last executing test programs:

5.140378905s ago: executing program 0 (id=396):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xffd, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000b80)=[{0x6}]}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

4.360426904s ago: executing program 3 (id=406):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x3}}, './file0\x00'})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1a, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b7050000080000008500000069000000"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000008c0)={0x84, @rand_addr=0x64010102, 0x4e22, 0x1, 'lblcr\x00', 0x0, 0x10001, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @private=0xa010102, 0x1ffc, 0x200000001, 'none\x00', 0x9, 0x821}, 0x2c)
r4 = socket$inet(0x2, 0x3, 0x4)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000440)=0x20000000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r6}, 0x10)
pause()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r7 = socket$pppoe(0x18, 0x1, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, r1}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000004c0)={@cgroup=r9, r8, 0x2f}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000008c0)=ANY=[@ANYRES32=r8, @ANYRES32=r9, @ANYBLOB='/\x00\x00\x00 \x00\x00\x00\x00', @ANYRES32], 0x20)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000001600)=ANY=[@ANYBLOB="180200000100000000000000000000008500000087000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000fa000000850000000600000095000000000000"], &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00}, 0x94)
sendmmsg$inet6(r1, &(0x7f0000000780)=[{{&(0x7f0000000340)={0xa, 0x4e21, 0x1, @private2, 0x1}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000380)="74a27346e027794d4b874d357156", 0xe}], 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="600000000000000029000000370000000108000000000000040144c20400000004c20400000005c910ff010000000000000000000000000001010700000000000000c910fe8000000000000000000000000000aa000100040100000000000000140000000000002900000008000000030000000000000000"], 0x78}}], 0x1, 0x48000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
connect$pppoe(r7, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r7, &(0x7f00000000c0)={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 'macvlan0\x00'}}, 0x1e)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r12}, 0x10)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@bridge_newvlan={0x17, 0x70, 0x1, 0xfffffffd, 0x0, {}, [@BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x3000000}}}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r14=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="fe153753c71e33199939512baf4b74a4ff13de752ccca5e71e7bcf45f0da0e65195007e63453d88ebea2bf2e637b96927b023ac68abdc32a44d74006f41efceda068ff98d0deedbf10a95d733930130a3f188f3e9abc9a7b7547ea5d1753bdcb7b1e3c2c7a89c33cb671a554bbf858d1e19ad8c952f658cb24bc31fe1f9f57d60000000000", @ANYRES16=r11, @ANYBLOB="040028bd7000fcdbdf250b00000008000300", @ANYRES32=r14, @ANYBLOB="0c009900810000002e00000054005080090001006e8413a7110000000c000880040001000400010008000700000000000800070000000000040006000400060005000900020000000800030001ac0f00050009000100000005000900010000000900070033822ea63f0000000400280009000700cbafa0db3500000004000b00"], 0x9c}, 0x1, 0x0, 0x0, 0x80}, 0x4040)

3.761480223s ago: executing program 1 (id=430):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd3a, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054) (async)
clock_gettime(0x0, &(0x7f0000000180)={<r4=>0x0, <r5=>0x0})
clock_nanosleep(0x3, 0x1, &(0x7f00000001c0)={r4, r5+10000000}, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r6}, 0x18)
r7 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r7, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10) (async)
r8 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r8, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4) (async)
bind$inet(r8, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
listen(r8, 0x0) (async)
listen(r7, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r9}, 0x10) (async)
pipe2$9p(&(0x7f00000000c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0) (async)
r12 = io_uring_setup(0x353, &(0x7f0000000340)={0x0, 0xb633, 0x400, 0x0, 0x270}) (async)
r13 = socket$inet6_sctp(0xa, 0x1, 0x84)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r12, 0x1e, &(0x7f0000000200)={r13}, 0x1) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}})

3.719703467s ago: executing program 1 (id=432):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="6e6f646f74732c646d61736b3d30303030303030303030303030303030303030303030332c757365667265652c6e8d646f74732c666c7573682c646f74732c646f74732cd4dfec9ae3c682faa3fb59ae4226714c7c0423b81ac8232eb06fc5c24b24c1b03b1590bc4a0de0cc6379bf0a65631cda3555b6825e24c33ef672475946", @ANYRESHEX=0x0, @ANYRES64=0x0], 0x5, 0x225, &(0x7f0000000600)="$eJzs3D1rW1ccB+AjWX5RS4unQrv00C7torZeunRoKS6UClraqvRlusZyI6RI4KtBMhlExkz+HCGQJZAt5Av4M2TJZgLGk6fcoEiyYseKHTuSifM8i/6c3z1H5+iIi7iS7u5329frG2lpI2mHwlIu5L8PvXCQC8shH0Z64cu7f+/f+uOff3/5oVxe/X1+2B7jh58++O/Gnc8ett//616/JRdC2Ft5vPPRzse7T/+8VktjLY3NVjsmca3VaidrjWpcr6X1Uoy/NapJWo21ZlrdPJJvNFrjpw7VNI1Jsxvr1W5st2J7sxuT/5NaM5ZKpbgUuJDK7YMsC3tZlmWLvZBl2esOkJvOvJiVC+4/b7nDk3rsn02f9DqVTmXwOMh/+rm8+nV8bnnca7/TqcyFUBzk3wzyeDSfD+8N+6+cmC+ELz4f5P3sx1/Lx/JiWJ/FCwAAAAAAAFdQKR56+fp+Py9NygfVC98PHLt+XwifFMYtc9NfCgAAADBB2t2qJ431hc1B0aheWrEYjrZ8e384xdO6f/Xo9GOmVHwwLMI5xymGECYfkw+XvimzKUa/Ix+2jP5fcLbuhTc1jeKUV3pz+2zv51GxFE6KimGrvnieaYR8OHHAyZsCAABcLeMP/Wfukp/qhAAAAAAAAAAAAAAAAAAAAOAdNIt7vF32GgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXuVZAAAA///zUVL1")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x4, &(0x7f0000004400)=@framed={{0x18, 0x2, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x18}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r1 = openat(0xffffffffffffff9c, 0x0, 0x105042, 0x1db)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x60000}], 0x1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="7a010000001200d1bb55d5138fb01d80af53832f301d52f4c4a8d76ef56f41d8bbe0", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000100)={0x9, 0x1ff, 0x4})
ioctl$VT_DISALLOCATE(r5, 0x5608)
mount$9p_rdma(0x0, 0x0, 0x0, 0x2800004, &(0x7f00000002c0)=ANY=[])
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000})
r6 = syz_io_uring_setup(0x64d, &(0x7f0000000580)={0x0, 0x11f8, 0x100, 0x22, 0x801e7}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r6})
io_uring_enter(r6, 0x749d, 0x4, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)

3.680793831s ago: executing program 1 (id=433):
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xffffffffffffffa0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1080, 0x0, 0x800000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="d37a6d95c19185020000010000000000000001410001001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010014)
close(r0)

3.623341607s ago: executing program 1 (id=436):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x10, 0x0, @in6={0xa, 0x4e21, 0x0, @mcast2, 0x9}}}, 0x90)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x18002, 0x30)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x16, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000210000000000000018010000ff00000000bfa1000000000002000008000000b7030000000000fe06000000710000009500"/81], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc580000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000002c0003800c0000800800034000000002100000800c000180060001"], 0xbc}}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x2002, 0x0)
syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r5, r5, 0x0, 0x40000f63c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0xa, 0x52, 0x0, 'queue0\x00'})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0xfffd}, 0x18)
r7 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000001b40)='/proc/self/attr/current\x00', 0x64, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pread64(r7, &(0x7f0000000000)=""/4096, 0x1000, 0x4)
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000380)={'syztnl0\x00', 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xb, &(0x7f0000000500)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x39, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.532330766s ago: executing program 3 (id=437):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
socketpair(0x21, 0xe, 0x400, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getenv(0x4201, r1, 0x5, &(0x7f00000000c0))
r2 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8, 0x36f}, &(0x7f0000010080), &(0x7f0000000040))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000140)=[{0x0}, {0x0}], 0x2)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4), 0xc)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000280)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000005c0)={[{@dax_inode}, {@orlov}, {@user_xattr}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@nodiscard}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="2000000076001f4ca3bd7000fbdbdf25080000000000000008000100", @ANYRES32], 0x20}], 0x1, 0x0, 0x0, 0x2400c814}, 0x0)
open_by_handle_at(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="4b000000020000000f00000000000000"], 0x36f0516f)

3.456175514s ago: executing program 3 (id=439):
syz_io_uring_setup(0x18d6, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x169f720c8fac0f1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
arch_prctl$ARCH_GET_UNTAG_MASK(0x4001, &(0x7f00000001c0))

3.366984383s ago: executing program 3 (id=440):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}])
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000040)={0x3, 0x45, 0x9, 0x8, 0x10, "489e4259442aeff50733560d62b8d7a171b8b1"})
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000000001010400000000141afbff02000010240001801400018008000100e000000108000200e00000010cb65c5e0500010000000000180002801400018008000100ac1414aa08000200ac1e"], 0x50}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140004"], 0xa4}, 0x1, 0x0, 0x0, 0x40801}, 0x804)

3.265672543s ago: executing program 1 (id=441):
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x7, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x10, 0x1, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x10}, {0xfff1}, {0xe}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x0)

3.164295393s ago: executing program 3 (id=443):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000010000000000000", @ANYRES32, @ANYBLOB="00000000000000000400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0x1a, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000050000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000040000000001801000020756c3d00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="00000000000000008500000075000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000001380)={<r2=>0xffffffffffffffff})
sendmsg$nl_route_sched(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000980)=@newtclass={0x24, 0x28, 0x4, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xb, 0xa}, {0x5, 0xa}, {0xe, 0xffe0}}}, 0xfdef}, 0x1, 0x0, 0x0, 0x40d1}, 0x40d8)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
connect$inet(r4, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
splice(r4, 0x0, r3, 0x0, 0x7ffff000, 0xa)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0xfffffffffffffffa, 0x3)

2.985142181s ago: executing program 0 (id=445):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
lsm_set_self_attr(0x0, &(0x7f0000000000)={0x64, 0x6, 0x20}, 0x5e0e559506f9295d, 0x0)

2.851727784s ago: executing program 0 (id=447):
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2f, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x56}, 0x94)
r2 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$sock(r2, 0x0, 0x80804)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
r4 = open$dir(&(0x7f0000000180)='./file0\x00', 0x18000, 0x0)
name_to_handle_at(r4, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=@OVL_FILEID_V0={0x5a, 0xfb, {0x0, 0xfb, 0x5a, 0x7, 0x7, "9a381fb4f77adb59c513312199203164", "3a31b1b84e3293437fbb1aced8a8f4a9cbbf7ee2be8096d745bbb528b5f72f6aaf866e750dbf6e01893dfe94544b5c2bde8e67d933841259c7d128299103a0cc32b6523843"}}, &(0x7f00000004c0), 0x200)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000200)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x102)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x28011, r5, 0x0)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7], 0x0, 0x0, 0x100000}}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x80}}, 0x8000)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
fcntl$setlease(r9, 0x400, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r9}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
connect$can_bcm(r8, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="050000"], 0x80}}, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@private1, @in=@local, 0x0, 0x0, 0x4e22, 0x0, 0x2, 0x0, 0x20, 0x11}, {0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x10, 0x9}, {}, 0x6, 0x0, 0x1}, {{@in=@rand_addr=0x64010102, 0x4d2, 0x33}, 0x0, @in=@loopback, 0x3506, 0x0, 0x2, 0xb7, 0x2, 0xfffffff9}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)
r10 = socket$qrtr(0x2a, 0x2, 0x0)
getsockopt$bt_hci(r10, 0x0, 0x1, &(0x7f0000000340)=""/87, &(0x7f0000000100)=0x57)

2.658641374s ago: executing program 1 (id=450):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xffd, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000b80)=[{0x6}]}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

2.658393854s ago: executing program 32 (id=450):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xffd, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000b80)=[{0x6}]}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

2.074126322s ago: executing program 2 (id=455):
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40028855}, 0x8000)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000440)={0x900, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="020afc000700000028bd7000fedbdf2505001a0000000000000000000000000000000000000013000000050020005587724ab3143b1457b5"], 0x38}}, 0x40488c0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r2 = syz_io_uring_setup(0x2782, &(0x7f0000000900)={0x0, 0x5a10, 0x481, 0x1, 0x27b}, &(0x7f0000000980), &(0x7f00000009c0))
r3 = syz_io_uring_setup(0xbc3, &(0x7f0000000540)={0x0, 0xd821, 0x10000, 0x2, 0x800264, 0x0, r2}, &(0x7f00000008c0)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}})
io_uring_enter(r3, 0x29ab, 0xd480, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipv4_deladdr={0x2c, 0x15, 0x1, 0xfffffffd, 0x0, {0x2, 0x20, 0x0, 0x0, r6}, [@IFA_LABEL={0x14, 0x3, 'veth0\x00'}]}, 0x2c}}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.self_freezing\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x100010, r8, 0x8cce6000)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='P\x00/\x00\x00', @ANYRES32=0x0, @ANYBLOB="a4000600400000001c0012800c0001006d6163766c616e000c0002800800090001800000140035006d6163766c616e300000000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x8840}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r10}, 0x18)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x100000000000000)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000240)=ANY=[@ANYBLOB="757466383d312c726f6469722c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c636865636b3d7374726963742c756e695f786c6174653d302c6e6f636173652c616c6c6f775f7574696d653d30303030303030303030303030303030303030343030302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e6e742c71756965742c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c757466383d302c666c7573682c726f6469722c73686f72746e616d653d6d697865642c73686f77657865632c636865636b3d72656c617865642c726f6469722c726f6469722c007cbda5978eff1afd303a09806ce0c610fe00684c0c67004cdbbd0b9992b0bbea8911a2050000006311c61fb0edf19ed5b7f8d03bfbf22d5655a02f9c7e7307c4f0cbeda2b4e5b2821ba502f452ce09bae8f886c9b612847e26f9afb26c9805000000000000000bc8604552e1dcb75008cfdd8a85c302b83f5ba6d806e8f77268091776f01e8c0465aa4a0ac02f13f9daeab1932f5688fd0ba15f0fc0d94f21c352fe6bc02b893c57f77281db316d62c523025b2c545ab273f28000ba55a384f4ddaa65567a7eb6e51c9d5b69a84c1cec408643486d4c6a17a1fe12f05c1bf8b7494265dc0493bbc87c7f86f7e5e9ed79d5822adebabbe3c1e9320ad777219218ae6103ce6a392927ef866f4b0bcfecea44742736cfc57fe72eee93d416f6ff7da7641eb9865ee1f09a9b76f87189d2f0113ebf44794240ccdfdee8fa1eccb4abfa1d4d470623d6e1530497c7e64924d946272d4fa346cfecac39646cbbf431869c533429e09b", @ANYRES16], 0x88, 0x2a9, &(0x7f0000000c00)="$eJzs3T9rc1UYAPDnpmmSV4dkcJKCF3RwKm1XlxRpoZhJyaAOWmwL0gShhYJ/MHZydXH0EwiCm1/CxW8guApudihcuTf3mqSmaSNN9S2/39LTc89zznNOz6V0yNMPN4anR2mcXH7xa7RaSdS68SyukuhELSpfxYzuNwEAPM+usiz+yMaWiUsiorW6tACAFVr69/+PK08JAFixd959763dXm/v7TRtxf7w64t+/pd9/nX8fPckPo5BHMdWtOM6IvvbuL2fZdmonuY68dpwdNHPI4cf/FzOv/t7RBG/He3oFF2z8Qe9ve10bCp+lOfxQrl+N4/fiXa8NGf9g97ezpz46Dfi9Ven8t+MdvzyUXwSgzgqkpjEf7mdpm9m3/75+ft5enl8MrroN4txE9naI/9oAAAAAAAAAAAAAAAAAAAAAAB4wjbL2jnNKOr35F1l/Z216/yb9Ugrndn6POP4pJroRn2gURbfVfV1ttI0zcqBk/h6vFyP+n+zawAAAAAAAAAAAAAAAAAAAPh/Of/0s9PDweD47EEaVTWA6mP9/3ae7lTPK7F4cHOyVq1sLpg51qoxScTCNPJNPNCx3NV4dlvO3/+w7IStu8esLzqfh2lUt+v0MJl/hs2oelrVJflpekwj7rlW47ZHG0UC1eW4a57G3EftpffeeLFojBaMiWTRe/HGb+OEy57k5kvUKE51bvh62ZgKv3E3brvP1SnNvin/kKjWAQAAAAAAAAAAAAAAAAAAKzX5GPCch5cLQ2tZc2VpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCjmvz//yUaozL4HoMbcXY+f+X6Y24TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ+6vAAAA//+lillR")
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}]}, &(0x7f0000000100)='GPL\x00', 0x7, 0xac, &(0x7f0000000600)=""/172, 0x41100, 0x1b, '\x00', r6, 0x25, r8, 0x8, &(0x7f0000000180)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0x7, 0x8, 0x2}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f00000007c0)=[{0x3, 0x1, 0xd, 0x1}, {0x4, 0x80000001, 0x8, 0x4}, {0x5, 0x2, 0x9, 0x7}], 0x10, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='scsi_dispatch_cmd_start\x00', r11}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

763.957523ms ago: executing program 0 (id=467):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000780)={[{@norecovery}]}, 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

763.748654ms ago: executing program 2 (id=468):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
lsm_set_self_attr(0x0, &(0x7f0000000000)={0x64, 0x6, 0x20}, 0x5e0e559506f9295d, 0x0)

763.523924ms ago: executing program 4 (id=469):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
clock_adjtime(0xa, &(0x7f0000000040)={0xd4e, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x4, 0x0, 0xf, 0x40, 0x0, 0x0, 0x400000, 0xffffc00000000000, 0x3d, 0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffff02, 0xfffffffffffffffe})

672.501873ms ago: executing program 4 (id=470):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000500000000000000", @ANYRES32=0x1, @ANYBLOB="1f00000000000000000000000000000010000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x18}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x71}, 0x18)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x84000, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={0x0, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = io_uring_setup(0x241a, &(0x7f00000003c0)={0x0, 0x7f0d, 0x1, 0x1, 0x20035d})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r4, 0x7, &(0x7f0000000240), 0x1)
read(r3, 0x0, 0x0)
pwritev(r3, 0x0, 0x0, 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r5, 0xf50f, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4c0000000206010700000000000000000000008014000300686173683a69702c706f72742c6970000900020073797a31000000000500010007000000050005000a000000050004"], 0x4c}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="7400000009060102f9ef000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x8}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x482, &(0x7f0000000100)={[{@nr_inodes={'nr_inodes', 0x3d, [0x32]}}]})
chdir(&(0x7f0000000040)='./file0\x00')
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000004000500a9930000100000000000000020"], 0x24, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x511a01, 0x80)

561.465184ms ago: executing program 2 (id=471):
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r2, 0xfffd, 0x4100)

440.093816ms ago: executing program 0 (id=472):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x18)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xffffffff00000000, 0x6, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r4)

419.022148ms ago: executing program 2 (id=473):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x18)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xffffffff00000000, 0x6, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r6 = add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f00000001c0)="a6", 0x1, r5)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@keyring={'key_or_keyring:', r6})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r7)

286.980522ms ago: executing program 0 (id=474):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x10, 0x0, @in6={0xa, 0x4e21, 0x0, @mcast2, 0x9}}}, 0x90)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x18002, 0x30)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x16, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000210000000000000018010000ff00000000bfa1000000000002000008000000b7030000000000fe06000000710000009500"/81], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc580000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000002c0003800c0000800800034000000002100000800c000180060001"], 0xbc}}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x2002, 0x0)
syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r5, r5, 0x0, 0x40000f63c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0xa, 0x52, 0x0, 'queue0\x00'})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0xfffd}, 0x18)
r7 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000001b40)='/proc/self/attr/current\x00', 0x64, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pread64(r7, &(0x7f0000000000)=""/4096, 0x1000, 0x4)
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000380)={'syztnl0\x00', 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xb, &(0x7f0000000500)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x39, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

233.716947ms ago: executing program 2 (id=475):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x18)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xffffffff00000000, 0x6, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r4)

214.434259ms ago: executing program 4 (id=476):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000007c0)='sched_switch\x00', r0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
pipe(&(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32=r1], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, 0x0, 0x0)

157.021585ms ago: executing program 3 (id=477):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x3, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000008000000000000000000910095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r2, r2, 0x2f, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r3, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff)
r6 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@nomblk_io_submit}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
r7 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r7, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r7, 0x5, 0x4)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000000080)={r8, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0xa]}})
sendmsg$GTP_CMD_DELPDP(r4, &(0x7f0000000540)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00082cbd7000ffdbdf2501000000080008000100000008000900000000000800070083c0210b47aecf0b1b6d792d", @ANYRES32=r8, @ANYBLOB="08000400ac14141b0c00030000000000000000000800080003000000"], 0x48}, 0x1, 0x0, 0x0, 0x2004c844}, 0x40)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000200)={r3, r2, 0x4, r1}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r9}, 0x18)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)

135.658217ms ago: executing program 4 (id=478):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_kthread_work_queue_work\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000241000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2eb2b00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c0800014000000002080001400000003008000240000000030800014000000012080003400000000008"], 0x122}}, 0x8010)

99.456781ms ago: executing program 5 (id=451):
syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0x2000e7b3, 0x13500}, &(0x7f0000000280), &(0x7f0000001880))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0xfffffff9, 0x7fff, 0x16, "0062ba7d82000000000000000000f7ffffff00"})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000b00)={0x0, 0xf22fff7f, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c49", 0xc00e}], 0x9, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d4f47f0000000000000100000000000000000000001400000000000000000000000200000000000000000000001400000000000000ff010000000000000000000000000000110000000000000000000000010000000000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000000"], 0xf}, 0x0)
r2 = syz_open_pts(r0, 0xc0000)
dup3(r2, r0, 0x0)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000000)={0x80000000, 0x8, 0x8, 0x3, 0x0, "2126f45dd4bb0b70447e38c4a95a8549fa01d5"})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r5=>0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="9b0000000100000020000000009672aa000440fb5619b6ce1cd156e1aa9f10dc74619a34a92d6dd8b68e6d0f90a9e72ac3403168c2dbb7d3c1317b8b7004032c89026b92126ba7be4525d78acb83a179296291cd1a09a48dcb43f9fda84e6d3a655d0dc6416021ea23dfeae9d8ea4db2c39af95b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffd, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'macsec0\x00', <r9=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000018c0)=@newtfilter={0x514, 0x11, 0x1, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x74, r9, {0xfffd, 0xffff}, {0x10, 0xfff1}, {0x2, 0x3}}, [@filter_kind_options=@f_flow={{0x9}, {0x4dc, 0x2, [@TCA_FLOW_PERTURB={0x8, 0xc, 0x4}, @TCA_FLOW_KEYS={0x8, 0x1, 0x16de4}, @TCA_FLOW_MASK={0x8}, @TCA_FLOW_BASECLASS={0x8, 0x3, {0x8, 0xb}}, @TCA_FLOW_PERTURB={0x8, 0xc, 0x4}, @TCA_FLOW_MODE={0x8}, @TCA_FLOW_EMATCHES={0x4a0, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0xe0, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x8, 0x8, 0x4a}, {0x3, 0x4, 0x2}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x5, 0x1, 0xffff}, {0x9, 0x100, 0x200, 0x5, 0x1}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x9, 0x8, 0x61}, {0x1, 0x5, 0x2}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0xc, 0x8, 0x3}, {0x3, 0x4}}}, @TCF_EM_META={0x84, 0x1, 0x0, 0x0, {{0x401}, [@TCA_EM_META_LVALUE={0x23, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="6344d335a0865de9", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="89059877c30acd", @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x2]}, @TCA_EM_META_RVALUE={0x2e, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="947e1833e187c34e057b", @TCF_META_TYPE_VAR="f3e5f5945b1e", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="28913423c620"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x7, 0x7, 0x2}, {0x6, 0x9}}}, @TCA_EM_META_LVALUE={0x16, 0x2, [@TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="4b722696", @TCF_META_TYPE_VAR="46c0", @TCF_META_TYPE_INT=0x5]}]}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x8000, 0x8, 0x8}, {0x3, 0x3, 0x7}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x124, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0x5, 0x3, 0x4}, {0x101, 0x60000000, 0xf055, 0x2}}}, @TCF_EM_NBYTE={0x18, 0x1, 0x0, 0x0, {{0x2, 0x2, 0xcd}, {0x6, 0x5, 0x0, "06e3fd14fd"}}}, @TCF_EM_CONTAINER={0x48, 0x3, 0x0, 0x0, {{0x1ff, 0x0, 0x401}, "cde9e3a35669939bf42d135b3bdb49a51eef572e01c996d262d8cd37d65371998f30e6388ed996aaa27a9b51549d79d5fc62fa5d9aecc8d815569498"}}, @TCF_EM_IPT={0x58, 0x2, 0x0, 0x0, {{0x629, 0x9, 0x6}, [@TCA_EM_IPT_MATCH_DATA={0x39, 0x5, "70f6ab9804c69dcd45c3b2cbd134bbbe72be73680ae3168bb88cd76779d36f74d25b1d717346b4180de39517e843782006c6aaa0ee"}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}]}}, @TCF_EM_CONTAINER={0x4c, 0x3, 0x0, 0x0, {{0x6, 0x0, 0xfff7}, "27ca18760ff4ae9d489d3099bf93ceb05f73cfa16ed9427b610301004c23b24bd58e1845cb9fde3c6662afc2583c3f61c3a2ff02971e9274e177b46d02c9"}}]}, @TCA_EMATCH_TREE_LIST={0x150, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x1c, 0x3, 0x0, 0x0, {{0x3, 0x2, 0x4}, {0x2, 0x9, 0x1, "fbd9caab397ac78ca3"}}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0x0, 0x2, 0x6000}, {0x1, 0x1, 0x0, '?'}}}, @TCF_EM_CONTAINER={0xe4, 0x2, 0x0, 0x0, {{0xab, 0x0, 0x4}, "0981a4e5a71e5838afd9b178f572c3983f6d721dbccea4e7a3dc8aba0f30d8286c9d99068fdb42936004eab16b09e58599b40bac51474240486f649335581fc2652305a1fd9ba477ff0aec7e5149b717a36d5fd6c14fd43067dc7ead16dee31e565552c97e1af2d0b09e0d0af6a2c23489db24e618adbeacb5c0bb960eac3e121c9a19f973cfd487ff4f10d4886c6b87940a8967a2d78f0c8052469c5bfd6acd967c8f358bd8d43df7d93ea9c61b058fd09ef77caac8eb570eaed66f5ad97700350a298d93d1871a63f59935891ea1daeb86e9ff981b60"}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x4, 0x3, 0x400}, {0xe0000000, 0x4, 0xb8e, 0x5}}}, @TCF_EM_META={0x1c, 0x3, 0x0, 0x0, {{0x5, 0x4, 0x7f}, [@TCA_EM_META_LVALUE={0x10, 0x2, [@TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR]}]}}]}, @TCA_EMATCH_TREE_LIST={0x140, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x2, 0x1, 0x6}, {0x6, 0x3, 0x1ab, 0x6, 0x7, 0x0, 0x1}}}, @TCF_EM_IPT={0x124, 0x3, 0x0, 0x0, {{0xd, 0x9, 0x8}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x4}, @TCA_EM_IPT_MATCH_DATA={0xb, 0x5, "9df54de7b525f0"}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x4}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x3}, @TCA_EM_IPT_MATCH_DATA={0xcd, 0x5, "1a384bbdb13fffdb1fd3c9c2b45bc58ce7eb3d1c222471140062a269c20fc5de5b7699f17e989c49637e517cc9da1041b94ff09c04e6fe924419a88566a28a6b5a357cb8841531cbef59162d86c87f97fd95159ca9c383e6fd5bbd80c73dc52178562b55ec973e41ff3a4bd8dda9bf77e1f2885033c3b6d43e4780003cbe3872b62a866489bf49610052421909ecd2220b48eb3e2e55b585a0b4e312b8e7e764e20e6b21b8f02d950f8077348082fdc8f49dac365296c30357eea01e4afb9a7d4b53dd3a3a6bdc62ae"}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0xa}]}}]}]}, @TCA_FLOW_XOR={0x8, 0x7, 0x3}]}}, @TCA_RATE={0x6}]}, 0x514}, 0x1, 0xf0ffffffffffff}, 0x840)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r12}, 0x18)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="90000000", @ANYRES16=r11, @ANYBLOB="0100000000000002000005000000180001801400020073797a5f74756e000000000000000000080005000a0f00005c0003800400010054000380"], 0x90}}, 0x4000000)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r13}, 0x18)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r4, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

71.152363ms ago: executing program 4 (id=479):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
clock_adjtime(0xa, &(0x7f0000000040)={0xd4e, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x4, 0x0, 0xf, 0x40, 0x0, 0x0, 0x400000, 0xffffc00000000000, 0x3d, 0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffff02, 0xfffffffffffffffe})

68.714853ms ago: executing program 2 (id=480):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r2, &(0x7f0000000a00)=ANY=[@ANYBLOB="7f454c4604070003070000000000000002000300030000000903000038000000fcffffff0e000000000020000100050000000000000000000300000008000000f30000007f00000004"], 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000680)="db35925f55f6606eba507f00080000d0beef2d7e73e41e6c78cd2728275b0f88de2ccf96f49cad985a3e3df9fcf2b4", &(0x7f0000000840), 0x7e, r3}, 0x38)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000800)={{{@in=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@private2}, 0x0, @in6=@private2}}, &(0x7f0000000180)=0xe8)
r5 = perf_event_open(0x0, 0xffffffffffffffff, 0xfffffefffffff7ff, 0xffffffffffffffff, 0x9)
fstat(r5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
fstat(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
write$P9_RSTATu(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="630000007d0100000048000800ff01000008000000000200000000000000000001c00800000000000000070000000000000005002e5b5d2d400600402e2d2f2a7b01212409005c253a232e262a2123", @ANYRES32=r4, @ANYRES32=r6, @ANYRES32=r7], 0x63)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, 0x0, &(0x7f00000003c0)}, 0x20)

0s ago: executing program 4 (id=481):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="6e6f646f74732c646d61736b3d30303030303030303030303030303030303030303030332c757365667265652c6e8d646f74732c666c7573682c646f74732c646f74732cd4dfec9ae3c682faa3fb59ae4226714c7c0423b81ac8232eb06fc5c24b24c1b03b1590bc4a0de0cc6379bf0a65631cda3555b6825e24c33ef672475946", @ANYRESHEX=0x0, @ANYRES64=0x0], 0x5, 0x225, &(0x7f0000000600)="$eJzs3D1rW1ccB+AjWX5RS4unQrv00C7torZeunRoKS6UClraqvRlusZyI6RI4KtBMhlExkz+HCGQJZAt5Av4M2TJZgLGk6fcoEiyYseKHTuSifM8i/6c3z1H5+iIi7iS7u5329frG2lpI2mHwlIu5L8PvXCQC8shH0Z64cu7f+/f+uOff3/5oVxe/X1+2B7jh58++O/Gnc8ett//616/JRdC2Ft5vPPRzse7T/+8VktjLY3NVjsmca3VaidrjWpcr6X1Uoy/NapJWo21ZlrdPJJvNFrjpw7VNI1Jsxvr1W5st2J7sxuT/5NaM5ZKpbgUuJDK7YMsC3tZlmWLvZBl2esOkJvOvJiVC+4/b7nDk3rsn02f9DqVTmXwOMh/+rm8+nV8bnnca7/TqcyFUBzk3wzyeDSfD+8N+6+cmC+ELz4f5P3sx1/Lx/JiWJ/FCwAAAAAAAFdQKR56+fp+Py9NygfVC98PHLt+XwifFMYtc9NfCgAAADBB2t2qJ431hc1B0aheWrEYjrZ8e384xdO6f/Xo9GOmVHwwLMI5xymGECYfkw+XvimzKUa/Ix+2jP5fcLbuhTc1jeKUV3pz+2zv51GxFE6KimGrvnieaYR8OHHAyZsCAABcLeMP/Wfukp/qhAAAAAAAAAAAAAAAAAAAAOAdNIt7vF32GgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXuVZAAAA///zUVL1")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x4, &(0x7f0000004400)=@framed={{0x18, 0x2, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x18}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
writev(r1, &(0x7f0000000140), 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="7a010000001200d1bb55d5138fb01d80af53832f301d52f4c4a8d76ef56f41d8bbe0", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000100)={0x9, 0x1ff, 0x4})
ioctl$VT_DISALLOCATE(r5, 0x5608)
mount$9p_rdma(0x0, 0x0, 0x0, 0x2800004, &(0x7f00000002c0)=ANY=[])
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000})
r6 = syz_io_uring_setup(0x64d, &(0x7f0000000580)={0x0, 0x11f8, 0x100, 0x22, 0x801e7}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r6})
io_uring_enter(r6, 0x749d, 0x4, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)

kernel console output (not intermixed with test programs):

v: batadv0: Adding interface: batadv_slave_1
[   37.640123][ T3324] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   37.666046][ T3324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.693288][ T3315] hsr_slave_0: entered promiscuous mode
[   37.699307][ T3315] hsr_slave_1: entered promiscuous mode
[   37.705310][ T3315] debugfs: 'hsr0' already exists in 'hsr'
[   37.711041][ T3315] Cannot create hsr debugfs directory
[   37.734351][ T3331] hsr_slave_0: entered promiscuous mode
[   37.740306][ T3331] hsr_slave_1: entered promiscuous mode
[   37.746304][ T3331] debugfs: 'hsr0' already exists in 'hsr'
[   37.752032][ T3331] Cannot create hsr debugfs directory
[   37.774579][ T3323] hsr_slave_0: entered promiscuous mode
[   37.780950][ T3323] hsr_slave_1: entered promiscuous mode
[   37.786964][ T3323] debugfs: 'hsr0' already exists in 'hsr'
[   37.792722][ T3323] Cannot create hsr debugfs directory
[   37.805403][ T3324] hsr_slave_0: entered promiscuous mode
[   37.811537][ T3324] hsr_slave_1: entered promiscuous mode
[   37.817359][ T3324] debugfs: 'hsr0' already exists in 'hsr'
[   37.823109][ T3324] Cannot create hsr debugfs directory
[   38.027485][ T3317] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   38.038182][ T3317] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   38.046966][ T3317] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   38.055751][ T3317] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   38.079695][ T3331] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   38.088553][ T3331] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   38.097769][ T3331] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   38.114309][ T3331] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   38.142307][ T3324] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   38.151756][ T3324] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   38.168159][ T3324] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   38.176997][ T3324] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   38.190606][ T3315] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   38.207071][ T3315] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   38.225797][ T3315] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   38.241515][ T3323] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   38.251621][ T3315] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   38.262655][ T3323] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   38.271314][ T3323] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   38.280430][ T3323] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   38.302383][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.344535][ T3317] 8021q: adding VLAN 0 to HW filter on device team0
[   38.369636][ T3324] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.391933][ T1694] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.399138][ T1694] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.408033][ T1694] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.415097][ T1694] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.429668][ T3331] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.456790][ T3324] 8021q: adding VLAN 0 to HW filter on device team0
[   38.469039][  T383] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.476194][  T383] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.487617][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.496222][ T3331] 8021q: adding VLAN 0 to HW filter on device team0
[   38.505531][ T1694] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.512652][ T1694] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.535029][ T1694] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.542131][ T1694] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.550872][ T1694] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.557949][ T1694] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.575572][ T3315] 8021q: adding VLAN 0 to HW filter on device team0
[   38.596591][ T1694] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.603692][ T1694] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.623851][ T1694] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.630943][ T1694] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.647609][ T3323] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.678856][ T3323] 8021q: adding VLAN 0 to HW filter on device team0
[   38.703046][  T383] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.710361][  T383] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.723555][  T383] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.730787][  T383] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.775633][ T3317] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.799300][ T3331] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.851750][ T3324] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.864536][ T3315] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.939018][ T3323] 8021q: adding VLAN 0 to HW filter on device batadv0
[   39.019944][ T3324] veth0_vlan: entered promiscuous mode
[   39.034085][ T3331] veth0_vlan: entered promiscuous mode
[   39.040552][ T3324] veth1_vlan: entered promiscuous mode
[   39.077935][ T3315] veth0_vlan: entered promiscuous mode
[   39.086439][ T3331] veth1_vlan: entered promiscuous mode
[   39.099481][ T3317] veth0_vlan: entered promiscuous mode
[   39.109629][ T3324] veth0_macvtap: entered promiscuous mode
[   39.122475][ T3331] veth0_macvtap: entered promiscuous mode
[   39.129675][ T3315] veth1_vlan: entered promiscuous mode
[   39.138355][ T3324] veth1_macvtap: entered promiscuous mode
[   39.145750][ T3331] veth1_macvtap: entered promiscuous mode
[   39.153845][ T3317] veth1_vlan: entered promiscuous mode
[   39.174838][ T3323] veth0_vlan: entered promiscuous mode
[   39.181954][ T3317] veth0_macvtap: entered promiscuous mode
[   39.197261][ T3324] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.211327][ T3324] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.221536][ T3317] veth1_macvtap: entered promiscuous mode
[   39.228365][ T3331] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.237905][ T3315] veth0_macvtap: entered promiscuous mode
[   39.245951][ T3323] veth1_vlan: entered promiscuous mode
[   39.253338][ T3331] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.264093][ T3315] veth1_macvtap: entered promiscuous mode
[   39.272501][ T3471] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.287297][ T3471] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.305214][ T3471] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.322931][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   39.322948][   T29] audit: type=1400 audit(1762951197.627:81): avc:  denied  { mounton } for  pid=3324 comm="syz-executor" path="/root/syzkaller.U6As3b/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   39.339333][ T3471] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.354849][   T29] audit: type=1400 audit(1762951197.637:82): avc:  denied  { mount } for  pid=3324 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   39.364742][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.383818][   T29] audit: type=1400 audit(1762951197.637:83): avc:  denied  { mounton } for  pid=3324 comm="syz-executor" path="/root/syzkaller.U6As3b/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   39.416218][   T29] audit: type=1400 audit(1762951197.637:84): avc:  denied  { mount } for  pid=3324 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   39.438126][   T29] audit: type=1400 audit(1762951197.637:85): avc:  denied  { mounton } for  pid=3324 comm="syz-executor" path="/root/syzkaller.U6As3b/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   39.464828][   T29] audit: type=1400 audit(1762951197.637:86): avc:  denied  { mounton } for  pid=3324 comm="syz-executor" path="/root/syzkaller.U6As3b/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3878 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   39.492165][   T29] audit: type=1400 audit(1762951197.637:87): avc:  denied  { unmount } for  pid=3324 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   39.512378][   T29] audit: type=1400 audit(1762951197.697:88): avc:  denied  { mounton } for  pid=3324 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   39.513706][ T3323] veth0_macvtap: entered promiscuous mode
[   39.535197][   T29] audit: type=1400 audit(1762951197.697:89): avc:  denied  { mount } for  pid=3324 comm="syz-executor" name="/" dev="gadgetfs" ino=3887 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   39.545595][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.571849][ T3471] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.581614][ T3471] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.591625][ T3324] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   39.592024][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.615322][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.631944][ T3471] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.641450][ T3323] veth1_macvtap: entered promiscuous mode
[   39.662458][   T29] audit: type=1400 audit(1762951197.967:90): avc:  denied  { read write } for  pid=3324 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   39.692723][ T3471] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.728365][ T3471] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.749220][ T3323] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.773054][ T3323] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.783443][ T3471] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.818009][ T3471] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.855550][ T3471] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.886670][ T3497] tipc: Started in network mode
[   39.891609][ T3497] tipc: Node identity e2ae6f5187b9, cluster identity 4711
[   39.898967][ T3497] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   39.913800][ T3497] syzkaller0: entered promiscuous mode
[   39.919327][ T3497] syzkaller0: entered allmulticast mode
[   39.947251][ T3504] loop2: detected capacity change from 0 to 4096
[   39.949143][ T3471] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.968901][ T3497] tipc: Resetting bearer <eth:syzkaller0>
[   39.991397][ T3504] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.996970][ T3471] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.014775][ T3504] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.014881][ T3471] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.040568][ T3471] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.059723][ T3496] tipc: Resetting bearer <eth:syzkaller0>
[   40.074222][ T3496] tipc: Disabling bearer <eth:syzkaller0>
[   40.083869][ T3471] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.093377][ T3471] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.102444][ T3471] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.111718][ T3471] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.146165][ T3515] loop0: detected capacity change from 0 to 512
[   40.153344][ T3515] EXT4-fs: Ignoring removed bh option
[   40.161675][ T3512] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.168933][ T3512] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.172513][ T3515] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[   40.218083][ T3512] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   40.227451][ T3512] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   40.263657][   T31] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   40.287707][ T3520] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11'.
[   40.288720][   T31] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   40.328423][ T3520] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11'.
[   40.341664][ T3524] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13'.
[   40.353250][   T31] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   40.365435][   T31] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   40.438529][ T3530] loop0: detected capacity change from 0 to 512
[   40.454300][ T3530] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   40.485891][ T3530] EXT4-fs (loop0): 1 orphan inode deleted
[   40.493463][ T3530] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.513787][   T12] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 1
[   40.520860][ T3530] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.598457][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.619952][ T3536] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   40.632976][ T3536] netlink: 'syz.0.16': attribute type 39 has an invalid length.
[   40.755830][ T3541] netlink: 'syz.2.18': attribute type 1 has an invalid length.
[   40.890811][ T3547] netlink: 16 bytes leftover after parsing attributes in process `syz.3.20'.
[   41.132837][ T3561] FAULT_INJECTION: forcing a failure.
[   41.132837][ T3561] name failslab, interval 1, probability 0, space 0, times 1
[   41.145587][ T3561] CPU: 0 UID: 0 PID: 3561 Comm: syz.3.26 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.145622][ T3561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   41.145639][ T3561] Call Trace:
[   41.145646][ T3561]  <TASK>
[   41.145655][ T3561]  __dump_stack+0x1d/0x30
[   41.145685][ T3561]  dump_stack_lvl+0xe8/0x140
[   41.145712][ T3561]  dump_stack+0x15/0x1b
[   41.145767][ T3561]  should_fail_ex+0x265/0x280
[   41.145791][ T3561]  should_failslab+0x8c/0xb0
[   41.145832][ T3561]  kmem_cache_alloc_noprof+0x50/0x480
[   41.145862][ T3561]  ? audit_log_start+0x342/0x720
[   41.145884][ T3561]  audit_log_start+0x342/0x720
[   41.145909][ T3561]  audit_seccomp+0x48/0x100
[   41.145981][ T3561]  ? __seccomp_filter+0x82d/0x1250
[   41.146052][ T3561]  __seccomp_filter+0x83e/0x1250
[   41.146093][ T3561]  ? avc_has_perm+0xf7/0x180
[   41.146145][ T3561]  __secure_computing+0x82/0x150
[   41.146217][ T3561]  syscall_trace_enter+0xcf/0x1e0
[   41.146248][ T3561]  do_syscall_64+0xac/0x200
[   41.146307][ T3561]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   41.146419][ T3561]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   41.146471][ T3561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.146499][ T3561] RIP: 0033:0x7f7fc664e0dc
[   41.146520][ T3561] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   41.146544][ T3561] RSP: 002b:00007f7fc50af030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   41.146576][ T3561] RAX: ffffffffffffffda RBX: 00007f7fc68a5fa0 RCX: 00007f7fc664e0dc
[   41.146592][ T3561] RDX: 000000000000000f RSI: 00007f7fc50af0a0 RDI: 0000000000000005
[   41.146630][ T3561] RBP: 00007f7fc50af090 R08: 0000000000000000 R09: 0000000000000000
[   41.146646][ T3561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.146663][ T3561] R13: 00007f7fc68a6038 R14: 00007f7fc68a5fa0 R15: 00007ffc68e02708
[   41.146688][ T3561]  </TASK>
[   41.166112][   T23] IPVS: starting estimator thread 0...
[   41.234104][ T3424] IPVS: starting estimator thread 0...
[   41.354699][ T3565] IPVS: using max 2016 ests per chain, 100800 per kthread
[   41.472255][ T3568] IPVS: using max 2304 ests per chain, 115200 per kthread
[   41.483195][ T3577] FAULT_INJECTION: forcing a failure.
[   41.483195][ T3577] name failslab, interval 1, probability 0, space 0, times 0
[   41.495975][ T3577] CPU: 1 UID: 0 PID: 3577 Comm: syz.3.31 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.496005][ T3577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   41.496017][ T3577] Call Trace:
[   41.496022][ T3577]  <TASK>
[   41.496030][ T3577]  __dump_stack+0x1d/0x30
[   41.496056][ T3577]  dump_stack_lvl+0xe8/0x140
[   41.496084][ T3577]  dump_stack+0x15/0x1b
[   41.496108][ T3577]  should_fail_ex+0x265/0x280
[   41.496129][ T3577]  should_failslab+0x8c/0xb0
[   41.496162][ T3577]  kmem_cache_alloc_noprof+0x50/0x480
[   41.496202][ T3577]  ? mas_alloc_nodes+0x1a2/0x210
[   41.496230][ T3577]  mas_alloc_nodes+0x1a2/0x210
[   41.496249][ T3577]  mas_preallocate+0x2ca/0x510
[   41.496276][ T3577]  __split_vma+0x240/0x650
[   41.496325][ T3577]  vms_gather_munmap_vmas+0x17a/0x7b0
[   41.496356][ T3577]  ? avc_has_perm_noaudit+0x1b1/0x200
[   41.496378][ T3577]  ? avc_has_perm+0xf7/0x180
[   41.496396][ T3577]  do_vmi_align_munmap+0x1ac/0x3d0
[   41.496437][ T3577]  do_vmi_munmap+0x1db/0x220
[   41.496470][ T3577]  do_munmap+0x79/0xb0
[   41.496500][ T3577]  mremap_to+0x192/0x430
[   41.496528][ T3577]  ? check_prep_vma+0x5d6/0x660
[   41.496560][ T3577]  __se_sys_mremap+0x632/0xb30
[   41.496597][ T3577]  ? __pfx___bpf_trace_sys_enter+0x10/0x10
[   41.496635][ T3577]  ? __bpf_trace_sys_enter+0x10/0x30
[   41.496669][ T3577]  ? __traceiter_sys_enter+0x5c/0x80
[   41.496696][ T3577]  ? trace_sys_enter+0xd0/0xf0
[   41.496725][ T3577]  __x64_sys_mremap+0x67/0x80
[   41.496762][ T3577]  x64_sys_call+0x2a28/0x3000
[   41.496791][ T3577]  do_syscall_64+0xd2/0x200
[   41.496810][ T3577]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   41.496838][ T3577]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   41.496880][ T3577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.496904][ T3577] RIP: 0033:0x7f7fc664f6c9
[   41.496923][ T3577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.496942][ T3577] RSP: 002b:00007f7fc50af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   41.496961][ T3577] RAX: ffffffffffffffda RBX: 00007f7fc68a5fa0 RCX: 00007f7fc664f6c9
[   41.496974][ T3577] RDX: 0000000005000000 RSI: 0000000000002000 RDI: 0000200000ff5000
[   41.496989][ T3577] RBP: 00007f7fc50af090 R08: 0000200000ffd000 R09: 0000000000000000
[   41.497003][ T3577] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[   41.497015][ T3577] R13: 00007f7fc68a6038 R14: 00007f7fc68a5fa0 R15: 00007ffc68e02708
[   41.497034][ T3577]  </TASK>
[   41.775037][ T3583] loop0: detected capacity change from 0 to 1024
[   41.787091][ T3583] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   41.798096][ T3583] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   41.809665][ T3583] JBD2: no valid journal superblock found
[   41.815473][ T3583] EXT4-fs (loop0): Could not load journal inode
[   41.875774][ T3587] loop0: detected capacity change from 0 to 512
[   41.906110][ T3587] EXT4-fs (loop0): 1 orphan inode deleted
[   41.917235][ T3587] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.930069][  T125] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 1
[   41.930236][ T3587] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.956001][ T3592] loop3: detected capacity change from 0 to 164
[   41.964018][ T3592] Unable to read rock-ridge attributes
[   41.979619][ T3589] netlink: 36 bytes leftover after parsing attributes in process `syz.3.34'.
[   42.000420][ T3589] netlink: 24 bytes leftover after parsing attributes in process `syz.3.34'.
[   42.003533][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.066994][ T3598] syz.1.40 uses obsolete (PF_INET,SOCK_PACKET)
[   42.092056][ T3601] loop2: detected capacity change from 0 to 1024
[   42.098841][ T3601] =======================================================
[   42.098841][ T3601] WARNING: The mand mount option has been deprecated and
[   42.098841][ T3601]          and is ignored by this kernel. Remove the mand
[   42.098841][ T3601]          option from the mount to silence this warning.
[   42.098841][ T3601] =======================================================
[   42.140960][ T3604] loop0: detected capacity change from 0 to 2048
[   42.170920][ T3601] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   42.185594][ T3601] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #3: block 1: comm syz.2.41: lblock 1 mapped to illegal pblock 1 (length 1)
[   42.201559][ T3601] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.41: Failed to acquire dquot type 0
[   42.211892][ T3608] Falling back ldisc for ptm0.
[   42.218222][ T3601] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.41: Freeing blocks not in datazone - block = 0, count = 4096
[   42.239634][ T3601] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.41: Invalid inode bitmap blk 0 in block_group 0
[   42.254090][ T3601] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   42.254082][  T125] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[   42.277195][ T3601] EXT4-fs (loop2): 1 orphan inode deleted
[   42.285170][ T3601] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.299720][  T125] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 0
[   42.331511][ T3601] FAULT_INJECTION: forcing a failure.
[   42.331511][ T3601] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   42.344656][ T3601] CPU: 0 UID: 0 PID: 3601 Comm: syz.2.41 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   42.344688][ T3601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   42.344853][ T3601] Call Trace:
[   42.344928][ T3601]  <TASK>
[   42.344935][ T3601]  __dump_stack+0x1d/0x30
[   42.344958][ T3601]  dump_stack_lvl+0xe8/0x140
[   42.344981][ T3601]  dump_stack+0x15/0x1b
[   42.345005][ T3601]  should_fail_ex+0x265/0x280
[   42.345087][ T3601]  should_fail+0xb/0x20
[   42.345119][ T3601]  should_fail_usercopy+0x1a/0x20
[   42.345143][ T3601]  _copy_from_user+0x1c/0xb0
[   42.345170][ T3601]  proc_submiturb+0x43/0xa0
[   42.345202][ T3601]  usbdev_ioctl+0xcb6/0x1700
[   42.345241][ T3601]  ? __pfx_usbdev_ioctl+0x10/0x10
[   42.345282][ T3601]  __se_sys_ioctl+0xce/0x140
[   42.345309][ T3601]  __x64_sys_ioctl+0x43/0x50
[   42.345335][ T3601]  x64_sys_call+0x1816/0x3000
[   42.345360][ T3601]  do_syscall_64+0xd2/0x200
[   42.345383][ T3601]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   42.345476][ T3601]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   42.345517][ T3601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.345545][ T3601] RIP: 0033:0x7f68a7a2f6c9
[   42.345563][ T3601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.345585][ T3601] RSP: 002b:00007f68a6497038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   42.345608][ T3601] RAX: ffffffffffffffda RBX: 00007f68a7c85fa0 RCX: 00007f68a7a2f6c9
[   42.345623][ T3601] RDX: 0000200000000140 RSI: 000000008038550a RDI: 0000000000000008
[   42.345638][ T3601] RBP: 00007f68a6497090 R08: 0000000000000000 R09: 0000000000000000
[   42.345652][ T3601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.345666][ T3601] R13: 00007f68a7c86038 R14: 00007f68a7c85fa0 R15: 00007ffd4f23d9a8
[   42.345744][ T3601]  </TASK>
[   42.349153][ T3610] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.374337][ T3604] Alternate GPT is invalid, using primary GPT.
[   42.375564][ T3610] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.379897][ T3604]  loop0: p2 p3 p7
[   42.575435][ T3331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.622129][ T3618] netlink: 16 bytes leftover after parsing attributes in process `syz.2.44'.
[   42.627004][ T3610] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.645000][ T3610] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.662312][ T3620] netlink: 16 bytes leftover after parsing attributes in process `syz.0.45'.
[   42.766660][   T31] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.785736][   T31] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.809039][   T31] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.836123][   T31] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.849621][   T10] IPVS: starting estimator thread 0...
[   42.952206][ T3652] IPVS: using max 1824 ests per chain, 91200 per kthread
[   43.056141][ T3673] netlink: 16 bytes leftover after parsing attributes in process `syz.3.59'.
[   43.081547][ T3675] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   43.091014][ T3675] FAULT_INJECTION: forcing a failure.
[   43.091014][ T3675] name failslab, interval 1, probability 0, space 0, times 0
[   43.103679][ T3675] CPU: 1 UID: 0 PID: 3675 Comm: syz.4.57 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.103711][ T3675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   43.103725][ T3675] Call Trace:
[   43.103732][ T3675]  <TASK>
[   43.103740][ T3675]  __dump_stack+0x1d/0x30
[   43.103768][ T3675]  dump_stack_lvl+0xe8/0x140
[   43.103839][ T3675]  dump_stack+0x15/0x1b
[   43.103861][ T3675]  should_fail_ex+0x265/0x280
[   43.103894][ T3675]  should_failslab+0x8c/0xb0
[   43.103965][ T3675]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   43.104034][ T3675]  ? security_netlbl_sid_to_secattr+0xab/0x140
[   43.104064][ T3675]  kstrdup+0x3e/0xd0
[   43.104177][ T3675]  security_netlbl_sid_to_secattr+0xab/0x140
[   43.104208][ T3675]  selinux_netlbl_inet_conn_request+0x76/0x220
[   43.104316][ T3675]  selinux_inet_conn_request+0x1f4/0x240
[   43.104357][ T3675]  security_inet_conn_request+0x4a/0x90
[   43.104462][ T3675]  tcp_v4_route_req+0x1cb/0x220
[   43.104519][ T3675]  tcp_conn_request+0x76c/0x1960
[   43.104636][ T3675]  tcp_v4_conn_request+0xaa/0x100
[   43.104678][ T3675]  ? tcp_rcv_state_process+0x147/0x20a0
[   43.104793][ T3675]  tcp_v6_conn_request+0x4e/0x1e0
[   43.104817][ T3675]  ? tcp_rcv_state_process+0x147/0x20a0
[   43.104848][ T3675]  tcp_rcv_state_process+0x180/0x20a0
[   43.104912][ T3675]  ? __rcu_read_unlock+0x34/0x70
[   43.104939][ T3675]  ? sk_filter_trim_cap+0x4b8/0x5e0
[   43.105031][ T3675]  tcp_v4_do_rcv+0x5fe/0xa20
[   43.105063][ T3675]  ? tcp_v4_fill_cb+0x185/0x1a0
[   43.105099][ T3675]  tcp_v4_rcv+0x1839/0x1f60
[   43.105159][ T3675]  ? __pfx_tcp_v4_rcv+0x10/0x10
[   43.105227][ T3675]  ip_protocol_deliver_rcu+0x397/0x780
[   43.105252][ T3675]  ip_local_deliver_finish+0x1fc/0x2f0
[   43.105275][ T3675]  ip_local_deliver+0xe8/0x1c0
[   43.105295][ T3675]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[   43.105439][ T3675]  ip_rcv_finish+0x194/0x1c0
[   43.105481][ T3675]  ip_rcv+0x62/0x140
[   43.105500][ T3675]  ? __pfx_ip_rcv_finish+0x10/0x10
[   43.105521][ T3675]  ? __pfx_ip_rcv+0x10/0x10
[   43.105550][ T3675]  __netif_receive_skb+0xff/0x270
[   43.105575][ T3675]  ? tun_rx_batched+0xc7/0x430
[   43.105606][ T3675]  netif_receive_skb+0x4b/0x2e0
[   43.105628][ T3675]  ? tun_rx_batched+0xc7/0x430
[   43.105659][ T3675]  tun_rx_batched+0xfc/0x430
[   43.105693][ T3675]  tun_get_user+0x1f36/0x26e0
[   43.105815][ T3675]  ? ref_tracker_alloc+0x1f2/0x2f0
[   43.105898][ T3675]  tun_chr_write_iter+0x15e/0x210
[   43.105930][ T3675]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   43.105983][ T3675]  vfs_write+0x52a/0x960
[   43.106017][ T3675]  ksys_write+0xda/0x1a0
[   43.106045][ T3675]  __x64_sys_write+0x40/0x50
[   43.106072][ T3675]  x64_sys_call+0x2802/0x3000
[   43.106159][ T3675]  do_syscall_64+0xd2/0x200
[   43.106185][ T3675]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   43.106214][ T3675]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   43.106248][ T3675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.106270][ T3675] RIP: 0033:0x7fabfc1ee17f
[   43.106313][ T3675] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   43.106364][ T3675] RSP: 002b:00007fabfac2e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   43.106383][ T3675] RAX: ffffffffffffffda RBX: 00007fabfc446090 RCX: 00007fabfc1ee17f
[   43.106395][ T3675] RDX: 0000000000000036 RSI: 00002000000000c0 RDI: 00000000000000c8
[   43.106407][ T3675] RBP: 00007fabfac2e090 R08: 0000000000000000 R09: 0000000000000000
[   43.106419][ T3675] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[   43.106431][ T3675] R13: 00007fabfc446128 R14: 00007fabfc446090 R15: 00007fffac6529e8
[   43.106522][ T3675]  </TASK>
[   43.133759][ T3679] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   43.159211][ T3681] tipc: Started in network mode
[   43.252549][ T3675] syz.4.57 (3675) used greatest stack depth: 10312 bytes left
[   43.256735][ T3681] tipc: Node identity 72cb9b028556, cluster identity 4711
[   43.497319][ T3681] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   43.506314][ T3685] syzkaller0: entered promiscuous mode
[   43.511889][ T3685] syzkaller0: entered allmulticast mode
[   43.519335][ T3689] sch_tbf: peakrate 786 is lower than or equals to rate 19658 !
[   43.528626][ T3692] tipc: Resetting bearer <eth:syzkaller0>
[   43.534750][ T3694] loop4: detected capacity change from 0 to 512
[   43.541991][ T3680] tipc: Resetting bearer <eth:syzkaller0>
[   43.549663][ T3680] tipc: Disabling bearer <eth:syzkaller0>
[   43.554682][ T3694] EXT4-fs (loop4): 1 orphan inode deleted
[   43.561886][ T3694] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.574613][ T1694] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:7: Failed to release dquot type 1
[   43.575350][ T3694] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.620356][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.750545][ T3711] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.757813][ T3711] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.784314][ T3717] Driver unsupported XDP return value 0 on prog  (id 54) dev N/A, expect packet loss!
[   43.830924][ T3711] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   43.841095][ T3711] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   43.886754][ T3720] loop2: detected capacity change from 0 to 512
[   43.900153][   T12] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.910332][ T3720] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2803: inode #11: comm syz.2.74: corrupted xattr block 95: invalid header
[   43.924119][   T12] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.933255][ T3720] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   43.936942][   T12] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.946465][ T3720] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.74: bg 0: block 7: invalid block bitmap
[   43.968313][ T3720] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   43.969097][ T1694] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.977332][ T3720] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2967: inode #11: comm syz.2.74: corrupted xattr block 95: invalid header
[   43.999564][ T3720] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[   44.008901][ T3720] EXT4-fs (loop2): 1 orphan inode deleted
[   44.015451][ T3720] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.053101][ T3726] netlink: 12 bytes leftover after parsing attributes in process `syz.4.76'.
[   44.070272][ T3728] loop0: detected capacity change from 0 to 512
[   44.083326][ T3331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.094343][ T3728] EXT4-fs (loop0): 1 orphan inode deleted
[   44.100616][ T3728] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.113523][   T31] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 1
[   44.114214][ T3728] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.173450][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.234817][ T3737] tipc: Started in network mode
[   44.239787][ T3737] tipc: Node identity 067df1cd51dd, cluster identity 4711
[   44.247033][ T3737] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   44.254444][ T3737] syzkaller0: entered promiscuous mode
[   44.259917][ T3737] syzkaller0: entered allmulticast mode
[   44.267606][ T3737] sch_tbf: peakrate 786 is lower than or equals to rate 19658 !
[   44.276884][ T3737] tipc: Resetting bearer <eth:syzkaller0>
[   44.283423][ T3736] tipc: Resetting bearer <eth:syzkaller0>
[   44.330622][ T3736] tipc: Disabling bearer <eth:syzkaller0>
[   44.349165][   T29] kauditd_printk_skb: 681 callbacks suppressed
[   44.349181][   T29] audit: type=1400 audit(1762951202.657:763): avc:  denied  { create } for  pid=3738 comm="syz.2.81" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   44.355659][   T29] audit: type=1400 audit(1762951202.667:764): avc:  denied  { write } for  pid=3738 comm="syz.2.81" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   44.417670][ T3741] capability: warning: `syz.2.82' uses deprecated v2 capabilities in a way that may be insecure
[   44.447678][   T29] audit: type=1326 audit(1762951202.757:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3742 comm="syz.2.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   44.471927][   T29] audit: type=1326 audit(1762951202.757:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3742 comm="syz.2.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   44.505104][   T29] audit: type=1326 audit(1762951202.817:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd79fdf6c9 code=0x7ffc0000
[   44.528738][ T3747] loop0: detected capacity change from 0 to 1024
[   44.530200][   T29] audit: type=1326 audit(1762951202.817:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd79fdf6c9 code=0x7ffc0000
[   44.536237][ T3747] EXT4-fs: Ignoring removed orlov option
[   44.558437][   T29] audit: type=1326 audit(1762951202.817:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd79fdf6c9 code=0x7ffc0000
[   44.558478][   T29] audit: type=1326 audit(1762951202.817:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd79fdf6c9 code=0x7ffc0000
[   44.611044][   T29] audit: type=1326 audit(1762951202.817:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7efd79fdf6c9 code=0x7ffc0000
[   44.617029][ T3747] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.634478][   T29] audit: type=1326 audit(1762951202.817:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7efd79fdf703 code=0x7ffc0000
[   44.887881][ T3762] loop2: detected capacity change from 0 to 1024
[   44.895243][ T3762] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.906485][ T3762] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   44.915744][ T3762] EXT4-fs (loop2): orphan cleanup on readonly fs
[   44.922838][ T3762] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.89: Invalid inode table block 0 in block_group 0
[   44.935621][ T3762] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   44.945567][ T3762] EXT4-fs error (device loop2): ext4_quota_write:7334: inode #3: comm syz.2.89: mark_inode_dirty error
[   44.961122][ T3762] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.89: Failed to acquire dquot type 0
[   44.973197][ T3762] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.89: Invalid inode table block 0 in block_group 0
[   45.004551][ T3762] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   45.014402][ T3762] EXT4-fs error (device loop2): ext4_ext_truncate:4475: inode #15: comm syz.2.89: mark_inode_dirty error
[   45.026362][ T3762] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.89: Invalid inode table block 0 in block_group 0
[   45.039148][ T3762] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   45.048789][ T3762] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[   45.057738][ T3762] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.89: Invalid inode table block 0 in block_group 0
[   45.058003][ T3771] netlink: 'syz.4.91': attribute type 4 has an invalid length.
[   45.071467][ T3762] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   45.088500][ T3762] EXT4-fs error (device loop2): ext4_truncate:4637: inode #15: comm syz.2.89: mark_inode_dirty error
[   45.099620][ T3762] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[   45.108791][ T3762] EXT4-fs (loop2): 1 truncate cleaned up
[   45.115063][ T3762] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.129977][ T3762] xt_hashlimit: max too large, truncated to 1048576
[   45.137374][ T3762] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 16: comm syz.2.89: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   45.166550][ T3331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.188861][   T58] Bluetooth: hci1: Frame reassembly failed (-84)
[   45.356249][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.378970][ T3776] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   45.386558][ T3776] syzkaller0: entered promiscuous mode
[   45.392058][ T3776] syzkaller0: entered allmulticast mode
[   45.400512][ T3776] sch_tbf: peakrate 786 is lower than or equals to rate 19658 !
[   45.410415][ T3776] tipc: Resetting bearer <eth:syzkaller0>
[   45.417086][ T3775] tipc: Resetting bearer <eth:syzkaller0>
[   45.424143][ T3775] tipc: Disabling bearer <eth:syzkaller0>
[   45.472499][ T3778] loop0: detected capacity change from 0 to 512
[   45.483930][ T3778] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.496562][ T3778] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.520754][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.537945][ T3783] loop0: detected capacity change from 0 to 128
[   45.544843][ T3783] msdos: Unknown parameter 'n�dots'
[   45.703787][ T1046] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[   45.711561][ T1046] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[   45.719394][ T1046] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3
[   45.727550][ T1046] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   45.742820][ T3790] netlink: 'syz.0.97': attribute type 17 has an invalid length.
[   45.750505][ T3790] netlink: 'syz.0.97': attribute type 16 has an invalid length.
[   45.758222][ T3790] __nla_validate_parse: 2 callbacks suppressed
[   45.758237][ T3790] netlink: 152 bytes leftover after parsing attributes in process `syz.0.97'.
[   45.975931][ T3798] loop4: detected capacity change from 0 to 512
[   46.139903][ T3800] netlink: 16 bytes leftover after parsing attributes in process `syz.4.101'.
[   46.199395][ T3809] FAULT_INJECTION: forcing a failure.
[   46.199395][ T3809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   46.212618][ T3809] CPU: 1 UID: 0 PID: 3809 Comm: syz.4.104 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.212695][ T3809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   46.212788][ T3809] Call Trace:
[   46.212795][ T3809]  <TASK>
[   46.212811][ T3809]  __dump_stack+0x1d/0x30
[   46.212897][ T3809]  dump_stack_lvl+0xe8/0x140
[   46.212930][ T3809]  dump_stack+0x15/0x1b
[   46.212955][ T3809]  should_fail_ex+0x265/0x280
[   46.212982][ T3809]  should_fail+0xb/0x20
[   46.213003][ T3809]  should_fail_usercopy+0x1a/0x20
[   46.213024][ T3809]  copy_fpstate_to_sigframe+0x628/0x7d0
[   46.213074][ T3809]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[   46.213189][ T3809]  ? kmem_cache_free+0xe4/0x3d0
[   46.213219][ T3809]  ? x86_task_fpu+0x36/0x60
[   46.213314][ T3809]  get_sigframe+0x34d/0x490
[   46.213331][ T3809]  ? get_signal+0xdc7/0xf70
[   46.213355][ T3809]  x64_setup_rt_frame+0xa8/0x580
[   46.213377][ T3809]  arch_do_signal_or_restart+0x23e/0x440
[   46.213436][ T3809]  irqentry_exit_to_user_mode+0x5b/0xa0
[   46.213516][ T3809]  irqentry_exit+0x12/0x50
[   46.213563][ T3809]  asm_exc_page_fault+0x26/0x30
[   46.213596][ T3809] RIP: 0033:0x7fabfc0ae74e
[   46.213609][ T3809] Code: 18 bf a9 01 00 00 48 89 74 24 10 48 89 54 24 08 48 89 0c 24 4c 8b 74 24 18 48 8b 6c 24 10 4c 8b 6c 24 08 44 89 f6 4c 8b 3c 24 <81> 65 08 ff f3 ff ff 48 89 ea e8 53 0f 14 00 8b 55 00 b9 01 80 00
[   46.213626][ T3809] RSP: 002b:00007fabfac4efd0 EFLAGS: 00010202
[   46.213649][ T3809] RAX: 0000000000000000 RBX: 00007fabfc445fa0 RCX: 0000000000000000
[   46.213665][ T3809] RDX: 0000000000000000 RSI: 0000000000003b85 RDI: 00000000000001a9
[   46.213683][ T3809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   46.213694][ T3809] R10: 0000000000003b85 R11: 0000000000000000 R12: 0000000000000001
[   46.213738][ T3809] R13: 0000000000000000 R14: 0000000000003b85 R15: 0000000000000000
[   46.213764][ T3809]  </TASK>
[   46.598645][ T3820] loop0: detected capacity change from 0 to 128
[   46.605568][ T3820] msdos: Unknown parameter 'n�dots'
[   46.623433][ T3821] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   46.623433][ T3821] The task syz.1.105 (3821) triggered the difference, watch for misbehavior.
[   46.680709][ T3823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.109'.
[   46.689807][ T3823] bridge_slave_1: left allmulticast mode
[   46.695550][ T3823] bridge_slave_1: left promiscuous mode
[   46.701415][ T3823] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.709449][ T3823] bridge_slave_0: left allmulticast mode
[   46.715265][ T3823] bridge_slave_0: left promiscuous mode
[   46.721004][ T3823] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.905301][ T3825] loop0: detected capacity change from 0 to 2048
[   46.952840][ T3825]  loop0: p2 < > p4
[   46.957828][ T3825] loop0: p4 size 262144 extends beyond EOD, truncated
[   47.072215][ T3683] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   47.072308][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   47.187219][ T3840] loop0: detected capacity change from 0 to 1024
[   47.219296][ T3840] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   47.232007][ T1046] kernel write not supported for file bpf-map (pid: 1046 comm: kworker/1:2)
[   47.240940][ T3683] Bluetooth: hci1: command 0x1003 tx timeout
[   47.247088][ T3770] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   47.255082][ T3840] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #11: comm syz.0.116: iget: bogus i_mode (1)
[   47.266387][ T3840] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.116: couldn't read orphan inode 11 (err -117)
[   47.278809][ T3840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.308398][ T3849] tipc: Started in network mode
[   47.313359][ T3849] tipc: Node identity c2ced79f4e2, cluster identity 4711
[   47.320502][ T3849] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   47.327461][ T3849] syzkaller0: entered promiscuous mode
[   47.333136][ T3849] syzkaller0: entered allmulticast mode
[   47.340855][ T3849] tipc: Resetting bearer <eth:syzkaller0>
[   47.391354][ T3859] netlink: 4 bytes leftover after parsing attributes in process `syz.1.124'.
[   47.421395][ T3860] tap0: tun_chr_ioctl cmd 1074025677
[   47.440399][ T3860] tap0: linktype set to 773
[   47.451038][ T3859] netlink: 16 bytes leftover after parsing attributes in process `syz.1.124'.
[   47.460132][ T3859] netlink: 16 bytes leftover after parsing attributes in process `syz.1.124'.
[   47.469138][ T3859] netlink: 16 bytes leftover after parsing attributes in process `syz.1.124'.
[   47.481813][ T3469] Bluetooth: hci0: Frame reassembly failed (-84)
[   47.488540][ T3865] loop2: detected capacity change from 0 to 512
[   47.498042][ T3859] netlink: 16 bytes leftover after parsing attributes in process `syz.1.124'.
[   47.507025][ T3859] netlink: 16 bytes leftover after parsing attributes in process `syz.1.124'.
[   47.516024][ T3859] netlink: 16 bytes leftover after parsing attributes in process `syz.1.124'.
[   47.533239][ T3865] EXT4-fs (loop2): 1 orphan inode deleted
[   47.539458][ T3865] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.552574][ T3865] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.557495][   T12] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 1
[   47.589133][ T3873] loop1: detected capacity change from 0 to 128
[   47.595821][ T3873] msdos: Unknown parameter 'n�dots'
[   47.611503][ T3331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.788478][ T3883] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.797251][ T3883] bridge_slave_0: left allmulticast mode
[   47.803116][ T3883] bridge_slave_0: left promiscuous mode
[   47.808991][ T3883] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.953090][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.035800][ T3891] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   48.042694][ T3891] syzkaller0: entered promiscuous mode
[   48.048180][ T3891] syzkaller0: entered allmulticast mode
[   48.055580][ T3891] tipc: Resetting bearer <eth:syzkaller0>
[   48.062112][ T3890] tipc: Resetting bearer <eth:syzkaller0>
[   48.068760][ T3890] tipc: Disabling bearer <eth:syzkaller0>
[   48.203756][ T3907] loop4: detected capacity change from 0 to 512
[   48.220478][ T3911] loop0: detected capacity change from 0 to 512
[   48.230388][ T3907] EXT4-fs (loop4): 1 orphan inode deleted
[   48.236717][ T3907] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.264204][   T31] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 1
[   48.277902][ T3911] EXT4-fs error (device loop0): __ext4_fill_super:5512: inode #2: comm syz.0.141: inode has both inline data and extents flags
[   48.296812][ T3907] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.319655][ T3911] EXT4-fs (loop0): get root inode failed
[   48.325559][ T3911] EXT4-fs (loop0): mount failed
[   48.342167][ T3612] tipc: Node number set to 2364463007
[   48.362662][ T3911] bond0: (slave bond_slave_0): Releasing backup interface
[   48.363727][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.392858][ T3911] bond0: (slave bond_slave_1): Releasing backup interface
[   48.424993][ T3911] team0: Port device team_slave_0 removed
[   48.452916][ T3911] team0: Port device team_slave_1 removed
[   48.460017][ T3911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   48.467580][ T3911] batman_adv: batadv0: Removing interface: batadv_slave_0
[   48.494087][ T3911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   48.501525][ T3911] batman_adv: batadv0: Removing interface: batadv_slave_1
[   48.557940][ T3911] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   48.694879][ T3946] loop0: detected capacity change from 0 to 8192
[   48.835104][ T3946]  loop0: p1 < > p2 < > p3 p4 < >
[   48.840196][ T3946] loop0: partition table partially beyond EOD, truncated
[   48.848077][ T3954] loop4: detected capacity change from 0 to 512
[   48.848675][ T3946] loop0: p1 start 67108864 is beyond EOD, truncated
[   48.862646][ T3946] loop0: p3 start 100859904 is beyond EOD, truncated
[   48.870152][ T3954] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.148: bg 0: block 393: padding at end of block bitmap is not set
[   48.886516][ T3954] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   48.896449][ T3954] EXT4-fs (loop4): 2 truncates cleaned up
[   48.902881][ T3954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.917705][ T3954] team0 (unregistering): Port device team_slave_0 removed
[   48.925931][ T3954] team0 (unregistering): Port device team_slave_1 removed
[   48.984141][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.021069][ T3963] loop4: detected capacity change from 0 to 512
[   49.029513][ T3963] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002]
[   49.037761][ T3963] EXT4-fs (loop4): orphan cleanup on readonly fs
[   49.044442][ T3963] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   49.059431][ T3963] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   49.066278][ T3963] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #13: comm syz.4.151: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   49.084297][ T3963] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.151: couldn't read orphan inode 13 (err -117)
[   49.096843][ T3963] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   49.111634][ T3963] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   49.121177][ T3963] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002]
[   49.129404][ T3963] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 8
[   49.148337][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.202780][ T3968] loop4: detected capacity change from 0 to 512
[   49.210903][ T3968] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[   49.217081][ T3970] lo: entered allmulticast mode
[   49.262215][  T125] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[   49.361538][ T3979] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   49.368660][ T3979] syzkaller0: entered promiscuous mode
[   49.374292][ T3979] syzkaller0: entered allmulticast mode
[   49.382497][ T3979] tipc: Resetting bearer <eth:syzkaller0>
[   49.388809][ T3978] tipc: Resetting bearer <eth:syzkaller0>
[   49.395251][ T3978] tipc: Disabling bearer <eth:syzkaller0>
[   49.494541][ T3980] netlink: 'syz.2.155': attribute type 11 has an invalid length.
[   49.531029][ T3987] loop4: detected capacity change from 0 to 128
[   49.537998][ T3987] msdos: Unknown parameter 'n�dots'
[   49.562137][ T3683] Bluetooth: hci0: command 0x1003 tx timeout
[   49.568244][ T3770] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   49.652462][   T29] kauditd_printk_skb: 465 callbacks suppressed
[   49.652479][   T29] audit: type=1400 audit(1762951207.957:1234): avc:  denied  { create } for  pid=3988 comm="syz.0.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   49.678126][   T29] audit: type=1400 audit(1762951207.957:1235): avc:  denied  { ioctl } for  pid=3988 comm="syz.0.161" path="socket:[5945]" dev="sockfs" ino=5945 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   49.702602][   T29] audit: type=1400 audit(1762951207.957:1236): avc:  denied  { bind } for  pid=3988 comm="syz.0.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   49.725418][ T3993] loop4: detected capacity change from 0 to 512
[   49.793802][ T3993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000600 r/w without journal. Quota mode: writeback.
[   49.812218][ T3993] ext4 filesystem being mounted at /36/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   49.839151][ T3993] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.163: corrupted inode contents
[   49.881085][ T3993] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.163: mark_inode_dirty error
[   49.893053][ T3993] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.163: corrupted inode contents
[   49.905121][ T3993] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.163: mark_inode_dirty error
[   49.920852][   T29] audit: type=1400 audit(1762951208.227:1237): avc:  denied  { cpu } for  pid=3998 comm="syz.3.164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   49.924373][    C1] hrtimer: interrupt took 30757 ns
[   49.948449][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000600.
[   49.961239][ T4004] FAULT_INJECTION: forcing a failure.
[   49.961239][ T4004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.974442][ T4004] CPU: 1 UID: 0 PID: 4004 Comm: syz.1.167 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.974470][ T4004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   49.974487][ T4004] Call Trace:
[   49.974495][ T4004]  <TASK>
[   49.974505][ T4004]  __dump_stack+0x1d/0x30
[   49.974533][ T4004]  dump_stack_lvl+0xe8/0x140
[   49.974561][ T4004]  dump_stack+0x15/0x1b
[   49.974650][ T4004]  should_fail_ex+0x265/0x280
[   49.974673][ T4004]  should_fail+0xb/0x20
[   49.974695][ T4004]  should_fail_usercopy+0x1a/0x20
[   49.974717][ T4004]  _copy_from_user+0x1c/0xb0
[   49.974829][ T4004]  ___sys_recvmsg+0xaa/0x370
[   49.974855][ T4004]  ? 0xffffffff81000000
[   49.974872][ T4004]  ? __rcu_read_unlock+0x4f/0x70
[   49.974911][ T4004]  __x64_sys_recvmsg+0xd1/0x160
[   49.974935][ T4004]  x64_sys_call+0x2b46/0x3000
[   49.975041][ T4004]  do_syscall_64+0xd2/0x200
[   49.975061][ T4004]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   49.975144][ T4004]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   49.975252][ T4004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.975280][ T4004] RIP: 0033:0x7f75564bf6c9
[   49.975300][ T4004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.975394][ T4004] RSP: 002b:00007f7554f1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   49.975420][ T4004] RAX: ffffffffffffffda RBX: 00007f7556715fa0 RCX: 00007f75564bf6c9
[   49.975489][ T4004] RDX: 0000000000000000 RSI: 0000200000001a80 RDI: 0000000000000009
[   49.975505][ T4004] RBP: 00007f7554f1f090 R08: 0000000000000000 R09: 0000000000000000
[   49.975522][ T4004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.975538][ T4004] R13: 00007f7556716038 R14: 00007f7556715fa0 R15: 00007ffc5271af28
[   49.975563][ T4004]  </TASK>
[   50.210046][   T29] audit: type=1400 audit(1762951208.507:1238): avc:  denied  { read } for  pid=4005 comm="syz.4.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   50.273816][   T29] audit: type=1326 audit(1762951208.567:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3998 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc664f6c9 code=0x7ffc0000
[   50.297324][   T29] audit: type=1326 audit(1762951208.567:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3998 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f7fc664f6c9 code=0x7ffc0000
[   50.320637][   T29] audit: type=1326 audit(1762951208.567:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3998 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc664f6c9 code=0x7ffc0000
[   50.343989][   T29] audit: type=1326 audit(1762951208.567:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3998 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f7fc664f6c9 code=0x7ffc0000
[   50.367134][   T29] audit: type=1326 audit(1762951208.567:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3998 comm="syz.3.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fc664f6c9 code=0x7ffc0000
[   50.406365][ T4009] Zero length message leads to an empty skb
[   50.434486][ T4009] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=4009 comm=syz.4.169
[   50.454072][ T4011] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4011 comm=syz.3.170
[   50.493307][ T4016] loop0: detected capacity change from 0 to 512
[   50.500316][ T4012] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4012 comm=syz.3.170
[   50.534135][ T4016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.592659][ T4016] ext4 filesystem being mounted at /42/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   50.633680][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.692033][ T4035] FAULT_INJECTION: forcing a failure.
[   50.692033][ T4035] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.705230][ T4035] CPU: 1 UID: 0 PID: 4035 Comm: syz.3.178 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.705264][ T4035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   50.705304][ T4035] Call Trace:
[   50.705310][ T4035]  <TASK>
[   50.705317][ T4035]  __dump_stack+0x1d/0x30
[   50.705343][ T4035]  dump_stack_lvl+0xe8/0x140
[   50.705371][ T4035]  dump_stack+0x15/0x1b
[   50.705394][ T4035]  should_fail_ex+0x265/0x280
[   50.705453][ T4035]  should_fail+0xb/0x20
[   50.705468][ T4035]  should_fail_usercopy+0x1a/0x20
[   50.705497][ T4035]  _copy_to_user+0x20/0xa0
[   50.705584][ T4035]  simple_read_from_buffer+0xb5/0x130
[   50.705620][ T4035]  proc_fail_nth_read+0x10e/0x150
[   50.705664][ T4035]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   50.705695][ T4035]  vfs_read+0x1a8/0x770
[   50.705770][ T4035]  ? __rcu_read_unlock+0x4f/0x70
[   50.705799][ T4035]  ? __fget_files+0x184/0x1c0
[   50.705872][ T4035]  ksys_read+0xda/0x1a0
[   50.705914][ T4035]  __x64_sys_read+0x40/0x50
[   50.705961][ T4035]  x64_sys_call+0x27c0/0x3000
[   50.705991][ T4035]  do_syscall_64+0xd2/0x200
[   50.706096][ T4035]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.706133][ T4035]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   50.706183][ T4035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.706223][ T4035] RIP: 0033:0x7f7fc664e0dc
[   50.706302][ T4035] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   50.706326][ T4035] RSP: 002b:00007f7fc50af030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   50.706350][ T4035] RAX: ffffffffffffffda RBX: 00007f7fc68a5fa0 RCX: 00007f7fc664e0dc
[   50.706422][ T4035] RDX: 000000000000000f RSI: 00007f7fc50af0a0 RDI: 0000000000000006
[   50.706436][ T4035] RBP: 00007f7fc50af090 R08: 0000000000000000 R09: 0000000000000000
[   50.706447][ T4035] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[   50.706459][ T4035] R13: 00007f7fc68a6038 R14: 00007f7fc68a5fa0 R15: 00007ffc68e02708
[   50.706478][ T4035]  </TASK>
[   50.711679][ T4036] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   50.760263][ T4041] loop1: detected capacity change from 0 to 128
[   50.926709][ T4041] msdos: Unknown parameter 'n�dots'
[   50.942849][ T4049] loop3: detected capacity change from 0 to 512
[   50.962607][ T4049] EXT4-fs (loop3): 1 orphan inode deleted
[   50.963152][ T4049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.964271][ T4049] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.011659][ T4040] loop4: detected capacity change from 0 to 512
[   51.064422][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.076969][ T4040] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.181: bg 0: block 393: padding at end of block bitmap is not set
[   51.110168][ T4040] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   51.121023][ T4040] EXT4-fs (loop4): 2 truncates cleaned up
[   51.127482][ T4040] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.154583][ T4066] FAULT_INJECTION: forcing a failure.
[   51.154583][ T4066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.167862][ T4066] CPU: 0 UID: 0 PID: 4066 Comm: syz.1.184 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.167897][ T4066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   51.167977][ T4066] Call Trace:
[   51.167983][ T4066]  <TASK>
[   51.167993][ T4066]  __dump_stack+0x1d/0x30
[   51.168023][ T4066]  dump_stack_lvl+0xe8/0x140
[   51.168051][ T4066]  dump_stack+0x15/0x1b
[   51.168182][ T4066]  should_fail_ex+0x265/0x280
[   51.168203][ T4066]  should_fail+0xb/0x20
[   51.168219][ T4066]  should_fail_usercopy+0x1a/0x20
[   51.168240][ T4066]  _copy_to_user+0x20/0xa0
[   51.168305][ T4066]  simple_read_from_buffer+0xb5/0x130
[   51.168335][ T4066]  proc_fail_nth_read+0x10e/0x150
[   51.168370][ T4066]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   51.168412][ T4066]  vfs_read+0x1a8/0x770
[   51.168453][ T4066]  ? __rcu_read_unlock+0x4f/0x70
[   51.168479][ T4066]  ? __fget_files+0x184/0x1c0
[   51.168579][ T4066]  ksys_read+0xda/0x1a0
[   51.168619][ T4066]  __x64_sys_read+0x40/0x50
[   51.168653][ T4066]  x64_sys_call+0x27c0/0x3000
[   51.168679][ T4066]  do_syscall_64+0xd2/0x200
[   51.168783][ T4066]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   51.168814][ T4066]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   51.168849][ T4066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.168953][ T4066] RIP: 0033:0x7f75564be0dc
[   51.168973][ T4066] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   51.168997][ T4066] RSP: 002b:00007f7554f1f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.169016][ T4066] RAX: ffffffffffffffda RBX: 00007f7556715fa0 RCX: 00007f75564be0dc
[   51.169029][ T4066] RDX: 000000000000000f RSI: 00007f7554f1f0a0 RDI: 0000000000000005
[   51.169040][ T4066] RBP: 00007f7554f1f090 R08: 0000000000000000 R09: 0000000000000000
[   51.169093][ T4066] R10: 00000000000000f0 R11: 0000000000000246 R12: 0000000000000001
[   51.169112][ T4066] R13: 00007f7556716038 R14: 00007f7556715fa0 R15: 00007ffc5271af28
[   51.169132][ T4066]  </TASK>
[   51.466129][ T4036] syzkaller0: entered promiscuous mode
[   51.471668][ T4036] syzkaller0: entered allmulticast mode
[   51.481911][ T4060] tipc: Resetting bearer <eth:syzkaller0>
[   51.492285][   T31] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.507784][   T31] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.523086][ T4032] tipc: Resetting bearer <eth:syzkaller0>
[   51.531987][ T4077] loop3: detected capacity change from 0 to 512
[   51.561370][ T4032] tipc: Disabling bearer <eth:syzkaller0>
[   51.594330][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.635085][   T31] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.661357][ T4084] loop1: detected capacity change from 0 to 512
[   51.669321][   T31] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.671160][ T4087] __nla_validate_parse: 10 callbacks suppressed
[   51.671179][ T4087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.191'.
[   51.718934][ T4093] loop3: detected capacity change from 0 to 128
[   51.726145][ T4093] msdos: Unknown parameter 'n�dots'
[   51.732482][ T4084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.747078][ T4084] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.800659][ T3323] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 64: padding at end of block bitmap is not set
[   51.841111][ T3323] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   51.862233][ T4106] loop3: detected capacity change from 0 to 2048
[   51.868936][ T4106] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.875655][ T4106] EXT4-fs: Ignoring removed i_version option
[   51.887388][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.897936][ T4115] netlink: 32 bytes leftover after parsing attributes in process `syz.0.201'.
[   51.907574][ T4106] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal
[   51.935081][ T4043] IPVS: starting estimator thread 0...
[   51.963699][ T4124] loop3: detected capacity change from 0 to 512
[   51.973159][ T4124] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.976763][ T4126] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   51.987986][ T4127] netlink: 16222 bytes leftover after parsing attributes in process `syz.0.205'.
[   51.990513][ T4126] syzkaller0: entered promiscuous mode
[   52.003296][ T4126] syzkaller0: entered allmulticast mode
[   52.013443][ T4124] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.026106][ T4124] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.027995][ T4126] tipc: Resetting bearer <eth:syzkaller0>
[   52.042781][ T4121] IPVS: using max 2256 ests per chain, 112800 per kthread
[   52.053636][ T4122] tipc: Resetting bearer <eth:syzkaller0>
[   52.061405][ T4122] tipc: Disabling bearer <eth:syzkaller0>
[   52.077925][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.099577][ T4134] loop3: detected capacity change from 0 to 512
[   52.114125][ T4134] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.127844][ T4134] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.141986][ T4134] netlink: 96 bytes leftover after parsing attributes in process `syz.3.207'.
[   52.153628][ T4134] netdevsim netdevsim3: Direct firmware load for � failed with error -2
[   52.177282][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.209647][ T4146] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   52.230911][ T4148] FAULT_INJECTION: forcing a failure.
[   52.230911][ T4148] name failslab, interval 1, probability 0, space 0, times 0
[   52.238340][ T4146] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[   52.243701][ T4148] CPU: 0 UID: 0 PID: 4148 Comm: syz.0.212 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.243739][ T4148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.243758][ T4148] Call Trace:
[   52.243767][ T4148]  <TASK>
[   52.243777][ T4148]  __dump_stack+0x1d/0x30
[   52.243837][ T4148]  dump_stack_lvl+0xe8/0x140
[   52.243867][ T4148]  dump_stack+0x15/0x1b
[   52.243891][ T4148]  should_fail_ex+0x265/0x280
[   52.243984][ T4148]  should_failslab+0x8c/0xb0
[   52.244122][ T4148]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   52.244163][ T4148]  ? __d_alloc+0x3d/0x340
[   52.244282][ T4148]  __d_alloc+0x3d/0x340
[   52.244342][ T4148]  ? try_charge_memcg+0x215/0xa10
[   52.244382][ T4148]  d_alloc_parallel+0x58/0xc70
[   52.244413][ T4148]  ? lockref_get_not_dead+0x120/0x1c0
[   52.244453][ T4148]  ? __rcu_read_unlock+0x4f/0x70
[   52.244557][ T4148]  __lookup_slow+0x8c/0x250
[   52.244587][ T4148]  lookup_slow+0x3c/0x60
[   52.244629][ T4148]  walk_component+0x1ec/0x220
[   52.244675][ T4148]  path_lookupat+0xfe/0x2a0
[   52.244753][ T4148]  filename_lookup+0x147/0x340
[   52.244827][ T4148]  kern_path+0x3b/0x130
[   52.244862][ T4148]  unix_find_other+0xe9/0x760
[   52.244979][ T4148]  unix_dgram_sendmsg+0x5ab/0xfd0
[   52.245076][ T4148]  ? selinux_socket_sendmsg+0x175/0x1b0
[   52.245171][ T4148]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[   52.245281][ T4148]  __sock_sendmsg+0x145/0x180
[   52.245317][ T4148]  ____sys_sendmsg+0x345/0x4e0
[   52.245369][ T4148]  ___sys_sendmsg+0x17b/0x1d0
[   52.245418][ T4148]  __sys_sendmmsg+0x178/0x300
[   52.245519][ T4148]  __x64_sys_sendmmsg+0x57/0x70
[   52.245570][ T4148]  x64_sys_call+0x1c4a/0x3000
[   52.245603][ T4148]  do_syscall_64+0xd2/0x200
[   52.245631][ T4148]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.245671][ T4148]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.245744][ T4148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.245774][ T4148] RIP: 0033:0x7efd79fdf6c9
[   52.245833][ T4148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.245859][ T4148] RSP: 002b:00007efd78a3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   52.245885][ T4148] RAX: ffffffffffffffda RBX: 00007efd7a235fa0 RCX: 00007efd79fdf6c9
[   52.245904][ T4148] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000004
[   52.245956][ T4148] RBP: 00007efd78a3f090 R08: 0000000000000000 R09: 0000000000000000
[   52.245973][ T4148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   52.245990][ T4148] R13: 00007efd7a236038 R14: 00007efd7a235fa0 R15: 00007ffc6b645408
[   52.246027][ T4148]  </TASK>
[   52.260632][ T4152] loop3: detected capacity change from 0 to 512
[   52.524482][ T4152] EXT4-fs (loop3): orphan cleanup on readonly fs
[   52.536328][ T4152] EXT4-fs warning (device loop3): ext4_xattr_inode_get:546: inode #11: comm syz.3.213: ea_inode file size=4 entry size=6
[   52.554928][ T4152] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   52.591669][ T4152] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.213: corrupted inode contents
[   52.617979][ T4158] bridge_slave_0 (unregistering): left allmulticast mode
[   52.625175][ T4158] bridge_slave_0 (unregistering): left promiscuous mode
[   52.632175][ T4158] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.640235][ T4152] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #15: comm syz.3.213: mark_inode_dirty error
[   52.659076][ T4152] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.213: corrupted inode contents
[   52.672321][ T4152] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.213: mark_inode_dirty error
[   52.684871][ T4152] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.213: mark inode dirty (error -117)
[   52.722393][ T4152] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[   52.741761][ T4152] EXT4-fs (loop3): 1 orphan inode deleted
[   52.767018][ T4152] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   52.779902][ T4152] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.840424][ T4171] loop3: detected capacity change from 0 to 512
[   52.849179][ T4170] tipc: Started in network mode
[   52.854188][ T4170] tipc: Node identity 8601ad0c4ebe, cluster identity 4711
[   52.861370][ T4170] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   52.869449][ T4170] syzkaller0: entered promiscuous mode
[   52.875287][ T4170] syzkaller0: entered allmulticast mode
[   52.884307][ T4170] tipc: Resetting bearer <eth:syzkaller0>
[   52.890880][ T4169] tipc: Resetting bearer <eth:syzkaller0>
[   52.897515][ T4169] tipc: Disabling bearer <eth:syzkaller0>
[   52.898702][ T4171] EXT4-fs (loop3): 1 orphan inode deleted
[   52.905349][ T4175] netlink: 12 bytes leftover after parsing attributes in process `syz.0.221'.
[   52.909943][ T4171] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.917985][ T4175] netlink: 12 bytes leftover after parsing attributes in process `syz.0.221'.
[   52.940056][   T31] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:1: Failed to release dquot type 1
[   52.951856][ T4171] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.962586][ T4183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.221'.
[   52.992245][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.070707][ T4190] tipc: Resetting bearer <eth:syzkaller0>
[   53.079409][ T4190] syzkaller0: left promiscuous mode
[   53.084698][ T4190] syzkaller0: left allmulticast mode
[   53.100441][ T4198] SELinux: failed to load policy
[   53.157809][ T4210] loop0: detected capacity change from 0 to 512
[   53.174887][ T4210] EXT4-fs (loop0): 1 orphan inode deleted
[   53.181294][ T4210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.194164][   T12] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 1
[   53.206404][ T4210] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.239457][ T4217] netlink: 24 bytes leftover after parsing attributes in process `syz.3.235'.
[   53.264494][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.347611][ T4217] veth3: entered promiscuous mode
[   53.353204][ T4217] veth3: entered allmulticast mode
[   53.365037][ T4222] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   53.372377][ T4222] syzkaller0: entered promiscuous mode
[   53.377902][ T4222] syzkaller0: entered allmulticast mode
[   53.395327][ T4222] tipc: Resetting bearer <eth:syzkaller0>
[   53.401806][ T4221] tipc: Resetting bearer <eth:syzkaller0>
[   53.412631][ T4221] tipc: Disabling bearer <eth:syzkaller0>
[   53.446332][ T4217] syz.3.235 (4217) used greatest stack depth: 10184 bytes left
[   53.657517][   T58] Bluetooth: hci0: Frame reassembly failed (-84)
[   53.681673][ T4243] loop2: detected capacity change from 0 to 512
[   53.695929][ T4243] EXT4-fs (loop2): 1 orphan inode deleted
[   53.700548][ T4247] capability: warning: `syz.0.247' uses 32-bit capabilities (legacy support in use)
[   53.702482][ T4243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.724099][   T58] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 1
[   53.736097][ T4243] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.758359][ T4249] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   53.768829][ T4249] tipc: Disabling bearer <eth:syzkaller0>
[   53.802171][ T3331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.922959][ T4274] pim6reg1: entered promiscuous mode
[   53.928397][ T4274] pim6reg1: entered allmulticast mode
[   53.971577][ T4278] FAULT_INJECTION: forcing a failure.
[   53.971577][ T4278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.984797][ T4278] CPU: 1 UID: 0 PID: 4278 Comm: syz.4.256 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.984829][ T4278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.984883][ T4278] Call Trace:
[   53.984890][ T4278]  <TASK>
[   53.984898][ T4278]  __dump_stack+0x1d/0x30
[   53.984926][ T4278]  dump_stack_lvl+0xe8/0x140
[   53.984953][ T4278]  dump_stack+0x15/0x1b
[   53.984976][ T4278]  should_fail_ex+0x265/0x280
[   53.985001][ T4278]  should_fail+0xb/0x20
[   53.985073][ T4278]  should_fail_usercopy+0x1a/0x20
[   53.985101][ T4278]  _copy_from_user+0x1c/0xb0
[   53.985134][ T4278]  __copy_msghdr+0x244/0x300
[   53.985232][ T4278]  ___sys_sendmsg+0x109/0x1d0
[   53.985274][ T4278]  __sys_sendmmsg+0x178/0x300
[   53.985312][ T4278]  __x64_sys_sendmmsg+0x57/0x70
[   53.985395][ T4278]  x64_sys_call+0x1c4a/0x3000
[   53.985442][ T4278]  do_syscall_64+0xd2/0x200
[   53.985469][ T4278]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.985539][ T4278]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.985611][ T4278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.985708][ T4278] RIP: 0033:0x7fabfc1ef6c9
[   53.985727][ T4278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.985751][ T4278] RSP: 002b:00007fabfac4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   53.985785][ T4278] RAX: ffffffffffffffda RBX: 00007fabfc445fa0 RCX: 00007fabfc1ef6c9
[   53.985813][ T4278] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000003
[   53.985829][ T4278] RBP: 00007fabfac4f090 R08: 0000000000000000 R09: 0000000000000000
[   53.985915][ T4278] R10: 0000000004000804 R11: 0000000000000246 R12: 0000000000000001
[   53.985931][ T4278] R13: 00007fabfc446038 R14: 00007fabfc445fa0 R15: 00007fffac6529e8
[   53.985955][ T4278]  </TASK>
[   54.226499][ T4276] mmap: syz.0.255 (4276) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   54.246868][ T4276] loop0: detected capacity change from 0 to 512
[   54.254782][ T4276] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.255: iget: bad i_size value: 38620345925642
[   54.267630][ T4276] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.255: couldn't read orphan inode 15 (err -117)
[   54.269096][ T4286] sctp: [Deprecated]: syz.4.258 (pid 4286) Use of int in maxseg socket option.
[   54.269096][ T4286] Use struct sctp_assoc_value instead
[   54.280285][ T4276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.356750][ T4290] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   54.373665][ T4292] loop2: detected capacity change from 0 to 512
[   54.407405][ T4292] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   54.421599][ T4290] tipc: Disabling bearer <eth:syzkaller0>
[   54.444769][ T4292] EXT4-fs (loop2): invalid journal inode
[   54.465966][ T4292] EXT4-fs (loop2): can't get journal size
[   54.489945][ T4292] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[   54.502307][ T4292] System zones: 1-12, 13-13
[   54.511315][ T4292] EXT4-fs (loop2): 1 truncate cleaned up
[   54.534889][ T4292] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.567691][ T3331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.587474][   T58] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm kworker/u8:4: bg 0: block 5: invalid block bitmap
[   54.591556][ T4300] dvmrp1: entered allmulticast mode
[   54.609294][   T58] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   54.621901][   T58] EXT4-fs (loop0): This should not happen!! Data will be lost
[   54.621901][   T58] 
[   54.631710][   T58] EXT4-fs (loop0): Total free blocks count 0
[   54.637861][   T58] EXT4-fs (loop0): Free/Dirty block details
[   54.643974][   T58] EXT4-fs (loop0): free_blocks=0
[   54.648929][   T58] EXT4-fs (loop0): dirty_blocks=16000
[   54.654436][   T58] EXT4-fs (loop0): Block reservation details
[   54.660429][   T58] EXT4-fs (loop0): i_reserved_data_blocks=16000
[   54.718276][   T29] kauditd_printk_skb: 420 callbacks suppressed
[   54.718291][   T29] audit: type=1326 audit(1762951213.027:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.748313][   T29] audit: type=1326 audit(1762951213.027:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.771978][   T29] audit: type=1326 audit(1762951213.027:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.795540][   T29] audit: type=1326 audit(1762951213.027:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.818983][   T29] audit: type=1326 audit(1762951213.027:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.842273][   T29] audit: type=1326 audit(1762951213.027:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.865606][   T29] audit: type=1326 audit(1762951213.027:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.889024][   T29] audit: type=1326 audit(1762951213.027:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.912356][   T29] audit: type=1326 audit(1762951213.027:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   54.917248][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[   54.935754][   T29] audit: type=1326 audit(1762951213.027:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4304 comm="syz.2.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f68a7a2f6c9 code=0x7ffc0000
[   55.305257][ T4344] netlink: 'syz.4.276': attribute type 3 has an invalid length.
[   55.313462][ T4344] futex_wake_op: syz.4.276 tries to shift op by 32; fix this program
[   55.346117][ T4343] loop2: detected capacity change from 0 to 512
[   55.375052][ T4343] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.410966][ T4343] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.516230][ T3331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.676898][ T4352] loop2: detected capacity change from 0 to 512
[   55.712223][ T3683] Bluetooth: hci0: command 0x1003 tx timeout
[   55.718370][ T3770] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   55.755024][ T4352] EXT4-fs (loop2): 1 orphan inode deleted
[   55.761328][ T4352] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.774039][   T58] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 1
[   55.784551][ T4352] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.862803][ T3331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.152519][ T4376] netlink: 'syz.4.286': attribute type 16 has an invalid length.
[   56.160348][ T4376] netlink: 'syz.4.286': attribute type 17 has an invalid length.
[   56.275223][ T4384] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   56.542818][ T4394] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   56.550010][ T4394] syzkaller0: entered promiscuous mode
[   56.555568][ T4394] syzkaller0: entered allmulticast mode
[   56.584464][ T4394] tipc: Resetting bearer <eth:syzkaller0>
[   56.591113][ T4393] tipc: Resetting bearer <eth:syzkaller0>
[   56.597817][ T4393] tipc: Disabling bearer <eth:syzkaller0>
[   56.740360][ T4400] __nla_validate_parse: 15 callbacks suppressed
[   56.740374][ T4400] netlink: 244 bytes leftover after parsing attributes in process `syz.4.296'.
[   56.979480][ T4410] loop4: detected capacity change from 0 to 512
[   57.048297][ T4410] EXT4-fs (loop4): 1 orphan inode deleted
[   57.062177][   T58] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 1
[   57.102544][ T4410] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.170075][ T4410] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.259244][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.359206][ T4423] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   57.390473][ T4426] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4426 comm=syz.4.305
[   57.417653][ T4423] tipc: Disabling bearer <eth:syzkaller0>
[   57.443261][ T4426] lo speed is unknown, defaulting to 1000
[   57.447829][ T4430] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   57.455899][ T4426] lo speed is unknown, defaulting to 1000
[   57.456264][ T4430] syzkaller0: entered promiscuous mode
[   57.467228][ T4430] syzkaller0: entered allmulticast mode
[   57.473782][ T4426] lo speed is unknown, defaulting to 1000
[   57.480968][ T4430] tipc: Resetting bearer <eth:syzkaller0>
[   57.492023][ T4426] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   57.501407][ T4429] tipc: Resetting bearer <eth:syzkaller0>
[   57.517077][ T4429] tipc: Disabling bearer <eth:syzkaller0>
[   57.562215][ T4433] netlink: 12 bytes leftover after parsing attributes in process `syz.1.307'.
[   57.563891][ T4426] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   57.652723][ T4426] lo speed is unknown, defaulting to 1000
[   57.658878][ T4426] lo speed is unknown, defaulting to 1000
[   57.667376][ T4426] lo speed is unknown, defaulting to 1000
[   57.674577][ T4426] lo speed is unknown, defaulting to 1000
[   57.680936][ T4452] loop0: detected capacity change from 0 to 512
[   57.683318][ T4426] lo speed is unknown, defaulting to 1000
[   57.704814][ T4452] EXT4-fs (loop0): 1 orphan inode deleted
[   57.711034][ T4452] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.724117][   T12] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 1
[   57.738334][ T4452] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.814131][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.842597][ T4462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.316'.
[   57.865426][ T4464] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   57.902322][ T4462] pim6reg: entered allmulticast mode
[   57.929817][ T4467] loop4: detected capacity change from 0 to 1024
[   58.021620][ T4467] EXT4-fs: test_dummy_encryption option not supported
[   58.090037][ T4474] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[   58.283977][ T4480] netlink: 100 bytes leftover after parsing attributes in process `syz.3.321'.
[   58.365417][ T4486] netlink: 12 bytes leftover after parsing attributes in process `syz.3.323'.
[   58.377031][ T4487] netlink: 92 bytes leftover after parsing attributes in process `syz.4.324'.
[   58.392766][ T4487] netlink: 12 bytes leftover after parsing attributes in process `syz.4.324'.
[   58.401672][ T4487] netlink: 20 bytes leftover after parsing attributes in process `syz.4.324'.
[   58.422831][ T4487] tipc: New replicast peer: 255.255.255.83
[   58.425013][ T4490] loop0: detected capacity change from 0 to 512
[   58.429174][ T4487] tipc: Enabled bearer <udp:�>, priority 10
[   58.464524][ T4490] EXT4-fs (loop0): 1 orphan inode deleted
[   58.470977][ T4490] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.493148][   T58] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 1
[   58.506353][ T4496] netlink: 244 bytes leftover after parsing attributes in process `syz.2.327'.
[   58.627073][  T125] Bluetooth: hci0: Frame reassembly failed (-84)
[   58.635607][ T4516] loop4: detected capacity change from 0 to 128
[   58.646480][ T4516] loop4: detected capacity change from 0 to 164
[   58.653846][ T4516] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   58.658354][ T4520] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   58.663062][ T4516] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   58.674527][ T4521] IPv6: NLM_F_CREATE should be specified when creating new route
[   58.680669][ T4516] Symlink component flag not implemented
[   58.693172][ T4516] Symlink component flag not implemented
[   58.699284][ T4516] Symlink component flag not implemented (7)
[   58.705331][ T4516] Symlink component flag not implemented (116)
[   58.716141][ T4516] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   58.724755][ T4516] rock: directory entry would overflow storage
[   58.731038][ T4516] rock: sig=0x4f50, size=4, remaining=3
[   58.736681][ T4516] iso9660: Corrupted directory entry in block 4 of inode 1792
[   59.008653][ T4530] loop2: detected capacity change from 0 to 128
[   59.015636][ T4530] msdos: Unknown parameter 'n�dots'
[   59.098270][ T4536] netlink: 16 bytes leftover after parsing attributes in process `syz.2.342'.
[   59.174067][ T4539] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4539 comm=syz.2.343
[   59.286412][ T4544] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[   59.295130][ T4544] syzkaller0: entered promiscuous mode
[   59.300682][ T4544] syzkaller0: entered allmulticast mode
[   59.396818][ T4550] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4550 comm=syz.2.348
[   59.410619][ T4550] siw: device registration error -23
[   59.421188][ T4553] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[   59.432259][ T3406] tipc: Node number set to 1696034641
[   59.451353][ T4556] loop3: detected capacity change from 0 to 128
[   59.458091][ T4556] msdos: Unknown parameter 'n�dots'
[   59.532313][ T4561] FAULT_INJECTION: forcing a failure.
[   59.532313][ T4561] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.545621][ T4561] CPU: 1 UID: 0 PID: 4561 Comm: syz.3.352 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.545655][ T4561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.545670][ T4561] Call Trace:
[   59.545678][ T4561]  <TASK>
[   59.545687][ T4561]  __dump_stack+0x1d/0x30
[   59.545779][ T4561]  dump_stack_lvl+0xe8/0x140
[   59.545803][ T4561]  dump_stack+0x15/0x1b
[   59.545823][ T4561]  should_fail_ex+0x265/0x280
[   59.545846][ T4561]  should_fail+0xb/0x20
[   59.545912][ T4561]  should_fail_usercopy+0x1a/0x20
[   59.545936][ T4561]  _copy_from_user+0x1c/0xb0
[   59.545965][ T4561]  bpf_test_init+0xb9/0x140
[   59.546032][ T4561]  bpf_prog_test_run_skb+0x161/0xbf0
[   59.546127][ T4561]  ? __rcu_read_unlock+0x4f/0x70
[   59.546156][ T4561]  ? __fget_files+0x184/0x1c0
[   59.546190][ T4561]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[   59.546283][ T4561]  bpf_prog_test_run+0x22a/0x390
[   59.546309][ T4561]  __sys_bpf+0x4c0/0x7c0
[   59.546339][ T4561]  __x64_sys_bpf+0x41/0x50
[   59.546431][ T4561]  x64_sys_call+0x2aee/0x3000
[   59.546456][ T4561]  do_syscall_64+0xd2/0x200
[   59.546479][ T4561]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.546511][ T4561]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.546618][ T4561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.546645][ T4561] RIP: 0033:0x7f7fc664f6c9
[   59.546663][ T4561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.546684][ T4561] RSP: 002b:00007f7fc50af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   59.546706][ T4561] RAX: ffffffffffffffda RBX: 00007f7fc68a5fa0 RCX: 00007f7fc664f6c9
[   59.546757][ T4561] RDX: 0000000000000050 RSI: 0000200000000500 RDI: 000000000000000a
[   59.546771][ T4561] RBP: 00007f7fc50af090 R08: 0000000000000000 R09: 0000000000000000
[   59.546785][ T4561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.546798][ T4561] R13: 00007f7fc68a6038 R14: 00007f7fc68a5fa0 R15: 00007ffc68e02708
[   59.546820][ T4561]  </TASK>
[   59.787250][   T29] kauditd_printk_skb: 2307 callbacks suppressed
[   59.787268][   T29] audit: type=1326 audit(1762951218.097:3974): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   59.817336][   T29] audit: type=1326 audit(1762951218.097:3975): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   59.841148][   T29] audit: type=1326 audit(1762951218.097:3976): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   59.865062][   T29] audit: type=1326 audit(1762951218.097:3977): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   59.888881][   T29] audit: type=1326 audit(1762951218.097:3978): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   59.912693][   T29] audit: type=1326 audit(1762951218.097:3979): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   59.936488][   T29] audit: type=1326 audit(1762951218.097:3980): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   59.947762][ T4567] loop4: detected capacity change from 0 to 512
[   59.959646][   T29] audit: type=1326 audit(1762951218.097:3981): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   59.989077][   T29] audit: type=1326 audit(1762951218.097:3982): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   60.012283][   T29] audit: type=1326 audit(1762951218.097:3983): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4564 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfc1ef6c9 code=0x7ffc0000
[   60.024919][ T4567] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.064413][ T4567] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.355: corrupted inode contents
[   60.076505][ T4567] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.355: mark_inode_dirty error
[   60.088136][ T4567] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.355: corrupted inode contents
[   60.100141][ T4567] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.355: mark_inode_dirty error
[   60.115141][ T4567] EXT4-fs error (device loop4): ext4_lookup:1784: inode #19: comm syz.4.355: 'bus' linked to parent dir
[   60.131083][ T4576] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4576 comm=syz.3.357
[   60.335349][ T4584] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[   60.377395][ T4586] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[   60.401887][ T4588] loop3: detected capacity change from 0 to 128
[   60.408494][ T4588] msdos: Unknown parameter 'n�dots'
[   60.473375][ T4592] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[   60.672193][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   60.672209][ T3770] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   60.814089][ T4603] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4603 comm=syz.1.368
[   60.871215][ T4611] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   60.890092][ T4616] FAULT_INJECTION: forcing a failure.
[   60.890092][ T4616] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.903374][ T4616] CPU: 1 UID: 0 PID: 4616 Comm: syz.4.372 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.903453][ T4616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.903517][ T4616] Call Trace:
[   60.903525][ T4616]  <TASK>
[   60.903534][ T4616]  __dump_stack+0x1d/0x30
[   60.903564][ T4616]  dump_stack_lvl+0xe8/0x140
[   60.903593][ T4616]  dump_stack+0x15/0x1b
[   60.903618][ T4616]  should_fail_ex+0x265/0x280
[   60.903644][ T4616]  should_fail+0xb/0x20
[   60.903736][ T4616]  should_fail_usercopy+0x1a/0x20
[   60.903810][ T4616]  _copy_to_user+0x20/0xa0
[   60.903845][ T4616]  simple_read_from_buffer+0xb5/0x130
[   60.903897][ T4616]  proc_fail_nth_read+0x10e/0x150
[   60.903940][ T4616]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   60.903981][ T4616]  vfs_read+0x1a8/0x770
[   60.904053][ T4616]  ? __rcu_read_unlock+0x4f/0x70
[   60.904088][ T4616]  ? __fget_files+0x184/0x1c0
[   60.904129][ T4616]  ksys_read+0xda/0x1a0
[   60.904164][ T4616]  __x64_sys_read+0x40/0x50
[   60.904243][ T4616]  x64_sys_call+0x27c0/0x3000
[   60.904274][ T4616]  do_syscall_64+0xd2/0x200
[   60.904305][ T4616]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.904343][ T4616]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.904389][ T4616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.904443][ T4616] RIP: 0033:0x7fabfc1ee0dc
[   60.904463][ T4616] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   60.904487][ T4616] RSP: 002b:00007fabfac4f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   60.904512][ T4616] RAX: ffffffffffffffda RBX: 00007fabfc445fa0 RCX: 00007fabfc1ee0dc
[   60.904529][ T4616] RDX: 000000000000000f RSI: 00007fabfac4f0a0 RDI: 0000000000000007
[   60.904545][ T4616] RBP: 00007fabfac4f090 R08: 0000000000000000 R09: 0000000000000000
[   60.904561][ T4616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.904657][ T4616] R13: 00007fabfc446038 R14: 00007fabfc445fa0 R15: 00007fffac6529e8
[   60.904682][ T4616]  </TASK>
[   60.907979][ T4618] loop2: detected capacity change from 0 to 128
[   60.912741][ T3683] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   60.918092][ T3770] Bluetooth: hci1: command 0x1003 tx timeout
[   60.935432][ T4618] msdos: Unknown parameter 'n�dots'
[   61.079648][ T4626] syz.4.377 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   61.144708][ T4626] netlink: 'syz.4.377': attribute type 1 has an invalid length.
[   61.152430][ T4626] netlink: 'syz.4.377': attribute type 4 has an invalid length.
[   61.170078][ T4626] netlink: 'syz.4.377': attribute type 1 has an invalid length.
[   61.177967][ T4626] netlink: 'syz.4.377': attribute type 4 has an invalid length.
[   61.344283][ T4643] loop2: detected capacity change from 0 to 128
[   61.351101][ T4643] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   61.376730][ T4643] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   61.455003][ T4651] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   61.513576][ T4651] tipc: Disabling bearer <eth:syzkaller0>
[   61.790437][ T4688] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4688 comm=syz.4.388
[   61.982189][ T4068] tipc: Node number set to 4154301186
[   62.106378][  T125] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   62.249129][ T4732] loop0: detected capacity change from 0 to 128
[   62.258855][ T4732] msdos: Unknown parameter 'n�dots'
[   62.345946][ T4743] __nla_validate_parse: 10 callbacks suppressed
[   62.345964][ T4743] netlink: 12 bytes leftover after parsing attributes in process `syz.3.391'.
[   62.430908][ T4754] netlink: 20 bytes leftover after parsing attributes in process `syz.0.394'.
[   62.617692][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   62.673635][ T4749] loop3: detected capacity change from 0 to 8192
[   62.732815][ T4749]  loop3: p1 p2 p3 p4[DM]
[   62.737667][ T4749] loop3: p1 size 835329 extends beyond EOD, truncated
[   62.752734][ T4749] loop3: p2 size 327680 extends beyond EOD, truncated
[   62.767792][ T4749] loop3: p3 start 1052673 is beyond EOD, truncated
[   62.774419][ T4749] loop3: p4 size 262144 extends beyond EOD, truncated
[   62.804397][ T4749] SELinux: failed to load policy
[   62.823949][ T4807] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4807 comm=syz.2.399
[   62.872845][ T4812] smc: net device bond0 applied user defined pnetid SYZ2
[   62.881025][ T4812] netlink: 14 bytes leftover after parsing attributes in process `syz.4.400'.
[   62.896147][ T4812] smc: removing net device bond0 with user defined pnetid SYZ2
[   62.905189][ T4812] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   62.914905][ T4812] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   62.915218][ T4815] netlink: 36 bytes leftover after parsing attributes in process `GPL'.
[   62.932604][ T4812] bond0 (unregistering): Released all slaves
[   62.938946][ T4815] FAULT_INJECTION: forcing a failure.
[   62.938946][ T4815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.952080][ T4815] CPU: 1 UID: 0 PID: 4815 Comm: GPL Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.952116][ T4815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   62.952133][ T4815] Call Trace:
[   62.952142][ T4815]  <TASK>
[   62.952152][ T4815]  __dump_stack+0x1d/0x30
[   62.952182][ T4815]  dump_stack_lvl+0xe8/0x140
[   62.952211][ T4815]  dump_stack+0x15/0x1b
[   62.952237][ T4815]  should_fail_ex+0x265/0x280
[   62.952271][ T4815]  should_fail+0xb/0x20
[   62.952364][ T4815]  should_fail_usercopy+0x1a/0x20
[   62.952389][ T4815]  _copy_from_iter+0xd2/0xe80
[   62.952419][ T4815]  ? __build_skb_around+0x1ab/0x200
[   62.952456][ T4815]  ? __alloc_skb+0x223/0x320
[   62.952543][ T4815]  netlink_sendmsg+0x471/0x6b0
[   62.952573][ T4815]  ? __pfx_netlink_sendmsg+0x10/0x10
[   62.952636][ T4815]  __sock_sendmsg+0x145/0x180
[   62.952671][ T4815]  ____sys_sendmsg+0x31e/0x4e0
[   62.952721][ T4815]  ___sys_sendmsg+0x17b/0x1d0
[   62.952761][ T4815]  __x64_sys_sendmsg+0xd4/0x160
[   62.952833][ T4815]  x64_sys_call+0x191e/0x3000
[   62.952864][ T4815]  do_syscall_64+0xd2/0x200
[   62.952891][ T4815]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   62.952931][ T4815]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   62.953026][ T4815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.953056][ T4815] RIP: 0033:0x7f7fc664f6c9
[   62.953076][ T4815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.953098][ T4815] RSP: 002b:00007f7fc50af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.953191][ T4815] RAX: ffffffffffffffda RBX: 00007f7fc68a5fa0 RCX: 00007f7fc664f6c9
[   62.953206][ T4815] RDX: 0000000020000010 RSI: 0000200000000080 RDI: 0000000000000006
[   62.953221][ T4815] RBP: 00007f7fc50af090 R08: 0000000000000000 R09: 0000000000000000
[   62.953236][ T4815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.953252][ T4815] R13: 00007f7fc68a6038 R14: 00007f7fc68a5fa0 R15: 00007ffc68e02708
[   62.953284][ T4815]  </TASK>
[   63.203115][ T4824] loop2: detected capacity change from 0 to 128
[   63.209819][ T4824] msdos: Unknown parameter 'n�dots'
[   63.316503][ T4831] loop2: detected capacity change from 0 to 128
[   63.323445][ T4831] msdos: Unknown parameter 'n�dots'
[   63.334595][ T4068] IPVS: starting estimator thread 0...
[   63.349651][ T4836] netlink: 20 bytes leftover after parsing attributes in process `syz.4.407'.
[   63.420421][ T4847] netlink: 4 bytes leftover after parsing attributes in process `syz.4.411'.
[   63.422918][ T4834] IPVS: using max 2352 ests per chain, 117600 per kthread
[   63.521568][ T4849] Cannot find add_set index 0 as target
[   63.563587][ T4852] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.572050][ T4852] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.727621][ T4862] loop4: detected capacity change from 0 to 1024
[   63.764728][ T4867] loop4: detected capacity change from 0 to 128
[   63.771244][ T4867] msdos: Unknown parameter 'n�dots'
[   63.947827][ T4891] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[   63.957370][ T4891] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[   63.994402][ T4898] loop1: detected capacity change from 0 to 128
[   64.001679][ T4898] msdos: Unknown parameter 'n�dots'
[   64.076716][ T4900] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   64.115511][ T4902] loop4: detected capacity change from 0 to 1024
[   64.123466][ T4906] loop1: detected capacity change from 0 to 512
[   64.130034][ T4902] ext4: Bad value for 'debug_want_extra_isize'
[   64.136439][ T4906] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   64.157560][ T4906] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   64.172068][ T4904] loop2: detected capacity change from 0 to 4096
[   64.178667][ T4904] EXT4-fs: Ignoring removed nomblk_io_submit option
[   64.185562][ T4906] EXT4-fs (loop1): 1 truncate cleaned up
[   64.243311][ T4911] loop3: detected capacity change from 0 to 512
[   64.256308][ T4911] EXT4-fs: dax option not supported
[   64.431136][ T3323] EXT4-fs error (device loop1): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   64.431364][ T4922] loop7: detected capacity change from 0 to 7
[   64.472277][ T4924] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   64.483866][ T3323] EXT4-fs error (device loop1): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   64.536356][ T3323] EXT4-fs error (device loop1): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   64.574085][ T3323] EXT4-fs error (device loop1): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   64.608130][ T3323] EXT4-fs error (device loop1): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   64.633368][ T3323] EXT4-fs error (device loop1): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   64.671655][ T3323] EXT4-fs error (device loop1): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   64.693472][ T3770] Bluetooth: hci0: command 0x1003 tx timeout
[   64.699753][ T3683] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   64.722689][ T3323] EXT4-fs error (device loop1): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   64.751836][ T4929] netlink: 20 bytes leftover after parsing attributes in process `syz.4.444'.
[   64.757370][ T3323] EXT4-fs error (device loop1): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /49/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   64.782788][ T3323] EXT4-fs error (device loop1): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   64.971174][ T4935] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[   65.032182][   T29] kauditd_printk_skb: 405 callbacks suppressed
[   65.032199][   T29] audit: type=1400 audit(1762951223.327:4389): avc:  denied  { getopt } for  pid=4932 comm="syz.0.447" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   65.095233][ T4955] loop2: detected capacity change from 0 to 512
[   65.102128][ T3406] tipc: Node number set to 3368004876
[   65.111790][ T4955] EXT4-fs (loop2): failed to initialize system zone (-117)
[   65.121146][ T4955] EXT4-fs (loop2): mount failed
[   65.157844][   T29] audit: type=1400 audit(1762951223.467:4390): avc:  denied  { mounton } for  pid=4966 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   65.210543][ T4955] lo speed is unknown, defaulting to 1000
[   65.290369][   T58] bridge_slave_1: left allmulticast mode
[   65.296075][   T58] bridge_slave_1: left promiscuous mode
[   65.301876][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.337433][   T58] bridge_slave_0: left allmulticast mode
[   65.343199][   T58] bridge_slave_0: left promiscuous mode
[   65.348924][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.413539][   T58] tipc: Disabling bearer <eth:syzkaller0>
[   65.434322][   T29] audit: type=1400 audit(1762951223.747:4391): avc:  denied  { read } for  pid=4960 comm="syz.4.453" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   65.463536][   T29] audit: type=1400 audit(1762951223.747:4392): avc:  denied  { open } for  pid=4960 comm="syz.4.453" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   65.486958][   T29] audit: type=1400 audit(1762951223.777:4393): avc:  denied  { ioctl } for  pid=4960 comm="syz.4.453" path="/dev/nvram" dev="devtmpfs" ino=98 ioctlcmd=0xb100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   65.512494][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   65.530422][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   65.539868][   T58] bond0 (unregistering): Released all slaves
[   65.610235][   T58] tipc: Left network mode
[   65.630012][   T58] hsr_slave_0: left promiscuous mode
[   65.642454][   T58] hsr_slave_1: left promiscuous mode
[   65.670282][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.686230][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.736538][ T5017] loop4: detected capacity change from 0 to 1024
[   65.744845][ T5017] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   65.755835][ T5017] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[   65.765602][ T5017] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   65.765803][   T58] team0 (unregistering): Port device team_slave_1 removed
[   65.783297][ T5017] EXT4-fs (loop4): invalid journal inode
[   65.788979][ T5017] EXT4-fs (loop4): can't get journal size
[   65.797916][ T5017] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #3: comm syz.4.456: blocks 2-2 from inode overlap system zone
[   65.797950][   T58] team0 (unregistering): Port device team_slave_0 removed
[   65.834837][ T5022] loop2: detected capacity change from 0 to 256
[   65.841408][ T5017] EXT4-fs (loop4): failed to initialize system zone (-117)
[   65.850924][ T5017] EXT4-fs (loop4): mount failed
[   65.868068][ T4966] lo speed is unknown, defaulting to 1000
[   65.921290][ T5035] netlink: 14 bytes leftover after parsing attributes in process `syz.4.458'.
[   65.969793][ T5044] netlink: 12 bytes leftover after parsing attributes in process `syz.4.460'.
[   66.003233][ T4966] chnl_net:caif_netlink_parms(): no params data found
[   66.045509][ T5049] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   66.076348][ T5049] tipc: Disabling bearer <eth:syzkaller0>
[   66.112762][ T4966] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.119962][ T4966] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.127409][ T4966] bridge_slave_0: entered allmulticast mode
[   66.134231][ T4966] bridge_slave_0: entered promiscuous mode
[   66.141323][ T4966] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.148507][ T4966] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.155766][ T4966] bridge_slave_1: entered allmulticast mode
[   66.162455][ T4966] bridge_slave_1: entered promiscuous mode
[   66.183570][ T4966] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.193389][   T58] IPVS: stop unused estimator thread 0...
[   66.194560][ T4966] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.231441][ T4966] team0: Port device team_slave_0 added
[   66.243194][ T4966] team0: Port device team_slave_1 added
[   66.292581][ T4966] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.299628][ T4966] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   66.325621][ T4966] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.337737][ T4966] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.344780][ T4966] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   66.370762][ T4966] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.409501][ T5093] loop4: detected capacity change from 0 to 512
[   66.416634][ T5093] EXT4-fs: Ignoring removed i_version option
[   66.427195][ T4966] hsr_slave_0: entered promiscuous mode
[   66.435619][ T5093] ext4 filesystem being mounted at /129/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   66.436817][ T4966] hsr_slave_1: entered promiscuous mode
[   66.452133][ T4966] debugfs: 'hsr0' already exists in 'hsr'
[   66.457887][ T4966] Cannot create hsr debugfs directory
[   66.492299][ T5093] FAULT_INJECTION: forcing a failure.
[   66.492299][ T5093] name failslab, interval 1, probability 0, space 0, times 0
[   66.505052][ T5093] CPU: 1 UID: 0 PID: 5093 Comm: syz.4.463 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.505090][ T5093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   66.505107][ T5093] Call Trace:
[   66.505116][ T5093]  <TASK>
[   66.505126][ T5093]  __dump_stack+0x1d/0x30
[   66.505154][ T5093]  dump_stack_lvl+0xe8/0x140
[   66.505258][ T5093]  dump_stack+0x15/0x1b
[   66.505275][ T5093]  should_fail_ex+0x265/0x280
[   66.505360][ T5093]  ? kobject_uevent_env+0x1c0/0x570
[   66.505405][ T5093]  should_failslab+0x8c/0xb0
[   66.505445][ T5093]  __kmalloc_cache_noprof+0x4c/0x4a0
[   66.505501][ T5093]  kobject_uevent_env+0x1c0/0x570
[   66.505545][ T5093]  kobject_uevent+0x1d/0x30
[   66.505641][ T5093]  lo_ioctl+0xd1f/0x12b0
[   66.505705][ T5093]  ? blkdev_common_ioctl+0xad6/0x1ad0
[   66.505735][ T5093]  ? do_vfs_ioctl+0x866/0xe10
[   66.505765][ T5093]  ? selinux_file_ioctl+0x308/0x3a0
[   66.505838][ T5093]  ? __pfx_lo_ioctl+0x10/0x10
[   66.505875][ T5093]  ? __pfx_blkdev_ioctl+0x10/0x10
[   66.505893][ T5093]  blkdev_ioctl+0x356/0x440
[   66.505913][ T5093]  ? __pfx_blkdev_ioctl+0x10/0x10
[   66.506007][ T5093]  __se_sys_ioctl+0xce/0x140
[   66.506087][ T5093]  __x64_sys_ioctl+0x43/0x50
[   66.506195][ T5093]  x64_sys_call+0x1816/0x3000
[   66.506228][ T5093]  do_syscall_64+0xd2/0x200
[   66.506302][ T5093]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.506343][ T5093]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.506390][ T5093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.506418][ T5093] RIP: 0033:0x7fabfc1ef6c9
[   66.506438][ T5093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.506504][ T5093] RSP: 002b:00007fabfac4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   66.506529][ T5093] RAX: ffffffffffffffda RBX: 00007fabfc445fa0 RCX: 00007fabfc1ef6c9
[   66.506553][ T5093] RDX: 0000000000000005 RSI: 0000000000004c06 RDI: 0000000000000004
[   66.506571][ T5093] RBP: 00007fabfac4f090 R08: 0000000000000000 R09: 0000000000000000
[   66.506587][ T5093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.506604][ T5093] R13: 00007fabfc446038 R14: 00007fabfc445fa0 R15: 00007fffac6529e8
[   66.506628][ T5093]  </TASK>
[   66.803534][ T4966] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   66.813041][ T4966] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   66.831749][ T4966] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   66.844109][ T4966] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   66.900448][ T4966] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.931567][ T4966] 8021q: adding VLAN 0 to HW filter on device team0
[   66.944337][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.951480][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.952546][ T5137] loop0: detected capacity change from 0 to 1024
[   66.965667][   T29] audit: type=1400 audit(1762951225.277:4394): avc:  denied  { recv } for  pid=22 comm="ksoftirqd/1" saddr=10.128.0.163 src=30036 daddr=10.128.1.70 dest=33404 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[   66.982760][ T4966] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   67.001365][ T4966] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   67.017493][ T5137] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   67.028552][ T5137] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   67.040143][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.047341][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.063065][   T29] audit: type=1400 audit(1762951225.377:4395): avc:  denied  { egress } for  pid=4068 comm="kworker/0:13" daddr=ff02::16 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[   67.085723][   T29] audit: type=1400 audit(1762951225.377:4396): avc:  denied  { sendto } for  pid=4068 comm="kworker/0:13" daddr=ff02::16 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[   67.111717][ T5137] EXT4-fs (loop0): corrupt root inode, run e2fsck
[   67.122674][ T5137] EXT4-fs (loop0): mount failed
[   67.153643][ T5137] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[   67.176360][ T5148] loop4: detected capacity change from 0 to 512
[   67.176445][   T29] audit: type=1400 audit(1762951225.487:4397): avc:  denied  { mount } for  pid=5142 comm="syz.4.470" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   67.232158][ T4966] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.399594][ T4966] veth0_vlan: entered promiscuous mode
[   67.408461][ T4966] veth1_vlan: entered promiscuous mode
[   67.433549][ T4966] veth0_macvtap: entered promiscuous mode
[   67.441118][ T4966] veth1_macvtap: entered promiscuous mode
[   67.451978][ T5170] loop0: detected capacity change from 0 to 512
[   67.453772][ T4966] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.462921][ T5170] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   67.470208][ T4966] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.487190][   T31] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.503320][ T5170] EXT4-fs (loop0): 1 truncate cleaned up
[   67.517976][   T31] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.557027][   T29] audit: type=1400 audit(1762951225.867:4398): avc:  denied  { mounton } for  pid=4966 comm="syz-executor" path="/root/syzkaller.E7Nf4f/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   67.599301][   T31] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.616883][   T31] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.700380][ T5194] loop4: detected capacity change from 0 to 128
[   67.720655][ T5178] loop3: detected capacity change from 0 to 4096
[   67.730127][   T31] ==================================================================
[   67.738258][   T31] BUG: KCSAN: data-race in n_tty_receive_char_flow_ctrl / tty_set_termios
[   67.746802][   T31] 
[   67.749139][   T31] write to 0xffff888118bb1508 of 44 bytes by task 5195 on cpu 1:
[   67.756865][   T31]  tty_set_termios+0xc0/0x8c0
[   67.761559][   T31]  set_termios+0x35b/0x4d0
[   67.766034][   T31]  tty_mode_ioctl+0x379/0x5c0
[   67.770722][   T31]  n_tty_ioctl_helper+0x91/0x210
[   67.775673][   T31]  n_tty_ioctl+0x101/0x200
[   67.780113][   T31]  tty_ioctl+0x83f/0xb80
[   67.784364][   T31]  __se_sys_ioctl+0xce/0x140
[   67.788961][   T31]  __x64_sys_ioctl+0x43/0x50
[   67.793555][   T31]  x64_sys_call+0x1816/0x3000
[   67.798252][   T31]  do_syscall_64+0xd2/0x200
[   67.802779][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.808679][   T31] 
[   67.811004][   T31] read to 0xffff888118bb1521 of 1 bytes by task 31 on cpu 0:
[   67.818374][   T31]  n_tty_receive_char_flow_ctrl+0x23/0x1a0
[   67.824204][   T31]  n_tty_lookahead_flow_ctrl+0xed/0x130
[   67.829769][   T31]  tty_port_default_lookahead_buf+0x91/0xc0
[   67.835767][   T31]  flush_to_ldisc+0x288/0x340
[   67.840474][   T31]  process_scheduled_works+0x4ce/0x9d0
[   67.845957][   T31]  worker_thread+0x582/0x770
[   67.850553][   T31]  kthread+0x489/0x510
[   67.854640][   T31]  ret_from_fork+0x122/0x1b0
[   67.859237][   T31]  ret_from_fork_asm+0x1a/0x30
[   67.864009][   T31] 
[   67.866334][   T31] value changed: 0x11 -> 0x44
[   67.871015][   T31] 
[   67.873347][   T31] Reported by Kernel Concurrency Sanitizer on:
[   67.879503][   T31] CPU: 0 UID: 0 PID: 31 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.889231][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.899295][   T31] Workqueue: events_unbound flush_to_ldisc
[   67.905121][   T31] ==================================================================
[   67.916882][ T5178] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.924870][ T5194] msdos: Unknown parameter 'n�dots'
[   67.983195][ T5201] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5201 comm=syz.2.482
[   68.052381][ T5205] loop7: detected capacity change from 0 to 7
[   68.078600][ T3315] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /87/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   68.103102][ T3315] EXT4-fs error (device loop0): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   68.159287][ T3315] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /87/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   68.181554][ T3315] EXT4-fs error (device loop0): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   68.203707][ T3315] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /87/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   68.226345][ T3315] EXT4-fs error (device loop0): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   68.247076][ T3315] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /87/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   68.268901][ T3315] EXT4-fs error (device loop0): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   68.290117][ T3315] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /87/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   68.312260][ T3315] EXT4-fs error (device loop0): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   68.707300][   T31] bond0 (unregistering): Released all slaves
[   68.735458][   T31] tipc: Left network mode
[   68.743015][   T31] hsr_slave_0: left promiscuous mode
[   68.748653][   T31] hsr_slave_1: left promiscuous mode
[   69.055190][   T31] IPVS: stop unused estimator thread 0...