last executing test programs:

4m2.05565754s ago: executing program 4 (id=614):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x1000c16, &(0x7f0000000500), 0xff, 0x260, &(0x7f0000000980)="$eJzs3U9IHFccB/DfzO7Wqkux7aVQ+gdKKa0g9lboxV5aEIpIKYW2YCmllxYtWKU37SmXHJJjSIKnXCTkFpNj8CK5JARyMokHcwkkkkMkhySwYXcU/LOJxl13gvP5wDoz+ub93jDzfSPiMAEUVl9EDEVEKSL6I6ISEcnWBh9nn76NzbnupbGIWu2Hh0mjXbad2dyvNyJmI+KriFhMk/irHDG98Mvq4+XvPjs+Vfn03MLP3R09yA1rqyvfr58dOXZx+Mvp6zfvjyQxFNVtx9V+SZPvlZOIdw6j2GsiKec9AvZj9L8Lt+q5fzciPmnkvxJpZCfvxOQbi5X44syL9j354Mb7nRwr0H61WqV+D5ytAYWTRkQ1knQgIrL1NB0YyH6Hv13qSf+emPy3/8+JqfE/8p6pgHapRqx8e7nrUu+O/N8rZfkHjqjsj1IrP47O36mvrJfyHhDQER9ki/r9v/+3mc9D/qFw5B+KS/6huOQfikv+4ehp9v+mzcg/FJf8Q3HJPxSX/ENxHTj/p54d3qCAjtiafwCgWGpdB3pquP0PIgMdl/f8AwAAAAAAAAAAAAAAAAAA7DbXvTS2+WlPj+U9W1w9HbH2TdZ0d/1S433EEW82vvY8Srb1mOyrwsv9+lGLHbTofM5PX791N9/61z7Mt/7MeMTs/xExWC43rr1tF1Sycf0d3Nt7/Lzye4sFXtHOdwN8/VNn6+/0dD7f+sPLEVfq889gs/knjfcay+bzT7V+/lqs/8+TFjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgY54HAAD//7UiauA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
faccessat2(r2, &(0x7f0000000200)='./file1\x00', 0x3b8, 0x1400)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c804}, 0x4091)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000014c0)=ANY=[@ANYBLOB="301000003b0007010100000000000000017c00000400fc8018100180"], 0x1030}}, 0x4c000)
socket$nl_generic(0x10, 0x3, 0x10)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000020301040000000000000000000040200800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="1c0000000203010200"/19], 0x1c}}, 0x0)
close(r5)
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0xdf)
write$binfmt_elf64(r6, &(0x7f0000000ac0)=ANY=[], 0x5b0)

4m1.329272281s ago: executing program 4 (id=619):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000200))
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
memfd_create(&(0x7f0000000180)=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3)
syz_clone(0x630c1100, 0x0, 0x3ffff, 0x0, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000680)=@mangle={'mangle\x00', 0x64, 0x6, 0x568, 0x0, 0x0, 0x1d0, 0x0, 0x1d0, 0x530, 0x530, 0x530, 0x530, 0x530, 0x6, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'vcan0\x00', 'veth1_virt_wifi\x00'}, 0x0, 0xa8, 0xe8, 0x0, {0x7a00000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x9}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'syzkaller1\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@private0}}}, {{@ipv6={@rand_addr=' \x01\x00', @mcast2, [], [], 'veth1_to_batadv\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@empty}}}, {{@ipv6={@private0, @mcast2, [], [], 'veth1_to_team\x00', 'veth0_macvtap\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@remote}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5c8)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x8, &(0x7f0000000080)=[{0x0, 0x0, 0xf3, 0x7f}, {0x7ff, 0x0, 0x2}, {0x1000, 0x9, 0x1, 0xfffffffe}, {0x8, 0x9, 0xb7, 0x3e}, {0xc, 0x8, 0x79, 0x7fffffff}, {0x6, 0x8, 0x9, 0xfffffeff}, {0xbc, 0x7, 0x10, 0x1}, {0x2, 0x87, 0x8, 0xc3}]})
ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)

4m1.030176036s ago: executing program 4 (id=626):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000280)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400)={r0}, 0x4)
syz_mount_image$ext4(&(0x7f0000000240)='ext3\x00', &(0x7f0000000840)='./file0\x00', 0x0, &(0x7f0000000340)={[{@jqfmt_vfsold}, {@sysvgroups}, {@debug}, {@grpjquota_path={'grpjquota', 0x3d, './bus'}}, {@resgid}, {@init_itable}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0x2, 0x46c, &(0x7f0000001f80)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==")
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x448, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) (fail_nth: 19)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
rt_sigpending(&(0x7f00000004c0), 0x8)
r7 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r7, 0x29, 0x16, &(0x7f00000001c0)=0x7f, 0x4)
close(r7)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents(r8, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x6, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x3}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x3}}, @typedef={0x4, 0x0, 0x0, 0x8, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x4e, 0x0, 0x1}, 0x28)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

4m0.551619324s ago: executing program 4 (id=628):
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/config\x00')
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f0000000000)={[{@dioread_lock}, {@noquota}, {@errors_remount}, {@noblock_validity}]}, 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800009f6b206c000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000400000085000000060000008500000050000000950000000000cdb981a72ecb8667000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000480)='mm_page_alloc\x00', r2}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000040)={0x0, <r7=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @u32=0x4}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r7}]}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}, {0x10}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x3}, @TCA_CAKE_WASH={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x3800813, &(0x7f0000001240)=ANY=[@ANYBLOB="646d6f64653d3078301630303030303030303030303062312c6e6f726f636b2c6e6f636f6d70726573732c636865636b3d72656c617865642c6d61703d61636f726e2c6e6f6a676c6965742c73686f776173736f632c7569643d1a3e76e38d7e9a725fefee99228c92f7070e6eb76bef69524789df1ddae2c699031545f087f5607e1f01a38e0236b2ffeebdc0373891f0bbfbc91b558613f6e613cac0714c0b7d306f271335cd9caf7f72ef317a11c6c948033374a9649ecc9f9f14deb53ffa922cdcc95cebe77b8e3592541f751cf3d37e247502dfdf23f2e432c498e3712f5f494520066c0bae9060acfbf5cc50cf55fedf7b9ee2a42cf2675e3e1fb72dc26cfb97a8742511f7229079de797f9f53058fb23144810a1bf8422dc73ea6171578b348572f8f5abc", @ANYRESHEX=0x0, @ANYBLOB=',unhide,norock,unhide,gid=', @ANYRESHEX=0x0, @ANYBLOB=',overriderockperm,cruft,cruft,map=acorn,\x00'], 0x1, 0xa4a, &(0x7f00000007c0)="$eJzs3c1vHOd9B/DvLEmJoV1JcVTXFRxxJVcK47AUSdVSBR9SiVxJTPlSkBRgoYcojahCEFu3cQs4RoEoQNFTjBZo0UN7M3rqyUAuTQ+FL0V7a049FCj8LwQ9qScGM7skl+Qul2IoklY+H2J35+U3z/PMyzMPd3d2nvDFsnZ6y9jaWvXY5/i9fz6EEnOM3Zr+/JNPPy4fP3yaE+nLO8W/JINJ6kl/kjeSganpxYW5Hgk9SR4k+SwpkpxM83VPHqT467y6Of5Zin8s8+3qxF5Tppc1fqkd9fEHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHUTE1PT4+UZzIzPy99+pNSX2HqenFhSJrazvnrC/T9JOq1+/iJz3zTYrykcHB9a6+3zi7Ofv1JPWLebM59mbVIXkG89Err5959yv9tfXlu5XmF3Jy78l+8P2PnnxndXXlex3nFsUBluqYaR4jdxrzM0sLM3M37zTqM0sL9RvXro1fuXt7qX57ZraxdH9puTFXn1ps3FxeWKyPTH29PnHjxtV6Y+z+wr35O9Njs431idd/c3J8/Fr9W2O/17i5uLQwf+VbY0tTd2dmZ2fm71Qx5ewy5np5IP7uzHJ9uXFzrl5/9Hh15eq2kvVl2/FbBk30Wp8yaLJX0OT45OTExOTkxA9bvWdvTLj2zo13ro+P9483vZrWQHZEvKCDluPlS91388GfxGGfas32P5nNTOZzL++l3vFvKtNZzELmusxvWW//L11p7Jpt2tr/Vivf3zb/XPl0Medbo4Nd2v8uZTm8vw/y/XyUJ/lOVrOalXzvyEt0uH930sh8ZrKUhcxkLjerKfXWlHpu5FquZTzfzt0MZyn9uZ2ZzKaRpdzPUpbTqI6oqSymkZtZzkIWU89IpvL11DORG7mRq6mnkbHcz0LuZT53Mp2bVSqP8rja7ld3KeNG0MRegiZ3CdrRmHdr/zdsX6Sx/Z8TXkK1XffyCziLw/6stdr/E71DR6YOo0AAAADAgfv1/8yps6/9x/8mRb5afS9/e2a2MX7UxQIAAAAOUHW53pvly0A59NUU3v8DAADAy6aofmNXJBnKcHNo/ZdQPgQAAACAl0T1/f/5FMObE7z/BwAAgJdM73vs94woRtdv/1t/2Hx92IpojhVDt2dmG2NTC7PvTuRydZeB6pcGO1LrS4qB6ucHb+dCM+rCUPN1aDPFMs/BMmpi7N2JvJ2LrRUZeat8eWukQ+RkM/JrzcivtUf2ZUvk1TISAF52F3dpj/fa/r+d0WbE6Lmqye8/t6UN7qta1nEtKwAcFxt97Px/q0uzDu3/+ea9Ac53a/9/a5f3/2XEa3k03LykYCzfzftZzcOMpnXFwXCnVNd7I2hehjDa49OAodYlCz+9Xsvojs8DBjfWtT12JZMZ7fiJQFu6xXoZrjbj+l7UXgCAw3Vx13Z4vf2vPiTv2v6P7v7+v63NdUkhABwHGz3YP+/A8N6Dj3odAYCttNIAAAAAAAAAAAAAAAAAAAAAAAAAAABw8PZ0A///upysrq4k++0soMPAT//9X3+la8yPXkkGn6eEuw/UcjBlPv4DfUmOKvdv5rmXKvfxcdl0L9NA8bSqsL9QOkd8YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQFElfp+m15GSS8SRXDr9UL87Toy7AQanvb7HiWZ7lw5w66OIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyya93/v5bm6yvNSemvJZeSPEjy+0ddxucx2GP+s0Mqx/HzR9Vz2/3/a8lA1or0Z21tbS0pBqamFxfmykOhOFnO//yTTz8uH12T/MH6wM5eFcoEyhy2dC7RyqFtysDWpb5cLTU0vfLBkz97/0/q07eqA/PW8u3Z6bk7i7+zGfh68eNmFwjt3SCsl/cvLv3b37RNPtHK/Mfp77Yi2/O9XeU7vTPfX+u0dJd89+Dx6spkmdNy473lP//jWvus13IheWskGdma0x+Wjy45Xdi+Pbcqflb8VXEqf58H1f4vt0axVpS76HS1/l969Hh1Zey7768+3CjTDx5/2JbAmQwnebi1lvUo03B1PunolSrXgTLX8SqofDrbI71dtaU4sbldt6zDl6tDZui51qHefR0qPbZ7q0RXt5dorawkf/unX8nlXff0yQ4pXu6RY0fFz4r/Ke7mv/OXbf1/1Mr9fykda2eHJKrItiOlfd6W6lW7tLnmk+0zvr09za61khfgR/mD/PbG/q9V5//2ejPZpd5snI++2TaxS71Zr1pd6sXJrTV1R71o6VUvdtbUfzq9o0XZmmvObmuRWmefbsu0ynm2GdWlnL+abyT9557rjPKNHmeUXsvvt/7/QzGS/8tT/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHX5H0dZpeSy4lOZPkdDleT9a2xzzdR361oWI/xTww+ynzF0/RdUWLZ3mWD3PqsEsEAAAAAAAAwItxa/rzTz79uHxU38f35TdqrTn1pD/JmeLvBqamFxfmeiQ0kDxY/0p/sHNIl8l5UD69ujn+WTn2Ro/8jvbyAQD4Qvt5AAAA//9B+m/L")
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

3m59.852741335s ago: executing program 4 (id=639):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x4e, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000740)='system.posix_acl_default\x00', 0x0, 0x25, 0x3)

3m59.46909964s ago: executing program 4 (id=642):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000007b394bfe363b1b966ad5d170531a2020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
kexec_load(0x4, 0xa, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYRESOCT=r1, @ANYRES32=r2, @ANYRESHEX=r2], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x16, 0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r4, @ANYRES32=<r7=>r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r6, 0x0, 0x7}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x10, 0x2, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={0x0, 0xd}, 0x2cd2736c8215532c, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x5, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000980)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d030100000000009500000c000000006926000000000000bf67000000000000150600000fff070056060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff6d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded85d3cdd66d9c79f0529d045625b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c700e3806f825f1d0da2a304e06543b56d35235d7897a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664b44e22b72e843e7cf55f394cf75d1cd57c9150bfb98cc45b3fde43e42e150d4a2fddd9a9767748ca3522443097c55dc97c09d38485b18ad2cff787338bab324336f50c97b751f2ed2c4281858b428d1b2c1194b06f9bb7ffcc95c1bcfc5540f9574f20e7f513a2a7c5dad90e7d479724d69fa0c0bf97af1231a49ea166f743279d240e2e6f01d8704f313d68b16198be5f6a50e9e0fd20893b2922df566d2622edee5000000000000000000d91c6da09fa7cdbbf16d4780d8c2401c55aff772aced3ff966ff76d796c171f5f7a31e1b14b0c0c712c0fdd2710f37a3d15710d68e7326a7db043c57784bd9bdb047db75"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)=ANY=[@ANYBLOB="580000000206030000000000000000000000000011000300686173683a69702c706f72740000000009000200737d7a31000000000c000780080012400ffffffc050005000a00000005000400010000000500010007000000102a2e1a8e50b98c2e6098f9ac6c7a11449c0182e2f477cf126a6b3622", @ANYRESDEC=r7], 0x58}, 0x1, 0x0, 0x0, 0x40008c1}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
socket(0x1, 0xa, 0x6)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002abd7002ffdbdf254e0000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080000000000000008000b00a76000000600110002000000"], 0x4c}}, 0x0)
clock_gettime(0x0, 0x0)
setitimer(0x2, &(0x7f0000000500), &(0x7f0000000580))

3m59.468913691s ago: executing program 32 (id=642):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000007b394bfe363b1b966ad5d170531a2020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
kexec_load(0x4, 0xa, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYRESOCT=r1, @ANYRES32=r2, @ANYRESHEX=r2], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x16, 0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r4, @ANYRES32=<r7=>r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r6, 0x0, 0x7}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x10, 0x2, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={0x0, 0xd}, 0x2cd2736c8215532c, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x5, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000980)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d030100000000009500000c000000006926000000000000bf67000000000000150600000fff070056060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff6d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded85d3cdd66d9c79f0529d045625b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c700e3806f825f1d0da2a304e06543b56d35235d7897a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664b44e22b72e843e7cf55f394cf75d1cd57c9150bfb98cc45b3fde43e42e150d4a2fddd9a9767748ca3522443097c55dc97c09d38485b18ad2cff787338bab324336f50c97b751f2ed2c4281858b428d1b2c1194b06f9bb7ffcc95c1bcfc5540f9574f20e7f513a2a7c5dad90e7d479724d69fa0c0bf97af1231a49ea166f743279d240e2e6f01d8704f313d68b16198be5f6a50e9e0fd20893b2922df566d2622edee5000000000000000000d91c6da09fa7cdbbf16d4780d8c2401c55aff772aced3ff966ff76d796c171f5f7a31e1b14b0c0c712c0fdd2710f37a3d15710d68e7326a7db043c57784bd9bdb047db75"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)=ANY=[@ANYBLOB="580000000206030000000000000000000000000011000300686173683a69702c706f72740000000009000200737d7a31000000000c000780080012400ffffffc050005000a00000005000400010000000500010007000000102a2e1a8e50b98c2e6098f9ac6c7a11449c0182e2f477cf126a6b3622", @ANYRESDEC=r7], 0x58}, 0x1, 0x0, 0x0, 0x40008c1}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
socket(0x1, 0xa, 0x6)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002abd7002ffdbdf254e0000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080000000000000008000b00a76000000600110002000000"], 0x4c}}, 0x0)
clock_gettime(0x0, 0x0)
setitimer(0x2, &(0x7f0000000500), &(0x7f0000000580))

40.119768905s ago: executing program 2 (id=3877):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_io_uring_setup(0x1239, &(0x7f0000000480)={0x0, 0x1b6e, 0x2, 0x2, 0x326}, &(0x7f0000000040), &(0x7f0000000200))
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2b, &(0x7f00000002c0)=ANY=[@ANYBLOB="bbe91bc8c9fca2ce0500001d00debbd50506c6c10deb1b800011907800000064e1e5c6f42c00000100004e200009907849000000000000"], 0x0)
recvmmsg(r0, &(0x7f00000039c0)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001940)=""/4096, 0x1000}], 0x1}, 0x7061ab3a}], 0x1, 0x120, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x7ff}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x2)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10)
flock(0xffffffffffffffff, 0x2)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r1, 0x0)

39.246307019s ago: executing program 2 (id=3885):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000500000000000000000000001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=@newqdisc={0x64, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x6}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x5, 0x12, 0x400, 0x1, 0x200}}, {0x4}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x44004}, 0x0)

39.222542319s ago: executing program 2 (id=3887):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r2, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x200000007})
fcntl$lock(r2, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x80000000})
r3 = socket$l2tp(0x2, 0x2, 0x73)
r4 = fcntl$getown(r2, 0x9)
fcntl$lock(r3, 0x7, &(0x7f00000001c0)={0x1, 0x2, 0x9, 0x2, r4})
r5 = syz_open_procfs(r4, &(0x7f0000000200)='attr/fscreate\x00')
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$RTC_IRQP_READ(r6, 0x8008700b, &(0x7f0000000080))
socketpair(0x28, 0x800, 0xffffffff, &(0x7f00000003c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
syslog(0x9, 0x0, 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
accept(r7, &(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000100)=0x80)
syslog(0xa, &(0x7f0000000280)=""/232, 0xe8)

39.036353652s ago: executing program 2 (id=3891):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r4 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x64)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8936, &(0x7f0000000000))
readv(r3, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000efffffff850000007000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='netlink_extack\x00', r5}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000880)={0x1c, 0x19, 0x15, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @str='\x02\x02\x00\x00\x00\x00'}]}, 0x1c}], 0x1}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x14, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb4b1}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5bb}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r8}, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000540)={0x68, r9, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_SEC_KEY={0x4c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "3e7d9e838196f61c9b54c9c6b8bd5d48"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_ID={0x2c, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x20, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0302}}, @NL802154_DEV_ADDR_ATTR_MODE={0xfffffffffffffef8, 0x2, 0x3}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}]}]}, 0x68}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r11}, 0x38)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r12}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')

38.820267836s ago: executing program 2 (id=3893):
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0xd931d3864d39dcc9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0xf1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x800)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
unlinkat(r2, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES16=r3, @ANYRES32, @ANYRES16=r3], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
chroot(&(0x7f0000000280)='./file0\x00')
sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000b80)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40041)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000700))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3804402, &(0x7f0000000680)={[{@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nombcache}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x80042, 0x8)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
link(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000740)=@urb_type_iso={0x0, {0x1, 0x1}, 0x81, 0xc0, &(0x7f0000000400)="354a4be55defcfc947110122e2d168f6370ac04d878997df2f6ff3661ad678469de6f9a43e9072abc27f5578963533aefd8969b2d32d76222c74bd97fcc8df449543e1a15299db9f89a3db08421e584b313ee431523ead22ef4310218a81f1c3a8cb01eb6656daf1447235dc88ac2915262c88187862fdcc81019b7cfe9b7f014e5f6e0a0ff2054a73360a4ed94fec319603f083d5a8f9dd571c7d0f7789eb57e60c540a4e5ab7d4cbdba751447126d575cbe724a657ac339ef122c41f6a9a389b7463cbedf025103df2d37f317abf498d9d272cc27628eaf636b7075c796b2472dc2aa96fca465cb94779b6d778675a4ce5", 0xf2, 0x7, 0x9, 0x46, 0xffffffff, 0x8, &(0x7f0000000500)="8e9f24c783baafda5c66db7e17f6e1a0055f61094c89beb2e8630c1ce1c9380e3fa3b9ebbeec19d5a8a3fe19b881662627cca0a6a28d044f64ffe88a66490590c42fc03c31d8c8d7af239072233ab409d68a12b0303f53a5d8efba6cabfcd7014b02eb32dc27cff2f055c3f73ced3fd508a115eac5c5944317081a97109c53420eaabd1a10d92dc0f58b660dcbf15c1180be316883a66a23d3d7eca44939f28d72258ec593e79a89c44b0a503c1a0d1e", [{0x0, 0x8, 0x7}, {0x7, 0xd898, 0x9}, {0x2b21, 0x8, 0x9}, {0x8, 0x4014e, 0x3}, {0x2, 0x9, 0x16}, {0x6, 0x6, 0x3}, {0x2, 0x71bc, 0x2}, {0x7fffffff}, {0x6, 0xffff0001, 0x1000}, {0xffffffff, 0x80000000, 0x7}, {0x718a, 0x0, 0x2}, {0xd, 0x8, 0x9bc5}, {0x7, 0x7, 0x5}, {0x1, 0x8, 0x7}, {0x0, 0x904e, 0x8}, {0xae, 0x1, 0x1}, {0xda9, 0x0, 0x2}, {0x8, 0x7, 0x1}, {0x7, 0xffffffff, 0x9}, {0x80, 0x0, 0x101}, {0x7, 0x3, 0x7903}, {0x200, 0x19c, 0x8000}, {0x9, 0x10fd, 0x7}, {0x7ff, 0xffffffff}, {0x1, 0x5, 0x10}, {0x77d, 0x10, 0x6}, {0x1, 0x10001, 0x101}, {0xfffffffa, 0x299, 0x180000}, {0xe85, 0x3, 0x1}, {0x7, 0x5, 0x3}, {0x6, 0x80, 0x8}, {0x800, 0x6, 0x7}, {0x21ee, 0x2}, {0xb052, 0x10, 0x80000000}, {0x80, 0xc, 0x8}, {0x25fa165d, 0x1ff, 0x3}, {0x3779, 0x7, 0xce}, {0x8001, 0x7fffffff, 0x7f}, {0x0, 0x0, 0x80000000}, {0x7fffffff, 0x8, 0xf0}, {0x6, 0x40, 0x3}, {0x4, 0x5, 0x68}, {0x1, 0xb, 0x6}, {0x4, 0x80000000, 0xa9}, {0x8e70, 0x3f1, 0x8}, {0x8, 0x7, 0xf0}, {0x7, 0x1, 0x7}, {0x82, 0x9, 0xfffffff8}, {0xff, 0x29, 0x9}, {0x0, 0x0, 0xfffffff8}, {0x6, 0xa6b, 0x9}, {0x8, 0x6, 0x10000}, {0x6, 0x0, 0x9}, {0xc9fd, 0x2, 0xd}, {0x4, 0x1, 0x8001}, {0x1c, 0x10000, 0x1}, {0x8000, 0x8, 0x5}, {0x8, 0xd4, 0x9}, {0xa33, 0x0, 0x6}, {0x5, 0x4cb, 0x1}, {0x42, 0x6, 0x3}, {0x13, 0x3d, 0x81}, {0xffff, 0x9, 0x9}, {0x8, 0xd, 0x10001}, {0xa3, 0x200, 0x2}, {0x6, 0x4, 0x9}, {0x101, 0x1, 0x8000}, {0x0, 0x5, 0x1000}, {0xd585, 0x8, 0x800}, {0x9, 0x95fe, 0x4}]})

38.704688078s ago: executing program 2 (id=3895):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78003bbf98e5747e3c0a7d000000000b8f6f1e12b0f0e49b15a5bb23314bf0a57e3c3f12e569e4117259e3e749b7bb0ebcf2ba99fb91a6155a2e6d9e82cad32c397a8d5d282bcf2251c4384017fba6375dad514f99a971f62f9326c4f3a3cf0a708271261c7e869bf2950359bb1ffd8bf2760e9b9fffc8d4edd1b55e197d02a72d726e65fb9c760d72decd7a1925d54e196bcbf679bcd7bd981666cf805dd8b41a7b83178e734c2cd4744ae9b34235b39ff217e339c39feae0ba8281cb00000000", @ANYRES16=0x0, @ANYBLOB="10002dbd7000fddbdf250f0000000c00990000000000270000001c005a8018000080140003000100ca0a0c008a8a25f2ff7f480000400800350003000000"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) (async)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x300, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x9, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x5}, {0x5, 0xfffffffe}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x8000000}, {0x40}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {0x40}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0xd, 0x0, 0x8, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {}, {}, {}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {0x80}, {0x0, 0x0, 0x0, 0x7}, {0x0, 0x1000000}, {0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x200}, {}, {0x0, 0x15, 0x0, 0x48510}, {}, {}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0xc}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x6}, {0xfffffffc, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {0xfffffffd}, {0x5}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0x0, 0x200}, {}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x2000, 0x0, 0x0, 0x1}, {0xfffffffc, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x2, 0x0, 0x20000000}, {0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x2, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0xd, 0x0, 0x0, 0xfffffffc}, {0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffe, 0x0, 0x0, 0x0, 0x7ffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {}, {}, {}, {0x1}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x1}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {0x5, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {0x5}, {}, {}, {0x0, 0x1}, {}, {0x0, 0xa11b5f369cf453a6}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {0x2}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
socket$inet_sctp(0x2, 0x1, 0x84) (async)
socket$inet_sctp(0x2, 0x1, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb316517ef741f5e9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r7}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@version_u}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@version_u}]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)

24.618560497s ago: executing program 3 (id=4139):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000005c0)='./cgroup/syz0\x00', 0x200002, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")

24.542429378s ago: executing program 3 (id=4141):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')

24.480989689s ago: executing program 3 (id=4142):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000180)="0b030a124f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)

24.480601229s ago: executing program 3 (id=4143):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20880e, &(0x7f0000000000), 0x1, 0x50f, &(0x7f0000000680)="$eJzs3c9vG1kdAPDvOL+z2U122QMgYMuyUFBVJ3F3o9UeYDkhhFYC9ghSGxI3imLHUeyUJvSQ/g9IVOIER/4Azj1x54LgxqUckPgRgZpKHIxmPEndJE7crRNH8ecjjWbevPF830s679lfNX4BDKxrEbEbEaMRcScipvPzSb7Fx60tve7p3oOl/b0HS0k0m5/+K8nq03PR9prUa/k9xyPix9+L+FlyPG59e2dtsVIpb7aKE7ON6sZsfXvn5mp1caW8Ul4vlRbmF+Y+vPVBqWd9fac6mh99+ckfd7/1i7RZU/mZ9n70UqvrI4dxUsMR8YPzCNYHQ3l/RvvdED6TQkS8FRHvZs//dAxlv00A4CprNqejOd1eBgCuukKWA0sKxTwXMBWFQrHYyuG9HZOFSq3euHG3trW+3MqVzcRI4e5qpTyX5wpnYiRJy/PZ8fNy6Uj5VkS8GRG/HJvIysWlWmW5n298AGCAvXZk/v/vWGv+BwCuuPF+NwAAuHDmfwAYPOZ/ABg85n8AGDzmfwAYPOZ/ABg85n8AGCg//OSTdGvu599/vXxve2utdu/mcrm+VqxuLRWXapsbxZVabSX7zp7qWfer1Gob8+/H1v2Zb2/UG7P17Z3b1drWeuN29r3et8sjF9IrAOA0b77z+C9JROx+NJFt0baWg7karrZCvxsA9M1QvxsA9M3hal8WcIOB8wqf8aUH4Io4YYneF4xHxMTRk81ms3l+TQLO2fUvyP/DoGrL//tfwDBg5P9hcA33uwFA3zSbSbdr/ke3FwIAl5scPwy2UxL/b+X73+XX/HT56BWPzqtVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPkdrP9bzNcCn4pCoViMeD0iZmIkubtaKc9FxBsR8eexkbG0PN/nNgMAr6rw9yQi0u369HtTR2tHk2dj2T4ifv7rT391f7HR2PxTev7fY0l+vvEoP1/qSwcAgDMczNPZvu2D/NO9B0sHW5e3SnrRnn98t7UAaRp3f2809g/jD8dwth+PkYiY/E+Sl58HH+pB/N2HEfH5k/qfxFSWA2mtfHo0fhr79QuNX3ghfiGra+3Tn8XnetAWGDSP0/Hn45Oev0Jcy/YnP//j2Qj16vLxL73V0n42Bj6PfzD+DXUY/651G+P9P3y/dTRxvO5hxBeHIw5i77eNPwfxkw7x3+sy/l+/9JV3O9U1fxNxPU6O3x5rtlHdmK1v79xcrS6ulFfK66XSwvzC3Ie3PijNZjnq2c6zwT8/uvFGp7q0/5Md4o+f0f+vd9n/3/7vzk++ekr8b37tpPiFePuU+Omc+I0u4y9O/r7jEt9p/OUO/T/r93+jy/hP/rZzbNlwAKB/6ts7a4uVSnnzIg8O3khcaFAHL3MwFL29YUTs9uA+6b+aS/HzyQ5+NNr+EH3noqKPxku9qtk8VpV+Vjrr5Z1GjF5k3YDL4PChj4hn/W4MAAAAAAAAAAAAAABwoov4i6V+9xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr6/8BAAD//+SbyCg=")
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x13}, [@ldst={0x4, 0x0, 0x4, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x6, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x40020005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setstatus(r0, 0x4, 0x0)
r3 = request_key(&(0x7f0000000240)='id_legacy\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)='(\x00', 0x0)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, r3)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r6, &(0x7f0000000140)={'full'}, 0xfffffdef)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007311420000000000851000000200000085000000af00000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
fcntl$setlease(r2, 0x400, 0x1)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]})

23.903418408s ago: executing program 3 (id=4152):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f0000000700))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})

23.684950811s ago: executing program 3 (id=4153):
clock_nanosleep(0xfffffff2, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b030a124f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

23.684748191s ago: executing program 33 (id=4153):
clock_nanosleep(0xfffffff2, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b030a124f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

23.519862494s ago: executing program 34 (id=3895):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="78003bbf98e5747e3c0a7d000000000b8f6f1e12b0f0e49b15a5bb23314bf0a57e3c3f12e569e4117259e3e749b7bb0ebcf2ba99fb91a6155a2e6d9e82cad32c397a8d5d282bcf2251c4384017fba6375dad514f99a971f62f9326c4f3a3cf0a708271261c7e869bf2950359bb1ffd8bf2760e9b9fffc8d4edd1b55e197d02a72d726e65fb9c760d72decd7a1925d54e196bcbf679bcd7bd981666cf805dd8b41a7b83178e734c2cd4744ae9b34235b39ff217e339c39feae0ba8281cb00000000", @ANYRES16=0x0, @ANYBLOB="10002dbd7000fddbdf250f0000000c00990000000000270000001c005a8018000080140003000100ca0a0c008a8a25f2ff7f480000400800350003000000"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) (async)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x300, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x9, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x5}, {0x5, 0xfffffffe}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x8000000}, {0x40}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {0x40}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0xd, 0x0, 0x8, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {}, {}, {}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {0x80}, {0x0, 0x0, 0x0, 0x7}, {0x0, 0x1000000}, {0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x200}, {}, {0x0, 0x15, 0x0, 0x48510}, {}, {}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0xc}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x6}, {0xfffffffc, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {0xfffffffd}, {0x5}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0x0, 0x200}, {}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x2000, 0x0, 0x0, 0x1}, {0xfffffffc, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x2, 0x0, 0x20000000}, {0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x2, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0xd, 0x0, 0x0, 0xfffffffc}, {0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffe, 0x0, 0x0, 0x0, 0x7ffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {}, {}, {}, {0x1}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x1}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {0x5, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {0x5}, {}, {}, {0x0, 0x1}, {}, {0x0, 0xa11b5f369cf453a6}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {0x2}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
socket$inet_sctp(0x2, 0x1, 0x84) (async)
socket$inet_sctp(0x2, 0x1, 0x84)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb316517ef741f5e9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r7}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@version_u}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@version_u}]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)

2.826751585s ago: executing program 1 (id=4417):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18)

2.788723776s ago: executing program 1 (id=4418):
r0 = creat(&(0x7f00000003c0)='./file0\x00', 0xd931d3864d39dcc9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0xf1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="58000000020601080000000000000000000000000c000780050015002c0000000500010006000000050005000a00000005000400000000000900020073797a300000000012000300686173683a6e65742c706f727400000036879b23452fda6df56b03a08b2d007a96a00c3ebb7c0ec586ffd06083a232fb92b8b4d2506947f4543a2251cc85602d9d31a6dcd7b922b87683da62bb0a3893791bb0fcce379ff52b98a0d4abc8fd49e7241aa318a6b8b2c68cb05eed9d7c8e4a8d6a1cb7"], 0x58}}, 0x800)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
unlinkat(r2, &(0x7f00000002c0)='./file0\x00', 0x0)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = syz_open_dev$usbfs(0x0, 0x204, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES16=r3, @ANYRES32, @ANYRES16=r3], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
chroot(&(0x7f0000000280)='./file0\x00')
sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000b80)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40041)
ioctl$USBDEVFS_REAPURB(r3, 0x4008550c, &(0x7f0000000700))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3804402, &(0x7f0000000680)={[{@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nombcache}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x80042, 0x8)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
link(&(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000740)=@urb_type_iso={0x0, {0x1, 0x1}, 0x81, 0xc0, &(0x7f0000000400)="354a4be55defcfc947110122e2d168f6370ac04d878997df2f6ff3661ad678469de6f9a43e9072abc27f5578963533aefd8969b2d32d76222c74bd97fcc8df449543e1a15299db9f89a3db08421e584b313ee431523ead22ef4310218a81f1c3a8cb01eb6656daf1447235dc88ac2915262c88187862fdcc81019b7cfe9b7f014e5f6e0a0ff2054a73360a4ed94fec319603f083d5a8f9dd571c7d0f7789eb57e60c540a4e5ab7d4cbdba751447126d575cbe724a657ac339ef122c41f6a9a389b7463cbedf025103df2d37f317abf498d9d272cc27628eaf636b7075c796b2472dc2aa96fca465cb94779b6d778675a4ce5", 0xf2, 0x7, 0x9, 0x46, 0xffffffff, 0x8, &(0x7f0000000500)="8e9f24c783baafda5c66db7e17f6e1a0055f61094c89beb2e8630c1ce1c9380e3fa3b9ebbeec19d5a8a3fe19b881662627cca0a6a28d044f64ffe88a66490590c42fc03c31d8c8d7af239072233ab409d68a12b0303f53a5d8efba6cabfcd7014b02eb32dc27cff2f055c3f73ced3fd508a115eac5c5944317081a97109c53420eaabd1a10d92dc0f58b660dcbf15c1180be316883a66a23d3d7eca44939f28d72258ec593e79a89c44b0a503c1a0d1e", [{0x0, 0x8, 0x7}, {0x7, 0xd898, 0x9}, {0x2b21, 0x8, 0x9}, {0x8, 0x4014e, 0x3}, {0x2, 0x9, 0x16}, {0x6, 0x6, 0x3}, {0x2, 0x71bc, 0x2}, {0x7fffffff}, {0x6, 0xffff0001, 0x1000}, {0xffffffff, 0x80000000, 0x7}, {0x718a, 0x0, 0x2}, {0xd, 0x8, 0x9bc5}, {0x7, 0x7, 0x5}, {0x1, 0x8, 0x7}, {0x0, 0x904e, 0x8}, {0xae, 0x1, 0x1}, {0xda9, 0x0, 0x2}, {0x8, 0x7, 0x1}, {0x7, 0xffffffff, 0x9}, {0x80, 0x0, 0x101}, {0x7, 0x3, 0x7903}, {0x200, 0x19c, 0x8000}, {0x9, 0x10fd, 0x7}, {0x7ff, 0xffffffff}, {0x1, 0x5, 0x10}, {0x77d, 0x10, 0x6}, {0x1, 0x10001, 0x101}, {0xfffffffa, 0x299, 0x180000}, {0xe85, 0x3, 0x1}, {0x7, 0x5, 0x3}, {0x6, 0x80, 0x8}, {0x800, 0x6, 0x7}, {0x21ee, 0x2}, {0xb052, 0x10, 0x80000000}, {0x80, 0xc, 0x8}, {0x25fa165d, 0x1ff, 0x3}, {0x3779, 0x7, 0xce}, {0x8001, 0x7fffffff, 0x7f}, {0x0, 0x0, 0x80000000}, {0x7fffffff, 0x8, 0xf0}, {0x6, 0x40, 0x3}, {0x4, 0x5, 0x68}, {0x1, 0xb, 0x6}, {0x4, 0x80000000, 0xa9}, {0x8e70, 0x3f1, 0x8}, {0x8, 0x7, 0xf0}, {0x7, 0x1, 0x7}, {0x82, 0x9, 0xfffffff8}, {0xff, 0x29, 0x9}, {0x0, 0x0, 0xfffffff8}, {0x6, 0xa6b, 0x9}, {0x8, 0x6, 0x10000}, {0x6, 0x0, 0x9}, {0xc9fd, 0x2, 0xd}, {0x4, 0x1, 0x8001}, {0x1c, 0x10000, 0x1}, {0x8000, 0x8, 0x5}, {0x8, 0xd4, 0x9}, {0xa33, 0x0, 0x6}, {0x5, 0x4cb, 0x1}, {0x42, 0x6, 0x3}, {0x13, 0x3d, 0x81}, {0xffff, 0x9, 0x9}, {0x8, 0xd, 0x10001}, {0xa3, 0x200, 0x2}, {0x6, 0x4, 0x9}, {0x101, 0x1, 0x8000}, {0x0, 0x5, 0x1000}, {0xd585, 0x8, 0x800}, {0x9, 0x95fe, 0x4}]})

2.737946937s ago: executing program 1 (id=4420):
openat(0xffffffffffffffff, &(0x7f0000000600)='./file0\x00', 0x2100, 0x26)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x64000600)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xa, 0x4, 0xffd, 0x7}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32=r1], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000160a0500000000000000000002000000300003802c00038004000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
fsetxattr$security_selinux(r9, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

2.259278905s ago: executing program 5 (id=4429):
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=0x0], 0x0, 0x800, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet(0xa, 0x1, 0x0)
munmap(&(0x7f0000002000/0x3000)=nil, 0x3000) (async)
munmap(&(0x7f0000002000/0x3000)=nil, 0x3000)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x4) (async)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000580)={0x0, 0x3000000, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x418, 0x2b0, 0x2b0, 0x2b0, 0x138, 0x98, 0x380, 0x380, 0x380, 0x380, 0x380, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)

2.002264399s ago: executing program 5 (id=4434):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="ff2dd8bf6e5afd525cf2dd013b6a294d8ee05a2399f62a35be59d23d88b1054f94ed8145b50d53aa4d22a8bfa40a71a725421b8c42be403d0e0e0f8e89039d4bb878e648d1e1d83d74a7f7b96c0e3cc84f2ad2d7a324d7b69e522519822790ef809e9bd77b1272b9d15d62240aaf3d309c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000280)={@private0, <r2=>0x0}, &(0x7f00000002c0)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f00000005c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x5}, 0x94)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x4f8, 0x3d0, 0x0, 0x4a0, 0x2d8, 0x4a0, 0x588, 0x588, 0x588, 0x588, 0x588, 0x6, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private0, [], [0xffffff00, 0x0, 0x0, 0x1f9814788dbf7ab2], 'veth1\x00', 'syz_tun\x00'}, 0x11e, 0xa8, 0xd0, 0x1f000000, {0x0, 0x7}}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x1}}}, {{@ipv6={@loopback, @dev, [], [], 'batadv_slave_0\x00', 'ip6gretap0\x00', {}, {}, 0x2b, 0x0, 0x1}, 0x0, 0xa8, 0xd0, 0x7400}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x68}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@mcast2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x558)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000008c0)={0x84, @private=0xa010102, 0x4e22, 0x1, 'lblcr\x00', 0x0, 0x10000, 0x100000}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x200000001, 'ovf\x00', 0x0, 0x821, 0x2000}, 0x2c)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
socket(0x10, 0x803, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r4, 0x400, 0x1)
fremovexattr(r4, &(0x7f0000000040)=@known='security.selinux\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00', 0x2})
r5 = dup(0xffffffffffffffff)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000200)={0x9, 0x3, 0x8000})
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/pm_print_times', 0x400000, 0xac)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000003c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8, &(0x7f0000000400)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0, 0x9d, &(0x7f0000000500)=[{}, {}], 0x10, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x34, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000ca0f00000000ed000900000085100000faffffffb1f88000f4ffffff9500000000000000"], &(0x7f0000000180)='GPL\x00', 0x7f, 0xc, &(0x7f0000000200)=""/12, 0x41000, 0x20, '\x00', r2, @fallback=0x1e, r6, 0x8, &(0x7f0000000340)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000380)={0x0, 0x8, 0x0, 0x6}, 0x10, r7, r1, 0x0, &(0x7f0000000740)=[r0, r1, r0], 0x0, 0x10, 0x4}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
getresuid(&(0x7f00000008c0), &(0x7f0000000900), &(0x7f0000000940))
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000006c0)={{{@in6=@empty, @in=@local}}, {{@in6=@loopback}, 0x0, @in6=@ipv4={""/10, ""/2, @local}}}, &(0x7f0000000080)=0x6b)
lstat(&(0x7f0000000980)='./file0\x00', &(0x7f0000000b00))
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000d40)={{{@in=@empty, @in6=@ipv4={""/10, ""/2, @remote}}}, {{@in6=@private1}, 0x0, @in6=@dev}}, &(0x7f0000000880)=0xe8)
stat(&(0x7f0000000c80)='./file0\x00', &(0x7f0000000cc0))

1.616792665s ago: executing program 7 (id=4439):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000180)="0b030a124f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)

1.512315446s ago: executing program 7 (id=4441):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x113a0, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e17aa31070000007ea60864160af365da8fb21a38001d00f07251ca60bc24eab556a71a251e6182949a3651f60a84c910d5938037e786a6d0bdd7fcf50e4509985300782c37ba90adcd1500000080bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f000008}, 0x4800)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000007cc500000000000000000000000000000000000000000020000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x4}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x4, &(0x7f0000000180)=0x4, 0x4)
rt_sigqueueinfo(0x0, 0x6, &(0x7f0000000080)={0x13, 0x5, 0x28})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = mq_open(&(0x7f000084dff0)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd', 0x6e93ebbbcc0884f2, 0x9a, &(0x7f0000000300)={0x800000, 0x1, 0x84})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r4, &(0x7f00000003c0)=""/214, 0xd6, 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0x63e4b27f, 0x8001, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000100)={'team_slave_0\x00', {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}})
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./bus\x00', 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000600000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000000000950000000000000098b04c4d7da3c1e9b18c254c411a893ebde566b02594bb86b6183003cd1d5a53b0fbbdbee37feb7e607c1bfd4012a1356831642da6648e0ef6955cff6ea3e4c810fed90484b6ecd2b86444ee8ee512f5dbbb59fcffc5d2ab3755dbd06451d853980fb1409a0cbdc84bacdf99f9159378fcfec18abe16b36caa0877b9275b480f48ffc752d78cc424068a5bbf"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.474842536s ago: executing program 1 (id=4442):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x4044851, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x7c}}, 0x20004004)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="a1a30000000000000000320000400800170156000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a0b0400000000000000000200000148000480240001800b000100736f636b65740000140002800800024000000003080001400000000220000180080001006e61740014000280080005401100000308000140000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x9c}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaa0020000000080800490000380000000000069078ac1e0001ac14140d8307d7e00000028606fffffffd00000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="36ed4dc5a91df264"], 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000040000000100000080000000", @ANYRES32, @ANYBLOB="00000000000000001000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x1b)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000f80)={0x0, 0xfffffffffffffffd, &(0x7f0000000e00), &(0x7f0000000e80), 0x4, r4}, 0x38)
write$cgroup_pid(r3, &(0x7f0000000380), 0x12)
open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f0000000500)={[{@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@nodiscard}, {@nouser_xattr}, {@jqfmt_vfsold}, {}, {@nobarrier}], [{@smackfsroot={'smackfsroot', 0x3d, '\x92\\},:'}}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r5 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[], 0x6c}}, 0x48c1)
r6 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
fsmount(r6, 0x1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b)
ftruncate(0xffffffffffffffff, 0x6)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000300), 0xc, &(0x7f00000003c0)={&(0x7f0000000580)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
socket$inet6(0xa, 0x80002, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x130}, 0x1, 0x0, 0x0, 0x400d4}, 0x80)

1.404976958s ago: executing program 6 (id=4443):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@abort}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000940)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, 0x0)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) (fail_nth: 1)

1.040733133s ago: executing program 5 (id=4444):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

941.969755ms ago: executing program 5 (id=4446):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})

857.046196ms ago: executing program 1 (id=4447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

856.753386ms ago: executing program 6 (id=4448):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = syz_open_procfs(0x0, &(0x7f0000000200)='attr\x00')
getdents64(r3, &(0x7f0000002f40)=""/4098, 0x1002)

856.349846ms ago: executing program 6 (id=4449):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)

805.327457ms ago: executing program 7 (id=4450):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)

804.833547ms ago: executing program 6 (id=4451):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'vcan0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000180)="0b030a124f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)

793.492637ms ago: executing program 1 (id=4452):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
socketpair(0x28, 0x2, 0x28, &(0x7f0000000040))
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}], 0x10)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4)
recvmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES32=r0], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0)
close(r3)
sendmsg$inet(r4, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})

790.324748ms ago: executing program 5 (id=4453):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4000)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$P9_RGETLOCK(r3, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(0x0, 0x84000)
tee(r2, 0xffffffffffffffff, 0xfffffffffffffc01, 0x0)
tee(r2, 0xffffffffffffffff, 0x60000000000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)

724.587018ms ago: executing program 5 (id=4454):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="ff2dd8bf6e5afd525cf2dd013b6a294d8ee05a2399f62a35be59d23d88b1054f94ed8145b50d53aa4d22a8bfa40a71a725421b8c42be403d0e0e0f8e89039d4bb878e648d1e1d83d74a7f7b96c0e3cc84f2ad2d7a324d7b69e522519822790ef809e9bd77b1272b9d15d62240aaf3d309c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000280)={@private0, <r2=>0x0}, &(0x7f00000002c0)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f00000005c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x5}, 0x94)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x4f8, 0x3d0, 0x0, 0x4a0, 0x2d8, 0x4a0, 0x588, 0x588, 0x588, 0x588, 0x588, 0x6, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private0, [], [0xffffff00, 0x0, 0x0, 0x1f9814788dbf7ab2], 'veth1\x00', 'syz_tun\x00'}, 0x11e, 0xa8, 0xd0, 0x1f000000, {0x0, 0x7}}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x1}}}, {{@ipv6={@loopback, @dev, [], [], 'batadv_slave_0\x00', 'ip6gretap0\x00', {}, {}, 0x2b, 0x0, 0x1}, 0x0, 0xa8, 0xd0, 0x7400}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x68}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@mcast2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x558)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000008c0)={0x84, @private=0xa010102, 0x4e22, 0x1, 'lblcr\x00', 0x0, 0x10000, 0x100000}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x200000001, 'ovf\x00', 0x0, 0x821, 0x2000}, 0x2c)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
socket(0x10, 0x803, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r4, 0x400, 0x1)
fremovexattr(r4, &(0x7f0000000040)=@known='security.selinux\x00')
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000200)={0x9, 0x3, 0x8000})
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/pm_print_times', 0x400000, 0xac)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000003c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8, &(0x7f0000000400)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0x9d, &(0x7f0000000500)=[{}, {}], 0x10, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x34, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000ca0f00000000ed000900000085100000faffffffb1f88000f4ffffff9500000000000000"], &(0x7f0000000180)='GPL\x00', 0x7f, 0xc, &(0x7f0000000200)=""/12, 0x41000, 0x20, '\x00', r2, @fallback=0x1e, r7, 0x8, &(0x7f0000000340)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000380)={0x0, 0x8, 0x0, 0x6}, 0x10, r8, r1, 0x0, &(0x7f0000000740)=[r0, r1, r0], 0x0, 0x10, 0x4}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
getresuid(&(0x7f00000008c0), &(0x7f0000000900), &(0x7f0000000940))
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000006c0)={{{@in6=@empty, @in=@local}}, {{@in6=@loopback}, 0x0, @in6=@ipv4={""/10, ""/2, @local}}}, &(0x7f0000000080)=0x6b)
lstat(&(0x7f0000000980)='./file0\x00', &(0x7f0000000b00))
getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000d40)={{{@in=@empty, @in6=@ipv4={""/10, ""/2, @remote}}}, {{@in6=@private1}, 0x0, @in6=@dev}}, &(0x7f0000000880)=0xe8)
stat(&(0x7f0000000c80)='./file0\x00', &(0x7f0000000cc0))

709.283378ms ago: executing program 7 (id=4455):
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

703.233909ms ago: executing program 6 (id=4456):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00'}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

685.242299ms ago: executing program 0 (id=4457):
r0 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")

642.262219ms ago: executing program 6 (id=4458):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0xf)
r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000b80), 0x2, 0x0)
write$selinux_access(r1, &(0x7f0000000380)={'system_u:object_r:system_dbusd_var_run_t:s0', 0x20, '/usr/sbin/ntpd', 0x20, 0x5}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='kfree\x00', r2, 0x0, 0x2000000000}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r4}, 0x10)
r5 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x41980100, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x8600, 0x0)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
r7 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
request_key(0x0, 0x0, 0x0, r7)
syz_open_dev$usbfs(0x0, 0x72, 0x101301)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xb62ca000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r5, 0xb, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000190a0102"], 0x14}}, 0x0)

564.403631ms ago: executing program 0 (id=4459):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='afs_make_fs_call\x00', r0}, 0x18)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x4000, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2ab, &(0x7f0000000a80)="$eJzs3b1rLFUUAPAzyX6pxW5hJYIDWlg9Xl5rs0HyILiVsoVa6MP3Hkh2ERII+IFrKlsbS/8CQbDzn7CxsBdsBTtTBEZmZya7ibObTHATP36/Jjd3zrn3zOQmYYs9+/6L04PHaTw9+eyX6PWS2BrGME6TGMRWVL6IC4ZfBQDwb3aaZfF7VmiSl0REb3NlAQAb1Pj///cbLwkA2LC33n7njd3RaO/NNO3Fw+mXx+P8lX3+tbi++zQ+jEk8ifvRj7OI7Fwxfphl2ayV5gbxynR2PM4zp+/9WK6/+1vEPH8n+jGYT13M3x/t7aSFpfxZXsez5f7DPP9B9OP5mv33R3sPavJj3IlXX16q/17046cP4qOYxON5EYv8z3fS9PXs6z8+fTcvL89PZsfj7jxuIdu+5R8NAAAAAAAAAAAAAAAAAAAAAAD/YffK3jndmPfvyafK/jvbZ/k37Ugrg4v9eYr8pFroUn+gWRbfVP117qdpmpWBi/xWvNCK1t3cNQAAAAAAAAAAAAAAAAAAAPyzHH38ycGjyeTJ4d8yqLoBVG/rv+k6w6WZl6ImZhDnM93FllvltmtWju0qJolYW0a+YqPi21fvvmLwzKqsb79r+uh6V8e0b1Bhw0F1ug4eJfXPsBvVTK86JD8sx3Timnt1Vl3KGh2/Tu2lfuN77zw3H8zWxESyrrDXfi2eXDmTXL6Lzvyp1qa3y0Hxu1B3Nhqd57/+rUh06wAAAAAAAAAAAAAAAAAAgI1avOm35uLJiqSf94sP+Y/BhqsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNux+Pz/BoNZmXyN4E4cHt3xLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/8GcAAAD//wrtYeE=")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=@newqdisc={0x88, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x42, [0x5, 0xb, 0x1, 0x4, 0xc, 0xb, 0x6, 0xc, 0x2, 0x1, 0xe, 0x5, 0x4, 0x10, 0x0, 0x8], 0x1, [0x4, 0x7, 0x1, 0x0, 0x8e, 0xd, 0x8, 0x1, 0x100, 0x2, 0x6, 0x3, 0x7, 0x1ff, 0x8, 0x6c2c], [0x6da, 0x0, 0x4, 0x2, 0x2, 0x40, 0x4009, 0x4, 0x9, 0x97d, 0x9, 0x4, 0x7, 0x80, 0x3, 0x7]}}}}]}, 0x88}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x46242, 0x0)
ioctl$TUNGETFEATURES(r5, 0x800454cf, &(0x7f0000000080))
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
ioctl$USBDEVFS_ALLOW_SUSPEND(r6, 0x5522)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000540), 0x84)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0)={0x0, <r8=>0x0}, &(0x7f0000000300)=0xc)
lstat(&(0x7f0000000340)='./file1\x00', &(0x7f00000008c0))
getuid()
lstat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000440))
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./file1\x00', &(0x7f0000000500), 0x100)
getresuid(&(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
getgroups(0x1, &(0x7f0000000640)=[0xee00])
socket(0x10, 0x3, 0x0)
setregid(0xffffffffffffffff, 0x0)
setregid(0x0, 0x0)
mount$9p_tcp(&(0x7f0000000280), &(0x7f0000000740)='./file1\x00', &(0x7f0000000780), 0x28001, &(0x7f00000007c0)={'trans=tcp,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@access_uid={'access', 0x3d, r8}}, {@afid={'afid', 0x3d, 0xfffffffffffff095}}], [{@subj_user={'subj_user', 0x3d, 'memory.events\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, 'syzkaller\x00'}}, {@smackfshat={'smackfshat', 0x3d, 'memory.events\x00'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@context={'context', 0x3d, 'system_u'}}, {@dont_hash}]}})
getgid()
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000680), &(0x7f00000006c0)=0xc)
getgroups(0x4, &(0x7f0000000700)=[0x0, 0xee01, 0x0, 0xee01])

507.951841ms ago: executing program 7 (id=4460):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = syz_open_procfs(0x0, &(0x7f0000000200)='attr\x00')
getdents64(r3, &(0x7f0000002f40)=""/4098, 0x1002)

336.260885ms ago: executing program 7 (id=4461):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x113a0, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e17aa31070000007ea60864160af365da8fb21a38001d00f07251ca60bc24eab556a71a251e6182949a3651f60a84c910d5938037e786a6d0bdd7fcf50e4509985300782c37ba90adcd1500000080bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f000008}, 0x4800)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000007cc500000000000000000000000000000000000000000020000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x4}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x4, &(0x7f0000000180)=0x4, 0x4)
rt_sigqueueinfo(0x0, 0x6, &(0x7f0000000080)={0x13, 0x5, 0x28})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r5 = mq_open(&(0x7f000084dff0)='\xa1sxt\x1a\x00\x00\x00\x00\x00\x00\x00\x01\x88\xbdd', 0x6e93ebbbcc0884f2, 0x9a, &(0x7f0000000300)={0x800000, 0x1, 0x84})
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r5, &(0x7f00000003c0)=""/214, 0xd6, 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0x63e4b27f, 0x8001, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000100)={'team_slave_0\x00', {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}})
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000600000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000000000950000000000000098b04c4d7da3c1e9b18c254c411a893ebde566b02594bb86b6183003cd1d5a53b0fbbdbee37feb7e607c1bfd4012a1356831642da6648e0ef6955cff6ea3e4c810fed90484b6ecd2b86444ee8ee512f5dbbb59fcffc5d2ab3755dbd06451d853980fb1409a0cbdc84bacdf99f9159378fcfec18abe16b36caa0877b9275b480f48ffc752d78cc424068a5bbf"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

264.985046ms ago: executing program 0 (id=4462):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f00000006000240000000002400"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

205.097116ms ago: executing program 0 (id=4463):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})

56.651739ms ago: executing program 0 (id=4464):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4000)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$P9_RGETLOCK(r3, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(0x0, 0x84000)
tee(r2, 0xffffffffffffffff, 0xfffffffffffffc01, 0x0)
tee(r2, 0xffffffffffffffff, 0x60000000000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)

0s ago: executing program 0 (id=4465):
r0 = socket$kcm(0x2, 0xa, 0x2)
socket$kcm(0x2, 0xa, 0x73)
socket$packet(0x11, 0xa, 0x300)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
shutdown(r0, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x35)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000280)=@raw={'raw\x00', 0x3c1, 0x3, 0xb50, 0x0, 0xc8, 0x8, 0x920, 0x5803, 0xa80, 0x2e8, 0x2e8, 0xa80, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast1, [], [0x0, 0x0, 0xff000000], 'vlan0\x00', 'geneve1\x00', {}, {0xff}}, 0x0, 0x8b0, 0x920, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x5, 0x3}, {0x10}, {0x6f0e7d3d, 0x1}, {0x1, 0x3}, {0x9}, {0xb, 0x1}, {0x7fffffff, 0x1}, {0x7, 0x2}, {0x1, 0x2}, {0x4, 0x51495059c89c080}, {0x8}], [{0x60, 0x5}, {0x9, 0x3}, {0x800, 0x9d78}, {0x6, 0x81}, {0x5, 0x7}, {0x80000, 0x10001}, {0x2, 0x5}, {0xd, 0xfffffffd}, {0x6, 0x800}, {0x4, 0xf}, {0x80, 0xffff}], 0x2, 0x7}, {[{0x7ec5}, {0x6, 0x2}, {0xe0000, 0x2}, {0x1, 0x2}, {0xfffffffd, 0x1}, {0x8000, 0x2}, {0x200, 0x1}, {0x7, 0x2}, {0x7}, {0x4, 0x3}, {0x8, 0x3}], [{0x7, 0x9}, {0x3, 0x4}, {0x2, 0x7}, {0x7fbb, 0x1ff}, {0x2, 0x7}, {0x5, 0x100}, {0x2a, 0x101}, {0x8, 0x6}, {0x1000, 0xfffffd46}, {0x91f, 0x3ff}, {0xc, 0x3}], 0xb, 0xa}, {[{0x7, 0x2}, {0x7}, {0x80000001, 0x1}, {0xafa, 0x1}, {0x3}, {0xfffffff8, 0x3}, {0x85, 0x2}, {0xa4b, 0x2}, {0x3, 0x2}, {0xfffff7f0, 0x1}, {0x100}], [{0xb866, 0x42}, {0x200, 0xffffffff}, {0x5, 0x3}, {0x5, 0x400}, {0xf062, 0x2}, {0x80e8, 0x100}, {0xe, 0x9}, {0x7, 0x1}, {0x2, 0x4}, {0x9, 0x80000000}, {0xe1a, 0x3}], 0x2, 0x8}, {[{0x5, 0x1}, {0xcfd, 0x1}, {0x7, 0x1}, {0x3, 0x1}, {0xfffff000}, {0x100, 0x3}, {0x9dc, 0x1}, {0x1, 0x2}, {0x6, 0x2}, {0x2, 0x3}, {0x2}], [{0x9, 0x5}, {0x0, 0x36}, {0x5, 0x3}, {0xfffffff9, 0x7}, {0x7, 0x200}, {0xf91, 0x2}, {0x3ff, 0x8}, {0x9, 0xe}, {0x8, 0x8000006}, {0xf, 0x442b}, {0x9, 0xe1f3}], 0x4, 0xb}, {[{0xe0, 0x2}, {0x1, 0x3}, {0x200, 0x1}, {0xb7b, 0x24ad23d8db3ef6a8}, {0x1, 0x2}, {0x1, 0x1}, {0x2a4a}, {0x101}, {0x3, 0x3}, {0x5, 0x1}, {0x9, 0x1}], [{0x8001, 0x10000}, {0x3, 0xb}, {0x2, 0x1}, {0x5, 0xc}, {0x4, 0xd23c}, {0x7, 0x1}, {0xeb9, 0xa3d0}, {0x6}, {0xfffffffc, 0x2}, {0x9, 0xb6}, {0x7, 0x80000001}], 0x4, 0xb}, {[{0x8, 0x1}, {0x5, 0x3}, {0x100}, {0x5, 0x1}, {0x0, 0x2}, {0x4, 0x3}, {}, {0x1, 0x2}, {0x101, 0x2}, {0x4, 0x3}, {0x81, 0x1}], [{0xfffffffd, 0x6}, {0x9, 0x7}, {0x3e8a2173, 0x6}, {0x5, 0x6}, {0x1, 0x8}, {0x8, 0x5}, {0x9, 0x2}, {0x50bf}, {0x6, 0x3}, {0x1, 0xfffffff7}, {0x2, 0x80000001}], 0x7, 0x1}, {[{0x4, 0x2}, {0x401, 0x3}, {0x5, 0x3}, {0x8, 0x2}, {0x934, 0x1}, {0x3}, {0x531, 0x2}, {0x9, 0x1}, {0x3}, {0x75ae, 0x3}, {0x1}], [{0x10, 0x1a}, {0x5}, {0x20000, 0x8001}, {0xfffffff7, 0x8}, {0x80000001, 0x2}, {0xb30d, 0x2}, {0x0, 0x7fffffff}, {0x80, 0x5}, {0xa, 0x8}, {0xee, 0xa}, {0x24c3, 0x437}], 0xb, 0x1}, {[{0x2, 0x1}, {0x9, 0x1}, {}, {0x5, 0x2}, {0xc00}, {0x10001, 0x1}, {0x7f, 0x1}, {0x9, 0x3}, {0x30, 0x1}, {0x5, 0x3}, {0xd}], [{0x7, 0x80000000}, {0x400, 0x3}, {0x9, 0x4}, {0x1, 0x9}, {}, {0x1ff, 0xfc}, {0xfd}, {0x5, 0x3}, {0x10001, 0x77}, {0x8, 0xb80}, {0x8, 0x800001ff}], 0xa, 0x1}, {[{0x8}, {0xfffffbff}, {0x401}, {0xff, 0x2}, {0xe, 0x2}, {0x9, 0x2}, {0x5, 0x1}, {0x0, 0x1}, {0x1}, {0x509}, {0x9, 0x3}], [{0x8, 0x4}, {0x9, 0x87}, {0x8, 0x4ade}, {0xfff, 0x4}, {0xa2c, 0x4}, {0x6, 0x6b}, {0x5, 0x5}, {0x7, 0xd76}, {0x2, 0x8}, {0x2ea, 0x9}, {0x5, 0x5}], 0x4, 0x3}, {[{0x8001, 0x1}, {0x3, 0x1}, {0x5, 0x2}, {0x5}, {0x8}, {0xc}, {0x2, 0x2}, {0xffff0001, 0x2}, {0x6, 0x3}, {0xe91}, {0x80000001, 0x3}], [{0x1, 0x81}, {0x9, 0x7}, {0x3, 0x7}, {0x401, 0xec}, {0x10001}, {0x1, 0x2}, {0x70, 0x9}, {0xc6, 0x1000}, {0x7ff, 0x708}, {0x7, 0x5}, {0x2, 0x10000}], 0xb, 0x1}, {[{0x8}, {0x4, 0x1}, {0x7}, {0x6, 0x3}, {0x4}, {0xcc, 0x2}, {0xb, 0x2}, {0x4, 0x1}, {0xfffffffb, 0x3}, {0x1, 0x3}, {0x6, 0x2}], [{0x63e2df8a, 0x6}, {0x5, 0x2}, {0x2, 0x401}, {0xff, 0x8008}, {0x5, 0x5f}, {0x7d, 0xa14}, {0x0, 0x5}, {0x3, 0x372}, {0xb, 0x6}, {0x0, 0xcaf}, {0x5, 0x4}], 0x4, 0xa}], 0x8}}, @common=@inet=@dscp={{0x28}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x401, 0xfff7, 0x8, 0x1, 0x0, "f4f373d196b068477bf1c55ee0269727152a61d42288bffba02c5f4813ee70966ec57a6905fc9dfc91200cc4815d73bc49557566701e806a1b11633df8e77785"}}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xbb0)
r3 = creat(&(0x7f0000000080)='./bus\x00', 0xf9)
fsetxattr$system_posix_acl(r3, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0x7fff}}, './bus/file0\x00'})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000f00)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x38ac94f06714b017, 0x6, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

8/0x140
[  297.370375][T15856]  dump_stack+0x15/0x1b
[  297.370391][T15856]  should_fail_ex+0x265/0x280
[  297.370426][T15856]  should_failslab+0x8c/0xb0
[  297.370516][T15856]  kmem_cache_alloc_noprof+0x50/0x310
[  297.370552][T15856]  ? dup_fd+0x3a/0x540
[  297.370594][T15856]  dup_fd+0x3a/0x540
[  297.370624][T15856]  ? _raw_spin_unlock+0x26/0x50
[  297.370657][T15856]  ksys_unshare+0x346/0x6d0
[  297.370717][T15856]  ? ksys_write+0x192/0x1a0
[  297.370755][T15856]  __x64_sys_unshare+0x1f/0x30
[  297.370792][T15856]  x64_sys_call+0x2d4b/0x2fb0
[  297.370841][T15856]  do_syscall_64+0xd2/0x200
[  297.370864][T15856]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  297.370897][T15856]  ? clear_bhb_loop+0x40/0x90
[  297.370986][T15856]  ? clear_bhb_loop+0x40/0x90
[  297.371015][T15856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.371043][T15856] RIP: 0033:0x7f17867ae929
[  297.371062][T15856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.371083][T15856] RSP: 002b:00007f1784df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  297.371117][T15856] RAX: ffffffffffffffda RBX: 00007f17869d6080 RCX: 00007f17867ae929
[  297.371161][T15856] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000600
[  297.371177][T15856] RBP: 00007f1784df6090 R08: 0000000000000000 R09: 0000000000000000
[  297.371193][T15856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.371208][T15856] R13: 0000000000000000 R14: 00007f17869d6080 R15: 00007ffd7aa1b088
[  297.371232][T15856]  </TASK>
[  297.597192][T15858] loop5: detected capacity change from 0 to 128
[  297.630106][T15861] random: crng reseeded on system resumption
[  297.668483][T15858] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  297.678731][T15858] FAT-fs (loop5): Filesystem has been set read-only
[  297.702320][T15858] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  297.712221][T15858] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  297.980377][T15878] vhci_hcd: invalid port number 96
[  297.985541][T15878] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  298.166135][T15884] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3920'.
[  298.380589][T15858] bio_check_eod: 4493 callbacks suppressed
[  298.380629][T15858] syz.5.3911: attempt to access beyond end of device
[  298.380629][T15858] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  298.400627][T15858] syz.5.3911: attempt to access beyond end of device
[  298.400627][T15858] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  298.415346][T15858] syz.5.3911: attempt to access beyond end of device
[  298.415346][T15858] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  298.525370][T15897] random: crng reseeded on system resumption
[  298.676972][T15908] FAULT_INJECTION: forcing a failure.
[  298.676972][T15908] name failslab, interval 1, probability 0, space 0, times 0
[  298.689787][T15908] CPU: 0 UID: 0 PID: 15908 Comm: syz.1.3928 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  298.689824][T15908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.689843][T15908] Call Trace:
[  298.689852][T15908]  <TASK>
[  298.689862][T15908]  __dump_stack+0x1d/0x30
[  298.689898][T15908]  dump_stack_lvl+0xe8/0x140
[  298.689917][T15908]  dump_stack+0x15/0x1b
[  298.690023][T15908]  should_fail_ex+0x265/0x280
[  298.690062][T15908]  ? audit_log_d_path+0x8d/0x150
[  298.690142][T15908]  should_failslab+0x8c/0xb0
[  298.690172][T15908]  __kmalloc_cache_noprof+0x4c/0x320
[  298.690275][T15908]  audit_log_d_path+0x8d/0x150
[  298.690316][T15908]  audit_log_d_path_exe+0x42/0x70
[  298.690383][T15908]  audit_log_task+0x1e9/0x250
[  298.690436][T15908]  audit_seccomp+0x61/0x100
[  298.690519][T15908]  ? __seccomp_filter+0x68c/0x10d0
[  298.690637][T15908]  __seccomp_filter+0x69d/0x10d0
[  298.690682][T15908]  ? selinux_syslog+0xed/0x100
[  298.690719][T15908]  ? do_syslog+0x25d/0x7e0
[  298.690823][T15908]  __secure_computing+0x82/0x150
[  298.690851][T15908]  syscall_trace_enter+0xcf/0x1e0
[  298.690883][T15908]  do_syscall_64+0xac/0x200
[  298.690944][T15908]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  298.690969][T15908]  ? clear_bhb_loop+0x40/0x90
[  298.691048][T15908]  ? clear_bhb_loop+0x40/0x90
[  298.691073][T15908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.691096][T15908] RIP: 0033:0x7f518b21d33c
[  298.691112][T15908] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  298.691131][T15908] RSP: 002b:00007f5189887030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  298.691185][T15908] RAX: ffffffffffffffda RBX: 00007f518b445fa0 RCX: 00007f518b21d33c
[  298.691217][T15908] RDX: 000000000000000f RSI: 00007f51898870a0 RDI: 0000000000000005
[  298.691229][T15908] RBP: 00007f5189887090 R08: 0000000000000000 R09: 0000000000000000
[  298.691241][T15908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  298.691326][T15908] R13: 0000000000000000 R14: 00007f518b445fa0 R15: 00007fffb4774448
[  298.691345][T15908]  </TASK>
[  298.948471][T15901] lo speed is unknown, defaulting to 1000
[  298.958186][T15915] FAULT_INJECTION: forcing a failure.
[  298.958186][T15915] name failslab, interval 1, probability 0, space 0, times 0
[  298.970900][T15915] CPU: 1 UID: 0 PID: 15915 Comm: syz.1.3930 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  298.970931][T15915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.970944][T15915] Call Trace:
[  298.970951][T15915]  <TASK>
[  298.970959][T15915]  __dump_stack+0x1d/0x30
[  298.971080][T15915]  dump_stack_lvl+0xe8/0x140
[  298.971140][T15915]  dump_stack+0x15/0x1b
[  298.971172][T15915]  should_fail_ex+0x265/0x280
[  298.971212][T15915]  ? nf_tables_newtable+0x375/0xea0
[  298.971250][T15915]  should_failslab+0x8c/0xb0
[  298.971280][T15915]  __kmalloc_cache_noprof+0x4c/0x320
[  298.971372][T15915]  ? __nla_validate_parse+0x1652/0x1d00
[  298.971393][T15915]  nf_tables_newtable+0x375/0xea0
[  298.971442][T15915]  nfnetlink_rcv+0xb96/0x1690
[  298.971501][T15915]  netlink_unicast+0x59e/0x670
[  298.971592][T15915]  netlink_sendmsg+0x58b/0x6b0
[  298.971688][T15915]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.971762][T15915]  __sock_sendmsg+0x145/0x180
[  298.971789][T15915]  ____sys_sendmsg+0x31e/0x4e0
[  298.971835][T15915]  ___sys_sendmsg+0x17b/0x1d0
[  298.971885][T15915]  __x64_sys_sendmsg+0xd4/0x160
[  298.971970][T15915]  x64_sys_call+0x2999/0x2fb0
[  298.971996][T15915]  do_syscall_64+0xd2/0x200
[  298.972020][T15915]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  298.972085][T15915]  ? clear_bhb_loop+0x40/0x90
[  298.972116][T15915]  ? clear_bhb_loop+0x40/0x90
[  298.972173][T15915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.972202][T15915] RIP: 0033:0x7f518b21e929
[  298.972221][T15915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.972242][T15915] RSP: 002b:00007f5189887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  298.972260][T15915] RAX: ffffffffffffffda RBX: 00007f518b445fa0 RCX: 00007f518b21e929
[  298.972333][T15915] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[  298.972349][T15915] RBP: 00007f5189887090 R08: 0000000000000000 R09: 0000000000000000
[  298.972365][T15915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.972451][T15915] R13: 0000000000000000 R14: 00007f518b445fa0 R15: 00007fffb4774448
[  298.972475][T15915]  </TASK>
[  299.201502][T15917] netlink: 'syz.1.3931': attribute type 1 has an invalid length.
[  299.306653][T15926] random: crng reseeded on system resumption
[  299.331261][T15928] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3936'.
[  299.340180][T15928] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3936'.
[  299.349120][T15929] vhci_hcd: invalid port number 96
[  299.349135][T15929] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  299.354275][T15928] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3936'.
[  299.435633][T15936] loop5: detected capacity change from 0 to 512
[  299.442736][T15936] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  299.454353][T15936] EXT4-fs (loop5): 1 truncate cleaned up
[  299.460785][T15936] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.474309][T15936] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.560874][T15944] netlink: 'syz.5.3941': attribute type 29 has an invalid length.
[  299.568729][T15944] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3941'.
[  299.617828][T15944] loop5: detected capacity change from 0 to 8192
[  299.624516][T15945] loop3: detected capacity change from 0 to 1024
[  299.662045][T15945] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.691895][T15945] vhci_hcd: invalid port number 96
[  299.697081][T15945] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  299.738127][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.892363][T15956] loop3: detected capacity change from 0 to 1024
[  299.902355][T15956] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.978529][T15956] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3945: Allocating blocks 497-513 which overlap fs metadata
[  300.037248][T15955] EXT4-fs (loop3): pa ffff88810a04caf0: logic 128, phys. 273, len 15
[  300.045494][T15955] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  300.066205][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.161943][   T29] kauditd_printk_skb: 255 callbacks suppressed
[  300.161962][   T29] audit: type=1326 audit(1751185237.268:42013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15967 comm="syz.0.3948" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c5d4de929 code=0x0
[  300.191795][   T29] audit: type=1326 audit(1751185237.268:42014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f17867a58e7 code=0x7ffc0000
[  300.215358][   T29] audit: type=1326 audit(1751185237.268:42015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f178674ab19 code=0x7ffc0000
[  300.238895][   T29] audit: type=1326 audit(1751185237.268:42016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  300.262794][   T29] audit: type=1326 audit(1751185237.268:42017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f17867a58e7 code=0x7ffc0000
[  300.286641][   T29] audit: type=1326 audit(1751185237.268:42018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f178674ab19 code=0x7ffc0000
[  300.310242][   T29] audit: type=1326 audit(1751185237.268:42019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  300.334119][   T29] audit: type=1326 audit(1751185237.268:42020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f17867a58e7 code=0x7ffc0000
[  300.357707][   T29] audit: type=1326 audit(1751185237.268:42021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f178674ab19 code=0x7ffc0000
[  300.381240][   T29] audit: type=1326 audit(1751185237.268:42022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.3.3946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  300.410647][T15971] SELinux:  Context system_u:object_r:su_exec_t:s0 is not valid (left unmapped).
[  300.421604][T15971] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3949'.
[  300.678208][T15977] netlink: 'syz.5.3951': attribute type 39 has an invalid length.
[  300.865627][T15979] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.923900][T15979] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.951317][T15983] Invalid ELF header magic: != ELF
[  300.983608][T15979] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.011585][T15984] loop3: detected capacity change from 0 to 512
[  301.018298][T15984] EXT4-fs: Ignoring removed nomblk_io_submit option
[  301.025263][T15984] EXT4-fs: Ignoring removed mblk_io_submit option
[  301.033348][T15984] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  301.041473][T15984] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  301.042732][T15979] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.050444][T15984] EXT4-fs (loop3): 1 truncate cleaned up
[  301.067386][T15984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.102823][T15984] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  301.124117][T15991] vhci_hcd: invalid port number 96
[  301.129283][T15991] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  301.144755][T15979] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.157042][T15979] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.168997][T15979] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.181532][T15979] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.187175][T15995] random: crng reseeded on system resumption
[  301.374703][T16006] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3961'.
[  301.383696][T16006] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3961'.
[  301.520253][T16016] vhci_hcd: invalid port number 96
[  301.525550][T16016] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  301.533152][T16015] vhci_hcd: invalid port number 96
[  301.538390][T16015] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  301.579807][T16022] random: crng reseeded on system resumption
[  301.693106][T16029] vhci_hcd: invalid port number 96
[  301.698261][T16029] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  301.728753][T16032] netlink: 'syz.1.3973': attribute type 39 has an invalid length.
[  301.785989][T16038] netlink: 5 bytes leftover after parsing attributes in process `syz.1.3975'.
[  301.795037][T16038] netlink: 5 bytes leftover after parsing attributes in process `syz.1.3975'.
[  301.829813][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.898785][T16045] vhci_hcd: invalid port number 96
[  301.904312][T16045] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  301.935647][T16046] loop3: detected capacity change from 0 to 128
[  301.962217][T16046] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  301.970559][T16046] FAT-fs (loop3): Filesystem has been set read-only
[  301.977777][T16046] syz.3.3977: attempt to access beyond end of device
[  301.977777][T16046] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  301.993341][T16046] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  302.001721][T16046] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  302.011038][T16046] syz.3.3977: attempt to access beyond end of device
[  302.011038][T16046] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  302.028698][T16046] syz.3.3977: attempt to access beyond end of device
[  302.028698][T16046] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  302.043632][T16046] syz.3.3977: attempt to access beyond end of device
[  302.043632][T16046] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  302.057994][T16046] syz.3.3977: attempt to access beyond end of device
[  302.057994][T16046] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  302.072618][T16046] syz.3.3977: attempt to access beyond end of device
[  302.072618][T16046] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  302.088037][T16046] syz.3.3977: attempt to access beyond end of device
[  302.088037][T16046] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  302.109225][T16054] FAULT_INJECTION: forcing a failure.
[  302.109225][T16054] name failslab, interval 1, probability 0, space 0, times 0
[  302.122048][T16054] CPU: 1 UID: 0 PID: 16054 Comm: syz.1.3981 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  302.122096][T16054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.122112][T16054] Call Trace:
[  302.122120][T16054]  <TASK>
[  302.122127][T16054]  __dump_stack+0x1d/0x30
[  302.122182][T16054]  dump_stack_lvl+0xe8/0x140
[  302.122206][T16054]  dump_stack+0x15/0x1b
[  302.122294][T16054]  should_fail_ex+0x265/0x280
[  302.122334][T16054]  should_failslab+0x8c/0xb0
[  302.122356][T16054]  kmem_cache_alloc_node_noprof+0x57/0x320
[  302.122400][T16054]  ? __alloc_skb+0x101/0x320
[  302.122438][T16054]  __alloc_skb+0x101/0x320
[  302.122481][T16054]  netlink_alloc_large_skb+0xba/0xf0
[  302.122519][T16054]  netlink_sendmsg+0x3cf/0x6b0
[  302.122587][T16054]  ? __pfx_netlink_sendmsg+0x10/0x10
[  302.122605][T16054]  __sock_sendmsg+0x145/0x180
[  302.122640][T16054]  ____sys_sendmsg+0x31e/0x4e0
[  302.122678][T16054]  ___sys_sendmsg+0x17b/0x1d0
[  302.122796][T16054]  __x64_sys_sendmsg+0xd4/0x160
[  302.122833][T16054]  x64_sys_call+0x2999/0x2fb0
[  302.122891][T16054]  do_syscall_64+0xd2/0x200
[  302.122953][T16054]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.123024][T16054]  ? clear_bhb_loop+0x40/0x90
[  302.123047][T16054]  ? clear_bhb_loop+0x40/0x90
[  302.123068][T16054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.123128][T16054] RIP: 0033:0x7f518b21e929
[  302.123219][T16054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.123240][T16054] RSP: 002b:00007f5189887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  302.123309][T16054] RAX: ffffffffffffffda RBX: 00007f518b445fa0 RCX: 00007f518b21e929
[  302.123325][T16054] RDX: 00000000040088d4 RSI: 0000200000000180 RDI: 0000000000000007
[  302.123336][T16054] RBP: 00007f5189887090 R08: 0000000000000000 R09: 0000000000000000
[  302.123348][T16054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.123360][T16054] R13: 0000000000000000 R14: 00007f518b445fa0 R15: 00007fffb4774448
[  302.123378][T16054]  </TASK>
[  302.463698][T16061] loop5: detected capacity change from 0 to 1024
[  302.481954][T16061] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.498227][T16061] vhci_hcd: invalid port number 96
[  302.503645][T16061] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  302.534479][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.581925][T16070] netlink: 5 bytes leftover after parsing attributes in process `syz.5.3986'.
[  302.590877][T16070] netlink: 5 bytes leftover after parsing attributes in process `syz.5.3986'.
[  302.639109][T16075] FAULT_INJECTION: forcing a failure.
[  302.639109][T16075] name failslab, interval 1, probability 0, space 0, times 0
[  302.651893][T16075] CPU: 1 UID: 0 PID: 16075 Comm: syz.5.3990 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  302.651946][T16075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.651960][T16075] Call Trace:
[  302.651968][T16075]  <TASK>
[  302.651977][T16075]  __dump_stack+0x1d/0x30
[  302.652087][T16075]  dump_stack_lvl+0xe8/0x140
[  302.652114][T16075]  dump_stack+0x15/0x1b
[  302.652133][T16075]  should_fail_ex+0x265/0x280
[  302.652172][T16075]  should_failslab+0x8c/0xb0
[  302.652222][T16075]  kmem_cache_alloc_noprof+0x50/0x310
[  302.652258][T16075]  ? key_alloc+0x27d/0x9a0
[  302.652422][T16075]  key_alloc+0x27d/0x9a0
[  302.652468][T16075]  keyring_alloc+0x45/0xb0
[  302.652493][T16075]  join_session_keyring+0xe8/0x2a0
[  302.652536][T16075]  lookup_user_key+0x399/0xd10
[  302.652614][T16075]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  302.652662][T16075]  __se_sys_add_key+0x263/0x350
[  302.652699][T16075]  __x64_sys_add_key+0x67/0x80
[  302.652753][T16075]  x64_sys_call+0x1d0d/0x2fb0
[  302.652781][T16075]  do_syscall_64+0xd2/0x200
[  302.652802][T16075]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.652919][T16075]  ? clear_bhb_loop+0x40/0x90
[  302.652949][T16075]  ? clear_bhb_loop+0x40/0x90
[  302.652975][T16075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.653003][T16075] RIP: 0033:0x7fd9de91e929
[  302.653075][T16075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.653099][T16075] RSP: 002b:00007fd9dcf87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  302.653121][T16075] RAX: ffffffffffffffda RBX: 00007fd9deb45fa0 RCX: 00007fd9de91e929
[  302.653137][T16075] RDX: 0000200000000700 RSI: 0000000000000000 RDI: 0000200000000040
[  302.653154][T16075] RBP: 00007fd9dcf87090 R08: fffffffffffffffd R09: 0000000000000000
[  302.653169][T16075] R10: 000000000000004d R11: 0000000000000246 R12: 0000000000000001
[  302.653184][T16075] R13: 0000000000000000 R14: 00007fd9deb45fa0 R15: 00007ffdc6000758
[  302.653267][T16075]  </TASK>
[  302.880781][T16077] vhci_hcd: invalid port number 96
[  302.885970][T16077] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  302.941879][T16083] lo speed is unknown, defaulting to 1000
[  302.979367][T16085] lo speed is unknown, defaulting to 1000
[  302.990011][T16086] loop3: detected capacity change from 0 to 1024
[  303.018025][T16087] netlink: 'syz.5.3994': attribute type 1 has an invalid length.
[  303.025916][T16087] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3994'.
[  303.037553][T16086] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.061219][T16086] vhci_hcd: invalid port number 96
[  303.066420][T16086] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  303.068464][T16083] hub 8-0:1.0: USB hub found
[  303.078315][T16083] hub 8-0:1.0: 8 ports detected
[  303.113863][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.231709][T16101] vhci_hcd: invalid port number 96
[  303.236893][T16101] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  303.272791][T16108] netlink: 'syz.0.4001': attribute type 39 has an invalid length.
[  303.272853][T16109] random: crng reseeded on system resumption
[  303.388567][T16118] loop3: detected capacity change from 0 to 1024
[  303.413383][T16118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.433874][T16118] vhci_hcd: invalid port number 96
[  303.439060][T16118] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  303.474757][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.485753][T16126] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.495292][T16126] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.637006][T16136] vhci_hcd: invalid port number 96
[  303.642223][T16136] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  303.776949][T16146] netlink: 'syz.1.4017': attribute type 29 has an invalid length.
[  303.785066][T16146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4017'.
[  303.822613][T16148] loop3: detected capacity change from 0 to 1024
[  303.832102][T16148] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.844332][T16148] ext4 filesystem being mounted at /214/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  303.886240][T16148] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 16: comm syz.3.4018: path /214/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  303.916701][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.012136][T16156] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4020'.
[  304.021404][T16159] loop3: detected capacity change from 0 to 1024
[  304.032109][T16159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.045933][T16159] vhci_hcd: invalid port number 96
[  304.051125][T16159] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  304.064980][T16163] loop5: detected capacity change from 0 to 512
[  304.072241][T16163] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  304.073429][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.084984][T16163] EXT4-fs (loop5): 1 truncate cleaned up
[  304.097507][T16163] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.111582][T16163] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.139646][T16169] netlink: 'syz.3.4023': attribute type 39 has an invalid length.
[  304.283432][T16189] vhci_hcd: invalid port number 96
[  304.288622][T16189] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  304.408048][T16191] loop5: detected capacity change from 0 to 128
[  304.415014][T16191] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  304.482263][T16203] netlink: 'syz.5.4035': attribute type 39 has an invalid length.
[  304.508624][T16207] netlink: 'syz.5.4038': attribute type 21 has an invalid length.
[  304.566702][T16216] FAULT_INJECTION: forcing a failure.
[  304.566702][T16216] name failslab, interval 1, probability 0, space 0, times 0
[  304.579513][T16216] CPU: 0 UID: 0 PID: 16216 Comm: syz.0.4042 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  304.579608][T16216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.579624][T16216] Call Trace:
[  304.579633][T16216]  <TASK>
[  304.579642][T16216]  __dump_stack+0x1d/0x30
[  304.579669][T16216]  dump_stack_lvl+0xe8/0x140
[  304.579692][T16216]  dump_stack+0x15/0x1b
[  304.579795][T16216]  should_fail_ex+0x265/0x280
[  304.579941][T16216]  should_failslab+0x8c/0xb0
[  304.579970][T16216]  __kvmalloc_node_noprof+0x123/0x4e0
[  304.580007][T16216]  ? __nf_hook_entries_try_shrink+0x260/0x450
[  304.580100][T16216]  __nf_hook_entries_try_shrink+0x260/0x450
[  304.580147][T16216]  __nf_unregister_net_hook+0x2d1/0x3b0
[  304.580190][T16216]  nf_unregister_net_hooks+0xab/0xe0
[  304.580229][T16216]  nf_ct_netns_do_put+0x1c6/0x260
[  304.580324][T16216]  ? __pfx_nft_masq_ipv4_destroy+0x10/0x10
[  304.580369][T16216]  nf_ct_netns_put+0xea/0x1f0
[  304.580441][T16216]  nft_masq_ipv4_destroy+0x22/0x30
[  304.580471][T16216]  __nft_release_table+0x30a/0xa20
[  304.580556][T16216]  nft_rcv_nl_event+0x334/0x3d0
[  304.580603][T16216]  ? __pfx_nft_rcv_nl_event+0x10/0x10
[  304.580698][T16216]  blocking_notifier_call_chain+0x98/0x1f0
[  304.580735][T16216]  netlink_release+0xaa9/0xf20
[  304.580768][T16216]  sock_close+0x68/0x150
[  304.580793][T16216]  ? __pfx_sock_close+0x10/0x10
[  304.580813][T16216]  __fput+0x29b/0x650
[  304.580838][T16216]  fput_close_sync+0x6e/0x120
[  304.580904][T16216]  __x64_sys_close+0x56/0xf0
[  304.580946][T16216]  x64_sys_call+0x2747/0x2fb0
[  304.581036][T16216]  do_syscall_64+0xd2/0x200
[  304.581051][T16216]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  304.581119][T16216]  ? clear_bhb_loop+0x40/0x90
[  304.581146][T16216]  ? clear_bhb_loop+0x40/0x90
[  304.581210][T16216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.581230][T16216] RIP: 0033:0x7f3c5d4de929
[  304.581243][T16216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.581259][T16216] RSP: 002b:00007f3c5bb47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  304.581276][T16216] RAX: ffffffffffffffda RBX: 00007f3c5d705fa0 RCX: 00007f3c5d4de929
[  304.581287][T16216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  304.581371][T16216] RBP: 00007f3c5bb47090 R08: 0000000000000000 R09: 0000000000000000
[  304.581383][T16216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.581394][T16216] R13: 0000000000000000 R14: 00007f3c5d705fa0 R15: 00007ffe6e184e58
[  304.581411][T16216]  </TASK>
[  304.880931][T16223] loop5: detected capacity change from 0 to 512
[  304.887979][T16223] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.894810][T16223] ext4: Unknown parameter 'fowner>00000000000000000000'
[  305.033895][T16234] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  305.156028][T16241] loop3: detected capacity change from 0 to 512
[  305.164673][T16243] netlink: 'syz.1.4053': attribute type 1 has an invalid length.
[  305.164825][T16241] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  305.184363][T16241] EXT4-fs (loop3): 1 truncate cleaned up
[  305.190830][T16241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.211821][T16241] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.299632][T16248] netlink: 'syz.3.4055': attribute type 21 has an invalid length.
[  305.308710][   T29] kauditd_printk_skb: 888 callbacks suppressed
[  305.308727][   T29] audit: type=1326 audit(1751185242.418:42911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16247 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.348670][   T29] audit: type=1326 audit(1751185242.418:42912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16247 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.372340][   T29] audit: type=1326 audit(1751185242.438:42913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16247 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.396049][   T29] audit: type=1326 audit(1751185242.448:42914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16247 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.419819][   T29] audit: type=1326 audit(1751185242.448:42915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16249 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f17867e11e5 code=0x7ffc0000
[  305.443593][   T29] audit: type=1326 audit(1751185242.448:42916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16247 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.467529][   T29] audit: type=1326 audit(1751185242.448:42917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16247 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.491150][   T29] audit: type=1326 audit(1751185242.448:42918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16247 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.514772][   T29] audit: type=1326 audit(1751185242.448:42919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16247 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.565573][   T29] audit: type=1326 audit(1751185242.648:42920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16249 comm="syz.3.4055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f17867ae929 code=0x7ffc0000
[  305.734936][T16267] random: crng reseeded on system resumption
[  305.831696][T16274] netlink: 'syz.1.4067': attribute type 39 has an invalid length.
[  305.881469][T16278] netlink: 'syz.1.4068': attribute type 21 has an invalid length.
[  305.889420][T16278] __nla_validate_parse: 8 callbacks suppressed
[  305.889511][T16278] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4068'.
[  306.189195][T16290] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4071'.
[  306.265690][T16297] netlink: 'syz.1.4073': attribute type 1 has an invalid length.
[  306.450570][T16309] vcan0: entered allmulticast mode
[  306.456095][T16309] vcan0: left allmulticast mode
[  306.463561][T16309] netlink: 'syz.1.4077': attribute type 1 has an invalid length.
[  306.550798][T16312] netlink: 'syz.3.4078': attribute type 39 has an invalid length.
[  306.578602][T16314] loop3: detected capacity change from 0 to 1024
[  306.592417][T16314] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.605425][T16314] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.622726][T16314] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4079'.
[  306.652719][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.743390][T16326] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4084'.
[  307.121491][T16345] netlink: 'syz.5.4090': attribute type 39 has an invalid length.
[  307.271656][T16348] loop5: detected capacity change from 0 to 1024
[  307.282933][T16348] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  307.299237][T16348] vhci_hcd: invalid port number 96
[  307.304510][T16348] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  307.344321][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.541825][T16364] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  307.549284][T16364] batman_adv: batadv0: Removing interface: batadv_slave_0
[  307.557192][T16364] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  307.564644][T16364] batman_adv: batadv0: Removing interface: batadv_slave_1
[  307.593230][T16365] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4097'.
[  307.828010][T16385] loop5: detected capacity change from 0 to 1024
[  307.842304][T16385] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  307.855994][T16385] vhci_hcd: invalid port number 96
[  307.861438][T16385] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  307.878248][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.938425][T16393] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4108'.
[  308.014159][T16402] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4111'.
[  308.023275][T16402] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4111'.
[  308.067691][T16407] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4113'.
[  308.376125][T16420] vhci_hcd: invalid port number 96
[  308.381327][T16420] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  308.414739][T16418] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4118'.
[  308.715133][T16448] syzkaller0: entered allmulticast mode
[  308.724190][T16448] loop3: detected capacity change from 0 to 512
[  308.742344][T16448] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  308.757506][T16448] EXT4-fs (loop3): mount failed
[  308.840822][T16456] random: crng reseeded on system resumption
[  309.000261][T16462] loop5: detected capacity change from 0 to 1024
[  309.022772][T16462] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.043153][T16461] vhci_hcd: invalid port number 96
[  309.048339][T16461] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  309.083517][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.354081][T16467] loop5: detected capacity change from 0 to 1024
[  309.373480][T16467] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.385813][T16467] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.412196][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.496918][T16445] syzkaller0: left allmulticast mode
[  309.523089][T16479] loop3: detected capacity change from 0 to 1024
[  309.531576][T16481] loop5: detected capacity change from 0 to 1024
[  309.545813][T16479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.545862][T16481] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.573480][T16479] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.584109][T16481] vhci_hcd: invalid port number 96
[  309.586647][T16487] validate_nla: 4 callbacks suppressed
[  309.586666][T16487] netlink: 'syz.1.4138': attribute type 21 has an invalid length.
[  309.589291][T16481] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  309.626977][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.638527][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.655619][T16490] loop3: detected capacity change from 0 to 512
[  309.662464][T16490] journal_path: Non-blockdev passed as './bus'
[  309.668663][T16490] EXT4-fs: error: could not find journal device path
[  309.748644][T16499] loop3: detected capacity change from 0 to 512
[  309.782051][T16499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.795101][T16499] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.814123][T16499] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.4143: corrupted xattr block 33: invalid ea_ino
[  309.832126][T16499] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  309.841260][T16499] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.4143: corrupted xattr block 33: invalid ea_ino
[  309.897060][T16499] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  309.907261][T16499] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.4143: corrupted xattr block 33: invalid ea_ino
[  309.956206][T16499] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  310.279317][T16521] program syz.1.4150 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  310.288658][T16499] loop3: detected capacity change from 512 to 0
[  310.335315][T12847] bio_check_eod: 1543 callbacks suppressed
[  310.335334][T12847] syz-executor: attempt to access beyond end of device
[  310.335334][T12847] loop3: rw=12288, sector=12, nr_sectors = 4 limit=0
[  310.362624][ T4731] kworker/u8:53: attempt to access beyond end of device
[  310.362624][ T4731] loop3: rw=524288, sector=136, nr_sectors = 4 limit=0
[  310.376860][ T4731] kworker/u8:53: attempt to access beyond end of device
[  310.376860][ T4731] loop3: rw=524288, sector=144, nr_sectors = 4 limit=0
[  310.390655][ T4731] kworker/u8:53: attempt to access beyond end of device
[  310.390655][ T4731] loop3: rw=12288, sector=140, nr_sectors = 4 limit=0
[  310.404359][ T4731] EXT4-fs error (device loop3): __ext4_get_inode_loc_noinmem:4915: inode #18: block 35: comm kworker/u8:53: unable to read itable block
[  310.418349][ T4731] kworker/u8:53: attempt to access beyond end of device
[  310.418349][ T4731] loop3: rw=145409, sector=0, nr_sectors = 4 limit=0
[  310.432074][ T4731] buffer_io_error: 20406 callbacks suppressed
[  310.432092][ T4731] Buffer I/O error on dev loop3, logical block 0, lost sync page write
[  310.446475][ T4731] EXT4-fs (loop3): I/O error while writing superblock
[  310.453994][T12847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.464113][T12847] syz-executor: attempt to access beyond end of device
[  310.464113][T12847] loop3: rw=145409, sector=0, nr_sectors = 4 limit=0
[  310.477547][T12847] Buffer I/O error on dev loop3, logical block 0, lost sync page write
[  310.485880][T12847] EXT4-fs (loop3): I/O error while writing superblock
[  310.493028][T16501] kmmpd-loop3: attempt to access beyond end of device
[  310.493028][T16501] loop3: rw=14337, sector=48, nr_sectors = 4 limit=0
[  310.506423][T16501] Buffer I/O error on dev loop3, logical block 12, lost sync page write
[  310.612590][T16532] loop5: detected capacity change from 0 to 1024
[  310.624939][T16532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.637320][T16532] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.661781][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.683263][T16526] lo speed is unknown, defaulting to 1000
[  310.724005][   T29] kauditd_printk_skb: 300 callbacks suppressed
[  310.724030][   T29] audit: type=1326 audit(1751185247.670:43220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  310.756586][   T29] audit: type=1326 audit(1751185247.670:43221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  310.784040][   T29] audit: type=1326 audit(1751185247.698:43222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  310.828439][   T29] audit: type=1326 audit(1751185247.755:43223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  310.852126][   T29] audit: type=1326 audit(1751185247.755:43224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  310.875888][   T29] audit: type=1326 audit(1751185247.764:43225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  310.899467][   T29] audit: type=1326 audit(1751185247.764:43226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  310.923123][   T29] audit: type=1326 audit(1751185247.764:43227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  310.923381][T16547] loop5: detected capacity change from 0 to 8192
[  311.008994][ T4669] bond0 (unregistering): Released all slaves
[  311.018365][ T4669] bond1 (unregistering): Released all slaves
[  311.027668][ T4669] bond2 (unregistering): Released all slaves
[  311.039876][T16542] netlink: 'syz.5.4157': attribute type 29 has an invalid length.
[  311.049134][   T29] audit: type=1326 audit(1751185247.970:43228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  311.072928][   T29] audit: type=1326 audit(1751185247.970:43229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16541 comm="syz.5.4157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9de91e929 code=0x7ffc0000
[  311.099016][T16552] __nla_validate_parse: 9 callbacks suppressed
[  311.099045][T16552] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4160'.
[  311.141263][ T4669] tipc: Disabling bearer <udp:s>
[  311.146277][ T4669] tipc: Left network mode
[  311.153026][T16560] netlink: 'syz.0.4161': attribute type 1 has an invalid length.
[  311.187082][T16526] chnl_net:caif_netlink_parms(): no params data found
[  311.228679][ T4669] hsr_slave_0: left promiscuous mode
[  311.242578][ T4669] hsr_slave_1: left promiscuous mode
[  311.309479][T16573] vhci_hcd: invalid port number 96
[  311.314656][T16573] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  311.438912][T16544] lo speed is unknown, defaulting to 1000
[  311.484370][T16526] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.491504][T16526] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.498701][T16526] bridge_slave_0: entered allmulticast mode
[  311.505125][T16526] bridge_slave_0: entered promiscuous mode
[  311.595346][T16526] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.602508][T16526] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.610313][T16526] bridge_slave_1: entered allmulticast mode
[  311.617492][T16526] bridge_slave_1: entered promiscuous mode
[  311.704887][T16544] chnl_net:caif_netlink_parms(): no params data found
[  311.732315][T16526] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.774211][T16526] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.804192][ T4669] IPVS: stop unused estimator thread 0...
[  311.823269][T16544] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.830514][T16544] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.839040][T16544] bridge_slave_0: entered allmulticast mode
[  311.846886][T16544] bridge_slave_0: entered promiscuous mode
[  311.880354][T16526] team0: Port device team_slave_0 added
[  311.887229][T16526] team0: Port device team_slave_1 added
[  311.893119][T16544] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.900268][T16544] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.907676][T16544] bridge_slave_1: entered allmulticast mode
[  311.914473][T16544] bridge_slave_1: entered promiscuous mode
[  311.942905][T16526] batman_adv: batadv0: Adding interface: batadv_slave_0
[  311.949936][T16526] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.976001][T16526] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  311.988326][T16544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.997904][T16526] batman_adv: batadv0: Adding interface: batadv_slave_1
[  312.004986][T16526] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.031216][T16526] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  312.043289][T16544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.068355][T16544] team0: Port device team_slave_0 added
[  312.080336][T16544] team0: Port device team_slave_1 added
[  312.098637][T16526] hsr_slave_0: entered promiscuous mode
[  312.104755][T16526] hsr_slave_1: entered promiscuous mode
[  312.117264][T16544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  312.124300][T16544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.150332][T16544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  312.161783][T16544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  312.168847][T16544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.195001][T16544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  312.300562][T16544] hsr_slave_0: entered promiscuous mode
[  312.312875][T16544] hsr_slave_1: entered promiscuous mode
[  312.321017][T16544] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  312.328712][T16544] Cannot create hsr debugfs directory
[  312.337813][T16599] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4170'.
[  312.394966][T16526] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  312.401215][T16604] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4169'.
[  312.419010][T16604] net_ratelimit: 54 callbacks suppressed
[  312.419029][T16604] netlink: zone id is out of range
[  312.422977][T16526] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  312.424762][T16604] netlink: zone id is out of range
[  312.424773][T16604] netlink: zone id is out of range
[  312.450067][T16604] netlink: zone id is out of range
[  312.453154][T16526] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  312.455308][T16604] netlink: zone id is out of range
[  312.467130][T16604] netlink: zone id is out of range
[  312.472364][T16604] netlink: zone id is out of range
[  312.477576][T16604] netlink: zone id is out of range
[  312.482805][T16604] netlink: zone id is out of range
[  312.487971][T16604] netlink: zone id is out of range
[  312.507758][T16607] netlink: 'syz.0.4171': attribute type 29 has an invalid length.
[  312.515905][T16607] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4171'.
[  312.525039][T16526] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  312.622933][T16544] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  312.635254][T16544] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  312.644618][T16544] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  312.656778][T16544] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  312.670074][T16526] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.697044][T16526] 8021q: adding VLAN 0 to HW filter on device team0
[  312.708321][ T4738] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.715438][ T4738] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.731965][ T4667] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.739049][ T4667] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.769570][T16544] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.788043][T16544] 8021q: adding VLAN 0 to HW filter on device team0
[  312.801155][ T4738] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.808398][ T4738] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.821459][ T4669] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.828572][ T4669] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.917155][T16637] pim6reg: entered allmulticast mode
[  312.924460][T16636] pim6reg: left allmulticast mode
[  312.940318][T16526] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.955625][T16544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  313.117643][T16526] veth0_vlan: entered promiscuous mode
[  313.129282][T16544] veth0_vlan: entered promiscuous mode
[  313.138876][T16544] veth1_vlan: entered promiscuous mode
[  313.145505][T16526] veth1_vlan: entered promiscuous mode
[  313.169913][T16526] veth0_macvtap: entered promiscuous mode
[  313.179727][T16544] veth0_macvtap: entered promiscuous mode
[  313.192006][T16526] veth1_macvtap: entered promiscuous mode
[  313.204169][T16544] veth1_macvtap: entered promiscuous mode
[  313.215289][T16526] batman_adv: batadv0: Interface activated: batadv_slave_0
[  313.228308][T16526] batman_adv: batadv0: Interface activated: batadv_slave_1
[  313.239167][T16544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  313.249779][T16526] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.258617][T16526] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.267800][T16526] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.276572][T16526] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.277057][T16671] loop5: detected capacity change from 0 to 128
[  313.293502][T16544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  313.299974][T16671] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  313.302148][T16544] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.308667][T16671] FAT-fs (loop5): Filesystem has been set read-only
[  313.317360][T16544] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.328762][T16671] syz.5.4179: attempt to access beyond end of device
[  313.328762][T16671] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  313.332736][T16544] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.348558][T16671] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  313.355085][T16544] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.362958][T16671] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  313.381211][T16671] syz.5.4179: attempt to access beyond end of device
[  313.381211][T16671] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  313.394834][T16671] syz.5.4179: attempt to access beyond end of device
[  313.394834][T16671] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  313.544842][T16682] vhci_hcd: invalid port number 96
[  313.545317][T16681] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4181'.
[  313.550073][T16682] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  313.637119][T16688] syzkaller0: entered allmulticast mode
[  313.647787][T16688] loop7: detected capacity change from 0 to 512
[  313.670014][T16688] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  313.701667][T16688] EXT4-fs (loop7): mount failed
[  313.761699][T16702] netlink: 'syz.6.4188': attribute type 34 has an invalid length.
[  313.900803][T16707] loop6: detected capacity change from 0 to 1024
[  313.999355][T16709] FAULT_INJECTION: forcing a failure.
[  313.999355][T16709] name failslab, interval 1, probability 0, space 0, times 0
[  314.012205][T16709] CPU: 0 UID: 0 PID: 16709 Comm: syz.0.4190 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  314.012242][T16709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  314.012279][T16709] Call Trace:
[  314.012284][T16709]  <TASK>
[  314.012371][T16709]  __dump_stack+0x1d/0x30
[  314.012400][T16709]  dump_stack_lvl+0xe8/0x140
[  314.012428][T16709]  dump_stack+0x15/0x1b
[  314.012450][T16709]  should_fail_ex+0x265/0x280
[  314.012483][T16709]  should_failslab+0x8c/0xb0
[  314.012507][T16709]  __kmalloc_noprof+0xa5/0x3e0
[  314.012536][T16709]  ? bpf_test_init+0xa9/0x160
[  314.012649][T16709]  bpf_test_init+0xa9/0x160
[  314.012690][T16709]  bpf_prog_test_run_xdp+0x274/0x910
[  314.012753][T16709]  ? kstrtouint+0x76/0xc0
[  314.012793][T16709]  ? __rcu_read_unlock+0x4f/0x70
[  314.012820][T16709]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  314.012854][T16709]  bpf_prog_test_run+0x227/0x390
[  314.012935][T16709]  __sys_bpf+0x3dc/0x790
[  314.013034][T16709]  __x64_sys_bpf+0x41/0x50
[  314.013074][T16709]  x64_sys_call+0x2478/0x2fb0
[  314.013107][T16709]  do_syscall_64+0xd2/0x200
[  314.013128][T16709]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  314.013161][T16709]  ? clear_bhb_loop+0x40/0x90
[  314.013189][T16709]  ? clear_bhb_loop+0x40/0x90
[  314.013218][T16709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.013310][T16709] RIP: 0033:0x7f3c5d4de929
[  314.013325][T16709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.013354][T16709] RSP: 002b:00007f3c5bb47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  314.013378][T16709] RAX: ffffffffffffffda RBX: 00007f3c5d705fa0 RCX: 00007f3c5d4de929
[  314.013407][T16709] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  314.013429][T16709] RBP: 00007f3c5bb47090 R08: 0000000000000000 R09: 0000000000000000
[  314.013516][T16709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.013529][T16709] R13: 0000000000000000 R14: 00007f3c5d705fa0 R15: 00007ffe6e184e58
[  314.013554][T16709]  </TASK>
[  314.252111][T16707] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  314.294161][T16707] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.4188: Allocating blocks 449-513 which overlap fs metadata
[  314.343671][T16701] EXT4-fs (loop6): pa ffff8881069f4770: logic 48, phys. 177, len 21
[  314.351764][T16701] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  314.378781][T16526] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.383699][T16678] syzkaller0: left allmulticast mode
[  314.435377][T16718] random: crng reseeded on system resumption
[  314.567942][T16724] loop6: detected capacity change from 0 to 128
[  314.664809][T16727] vhci_hcd: invalid port number 96
[  314.670047][T16727] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  314.800657][T16730] loop7: detected capacity change from 0 to 512
[  314.853061][T16730] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  314.874027][T16732] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4198'.
[  314.937955][T16730] EXT4-fs (loop7): 1 truncate cleaned up
[  314.961018][T16730] binfmt_misc: register: failed to install interpreter file ./file0
[  314.986088][T16724] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  314.998076][T16724] FAT-fs (loop6): Filesystem has been set read-only
[  314.999068][T16730] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4197'.
[  315.019268][T16724] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  315.023482][T16730] netlink: 'syz.7.4197': attribute type 2 has an invalid length.
[  315.030046][T16724] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  315.096311][T16737] vhci_hcd: invalid port number 96
[  315.101500][T16737] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  315.218855][T16746] loop7: detected capacity change from 0 to 512
[  315.229514][T16746] journal_path: Non-blockdev passed as './bus'
[  315.235807][T16746] EXT4-fs: error: could not find journal device path
[  315.269552][ T2960] kernel write not supported for file bpf-prog (pid: 2960 comm: kworker/1:2)
[  315.324613][T16756] netlink: 'syz.1.4206': attribute type 1 has an invalid length.
[  315.371052][T16754] random: crng reseeded on system resumption
[  315.479109][T16773] vhci_hcd: invalid port number 96
[  315.484262][T16773] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  315.500400][T16774] vhci_hcd: invalid port number 96
[  315.505918][T16774] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  315.545358][T16779] vhci_hcd: invalid port number 96
[  315.547529][T16782] loop7: detected capacity change from 0 to 512
[  315.550513][T16779] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  315.567085][T16782] journal_path: Non-blockdev passed as './bus'
[  315.573425][T16782] EXT4-fs: error: could not find journal device path
[  315.664553][T16789] random: crng reseeded on system resumption
[  316.368983][T16809] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4225'.
[  316.415363][   T29] kauditd_printk_skb: 593 callbacks suppressed
[  316.415382][   T29] audit: type=1326 audit(1751185252.993:43822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.418571][T16816] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  316.422745][   T29] audit: type=1326 audit(1751185253.002:43823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.445316][T16816] batman_adv: batadv0: Removing interface: batadv_slave_0
[  316.498766][   T29] audit: type=1326 audit(1751185253.030:43824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.522499][   T29] audit: type=1326 audit(1751185253.030:43825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.546229][   T29] audit: type=1326 audit(1751185253.030:43826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.570001][   T29] audit: type=1326 audit(1751185253.030:43827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.593648][   T29] audit: type=1326 audit(1751185253.030:43828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.617388][   T29] audit: type=1326 audit(1751185253.030:43829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.640991][   T29] audit: type=1326 audit(1751185253.058:43830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.641030][   T29] audit: type=1326 audit(1751185253.058:43831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16794 comm="syz.7.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  316.698407][T16819] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4228'.
[  316.713072][T16816] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  316.720740][T16816] batman_adv: batadv0: Removing interface: batadv_slave_1
[  316.901225][T16836] loop7: detected capacity change from 0 to 128
[  317.001200][T16840] lo speed is unknown, defaulting to 1000
[  317.832889][T16844] netlink: 'syz.0.4235': attribute type 29 has an invalid length.
[  317.841067][T16844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4235'.
[  317.931627][T16836] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  317.940394][T16836] FAT-fs (loop7): Filesystem has been set read-only
[  317.947324][T16836] bio_check_eod: 22676 callbacks suppressed
[  317.947346][T16836] syz.7.4234: attempt to access beyond end of device
[  317.947346][T16836] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  317.968158][T16836] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  317.976582][T16836] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  318.315410][T16836] syz.7.4234: attempt to access beyond end of device
[  318.315410][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  318.334471][T16836] syz.7.4234: attempt to access beyond end of device
[  318.334471][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  318.355569][T16836] syz.7.4234: attempt to access beyond end of device
[  318.355569][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  318.392583][T16836] syz.7.4234: attempt to access beyond end of device
[  318.392583][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  318.426235][T16836] syz.7.4234: attempt to access beyond end of device
[  318.426235][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  318.458416][T16836] syz.7.4234: attempt to access beyond end of device
[  318.458416][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  318.507256][T16836] syz.7.4234: attempt to access beyond end of device
[  318.507256][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  318.521895][T16836] syz.7.4234: attempt to access beyond end of device
[  318.521895][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  318.546486][T16836] syz.7.4234: attempt to access beyond end of device
[  318.546486][T16836] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  319.495452][T16880] loop5: detected capacity change from 0 to 1024
[  319.502532][T16880] ext4: Unknown parameter 'smackfshat'
[  319.514411][T16880] loop5: detected capacity change from 0 to 512
[  319.523845][T16880] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.4248: iget: bad i_size value: 38620345925642
[  319.538259][T16880] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.4248: couldn't read orphan inode 15 (err -117)
[  319.546927][T16884] random: crng reseeded on system resumption
[  319.552743][T16880] EXT4-fs mount: 2 callbacks suppressed
[  319.552764][T16880] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.640585][T16880] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.4248: iget: bad i_size value: 38620345925642
[  319.684503][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.690481][T16894] FAULT_INJECTION: forcing a failure.
[  319.690481][T16894] name failslab, interval 1, probability 0, space 0, times 0
[  319.706200][T16894] CPU: 1 UID: 0 PID: 16894 Comm: syz.0.4256 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  319.706242][T16894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  319.706255][T16894] Call Trace:
[  319.706263][T16894]  <TASK>
[  319.706271][T16894]  __dump_stack+0x1d/0x30
[  319.706344][T16894]  dump_stack_lvl+0xe8/0x140
[  319.706366][T16894]  dump_stack+0x15/0x1b
[  319.706386][T16894]  should_fail_ex+0x265/0x280
[  319.706426][T16894]  should_failslab+0x8c/0xb0
[  319.706612][T16894]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  319.706654][T16894]  ? vfs_parse_fs_string+0x72/0xe0
[  319.706692][T16894]  kmemdup_nul+0x36/0xc0
[  319.706724][T16894]  vfs_parse_fs_string+0x72/0xe0
[  319.706807][T16894]  do_new_mount+0x188/0x680
[  319.706852][T16894]  path_mount+0x4a4/0xb20
[  319.706946][T16894]  ? user_path_at+0x109/0x130
[  319.706982][T16894]  __se_sys_mount+0x28f/0x2e0
[  319.707005][T16894]  ? fput+0x8f/0xc0
[  319.707078][T16894]  __x64_sys_mount+0x67/0x80
[  319.707102][T16894]  x64_sys_call+0xd36/0x2fb0
[  319.707131][T16894]  do_syscall_64+0xd2/0x200
[  319.707155][T16894]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  319.707258][T16894]  ? clear_bhb_loop+0x40/0x90
[  319.707283][T16894]  ? clear_bhb_loop+0x40/0x90
[  319.707389][T16894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.707414][T16894] RIP: 0033:0x7f3c5d4de929
[  319.707433][T16894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.707451][T16894] RSP: 002b:00007f3c5bb47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  319.707469][T16894] RAX: ffffffffffffffda RBX: 00007f3c5d705fa0 RCX: 00007f3c5d4de929
[  319.707496][T16894] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 0000200000000100
[  319.707512][T16894] RBP: 00007f3c5bb47090 R08: 0000200000000300 R09: 0000000000000000
[  319.707529][T16894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  319.707544][T16894] R13: 0000000000000000 R14: 00007f3c5d705fa0 R15: 00007ffe6e184e58
[  319.707564][T16894]  </TASK>
[  320.035414][T16908] random: crng reseeded on system resumption
[  320.094856][T16911] loop6: detected capacity change from 0 to 128
[  320.122613][T16911] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  320.135406][T16911] FAT-fs (loop6): Filesystem has been set read-only
[  320.143657][T16911] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  320.152959][T16911] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  320.193769][T16920] lo speed is unknown, defaulting to 1000
[  320.435219][T16923] loop7: detected capacity change from 0 to 1024
[  320.443271][T16924] vhci_hcd: invalid port number 96
[  320.448458][T16924] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  320.546655][T16923] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.573434][T16919] vhci_hcd: invalid port number 96
[  320.578644][T16919] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  320.603830][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.613123][T16931] loop0: detected capacity change from 0 to 8192
[  320.687220][T16936] FAULT_INJECTION: forcing a failure.
[  320.687220][T16936] name failslab, interval 1, probability 0, space 0, times 0
[  320.700055][T16936] CPU: 1 UID: 0 PID: 16936 Comm: syz.0.4265 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  320.700116][T16936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  320.700132][T16936] Call Trace:
[  320.700138][T16936]  <TASK>
[  320.700145][T16936]  __dump_stack+0x1d/0x30
[  320.700166][T16936]  dump_stack_lvl+0xe8/0x140
[  320.700185][T16936]  dump_stack+0x15/0x1b
[  320.700206][T16936]  should_fail_ex+0x265/0x280
[  320.700255][T16936]  ? alloc_fs_context+0x44/0x4e0
[  320.700292][T16936]  should_failslab+0x8c/0xb0
[  320.700323][T16936]  __kmalloc_cache_noprof+0x4c/0x320
[  320.700466][T16936]  alloc_fs_context+0x44/0x4e0
[  320.700569][T16936]  fs_context_for_mount+0x22/0x30
[  320.700672][T16936]  do_new_mount+0xe9/0x680
[  320.700725][T16936]  path_mount+0x4a4/0xb20
[  320.700772][T16936]  ? user_path_at+0x109/0x130
[  320.700820][T16936]  __se_sys_mount+0x28f/0x2e0
[  320.700850][T16936]  ? fput+0x8f/0xc0
[  320.700936][T16936]  __x64_sys_mount+0x67/0x80
[  320.700959][T16936]  x64_sys_call+0xd36/0x2fb0
[  320.700988][T16936]  do_syscall_64+0xd2/0x200
[  320.701011][T16936]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  320.701068][T16936]  ? clear_bhb_loop+0x40/0x90
[  320.701097][T16936]  ? clear_bhb_loop+0x40/0x90
[  320.701126][T16936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.701153][T16936] RIP: 0033:0x7f3c5d4de929
[  320.701241][T16936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.701264][T16936] RSP: 002b:00007f3c5bb26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  320.701289][T16936] RAX: ffffffffffffffda RBX: 00007f3c5d706080 RCX: 00007f3c5d4de929
[  320.701325][T16936] RDX: 0000200000000100 RSI: 00002000000001c0 RDI: 0000000000000000
[  320.701342][T16936] RBP: 00007f3c5bb26090 R08: 0000200000000580 R09: 0000000000000000
[  320.701358][T16936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.701375][T16936] R13: 0000000000000001 R14: 00007f3c5d706080 R15: 00007ffe6e184e58
[  320.701399][T16936]  </TASK>
[  320.866294][T16939] loop7: detected capacity change from 0 to 1024
[  320.964381][T16943] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4269'.
[  320.979271][T16939] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.996035][T16935] vhci_hcd: invalid port number 96
[  321.001249][T16935] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  321.032922][T16951] loop5: detected capacity change from 0 to 256
[  321.040384][T16951] msdos: Unknown parameter 'dot'
[  321.068600][T16956] random: crng reseeded on system resumption
[  321.077095][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.190252][T16973] loop5: detected capacity change from 0 to 128
[  321.199681][T16973] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.4281'.
[  321.209497][T16973] net_ratelimit: 49 callbacks suppressed
[  321.209511][T16973] netlink: zone id is out of range
[  321.221296][T16973] netlink: zone id is out of range
[  321.226777][T16973] netlink: zone id is out of range
[  321.232018][T16973] netlink: zone id is out of range
[  321.237158][T16973] netlink: zone id is out of range
[  321.242548][T16973] netlink: zone id is out of range
[  321.247676][T16973] netlink: zone id is out of range
[  321.252862][T16973] netlink: zone id is out of range
[  321.258200][T16973] netlink: zone id is out of range
[  321.263513][T16973] netlink: zone id is out of range
[  321.276879][T16976] loop6: detected capacity change from 0 to 1024
[  321.310868][T16979] loop5: detected capacity change from 0 to 128
[  321.318824][T16976] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.339061][T16976] vhci_hcd: invalid port number 96
[  321.344269][T16976] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  321.367853][T16526] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.378319][T16960] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  321.395576][T16960] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  321.416920][T16985] loop5: detected capacity change from 0 to 1024
[  321.445278][T16985] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  321.456892][T16985] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  321.474401][T16985] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  321.513796][T16985] EXT4-fs (loop5): orphan cleanup on readonly fs
[  321.524298][T16985] EXT4-fs error (device loop5): ext4_read_inode_bitmap:167: comm syz.5.4285: Inode bitmap for bg 0 marked uninitialized
[  321.542065][T16985] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  321.560340][T16992] loop0: detected capacity change from 0 to 1024
[  321.567360][T16992] EXT4-fs: inline encryption not supported
[  321.590786][T16993] loop6: detected capacity change from 0 to 1024
[  321.602153][T16992] EXT4-fs: Ignoring removed bh option
[  321.622064][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.632703][T16993] EXT4-fs: inline encryption not supported
[  321.641387][T16992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.641452][T16993] EXT4-fs: Ignoring removed bh option
[  321.671501][T16998] random: crng reseeded on system resumption
[  321.682278][T16993] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.724157][T17000] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4286'.
[  322.068219][T17006] loop7: detected capacity change from 0 to 1024
[  322.075230][T17006] EXT4-fs: inline encryption not supported
[  322.081423][T17006] EXT4-fs: Ignoring removed bh option
[  322.096908][T17006] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.327173][T17020] vhci_hcd: invalid port number 96
[  322.332481][T17020] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  322.371261][   T29] kauditd_printk_skb: 614 callbacks suppressed
[  322.371304][   T29] audit: type=1326 audit(1751185258.558:44446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.401341][   T29] audit: type=1326 audit(1751185258.558:44447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.425114][   T29] audit: type=1326 audit(1751185258.568:44448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.448827][   T29] audit: type=1326 audit(1751185258.568:44449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.472444][   T29] audit: type=1326 audit(1751185258.568:44450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.496203][   T29] audit: type=1326 audit(1751185258.568:44451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.519870][   T29] audit: type=1326 audit(1751185258.568:44452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.543791][   T29] audit: type=1326 audit(1751185258.568:44453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.567392][   T29] audit: type=1326 audit(1751185258.568:44454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.591022][   T29] audit: type=1326 audit(1751185258.568:44455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17023 comm="syz.1.4296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f518b21e929 code=0x7ffc0000
[  322.615603][T13020] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.627865][T16526] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.674196][T17032] random: crng reseeded on system resumption
[  322.697551][T17034] netlink: 'syz.5.4300': attribute type 39 has an invalid length.
[  322.718419][T17037] loop6: detected capacity change from 0 to 164
[  322.914376][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.916889][T17043] loop6: detected capacity change from 0 to 128
[  322.961685][T17043] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  322.966048][T17046] syzkaller0: entered allmulticast mode
[  322.970001][T17043] FAT-fs (loop6): Filesystem has been set read-only
[  322.982194][T17046] FAULT_INJECTION: forcing a failure.
[  322.982194][T17046] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  322.985335][T17043] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  322.997235][T17046] CPU: 1 UID: 0 PID: 17046 Comm: syz.5.4305 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  322.997274][T17046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  322.997317][T17046] Call Trace:
[  322.997324][T17046]  <TASK>
[  322.997334][T17046]  __dump_stack+0x1d/0x30
[  322.997368][T17046]  dump_stack_lvl+0xe8/0x140
[  322.997392][T17046]  dump_stack+0x15/0x1b
[  322.997410][T17046]  should_fail_ex+0x265/0x280
[  322.997457][T17046]  should_fail_alloc_page+0xf2/0x100
[  322.997491][T17046]  __alloc_frozen_pages_noprof+0xff/0x360
[  322.997535][T17046]  alloc_pages_mpol+0xb3/0x250
[  322.997619][T17046]  vma_alloc_folio_noprof+0x1aa/0x300
[  322.997660][T17046]  handle_mm_fault+0xec2/0x2be0
[  322.997688][T17046]  ? __rcu_read_unlock+0x4f/0x70
[  322.997729][T17046]  do_user_addr_fault+0x3fe/0x1090
[  322.997834][T17046]  exc_page_fault+0x62/0xa0
[  322.997865][T17046]  asm_exc_page_fault+0x26/0x30
[  322.997891][T17046] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  322.997932][T17046] Code: f1 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  322.997956][T17046] RSP: 0018:ffffc900024c7930 EFLAGS: 00050202
[  322.998061][T17046] RAX: ffff888119034b98 RBX: ffffc900024c7e28 RCX: 0000000000000d89
[  322.998079][T17046] RDX: 0000000000000000 RSI: ffff88811c2870cf RDI: 0000200000003080
[  322.998097][T17046] RBP: 0000000000000d89 R08: 00000000000002f3 R09: 0000000000000000
[  322.998117][T17046] R10: 000188811c2870cf R11: 000188811c287e57 R12: ffffc900024c7e10
[  322.998182][T17046] R13: 00000000000000cf R14: 0000000000000d89 R15: ffff88811c2870cf
[  322.998209][T17046]  _copy_to_iter+0x406/0xe30
[  322.998290][T17046]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  322.998343][T17046]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  322.998383][T17046]  __skb_datagram_iter+0xc6/0x690
[  322.998488][T17046]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  322.998576][T17046]  skb_copy_datagram_iter+0x3d/0x110
[  322.998607][T17046]  netlink_recvmsg+0x1a8/0x550
[  322.998640][T17046]  ? __pfx_netlink_recvmsg+0x10/0x10
[  322.998707][T17046]  sock_recvmsg+0x136/0x170
[  322.998745][T17046]  ____sys_recvmsg+0xf5/0x280
[  322.998784][T17046]  ___sys_recvmsg+0x11f/0x370
[  322.998826][T17046]  do_recvmmsg+0x1ef/0x540
[  322.998862][T17046]  ? fput+0x8f/0xc0
[  322.998952][T17046]  __x64_sys_recvmmsg+0xe5/0x170
[  322.998983][T17046]  x64_sys_call+0x1c6a/0x2fb0
[  322.999014][T17046]  do_syscall_64+0xd2/0x200
[  322.999038][T17046]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  322.999115][T17046]  ? clear_bhb_loop+0x40/0x90
[  322.999146][T17046]  ? clear_bhb_loop+0x40/0x90
[  322.999177][T17046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.999271][T17046] RIP: 0033:0x7fd9de91e929
[  322.999293][T17046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.999319][T17046] RSP: 002b:00007fd9dcf87038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  322.999358][T17046] RAX: ffffffffffffffda RBX: 00007fd9deb45fa0 RCX: 00007fd9de91e929
[  322.999375][T17046] RDX: 0000000000000001 RSI: 0000200000005140 RDI: 0000000000000007
[  322.999393][T17046] RBP: 00007fd9dcf87090 R08: 0000000000000000 R09: 0000000000000000
[  322.999411][T17046] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001
[  322.999428][T17046] R13: 0000000000000000 R14: 00007fd9deb45fa0 R15: 00007ffdc6000758
[  322.999456][T17046]  </TASK>
[  323.131224][T17051] loop7: detected capacity change from 0 to 1024
[  323.143449][T17051] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.146781][T17043] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  323.156061][T17051] vhci_hcd: invalid port number 96
[  323.303671][T17043] bio_check_eod: 1224 callbacks suppressed
[  323.303719][T17043] syz.6.4304: attempt to access beyond end of device
[  323.303719][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.312157][T17051] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  323.432818][T17043] syz.6.4304: attempt to access beyond end of device
[  323.432818][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.447673][T17043] syz.6.4304: attempt to access beyond end of device
[  323.447673][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.462290][T17043] syz.6.4304: attempt to access beyond end of device
[  323.462290][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.482625][T17043] syz.6.4304: attempt to access beyond end of device
[  323.482625][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.497623][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.506442][T17043] syz.6.4304: attempt to access beyond end of device
[  323.506442][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.521564][T17043] syz.6.4304: attempt to access beyond end of device
[  323.521564][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.536529][T17043] syz.6.4304: attempt to access beyond end of device
[  323.536529][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.550899][T17043] syz.6.4304: attempt to access beyond end of device
[  323.550899][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.565549][T17043] syz.6.4304: attempt to access beyond end of device
[  323.565549][T17043] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  323.654997][T17066] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=17066 comm=syz.5.4311
[  323.677540][T17064] netlink: 'syz.0.4310': attribute type 21 has an invalid length.
[  323.700592][T17064] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4310'.
[  323.764613][T17070] netlink: 'syz.5.4312': attribute type 39 has an invalid length.
[  323.979421][T17075] syzkaller0: entered allmulticast mode
[  324.013279][T17082] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4316'.
[  324.092411][T17093] netlink: 'syz.0.4320': attribute type 29 has an invalid length.
[  324.100427][T17093] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4320'.
[  324.150031][T17093] loop0: detected capacity change from 0 to 8192
[  324.204573][T17097] syzkaller0: entered allmulticast mode
[  324.223223][T17097] loop6: detected capacity change from 0 to 512
[  324.259956][T17097] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  324.281740][T17097] EXT4-fs (loop6): mount failed
[  324.458763][T17105] netlink: 'syz.0.4323': attribute type 39 has an invalid length.
[  324.493675][T17107] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4324'.
[  324.506598][T17107] lo speed is unknown, defaulting to 1000
[  324.512686][T17107] lo speed is unknown, defaulting to 1000
[  324.523546][T17107] lo speed is unknown, defaulting to 1000
[  324.538252][T17107] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  324.549362][T17107] lo speed is unknown, defaulting to 1000
[  324.556141][T17107] lo speed is unknown, defaulting to 1000
[  324.563372][T17107] lo speed is unknown, defaulting to 1000
[  324.569956][T17107] lo speed is unknown, defaulting to 1000
[  324.576893][T17107] lo speed is unknown, defaulting to 1000
[  324.583472][T17107] lo speed is unknown, defaulting to 1000
[  324.589841][T17107] lo speed is unknown, defaulting to 1000
[  324.608418][T17115] loop0: detected capacity change from 0 to 128
[  324.636857][T17115] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  324.646639][T17115] FAT-fs (loop0): Filesystem has been set read-only
[  324.655161][T17115] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  324.664363][T17115] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  324.975039][T17089] syzkaller0: left allmulticast mode
[  324.991923][T17119] loop5: detected capacity change from 0 to 1024
[  325.019939][T17119] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.083850][T17125] loop6: detected capacity change from 0 to 512
[  325.109543][T17125] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  325.136957][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.152086][T17125] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  325.180508][T17125] EXT4-fs (loop6): 1 truncate cleaned up
[  325.197345][T17125] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.270189][T16526] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.293772][T17137] loop6: detected capacity change from 0 to 512
[  325.300673][T17137] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  325.313180][T17137] EXT4-fs (loop6): 1 truncate cleaned up
[  325.318996][T17138] loop7: detected capacity change from 0 to 1024
[  325.355942][T17138] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.366598][T17137] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.401224][T17138] vhci_hcd: invalid port number 96
[  325.406476][T17138] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  325.451299][T17137] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.468276][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.535788][T17155] netlink: 44 bytes leftover after parsing attributes in process `syz.7.4340'.
[  325.655051][T17163] vhci_hcd: invalid port number 96
[  325.660262][T17163] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  325.946600][T17175] vhci_hcd: invalid port number 96
[  325.951783][T17175] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  326.573248][T17184] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4347'.
[  326.582607][T17184] net_ratelimit: 48 callbacks suppressed
[  326.582621][T17184] netlink: zone id is out of range
[  326.597227][T17183] loop7: detected capacity change from 0 to 128
[  326.626108][T17183] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  326.635193][T17183] FAT-fs (loop7): Filesystem has been set read-only
[  326.658551][T17184] netlink: zone id is out of range
[  326.658549][T17183] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  326.663693][T17184] netlink: zone id is out of range
[  326.663738][T17184] netlink: zone id is out of range
[  326.663775][T17184] netlink: del zone limit has 8 unknown bytes
[  326.690909][T17183] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  326.811101][T17186] netlink: 'syz.1.4349': attribute type 39 has an invalid length.
[  326.921474][T17188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  326.950843][T17188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.015221][ T1036] IPVS: starting estimator thread 0...
[  327.107814][T17198] IPVS: using max 2592 ests per chain, 129600 per kthread
[  327.157719][T17203] loop6: detected capacity change from 0 to 512
[  327.167261][T17203] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  327.181084][T17203] EXT4-fs (loop6): 1 truncate cleaned up
[  327.193640][T17203] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.208635][T17203] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.295741][T17216] loop6: detected capacity change from 0 to 512
[  327.302698][T17216] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  327.313790][T17216] EXT4-fs (loop6): 1 truncate cleaned up
[  327.319964][T17216] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.325615][T17218] vhci_hcd: invalid port number 96
[  327.334362][T17216] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.337217][T17218] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  327.358510][T17219] loop0: detected capacity change from 0 to 1024
[  327.377085][T17219] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.394878][T17219] vhci_hcd: invalid port number 96
[  327.400084][T17219] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  327.421142][T13020] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.535505][T17231] netlink: 209852 bytes leftover after parsing attributes in process `syz.7.4362'.
[  327.544875][T17231] netlink: zone id is out of range
[  327.567244][T17231] netlink: zone id is out of range
[  327.572419][T17231] netlink: zone id is out of range
[  327.577594][T17231] netlink: zone id is out of range
[  327.586879][T17234] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4363'.
[  327.596426][T17231] netlink: del zone limit has 8 unknown bytes
[  327.832841][T17242] FAULT_INJECTION: forcing a failure.
[  327.832841][T17242] name failslab, interval 1, probability 0, space 0, times 0
[  327.845719][T17242] CPU: 1 UID: 0 PID: 17242 Comm: syz.7.4367 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  327.845825][T17242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  327.845841][T17242] Call Trace:
[  327.845849][T17242]  <TASK>
[  327.845857][T17242]  __dump_stack+0x1d/0x30
[  327.845879][T17242]  dump_stack_lvl+0xe8/0x140
[  327.845898][T17242]  dump_stack+0x15/0x1b
[  327.845914][T17242]  should_fail_ex+0x265/0x280
[  327.846033][T17242]  ? md_alloc+0x89/0x9c0
[  327.846052][T17242]  should_failslab+0x8c/0xb0
[  327.846078][T17242]  __kmalloc_cache_noprof+0x4c/0x320
[  327.846128][T17242]  ? __pfx_md_probe+0x10/0x10
[  327.846155][T17242]  md_alloc+0x89/0x9c0
[  327.846187][T17242]  ? __pfx_md_probe+0x10/0x10
[  327.846294][T17242]  md_alloc_and_put+0x18/0x140
[  327.846368][T17242]  md_probe+0x68/0x80
[  327.846393][T17242]  blk_request_module+0x1ba/0x1e0
[  327.846445][T17242]  blkdev_get_no_open+0x4b/0x100
[  327.846474][T17242]  bdev_file_open_by_dev+0xa5/0x250
[  327.846570][T17242]  swsusp_check+0x3f/0x290
[  327.846598][T17242]  software_resume+0x41/0x2f0
[  327.846695][T17242]  resume_store+0x2d9/0x3d0
[  327.846725][T17242]  ? __pfx_resume_store+0x10/0x10
[  327.846816][T17242]  kobj_attr_store+0x4a/0x70
[  327.846845][T17242]  ? __pfx_kobj_attr_store+0x10/0x10
[  327.846921][T17242]  sysfs_kf_write+0xfe/0x120
[  327.846952][T17242]  ? __pfx_sysfs_kf_write+0x10/0x10
[  327.846991][T17242]  kernfs_fop_write_iter+0x1c1/0x2d0
[  327.847016][T17242]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  327.847038][T17242]  vfs_write+0x49d/0x8e0
[  327.847096][T17242]  ksys_write+0xda/0x1a0
[  327.847192][T17242]  __x64_sys_write+0x40/0x50
[  327.847246][T17242]  x64_sys_call+0x2cdd/0x2fb0
[  327.847270][T17242]  do_syscall_64+0xd2/0x200
[  327.847292][T17242]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  327.847318][T17242]  ? clear_bhb_loop+0x40/0x90
[  327.847392][T17242]  ? clear_bhb_loop+0x40/0x90
[  327.847423][T17242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.847448][T17242] RIP: 0033:0x7f22a99ee929
[  327.847467][T17242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.847491][T17242] RSP: 002b:00007f22a8057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  327.847561][T17242] RAX: ffffffffffffffda RBX: 00007f22a9c15fa0 RCX: 00007f22a99ee929
[  327.847574][T17242] RDX: 0000000000000012 RSI: 0000200000000000 RDI: 0000000000000003
[  327.847586][T17242] RBP: 00007f22a8057090 R08: 0000000000000000 R09: 0000000000000000
[  327.847677][T17242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.847702][T17242] R13: 0000000000000000 R14: 00007f22a9c15fa0 R15: 00007fff4566d168
[  327.847720][T17242]  </TASK>
[  328.348140][   T29] kauditd_printk_skb: 181 callbacks suppressed
[  328.348160][   T29] audit: type=1400 audit(1751185264.152:44636): avc:  denied  { create } for  pid=17249 comm="syz.7.4370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  328.384499][T17244] loop5: detected capacity change from 0 to 128
[  328.392374][T17251] program syz.7.4370 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  328.433719][T17251] loop7: detected capacity change from 0 to 512
[  328.449062][   T29] audit: type=1400 audit(1751185264.199:44637): avc:  denied  { read } for  pid=17249 comm="syz.7.4370" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  328.466780][T17253] netlink: 5 bytes leftover after parsing attributes in process `syz.0.4371'.
[  328.472944][   T29] audit: type=1400 audit(1751185264.199:44638): avc:  denied  { open } for  pid=17249 comm="syz.7.4370" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  328.481768][T17253] netlink: 5 bytes leftover after parsing attributes in process `syz.0.4371'.
[  328.505959][   T29] audit: type=1400 audit(1751185264.227:44639): avc:  denied  { write } for  pid=17249 comm="syz.7.4370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  328.558196][T17244] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  328.567612][T17244] FAT-fs (loop5): Filesystem has been set read-only
[  328.575885][   T29] audit: type=1400 audit(1751185264.377:44640): avc:  denied  { create } for  pid=17254 comm="syz.0.4372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  328.598564][T17251] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.610670][T17244] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  328.613050][T17251] ext4 filesystem being mounted at /43/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  328.620058][T17244] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  328.651393][   T29] audit: type=1400 audit(1751185264.395:44641): avc:  denied  { setopt } for  pid=17254 comm="syz.0.4372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  328.653748][T17251] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 3: comm syz.7.4370: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  328.691144][T17244] bio_check_eod: 3407 callbacks suppressed
[  328.691383][T17244] syz.5.4368: attempt to access beyond end of device
[  328.691383][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  328.699669][T17251] EXT4-fs (loop7): Remounting filesystem read-only
[  328.729663][   T29] audit: type=1400 audit(1751185264.508:44642): avc:  denied  { ioctl } for  pid=17249 comm="syz.7.4370" path="socket:[50611]" dev="sockfs" ino=50611 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  328.760237][T17244] syz.5.4368: attempt to access beyond end of device
[  328.760237][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  328.775505][T17244] syz.5.4368: attempt to access beyond end of device
[  328.775505][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  328.809814][   T29] audit: type=1400 audit(1751185264.592:44643): avc:  denied  { create } for  pid=17262 comm="syz.6.4373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  328.844358][   T29] audit: type=1326 audit(1751185264.620:44644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17265 comm="syz.6.4374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15ed2be929 code=0x7ffc0000
[  328.854988][T17244] syz.5.4368: attempt to access beyond end of device
[  328.854988][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  328.900633][T17244] syz.5.4368: attempt to access beyond end of device
[  328.900633][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  328.917011][T17244] syz.5.4368: attempt to access beyond end of device
[  328.917011][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  328.927866][   T29] audit: type=1326 audit(1751185264.657:44645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17265 comm="syz.6.4374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f15ed2be929 code=0x7ffc0000
[  328.932341][T17244] syz.5.4368: attempt to access beyond end of device
[  328.932341][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  328.971497][T17244] syz.5.4368: attempt to access beyond end of device
[  328.971497][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  328.985663][T17244] syz.5.4368: attempt to access beyond end of device
[  328.985663][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  329.000254][T17244] syz.5.4368: attempt to access beyond end of device
[  329.000254][T17244] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  329.014820][T17266] netlink: 'syz.6.4374': attribute type 29 has an invalid length.
[  329.054942][T17268] loop6: detected capacity change from 0 to 8192
[  329.114477][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.308035][T17277] __nla_validate_parse: 5 callbacks suppressed
[  329.308128][T17277] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.4376'.
[  329.363785][T17287] netlink: 5 bytes leftover after parsing attributes in process `syz.6.4382'.
[  329.372703][T17287] netlink: 5 bytes leftover after parsing attributes in process `syz.6.4382'.
[  329.381776][T17287] netlink: 5 bytes leftover after parsing attributes in process `syz.6.4382'.
[  329.533244][T17299] loop5: detected capacity change from 0 to 1024
[  329.533416][T17300] loop7: detected capacity change from 0 to 1024
[  329.557769][T17300] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.570821][T17299] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.574350][T17300] vhci_hcd: invalid port number 96
[  329.588556][T17300] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  329.630285][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.644868][T17299] vhci_hcd: invalid port number 96
[  329.650077][T17299] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  329.689481][T15627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.780429][T17312] FAULT_INJECTION: forcing a failure.
[  329.780429][T17312] name failslab, interval 1, probability 0, space 0, times 0
[  329.793184][T17312] CPU: 1 UID: 0 PID: 17312 Comm: syz.7.4390 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  329.793216][T17312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  329.793234][T17312] Call Trace:
[  329.793242][T17312]  <TASK>
[  329.793300][T17312]  __dump_stack+0x1d/0x30
[  329.793329][T17312]  dump_stack_lvl+0xe8/0x140
[  329.793356][T17312]  dump_stack+0x15/0x1b
[  329.793375][T17312]  should_fail_ex+0x265/0x280
[  329.793407][T17312]  should_failslab+0x8c/0xb0
[  329.793455][T17312]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  329.793495][T17312]  ? sidtab_sid2str_get+0xa0/0x130
[  329.793651][T17312]  kmemdup_noprof+0x2b/0x70
[  329.793678][T17312]  sidtab_sid2str_get+0xa0/0x130
[  329.793703][T17312]  security_sid_to_context_core+0x1eb/0x2e0
[  329.793736][T17312]  security_sid_to_context+0x27/0x40
[  329.793765][T17312]  selinux_lsmprop_to_secctx+0x67/0xf0
[  329.793838][T17312]  security_lsmprop_to_secctx+0x43/0x80
[  329.793872][T17312]  audit_log_task_context+0x77/0x190
[  329.793937][T17312]  audit_log_task+0xf4/0x250
[  329.794002][T17312]  audit_seccomp+0x61/0x100
[  329.794038][T17312]  ? __seccomp_filter+0x68c/0x10d0
[  329.794076][T17312]  __seccomp_filter+0x69d/0x10d0
[  329.794152][T17312]  ? user_path_at+0x59/0x130
[  329.794261][T17312]  __secure_computing+0x82/0x150
[  329.794285][T17312]  syscall_trace_enter+0xcf/0x1e0
[  329.794311][T17312]  do_syscall_64+0xac/0x200
[  329.794333][T17312]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  329.794443][T17312]  ? clear_bhb_loop+0x40/0x90
[  329.794520][T17312]  ? clear_bhb_loop+0x40/0x90
[  329.794542][T17312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.794569][T17312] RIP: 0033:0x7f22a99ed33c
[  329.794589][T17312] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  329.794669][T17312] RSP: 002b:00007f22a8057030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  329.794691][T17312] RAX: ffffffffffffffda RBX: 00007f22a9c15fa0 RCX: 00007f22a99ed33c
[  329.794703][T17312] RDX: 000000000000000f RSI: 00007f22a80570a0 RDI: 0000000000000006
[  329.794715][T17312] RBP: 00007f22a8057090 R08: 0000000000000000 R09: 0000000000000000
[  329.794726][T17312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  329.794738][T17312] R13: 0000000000000000 R14: 00007f22a9c15fa0 R15: 00007fff4566d168
[  329.794793][T17312]  </TASK>
[  329.798082][T17310] loop5: detected capacity change from 0 to 128
[  330.153588][T17310] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  330.164746][T17310] FAT-fs (loop5): Filesystem has been set read-only
[  330.186774][T17310] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  330.195990][T17310] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  330.327212][T17323] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4393'.
[  330.383044][T17325] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4395'.
[  330.392161][T17325] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4395'.
[  330.410558][T17326] loop7: detected capacity change from 0 to 512
[  330.672011][T17334] loop7: detected capacity change from 0 to 1024
[  330.708294][T17334] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.725451][T17334] vhci_hcd: invalid port number 96
[  330.730641][T17334] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  330.750976][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.788392][T17354] FAULT_INJECTION: forcing a failure.
[  330.788392][T17354] name failslab, interval 1, probability 0, space 0, times 0
[  330.801213][T17354] CPU: 1 UID: 0 PID: 17354 Comm: syz.1.4406 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  330.801325][T17354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  330.801341][T17354] Call Trace:
[  330.801349][T17354]  <TASK>
[  330.801359][T17354]  __dump_stack+0x1d/0x30
[  330.801385][T17354]  dump_stack_lvl+0xe8/0x140
[  330.801476][T17354]  dump_stack+0x15/0x1b
[  330.801497][T17354]  should_fail_ex+0x265/0x280
[  330.801577][T17354]  should_failslab+0x8c/0xb0
[  330.801599][T17354]  kmem_cache_alloc_node_noprof+0x57/0x320
[  330.801625][T17354]  ? __alloc_skb+0x101/0x320
[  330.801728][T17354]  __alloc_skb+0x101/0x320
[  330.801755][T17354]  netlink_alloc_large_skb+0xba/0xf0
[  330.801784][T17354]  netlink_sendmsg+0x3cf/0x6b0
[  330.801868][T17354]  ? __pfx_netlink_sendmsg+0x10/0x10
[  330.801885][T17354]  __sock_sendmsg+0x145/0x180
[  330.801907][T17354]  ____sys_sendmsg+0x31e/0x4e0
[  330.801977][T17354]  ___sys_sendmsg+0x17b/0x1d0
[  330.802021][T17354]  __x64_sys_sendmsg+0xd4/0x160
[  330.802066][T17354]  x64_sys_call+0x2999/0x2fb0
[  330.802084][T17354]  do_syscall_64+0xd2/0x200
[  330.802153][T17354]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  330.802189][T17354]  ? clear_bhb_loop+0x40/0x90
[  330.802210][T17354]  ? clear_bhb_loop+0x40/0x90
[  330.802253][T17354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.802290][T17354] RIP: 0033:0x7f518b21e929
[  330.802307][T17354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.802402][T17354] RSP: 002b:00007f5189887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  330.802467][T17354] RAX: ffffffffffffffda RBX: 00007f518b445fa0 RCX: 00007f518b21e929
[  330.802486][T17354] RDX: 0000000000008b08 RSI: 0000200000000040 RDI: 0000000000000003
[  330.802541][T17354] RBP: 00007f5189887090 R08: 0000000000000000 R09: 0000000000000000
[  330.802552][T17354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.802563][T17354] R13: 0000000000000000 R14: 00007f518b445fa0 R15: 00007fffb4774448
[  330.802580][T17354]  </TASK>
[  331.072055][T17362] netlink: 'syz.7.4410': attribute type 29 has an invalid length.
[  331.080180][T17362] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4410'.
[  331.124939][T17362] loop7: detected capacity change from 0 to 8192
[  331.173789][T17364] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4409'.
[  331.274066][T17367] random: crng reseeded on system resumption
[  331.343205][T17367] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  331.417013][T17379] loop7: detected capacity change from 0 to 1024
[  331.427997][T17379] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.444218][T17379] vhci_hcd: invalid port number 96
[  331.449396][T17379] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  331.469300][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.630319][T17394] netlink: 'syz.6.4422': attribute type 29 has an invalid length.
[  331.638224][T17394] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4422'.
[  331.687828][T17400] syzkaller1: entered promiscuous mode
[  331.693380][T17400] syzkaller1: entered allmulticast mode
[  331.741356][T17394] loop6: detected capacity change from 0 to 8192
[  331.802041][T17406] lo speed is unknown, defaulting to 1000
[  331.813493][T17410] netlink: 'syz.7.4426': attribute type 8 has an invalid length.
[  331.848831][T17410] loop7: detected capacity change from 0 to 512
[  331.857843][T17413] netlink: 'syz.0.4428': attribute type 8 has an invalid length.
[  331.881141][T17413] FAULT_INJECTION: forcing a failure.
[  331.881141][T17413] name failslab, interval 1, probability 0, space 0, times 0
[  331.886167][T17406] lo speed is unknown, defaulting to 1000
[  331.893832][T17413] CPU: 1 UID: 0 PID: 17413 Comm: syz.0.4428 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  331.893875][T17413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  331.893896][T17413] Call Trace:
[  331.893906][T17413]  <TASK>
[  331.893917][T17413]  __dump_stack+0x1d/0x30
[  331.893959][T17413]  dump_stack_lvl+0xe8/0x140
[  331.893987][T17413]  dump_stack+0x15/0x1b
[  331.894012][T17413]  should_fail_ex+0x265/0x280
[  331.894102][T17413]  should_failslab+0x8c/0xb0
[  331.894173][T17413]  kmem_cache_alloc_node_noprof+0x57/0x320
[  331.894213][T17413]  ? __alloc_skb+0x101/0x320
[  331.894256][T17413]  __alloc_skb+0x101/0x320
[  331.894323][T17413]  ? audit_log_start+0x365/0x6c0
[  331.894369][T17413]  audit_log_start+0x380/0x6c0
[  331.894452][T17413]  audit_seccomp+0x48/0x100
[  331.894491][T17413]  ? __seccomp_filter+0x68c/0x10d0
[  331.894524][T17413]  __seccomp_filter+0x69d/0x10d0
[  331.894631][T17413]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  331.894742][T17413]  ? vfs_write+0x75e/0x8e0
[  331.894787][T17413]  ? __rcu_read_unlock+0x4f/0x70
[  331.894825][T17413]  ? __fget_files+0x184/0x1c0
[  331.894859][T17413]  __secure_computing+0x82/0x150
[  331.894959][T17413]  syscall_trace_enter+0xcf/0x1e0
[  331.894993][T17413]  do_syscall_64+0xac/0x200
[  331.895019][T17413]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  331.895055][T17413]  ? clear_bhb_loop+0x40/0x90
[  331.895158][T17413]  ? clear_bhb_loop+0x40/0x90
[  331.895191][T17413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.895221][T17413] RIP: 0033:0x7f3c5d4de929
[  331.895244][T17413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.895271][T17413] RSP: 002b:00007f3c5bb46e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  331.895300][T17413] RAX: ffffffffffffffda RBX: 000000000000052e RCX: 00007f3c5d4de929
[  331.895349][T17413] RDX: 00007f3c5bb46ef0 RSI: 0000000000000000 RDI: 00007f3c5d5614cc
[  331.895389][T17413] RBP: 0000200000000640 R08: 00007f3c5bb46bb7 R09: 00007f3c5bb46e40
[  331.895407][T17413] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  331.895425][T17413] R13: 00007f3c5bb46ef0 R14: 00007f3c5bb46eb0 R15: 00002000000001c0
[  331.895479][T17413]  </TASK>
[  331.916440][T17410] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  331.950873][T17413] loop0: detected capacity change from 0 to 512
[  331.972402][T17410] EXT4-fs (loop7): mount failed
[  332.080984][T17413] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  332.174380][T17413] EXT4-fs (loop0): mount failed
[  332.252219][T17435] netlink: 'syz.0.4433': attribute type 8 has an invalid length.
[  332.267545][T17435] loop0: detected capacity change from 0 to 512
[  332.283193][T17435] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  332.311534][T17438] loop6: detected capacity change from 0 to 1024
[  332.318873][T17435] EXT4-fs (loop0): mount failed
[  332.324584][T17439] loop7: detected capacity change from 0 to 1024
[  332.359239][T17439] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.359337][T17438] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.434843][T17438] vhci_hcd: invalid port number 96
[  332.440113][T17438] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  332.447325][T17439] vhci_hcd: invalid port number 96
[  332.452491][T17439] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  332.479021][T16544] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.497951][T16526] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.657509][T17457] net_ratelimit: 25 callbacks suppressed
[  332.657529][T17457] netlink: zone id is out of range
[  332.684881][T17457] netlink: zone id is out of range
[  332.690091][T17457] netlink: zone id is out of range
[  332.697388][T17459] loop0: detected capacity change from 0 to 512
[  332.703941][T17457] netlink: zone id is out of range
[  332.709189][T17457] netlink: del zone limit has 8 unknown bytes
[  332.713007][T17459] EXT4-fs: Ignoring removed orlov option
[  332.739122][T17459] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  332.748913][T17461] netlink: 'syz.7.4441': attribute type 29 has an invalid length.
[  332.758403][T17459] EXT4-fs (loop0): orphan cleanup on readonly fs
[  332.779796][T17459] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.4440: bg 0: block 248: padding at end of block bitmap is not set
[  332.838503][T17461] loop7: detected capacity change from 0 to 8192
[  332.845893][T17459] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.4440: Failed to acquire dquot type 1
[  332.896706][T17459] EXT4-fs (loop0): 1 truncate cleaned up
[  332.905631][T17467] loop6: detected capacity change from 0 to 512
[  332.912367][T17467] EXT4-fs: Ignoring removed orlov option
[  332.919151][T17467] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  332.929553][T17467] EXT4-fs (loop6): orphan cleanup on readonly fs
[  332.937546][T17467] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4443: bg 0: block 248: padding at end of block bitmap is not set
[  332.952562][T17459] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  332.965836][T17467] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.4443: Failed to acquire dquot type 1
[  332.978040][T17467] EXT4-fs (loop6): 1 truncate cleaned up
[  332.985745][T17467] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  333.004557][T17459] EXT4-fs: Ignoring removed orlov option
[  333.010482][T17459] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  333.010597][T17459] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  333.022056][T17459] EXT4-fs error (device loop0): __ext4_remount:6736: comm syz.0.4440: Abort forced by user
[  333.031886][T17467] FAULT_INJECTION: forcing a failure.
[  333.031886][T17467] name failslab, interval 1, probability 0, space 0, times 0
[  333.041252][T17459] EXT4-fs (loop0): Remounting filesystem read-only
[  333.053653][T17467] CPU: 1 UID: 0 PID: 17467 Comm: syz.6.4443 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  333.053714][T17467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  333.053732][T17467] Call Trace:
[  333.053743][T17467]  <TASK>
[  333.053756][T17467]  __dump_stack+0x1d/0x30
[  333.053786][T17467]  dump_stack_lvl+0xe8/0x140
[  333.053814][T17467]  dump_stack+0x15/0x1b
[  333.053863][T17467]  should_fail_ex+0x265/0x280
[  333.053908][T17467]  should_failslab+0x8c/0xb0
[  333.053940][T17467]  kmem_cache_alloc_noprof+0x50/0x310
[  333.053979][T17467]  ? getname_flags+0x80/0x3b0
[  333.054027][T17467]  getname_flags+0x80/0x3b0
[  333.054069][T17467]  __x64_sys_mkdirat+0x40/0x60
[  333.054179][T17467]  x64_sys_call+0x2be0/0x2fb0
[  333.054210][T17467]  do_syscall_64+0xd2/0x200
[  333.054294][T17467]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  333.054338][T17467]  ? clear_bhb_loop+0x40/0x90
[  333.054367][T17467]  ? clear_bhb_loop+0x40/0x90
[  333.054479][T17467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.054510][T17467] RIP: 0033:0x7f15ed2bd197
[  333.054532][T17467] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.054557][T17467] RSP: 002b:00007f15eb926e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  333.054582][T17467] RAX: ffffffffffffffda RBX: 00007f15eb926ef0 RCX: 00007f15ed2bd197
[  333.054605][T17467] RDX: 00000000000001ff RSI: 0000200000000f00 RDI: 00000000ffffff9c
[  333.054623][T17467] RBP: 0000200000000f40 R08: 0000200000000000 R09: 0000000000000000
[  333.054640][T17467] R10: 0000200000000f40 R11: 0000000000000246 R12: 0000200000000f00
[  333.054796][T17467] R13: 00007f15eb926eb0 R14: 0000000000000000 R15: 00002000000008c0
[  333.054822][T17467]  </TASK>
[  333.073237][T17467] EXT4-fs: Ignoring removed orlov option
[  333.082813][T17459] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  333.086230][T17467] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  333.260536][T17459] ext4 filesystem being remounted at /312/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  333.260547][T17467] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  333.292000][T13020] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.301949][T17467] EXT4-fs error (device loop6): __ext4_remount:6736: comm syz.6.4443: Abort forced by user
[  333.312489][T17467] EXT4-fs (loop6): Remounting filesystem read-only
[  333.319292][T17467] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  333.328530][T17467] ext4 filesystem being remounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  333.353892][T16526] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.396282][T17484] vhci_hcd: invalid port number 96
[  333.400394][T17477] loop0: detected capacity change from 0 to 512
[  333.401422][T17484] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  333.425481][T17477] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  333.454429][T17477] EXT4-fs (loop0): 1 truncate cleaned up
[  333.464335][T17477] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.481620][T17477] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.543737][T17495] ªªªªªª: renamed from vlan0 (while UP)
[  333.569630][T17502] loop0: detected capacity change from 0 to 512
[  333.578480][T17502] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  333.578851][T17498] lo speed is unknown, defaulting to 1000
[  333.590241][T17502] EXT4-fs (loop0): 1 truncate cleaned up
[  333.601779][T17502] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.615220][T17502] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.653825][T17498] lo speed is unknown, defaulting to 1000
[  333.653883][T17506] lo speed is unknown, defaulting to 1000
[  333.685611][T17508] loop0: detected capacity change from 0 to 256
[  333.730969][T17506] lo speed is unknown, defaulting to 1000
[  333.751056][   T29] kauditd_printk_skb: 750 callbacks suppressed
[  333.751075][   T29] audit: type=1326 audit(1751185269.213:45386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  333.781332][   T29] audit: type=1326 audit(1751185269.213:45387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  333.806107][   T29] audit: type=1326 audit(1751185269.241:45388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f22a99ed290 code=0x7ffc0000
[  333.830123][   T29] audit: type=1326 audit(1751185269.241:45389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f22a99ed290 code=0x7ffc0000
[  333.853816][   T29] audit: type=1326 audit(1751185269.241:45390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  333.877537][   T29] audit: type=1326 audit(1751185269.241:45391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  333.901167][   T29] audit: type=1326 audit(1751185269.259:45392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  333.924918][   T29] audit: type=1326 audit(1751185269.259:45393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  333.948659][   T29] audit: type=1326 audit(1751185269.259:45394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17513 comm="syz.7.4460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  333.992389][   T29] audit: type=1326 audit(1751185269.353:45395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17516 comm="syz.7.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a99ee929 code=0x7ffc0000
[  334.029751][T17519] netlink: 'syz.7.4461': attribute type 29 has an invalid length.
[  334.136000][T17517] loop7: detected capacity change from 0 to 8192
[  334.155449][T17524] vhci_hcd: invalid port number 96
[  334.160613][T17524] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  334.248926][T16526] ==================================================================
[  334.257075][T16526] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes
[  334.264581][T16526] 
[  334.266944][T16526] read-write to 0xffff888103f023e8 of 8 bytes by task 17515 on cpu 0:
[  334.275124][T16526]  inode_add_bytes+0x47/0xe0
[  334.279762][T16526]  __dquot_alloc_space+0x180/0x8a0
[  334.284905][T16526]  shmem_inode_acct_blocks+0x129/0x240
[  334.290401][T16526]  shmem_get_folio_gfp+0x5a7/0xd60
[  334.295579][T16526]  shmem_write_begin+0xa8/0x190
[  334.300478][T16526]  generic_perform_write+0x184/0x490
[  334.305804][T16526]  shmem_file_write_iter+0xc5/0xf0
[  334.310957][T16526]  __kernel_write_iter+0x253/0x4c0
[  334.316120][T16526]  dump_user_range+0x407/0x8c0
[  334.320924][T16526]  elf_core_dump+0x1dc2/0x1f80
[  334.325730][T16526]  do_coredump+0x1dfa/0x27b0
[  334.330356][T16526]  get_signal+0xd85/0xf70
[  334.334842][T16526]  arch_do_signal_or_restart+0x96/0x480
[  334.340418][T16526]  irqentry_exit_to_user_mode+0x5e/0xa0
[  334.345998][T16526]  irqentry_exit+0x12/0x50
[  334.350486][T16526]  asm_exc_page_fault+0x26/0x30
[  334.355373][T16526] 
[  334.357722][T16526] read to 0xffff888103f023e8 of 8 bytes by task 16526 on cpu 1:
[  334.365386][T16526]  generic_fillattr+0x27d/0x340
[  334.370279][T16526]  shmem_getattr+0x181/0x200
[  334.374906][T16526]  vfs_getattr_nosec+0x143/0x1e0
[  334.379882][T16526]  vfs_statx+0x113/0x390
[  334.384142][T16526]  vfs_fstatat+0x115/0x170
[  334.388575][T16526]  __se_sys_newfstatat+0x55/0x260
[  334.393631][T16526]  __x64_sys_newfstatat+0x55/0x70
[  334.398676][T16526]  x64_sys_call+0x2c22/0x2fb0
[  334.403373][T16526]  do_syscall_64+0xd2/0x200
[  334.407889][T16526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.413805][T16526] 
[  334.416140][T16526] value changed: 0x000000000000d0d0 -> 0x000000000000d0e0
[  334.423344][T16526] 
[  334.425680][T16526] Reported by Kernel Concurrency Sanitizer on:
[  334.431843][T16526] CPU: 1 UID: 0 PID: 16526 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[  334.444533][T16526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  334.454608][T16526] ==================================================================