   40.998389][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   40.998401][   T29] audit: type=1400 audit(1762811911.501:81): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/root/syzkaller.UgT9Km/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   41.014782][ T3317] veth0_macvtap: entered promiscuous mode
[   41.028815][   T29] audit: type=1400 audit(1762811911.501:82): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   41.038439][ T3317] veth1_macvtap: entered promiscuous mode
[   41.056450][   T29] audit: type=1400 audit(1762811911.501:83): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/root/syzkaller.UgT9Km/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   41.068431][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.087243][   T29] audit: type=1400 audit(1762811911.501:84): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   41.108060][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.116227][   T29] audit: type=1400 audit(1762811911.501:85): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/root/syzkaller.UgT9Km/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   41.137692][ T3322] veth0_macvtap: entered promiscuous mode
[   41.149988][   T29] audit: type=1400 audit(1762811911.501:86): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/root/syzkaller.UgT9Km/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=4739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   41.157127][   T31] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.183077][   T29] audit: type=1400 audit(1762811911.511:87): avc:  denied  { unmount } for  pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   41.201684][   T29] audit: type=1400 audit(1762811911.701:88): avc:  denied  { mounton } for  pid=3320 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   41.223520][   T31] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.234092][   T29] audit: type=1400 audit(1762811911.701:89): avc:  denied  { mount } for  pid=3320 comm="syz-executor" name="/" dev="gadgetfs" ino=3786 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   41.268745][ T3320] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   41.281203][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.296428][   T29] audit: type=1400 audit(1762811911.801:90): avc:  denied  { read write } for  pid=3320 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   41.337194][ T3483] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3483 comm=syz.2.3
[   41.339933][   T31] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.376031][ T3322] veth1_macvtap: entered promiscuous mode
[   41.388066][ T3483] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=3483 comm=syz.2.3
[   41.389933][   T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.415979][ T3483] capability: warning: `syz.2.3' uses deprecated v2 capabilities in a way that may be insecure
[   41.421324][ T3322] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.452484][ T3322] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.462931][   T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.498148][   T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.516789][   T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.528541][   T52] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.562252][   T52] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.575518][   T52] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.584666][ T3493] loop4: detected capacity change from 0 to 512
[   41.585117][   T52] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.605484][   T52] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.614989][   T52] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.645640][ T3493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.681685][   T52] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.690572][   T52] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.700112][ T3493] ext4 filesystem being mounted at /0/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.713099][ T3507] loop1: detected capacity change from 0 to 512
[   41.713931][ T3501] loop0: detected capacity change from 0 to 512
[   41.743078][ T3507] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   41.756269][ T3507] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   41.788735][ T3507] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   41.803402][ T3507] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   41.818230][ T3507] EXT4-fs (loop1): 1 truncate cleaned up
[   41.824368][ T3507] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.836154][    C0] hrtimer: interrupt took 68899 ns
[   41.848128][ T3512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9'.
[   41.874831][ T3493] netlink: 'syz.4.5': attribute type 4 has an invalid length.
[   41.948019][ T3516] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3516 comm=syz.0.10
[   41.969439][ T3493] syz.4.5 (3493) used greatest stack depth: 10536 bytes left
[   41.981916][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.048878][ T3516] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=3516 comm=syz.0.10
[   42.061490][ T3527] loop4: detected capacity change from 0 to 1024
[   42.081982][ T3527] EXT4-fs: Ignoring removed orlov option
[   42.103566][ T3527] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.118217][ T3531] loop0: detected capacity change from 0 to 1024
[   42.134286][ T3531] EXT4-fs: Ignoring removed orlov option
[   42.148316][ T3531] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.268676][ T3541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.19'.
[   42.288381][ T3541] team0 (unregistering): Port device team_slave_0 removed
[   42.299122][ T3541] team0 (unregistering): Port device team_slave_1 removed
[   42.425998][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.514519][ T3548] loop1: detected capacity change from 0 to 1024
[   42.536895][ T3548] =======================================================
[   42.536895][ T3548] WARNING: The mand mount option has been deprecated and
[   42.536895][ T3548]          and is ignored by this kernel. Remove the mand
[   42.536895][ T3548]          option from the mount to silence this warning.
[   42.536895][ T3548] =======================================================
[   42.587516][ T3548] EXT4-fs: inline encryption not supported
[   42.610627][ T3548] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.635664][ T3548] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.20: Allocating blocks 497-513 which overlap fs metadata
[   42.658981][ T3548] EXT4-fs (loop1): pa ffff888100738150: logic 16, phys. 145, len 23
[   42.667081][ T3548] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   42.678154][ T3548] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   42.690659][ T3548] EXT4-fs (loop1): This should not happen!! Data will be lost
[   42.690659][ T3548] 
[   42.700556][ T3548] EXT4-fs (loop1): Total free blocks count 0
[   42.706697][ T3548] EXT4-fs (loop1): Free/Dirty block details
[   42.712635][ T3548] EXT4-fs (loop1): free_blocks=16
[   42.717791][ T3548] EXT4-fs (loop1): dirty_blocks=0
[   42.722838][ T3548] EXT4-fs (loop1): Block reservation details
[   42.728852][ T3548] EXT4-fs (loop1): i_reserved_data_blocks=0
[   42.748347][ T3548] syz.1.20 (3548) used greatest stack depth: 9880 bytes left
[   42.773062][ T3553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.21'.
[   42.880590][ T3559] loop1: detected capacity change from 0 to 512
[   42.888507][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.956991][ T3562] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   42.970260][ T3565] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3565 comm=syz.1.26
[   42.983638][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.004704][ T3565] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=3565 comm=syz.1.26
[   43.006947][ T3563] loop3: detected capacity change from 0 to 512
[   43.099532][ T3563] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   43.170978][ T3563] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   43.212703][ T3578] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[   43.219261][ T3578] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   43.227549][ T3578] vhci_hcd vhci_hcd.0: Device attached
[   43.250888][ T3563] EXT4-fs (loop3): 1 truncate cleaned up
[   43.257673][ T3563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.270401][ T3578] vhci_hcd vhci_hcd.0: port 0 already used
[   43.496546][ T3417] usb 2-1: SetAddress Request (2) to port 0
[   43.502608][ T3417] usb 2-1: new SuperSpeed USB device number 2 using vhci_hcd
[   43.597262][ T3581] vhci_hcd: connection reset by peer
[   43.602720][   T12] vhci_hcd: stop threads
[   43.607115][   T12] vhci_hcd: release socket
[   43.611620][   T12] vhci_hcd: disconnect device
[   43.733863][ T3613] loop4: detected capacity change from 0 to 1024
[   43.753289][ T3613] EXT4-fs: inline encryption not supported
[   43.753519][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.779877][ T3613] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.823482][ T3613] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.34: Allocating blocks 497-513 which overlap fs metadata
[   43.840844][ T3613] EXT4-fs (loop4): pa ffff888106bd41c0: logic 16, phys. 145, len 23
[   43.849005][ T3613] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   43.859892][ T3613] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   43.872359][ T3613] EXT4-fs (loop4): This should not happen!! Data will be lost
[   43.872359][ T3613] 
[   43.882179][ T3613] EXT4-fs (loop4): Total free blocks count 0
[   43.888295][ T3613] EXT4-fs (loop4): Free/Dirty block details
[   43.894278][ T3613] EXT4-fs (loop4): free_blocks=16
[   43.899450][ T3613] EXT4-fs (loop4): dirty_blocks=0
[   43.904490][ T3613] EXT4-fs (loop4): Block reservation details
[   43.910548][ T3613] EXT4-fs (loop4): i_reserved_data_blocks=0
[   44.078681][ T3644] netlink: 8 bytes leftover after parsing attributes in process `syz.4.42'.
[   44.087634][ T3646] loop2: detected capacity change from 0 to 1024
[   44.096709][ T3646] EXT4-fs: inline encryption not supported
[   44.107704][ T3646] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.209366][ T3646] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.43: Allocating blocks 497-513 which overlap fs metadata
[   44.249025][ T3646] EXT4-fs (loop2): pa ffff8881007380e0: logic 16, phys. 145, len 23
[   44.257127][ T3646] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   44.313208][ T3646] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   44.325519][ T3646] EXT4-fs (loop2): This should not happen!! Data will be lost
[   44.325519][ T3646] 
[   44.335235][ T3646] EXT4-fs (loop2): Total free blocks count 0
[   44.341307][ T3646] EXT4-fs (loop2): Free/Dirty block details
[   44.347271][ T3646] EXT4-fs (loop2): free_blocks=16
[   44.352584][ T3646] EXT4-fs (loop2): dirty_blocks=0
[   44.357751][ T3646] EXT4-fs (loop2): Block reservation details
[   44.363762][ T3646] EXT4-fs (loop2): i_reserved_data_blocks=0
[   44.630383][ T3671] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   44.761756][ T3676] loop3: detected capacity change from 0 to 1024
[   44.772916][ T3676] EXT4-fs: inline encryption not supported
[   44.788075][ T3676] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.822592][ T3676] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.56: Allocating blocks 497-513 which overlap fs metadata
[   44.858810][ T3676] EXT4-fs (loop3): pa ffff8881007381c0: logic 16, phys. 145, len 23
[   44.866969][ T3676] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   44.880436][ T3676] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   44.892698][ T3676] EXT4-fs (loop3): This should not happen!! Data will be lost
[   44.892698][ T3676] 
[   44.902403][ T3676] EXT4-fs (loop3): Total free blocks count 0
[   44.908453][ T3676] EXT4-fs (loop3): Free/Dirty block details
[   44.914438][ T3676] EXT4-fs (loop3): free_blocks=16
[   44.919551][ T3676] EXT4-fs (loop3): dirty_blocks=0
[   44.924694][ T3676] EXT4-fs (loop3): Block reservation details
[   44.930752][ T3676] EXT4-fs (loop3): i_reserved_data_blocks=0
[   45.031764][ T3697] loop4: detected capacity change from 0 to 1024
[   45.048580][ T3697] EXT4-fs: Ignoring removed orlov option
[   45.068776][ T3697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.085161][ T3694] sd 0:0:1:0: device reset
[   45.108381][ T3705] loop1: detected capacity change from 0 to 1024
[   45.121515][ T3705] EXT4-fs: Ignoring removed orlov option
[   45.153328][ T3705] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.170985][ T3715] sd 0:0:1:0: device reset
[   45.199878][ T3697] netlink: 172 bytes leftover after parsing attributes in process `syz.4.58'.
[   45.311834][ T3728] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3728 comm=syz.3.64
[   45.374191][ T3730] netlink: 172 bytes leftover after parsing attributes in process `syz.1.59'.
[   45.439822][ T3731] loop0: detected capacity change from 0 to 512
[   45.466068][ T3728] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3728 comm=syz.3.64
[   45.493087][ T3731] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   45.567410][ T3731] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   45.582514][ T3731] EXT4-fs (loop0): 1 truncate cleaned up
[   45.589209][ T3731] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.857907][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.911609][ T3795] process 'syz.4.68' launched '/dev/fd/7' with NULL argv: empty string added
[   45.928652][ T3795] atomic_op ffff88811a41ad28 conn xmit_atomic 0000000000000000
[   45.949616][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.010797][ T3808] loop4: detected capacity change from 0 to 2048
[   46.028457][ T3808] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.031197][ T3813] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   46.087603][   T29] kauditd_printk_skb: 772 callbacks suppressed
[   46.087621][   T29] audit: type=1326 audit(1762811916.601:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3721 comm="syz.0.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb923d2f6c9 code=0x7ffc0000
[   46.152651][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.289566][ T3833] loop0: detected capacity change from 0 to 512
[   46.311236][ T3833] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.334534][   T29] audit: type=1326 audit(1762811916.841:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.344264][ T3833] ext4 filesystem being mounted at /11/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.414402][   T29] audit: type=1326 audit(1762811916.871:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.437802][   T29] audit: type=1326 audit(1762811916.871:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.461243][   T29] audit: type=1326 audit(1762811916.871:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.484655][   T29] audit: type=1326 audit(1762811916.871:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.508304][   T29] audit: type=1326 audit(1762811916.871:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.531564][   T29] audit: type=1326 audit(1762811916.871:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.555725][   T29] audit: type=1326 audit(1762811916.871:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.579076][   T29] audit: type=1326 audit(1762811916.871:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3810 comm="syz.1.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   46.604119][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.688061][ T3861] loop0: detected capacity change from 0 to 512
[   46.745821][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.783037][ T3872] sd 0:0:1:0: device reset
[   46.898444][ T3877] sd 0:0:1:0: device reset
[   46.985444][ T3900] loop1: detected capacity change from 0 to 1024
[   47.005563][ T3900] EXT4-fs: inline encryption not supported
[   47.012536][ T3907] netlink: 8 bytes leftover after parsing attributes in process `syz.4.79'.
[   47.034300][ T3900] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.051709][ T3910] atomic_op ffff888119ef3128 conn xmit_atomic 0000000000000000
[   47.075137][ T3900] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.78: Allocating blocks 497-513 which overlap fs metadata
[   47.094424][ T3920] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   47.123667][ T3922] loop0: detected capacity change from 0 to 2048
[   47.155455][ T3922] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.540923][ T3898] EXT4-fs (loop1): pa ffff888100738230: logic 16, phys. 145, len 23
[   47.549226][ T3898] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   47.582670][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.628200][ T3990] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3990 comm=syz.1.83
[   47.663830][ T3990] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=3990 comm=syz.1.83
[   47.708593][ T3996] loop1: detected capacity change from 0 to 1024
[   47.716533][ T3996] EXT4-fs: Ignoring removed orlov option
[   47.726494][ T3996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.868104][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.905939][ T4002] netlink: 172 bytes leftover after parsing attributes in process `syz.1.84'.
[   47.926450][ T4001] loop0: detected capacity change from 0 to 128
[   47.933908][ T4001] vfat: Unknown parameter 'ÿ'
[   48.100985][ T4006] netlink: 8 bytes leftover after parsing attributes in process `syz.3.86'.
[   48.211402][ T4012] sd 0:0:1:0: device reset
[   48.246031][ T4017] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   48.265154][ T4018] loop2: detected capacity change from 0 to 512
[   48.273278][ T4018] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   48.301339][ T4018] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   48.321760][ T4018] EXT4-fs (loop2): 1 truncate cleaned up
[   48.335436][ T4018] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.546501][ T3417] usb 2-1: device descriptor read/8, error -110
[   48.564603][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.623077][ T4058] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   48.656357][ T3417] usb 2-1: new SuperSpeed USB device number 2 using vhci_hcd
[   48.678782][ T3417] usb 2-1: enqueue for inactive port 0
[   48.703760][ T3417] usb 2-1: enqueue for inactive port 0
[   48.722248][ T3417] usb 2-1: enqueue for inactive port 0
[   48.790621][ T4069] loop3: detected capacity change from 0 to 128
[   48.815191][ T4069] vfat: Unknown parameter 'ÿ'
[   49.046625][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.094167][ T4113] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4113 comm=syz.2.97
[   49.167313][ T4113] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=4113 comm=syz.2.97
[   49.407210][ T4160] netlink: 8 bytes leftover after parsing attributes in process `syz.1.99'.
[   49.743520][ T4207] sd 0:0:1:0: device reset
[   49.756482][ T3417] usb usb2-port1: attempt power cycle
[   49.805381][ T4222] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   49.821257][ T4225] sd 0:0:1:0: device reset
[   49.867318][ T4232] loop0: detected capacity change from 0 to 512
[   49.888179][ T4232] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.908093][ T4232] ext4 filesystem being mounted at /20/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.966588][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.008442][ T4238] netlink: 4 bytes leftover after parsing attributes in process `syz.2.108'.
[   50.032839][ T4246] loop0: detected capacity change from 0 to 1024
[   50.051937][ T4246] EXT4-fs: inline encryption not supported
[   50.088485][ T4246] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.101860][ T4250] loop2: detected capacity change from 0 to 128
[   50.109384][ T4250] vfat: Unknown parameter 'ÿ'
[   50.162835][ T4246] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.109: Allocating blocks 497-513 which overlap fs metadata
[   50.189084][ T4244] EXT4-fs (loop0): pa ffff888100738310: logic 16, phys. 145, len 23
[   50.197157][ T4244] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   50.244875][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.301624][ T4273] netlink: 8 bytes leftover after parsing attributes in process `syz.0.111'.
[   50.468186][ T4292] sd 0:0:1:0: device reset
[   50.569235][ T4298] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4298 comm=syz.1.118
[   50.582489][ T4298] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=4298 comm=syz.1.118
[   50.608644][ T4300] sd 0:0:1:0: device reset
[   50.715701][ T4315] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   50.940514][ T4341] netlink: 4 bytes leftover after parsing attributes in process `syz.4.125'.
[   50.971843][ T4341] team0 (unregistering): Port device team_slave_0 removed
[   50.996544][ T4341] team0 (unregistering): Port device team_slave_1 removed
[   51.157030][   T29] kauditd_printk_skb: 3625 callbacks suppressed
[   51.157087][   T29] audit: type=1326 audit(1762812434.668:4498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4313 comm="syz.1.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000
[   51.305576][ T4385] loop4: detected capacity change from 0 to 1024
[   51.326100][ T4385] EXT4-fs: Ignoring removed orlov option
[   51.344656][ T4390] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[   51.351210][ T4390] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   51.359426][ T4390] vhci_hcd vhci_hcd.0: Device attached
[   51.376753][ T4385] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.396600][ T4390] vhci_hcd vhci_hcd.0: port 0 already used
[   51.426461][ T3417] usb 2-1: SetAddress Request (5) to port 0
[   51.445790][ T3417] usb 2-1: new SuperSpeed USB device number 5 using vhci_hcd
[   51.583737][ T4422] netlink: 172 bytes leftover after parsing attributes in process `syz.4.128'.
[   51.688320][ T4395] vhci_hcd: connection reset by peer
[   51.696478][   T52] vhci_hcd: stop threads
[   51.700788][   T52] vhci_hcd: release socket
[   51.705223][   T52] vhci_hcd: disconnect device
[   51.841730][   T29] audit: type=1326 audit(1762812435.348:4499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   51.865147][   T29] audit: type=1326 audit(1762812435.348:4500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   51.888624][   T29] audit: type=1326 audit(1762812435.348:4501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   51.912088][   T29] audit: type=1326 audit(1762812435.348:4502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   51.935567][   T29] audit: type=1326 audit(1762812435.348:4503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   51.958979][   T29] audit: type=1326 audit(1762812435.348:4504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   51.960952][ T4437] loop2: detected capacity change from 0 to 512
[   51.982330][   T29] audit: type=1326 audit(1762812435.348:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   51.982369][   T29] audit: type=1326 audit(1762812435.348:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   52.035318][   T29] audit: type=1326 audit(1762812435.348:4507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4434 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef792df6c9 code=0x7ffc0000
[   52.078812][ T4437] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   52.091286][ T4437] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   52.108272][ T4437] EXT4-fs (loop2): 1 truncate cleaned up
[   52.114970][ T4437] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.174156][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.431034][ T4482] loop0: detected capacity change from 0 to 128
[   52.441599][ T4482] vfat: Unknown parameter 'ÿ'
[   52.725339][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.750131][ T4511] loop2: detected capacity change from 0 to 1024
[   52.757246][ T4511] EXT4-fs: inline encryption not supported
[   52.768686][ T4511] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.784714][ T4511] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.135: Allocating blocks 497-513 which overlap fs metadata
[   52.802956][ T4511] EXT4-fs (loop2): pa ffff8881007382a0: logic 16, phys. 145, len 23
[   52.810995][ T4511] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   52.821544][ T4511] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   52.833876][ T4511] EXT4-fs (loop2): This should not happen!! Data will be lost
[   52.833876][ T4511] 
[   52.843608][ T4511] EXT4-fs (loop2): Total free blocks count 0
[   52.849649][ T4511] EXT4-fs (loop2): Free/Dirty block details
[   52.855553][ T4511] EXT4-fs (loop2): free_blocks=16
[   52.860646][ T4511] EXT4-fs (loop2): dirty_blocks=0
[   52.865680][ T4511] EXT4-fs (loop2): Block reservation details
[   52.871694][ T4511] EXT4-fs (loop2): i_reserved_data_blocks=0
[   53.113358][ T4530] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4530 comm=syz.1.140
[   53.185153][ T4530] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=4530 comm=syz.1.140
[   53.251826][ T4550] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4550 comm=syz.1.142
[   53.298302][ T4550] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=4550 comm=syz.1.142
[   53.312910][ T4560] sd 0:0:1:0: device reset
[   53.498063][ T4587] loop0: detected capacity change from 0 to 1024
[   53.506583][ T4587] EXT4-fs: inline encryption not supported
[   53.527921][ T4587] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.544797][ T4587] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.147: Allocating blocks 497-513 which overlap fs metadata
[   53.565176][ T4587] EXT4-fs (loop0): pa ffff8881007382a0: logic 16, phys. 145, len 23
[   53.573479][ T4587] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   53.584709][ T4587] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   53.600641][ T4587] EXT4-fs (loop0): This should not happen!! Data will be lost
[   53.600641][ T4587] 
[   53.611486][ T4587] EXT4-fs (loop0): Total free blocks count 0
[   53.617713][ T4587] EXT4-fs (loop0): Free/Dirty block details
[   53.623776][ T4587] EXT4-fs (loop0): free_blocks=16
[   53.629031][ T4587] EXT4-fs (loop0): dirty_blocks=0
[   53.634096][ T4587] EXT4-fs (loop0): Block reservation details
[   53.640146][ T4587] EXT4-fs (loop0): i_reserved_data_blocks=0
[   53.729179][ T4608] sd 0:0:1:0: device reset
[   53.940366][ T4632] netlink: 4 bytes leftover after parsing attributes in process `syz.0.149'.
[   53.957670][ T4632] team0 (unregistering): Port device team_slave_0 removed
[   53.978324][ T4632] team0 (unregistering): Port device team_slave_1 removed
[   54.102798][ T4658] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4658 comm=syz.0.152
[   54.133636][ T4661] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4661 comm=syz.1.153
[   54.148035][ T4658] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4658 comm=syz.0.152
[   54.184133][ T4661] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=4661 comm=syz.1.153
[   54.268606][ T4681] loop0: detected capacity change from 0 to 128
[   54.277692][ T4681] vfat: Unknown parameter 'ÿ'
[   54.879016][ T4708] loop4: detected capacity change from 0 to 512
[   54.899602][ T4708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.912986][ T4708] ext4 filesystem being mounted at /29/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.958459][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.046369][ T4719] loop4: detected capacity change from 0 to 512
[   55.129824][ T4725] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4725 comm=syz.1.164
[   55.188692][ T4730] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4730 comm=syz.3.165
[   55.272215][ T4740] loop3: detected capacity change from 0 to 512
[   55.300944][ T4743] netlink: 4 bytes leftover after parsing attributes in process `syz.0.170'.
[   55.309150][ T4740] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.323017][ T4740] ext4 filesystem being mounted at /33/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.358237][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.378618][ T4752] loop0: detected capacity change from 0 to 512
[   55.526653][ T4775] sd 0:0:1:0: device reset
[   55.864415][ T4825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.181'.
[   55.910026][ T4832] loop0: detected capacity change from 0 to 512
[   55.939992][ T4832] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.954263][ T4832] ext4 filesystem being mounted at /49/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.000270][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.344693][   T29] kauditd_printk_skb: 1875 callbacks suppressed
[   56.344712][   T29] audit: type=1326 audit(1762814491.847:6383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.395812][   T29] audit: type=1326 audit(1762814491.847:6384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.419520][   T29] audit: type=1326 audit(1762814491.847:6385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.442878][   T29] audit: type=1326 audit(1762814491.847:6386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.466291][   T29] audit: type=1326 audit(1762814491.847:6387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.489692][   T29] audit: type=1326 audit(1762814491.847:6388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.513062][   T29] audit: type=1326 audit(1762814491.847:6389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.536496][   T29] audit: type=1326 audit(1762814491.847:6390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.559868][   T29] audit: type=1326 audit(1762814491.847:6391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.566282][ T3417] usb 2-1: device descriptor read/8, error -110
[   56.583275][   T29] audit: type=1326 audit(1762814491.847:6392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4893 comm="syz.3.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91c4ff6c9 code=0x7ffc0000
[   56.730924][ T3417] usb 2-1: new SuperSpeed USB device number 5 using vhci_hcd
[   56.756328][ T3417] usb 2-1: enqueue for inactive port 0
[   56.761854][ T3417] usb 2-1: enqueue for inactive port 0
[   56.770730][ T3417] usb 2-1: enqueue for inactive port 0
[   56.814120][ T4917] loop1: detected capacity change from 0 to 1024
[   56.831064][ T4917] EXT4-fs: inline encryption not supported
[   56.841300][ T4920] loop2: detected capacity change from 0 to 512
[   56.865136][ T4917] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.901565][ T4920] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.936536][ T4920] ext4 filesystem being mounted at /27/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.955453][ T4920] netlink: 'syz.2.196': attribute type 4 has an invalid length.
[   56.956423][ T4938] atomic_op ffff88811aa6b528 conn xmit_atomic 0000000000000000
[   57.012728][ T4943] netlink: 'syz.2.196': attribute type 4 has an invalid length.
[   57.042444][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.087800][ T4938] loop0: detected capacity change from 0 to 2048
[   57.125400][ T4938] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.222808][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.239436][ T4964] netlink: 4 bytes leftover after parsing attributes in process `syz.3.203'.
[   57.276068][ T4964] team0 (unregistering): Port device team_slave_0 removed
[   57.338234][ T4964] team0 (unregistering): Port device team_slave_1 removed
[   57.490511][ T4995] atomic_op ffff88811aa6b928 conn xmit_atomic 0000000000000000
[   57.511120][ T4999] loop2: detected capacity change from 0 to 128
[   57.522055][ T4999] vfat: Unknown parameter 'ÿ'
[   57.570567][ T5003] loop3: detected capacity change from 0 to 2048
[   57.599634][ T5003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.750910][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.095842][ T5061] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   58.107761][ T5060] sd 0:0:1:0: device reset
[   58.258276][ T5077] loop0: detected capacity change from 0 to 1024
[   58.272865][ T5077] EXT4-fs: inline encryption not supported
[   58.291719][ T5077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.339470][ T5087] selinux_netlink_send: 6 callbacks suppressed
[   58.339566][ T5087] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5087 comm=syz.2.217
[   58.361408][ T5077] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.215: Allocating blocks 497-513 which overlap fs metadata
[   58.388935][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.413522][ T5094] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=5094 comm=syz.2.217
[   58.482196][ T5101] netlink: 172 bytes leftover after parsing attributes in process `syz.3.218'.
[   58.501617][ T5100] EXT4-fs (loop0): pa ffff888106bd4230: logic 16, phys. 145, len 23
[   58.509901][ T5100] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   58.546404][ T5100] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   58.558799][ T5100] EXT4-fs (loop0): This should not happen!! Data will be lost
[   58.558799][ T5100] 
[   58.568611][ T5100] EXT4-fs (loop0): Total free blocks count 0
[   58.574626][ T5100] EXT4-fs (loop0): Free/Dirty block details
[   58.580610][ T5100] EXT4-fs (loop0): free_blocks=16
[   58.585897][ T5100] EXT4-fs (loop0): dirty_blocks=0
[   58.591102][ T5100] EXT4-fs (loop0): Block reservation details
[   58.597230][ T5100] EXT4-fs (loop0): i_reserved_data_blocks=0
[   58.621753][ T5117] netlink: 4 bytes leftover after parsing attributes in process `syz.2.219'.
[   58.665442][ T5122] loop1: detected capacity change from 0 to 512
[   58.994849][ T5169] Zero length message leads to an empty skb
[   59.054546][ T5173] loop0: detected capacity change from 0 to 512
[   59.070041][ T5173] ext4 filesystem being mounted at /58/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.123971][ T5180] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5180 comm=syz.0.229
[   59.137105][ T5178] loop1: detected capacity change from 0 to 128
[   59.154692][ T5178] vfat: Unknown parameter 'ÿ'
[   59.160759][ T5180] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=5180 comm=syz.0.229
[   59.209783][ T5184] netlink: 172 bytes leftover after parsing attributes in process `syz.0.230'.
[   59.464866][ T5189] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5189 comm=syz.4.232
[   59.495053][ T5189] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=5189 comm=syz.4.232
[   59.569244][ T5193] netlink: 4 bytes leftover after parsing attributes in process `syz.4.233'.
[   59.607068][ T5197] loop4: detected capacity change from 0 to 512
[   59.656534][ T5199] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5199 comm=syz.3.235
[   59.673896][ T5201] sd 0:0:1:0: device reset
[   59.710809][ T5199] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=5199 comm=syz.3.235
[   59.761024][ T5211] loop2: detected capacity change from 0 to 512
[   59.777989][ T5211] ext4 filesystem being mounted at /38/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.952650][ T5220] loop1: detected capacity change from 0 to 1024
[   59.960782][ T5220] EXT4-fs: inline encryption not supported
[   59.976936][ T5222] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5222 comm=syz.4.241
[   60.006199][ T5220] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.242: Allocating blocks 497-513 which overlap fs metadata
[   60.022408][ T5228] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5228 comm=syz.2.243
[   60.040886][ T5220] EXT4-fs (loop1): pa ffff8881007383f0: logic 16, phys. 145, len 23
[   60.048959][ T5220] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[   60.060602][ T5220] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[   60.073154][ T5220] EXT4-fs (loop1): This should not happen!! Data will be lost
[   60.073154][ T5220] 
[   60.082886][ T5220] EXT4-fs (loop1): Total free blocks count 0
[   60.088949][ T5220] EXT4-fs (loop1): Free/Dirty block details
[   60.094907][ T5220] EXT4-fs (loop1): free_blocks=16
[   60.099995][ T5220] EXT4-fs (loop1): dirty_blocks=0
[   60.105036][ T5220] EXT4-fs (loop1): Block reservation details
[   60.111122][ T5220] EXT4-fs (loop1): i_reserved_data_blocks=0
[   60.200450][ T5236] netlink: 4 bytes leftover after parsing attributes in process `syz.1.245'.
[   60.225358][ T5236] team0 (unregistering): Port device team_slave_0 removed
[   60.238331][ T5236] team0 (unregistering): Port device team_slave_1 removed
[   60.240968][ T5238] loop2: detected capacity change from 0 to 512
[   60.278979][ T5245] sd 0:0:1:0: device reset
[   60.349709][ T5252] atomic_op ffff888119ef3928 conn xmit_atomic 0000000000000000
[   60.432534][ T5256] loop2: detected capacity change from 0 to 2048
[   60.592965][ T5265] loop0: detected capacity change from 0 to 1024
[   60.600970][ T5265] EXT4-fs: Ignoring removed orlov option
[   60.734280][ T5273] loop1: detected capacity change from 0 to 512
[   60.761255][ T5273] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   60.791381][ T5273] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   60.806801][ T5276] netlink: 172 bytes leftover after parsing attributes in process `syz.0.254'.
[   60.819658][ T5273] EXT4-fs (loop1): 1 truncate cleaned up
[   60.843441][ T5272] ==================================================================
[   60.851582][ T5272] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[   60.859733][ T5272] 
[   60.862055][ T5272] write to 0xffff888108dd5bb0 of 4 bytes by task 5265 on cpu 0:
[   60.869687][ T5272]  writeback_single_inode+0x150/0x3f0
[   60.875086][ T5272]  sync_inode_metadata+0x5b/0x90
[   60.880051][ T5272]  generic_buffers_fsync_noflush+0xd9/0x120
[   60.885966][ T5272]  ext4_sync_file+0x1ab/0x690
[   60.890654][ T5272]  vfs_fsync_range+0x10d/0x130
[   60.895436][ T5272]  ext4_buffered_write_iter+0x34f/0x3c0
[   60.901004][ T5272]  ext4_file_write_iter+0x387/0xf60
[   60.906231][ T5272]  iter_file_splice_write+0x666/0xa60
[   60.911636][ T5272]  direct_splice_actor+0x156/0x2a0
[   60.916781][ T5272]  splice_direct_to_actor+0x312/0x680
[   60.922173][ T5272]  do_splice_direct+0xda/0x150
[   60.926953][ T5272]  do_sendfile+0x380/0x650
[   60.931403][ T5272]  __x64_sys_sendfile64+0x105/0x150
[   60.936626][ T5272]  x64_sys_call+0x2bb4/0x3000
[   60.941313][ T5272]  do_syscall_64+0xd2/0x200
[   60.945839][ T5272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.951747][ T5272] 
[   60.954077][ T5272] read to 0xffff888108dd5bb0 of 4 bytes by task 5272 on cpu 1:
[   60.961624][ T5272]  vfs_fsync_range+0x9b/0x130
[   60.966318][ T5272]  ext4_buffered_write_iter+0x34f/0x3c0
[   60.971906][ T5272]  ext4_file_write_iter+0x387/0xf60
[   60.977110][ T5272]  iter_file_splice_write+0x666/0xa60
[   60.982521][ T5272]  direct_splice_actor+0x156/0x2a0
[   60.987645][ T5272]  splice_direct_to_actor+0x312/0x680
[   60.993033][ T5272]  do_splice_direct+0xda/0x150
[   60.997807][ T5272]  do_sendfile+0x380/0x650
[   61.002256][ T5272]  __x64_sys_sendfile64+0x105/0x150
[   61.007474][ T5272]  x64_sys_call+0x2bb4/0x3000
[   61.012162][ T5272]  do_syscall_64+0xd2/0x200
[   61.016930][ T5272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.022830][ T5272] 
[   61.025158][ T5272] value changed: 0x00000070 -> 0x00000002
[   61.030891][ T5272] 
[   61.033221][ T5272] Reported by Kernel Concurrency Sanitizer on:
[   61.039444][ T5272] CPU: 1 UID: 0 PID: 5272 Comm: syz.0.254 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.049094][ T5272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   61.059161][ T5272] ==================================================================
[   61.417605][   T29] kauditd_printk_skb: 1619 callbacks suppressed
[   61.417623][   T29] audit: type=1326 audit(1762816548.934:8012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5262 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc117f6c9 code=0x7ffc0000