last executing test programs:

1.940806657s ago: executing program 4 (id=136):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000900000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000004c0)='kfree\x00', r2}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000008c0)="89", 0x0, 0x1000000}, 0x32)

1.940178377s ago: executing program 1 (id=138):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000400)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x73, 0x188341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x18)
syz_io_uring_setup(0x111, &(0x7f00000004c0)={0x0, 0x14, 0x20000, 0xfffffffe, 0x1ef}, 0x0, 0x0)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect={0x0, 0x5517, 0xfffffdfb})

1.897013147s ago: executing program 4 (id=141):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x70, 0x103301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

1.896199798s ago: executing program 4 (id=144):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x3018801, 0x0, 0x0, 0x0, &(0x7f0000000000))
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x5)
pipe2$9p(&(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000002500)='./file7\x00', &(0x7f0000002540), 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c616e616d653d62c58c09d6cb19a2712c76657273696f6e3d397032303030"])

1.772990909s ago: executing program 4 (id=145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x9}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000c40)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')

1.71479055s ago: executing program 4 (id=147):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x24000081)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="07000000040000010000000003000000000000001ee515b3fd413c65904d4ce9801cf262bb7c20c23e3f2c2b16f19207b78c678745ff78578337fed55e43", @ANYRES32, @ANYBLOB="0002000000000000000600000000000010000000", @ANYRESDEC, @ANYRES32, @ANYRES8=r0], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f0000001900), 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e00000000000000050000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a000000060001"], 0x1c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
r9 = accept(r5, &(0x7f0000000580)=@isdn, &(0x7f0000000200)=0x80)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r9, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r10, 0x5607, 0x4)
setsockopt$inet_mreq(r9, 0x0, 0x24, &(0x7f0000000280)={@private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1}}, 0x8)
ioctl$VT_ACTIVATE(r10, 0x5606, 0x4)
r11 = gettid()
rt_sigqueueinfo(r11, 0xfffffffd, &(0x7f0000000300)={0x433, 0x8008a, 0x2})
ioctl$VT_RESIZEX(r0, 0x560a, 0x0)

1.348983714s ago: executing program 4 (id=152):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
socket$unix(0x1, 0x1, 0x0)
r5 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r5, 0x40044590, &(0x7f0000000200)=0x7dffeffc)
close(r5)

1.053403047s ago: executing program 3 (id=171):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c646973636172642c757466383d312c757466383d312c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c757466383d312c00ef5c3556"], 0xfd, 0x2a8, &(0x7f0000000280)="$eJzs3E9rE08YwPGnaZOmKW1y+PEDBfFBL3pZ2vgKgrQgBpTaiHoQpnajIWtSsjESEdubV19H8ehNsL6BXrx5Fy9FELz0IF3pbrfZ1qW2te3W5vuBstOdeTKzfxKeXZhZu/fmab3qWlXTllRWJSXZJVkXKUhKQgNb25RfzkjUklwd/fH5wp37D26WyuWpGdXp0uy1oqqOX/zw/OXbSx/bo3ffjb8fltXCw7XvxS+r/6+eW9uYDT+92Vajc81m28w5ts7X3LqletuxjWtrreHarR31Vae5sNBV05gfyy20bNdV0+hq3e5qu6ntVlfNY1NrqGVZOpaTOJnYvWfD4IEjKsszM6Z0LINBEkbidrZaJTMYW1lZPolBAQCA0+X3/F9OJP9/UnO15mrjT/l/So42/0eUn/9vxCaNOBvSmw8AJZPb+v7uRP4PAAAAAAAAAAAAAAAAAAAAAMC/YN3z8p7n5cNt+DcsIlkRCf9Pepw4Hoe4/gMJDhdHLDJxLyvivO5UOpVgG9SXqlITR2yZSPtzibxtQXn6RnlqQn0FWXEWt+L9SYLDYXyoEB8/GcRrJH6xU0lLLtp/UfLyX3x8cVd8WkQ6lYxcuRyJtyQvnx5JUxyZ9+/rXvyrSdXrt8q7+h/x2wEAAAAAcBZYuq2w8/k3WE3SsjRcNmRXfbCz935A8vJzz/cDKisZ6cUPyfmh5I4bAAAAAIB+4nZf1I3j2K1+LozIwaP68dRZ2eCm2bOx53mLm43+vtOUiCR0pN9E5BSc8KMufH0WXMD9NE7yVwkAAADAcegl/UmPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/rXfxcPC9odZeyzS3WAyRwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcDr8CAAD//4DOGY4=")
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000540), 0xffffffffffffffff)
mknod$loop(&(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, 0x1)

958.132068ms ago: executing program 1 (id=174):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x8}, [@exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94)

824.58393ms ago: executing program 1 (id=178):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000007}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
syz_read_part_table(0x1060, &(0x7f0000000000)="$eJzsz8FpAlEUBdA7n/mZCQSyTxFTRxaBrLJOE/bhypUd2I7FiIJ8YRwtQV2cs3k8ePfBDc9VcmqttXLb345J9zVmSsm2Jqm/U9Jm6Yd7bH+dbTinbuqSTbKu+U/qe5KPJN3PMCar75Skn48+D+Pyo8vf7qFdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBFXQIAAP//s1YVKg==")

704.818201ms ago: executing program 0 (id=182):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file7\x00', 0x200000, &(0x7f0000000140)=ANY=[], 0xfc, 0x2b0, &(0x7f0000000280)="$eJzs3E1rE10UwPHTtOlLSpssHh5QEA+60c3Qxk8QpAUxoNRGtAvh1k40ZExKJkYiYrtz6+coLt0J1i9QEHfuxU0RBDddSEc6L3Zaom1j22mb/w/C3My9Z+6dyUw4MzB3/d7rJ9Wya5VNU1LDKimRZdkQyW2VQn3hMuWXByVuWa6O/vh84c79uZuFYnFqRnW6MHstr6rjF98/e/Hm0ofm6N234++GZC33YP17/sva/2vn1jdno63Xm2p0vl5vmnnH1oWKW7VUbzu2cW2t1Fy7saO+7NQXF9tqagtjmcWG7bpqam2t2m1t1rXZaKt5ZCo1tSxLxzLSa/oPHFFamZkxhSMZDJIw0mllo1Ew/R0rSyvHMSgAAHCydJv/z30M1nWb/z+uuFpxtbZX/p+SA+X/ffKH/H/4+A7pKeLn/5sdk0acDemtG4CCyYTX707k/wAAAAAAAAAAAAAAAAAAAAAAnAYbnpf1PC8bLaPPUPjOTPQ96XHiaHTx+/clOFwcstiLe8MizqtWqVUKlkF9oSwVccSWibTIT/98CAXl6RvFqQn15WTVWQrj/ZcEh6L4SK5z/GQQr7H4pVYpLZl4/3nJyn+d4/O74tMi0ioNypXLsXhLsvLpodTFkQX/vN6Ofzmpev1WcVf/I347AAAAAADOAkt/y+28/w1mk7QsjaYN2VUfrFyW6PmAZPd4PqCyOijb8QNyfiC5/QYAAAAAoJe47edV4zh2g8LBCr146KxwFuW/NvY8b2mr0b93mhKRhPb0m4icgAMeK6QP44L9+jTYyH4aJ/WPBAAAAOCobCf9SY8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDetd/Jw6L23cw9FuuuP5m9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6GXwEAAP//2MgYNQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1c0)

670.611362ms ago: executing program 3 (id=183):
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x1cb041, 0x8)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000bc0000000000000000030000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x80000}, 0x18)
r3 = dup(r1)
sendfile(r3, r0, 0x0, 0x8000fffffffc)

626.774412ms ago: executing program 0 (id=184):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r1, 0x0, r4, 0x0, 0x1, 0x4)
ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, 0x0)
write(r0, 0x0, 0x0)

573.581573ms ago: executing program 2 (id=185):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x240080c1)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x50}}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000005c0))
unshare(0x6a040000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000014c0)={0xffffffffffffffff, 0x0, 0x5, 0x0, &(0x7f0000000340)="17f479d804", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x50)
ioctl$EXT4_IOC_MIGRATE(r1, 0x6609)

573.110253ms ago: executing program 3 (id=186):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x3}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

521.149534ms ago: executing program 3 (id=187):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x8000000000, 0x8000c62)

434.831515ms ago: executing program 0 (id=188):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
dup3(r1, r0, 0x0)

369.040725ms ago: executing program 1 (id=189):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2, 0x0, 0xe}, 0x18)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

365.634476ms ago: executing program 0 (id=190):
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcBAu3EAxWUSEWWiSFSAxpjIgrFlsLFloIFhYSidZ+/AOKXyA2Yp9SjCAKsZKUYr2g2KTKsutsY7WyqOzleZrhPefMHF5+E/hfi8If7XY7EUJoJ9//9m+nhfFSz+To1HQIiZAKIRR+/eXvTiKe+Oer5/G5HJ9LyWxj/3rs+bTjpveunj6M4n4tCmEthLDwcJT6r3fj53eWv0ytbywVN1fy8/fF1cehuf5C91ZhcWf4IFeZ6crNxj9WLfqc/enGyPFtu/y0+33gW73Ryl7Fc5nEx+zna73Nf6+z2qy2JvpOlgczP5oXle049xf5AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+wsf5la31gqbq7k5++Lq49Dc/2F7q3C4s7wQa4y05WbjV7natHn7E83Ro5v2+Wn3e8D3+qNVvYqnsskPmY/X+tt/nud1Wa1NdF3sjyY+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4lwrjpZ7J0anpEBLh9xDCWNRx9Fe9nXztJ+K58/hZjuulZLaxfz32fNpx03tXTx9OxvVaFMJaCGHh4Sj16Zfh3f4MAAD//1DXhv4=")

275.250106ms ago: executing program 2 (id=191):
unshare(0x22020600)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000001300000000000000000000850000006d00000018118c00", @ANYBLOB="18abd8cb480220f5b7d64e72", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = syz_open_dev$evdev(&(0x7f0000000280), 0x1, 0x1)
ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f0000000340)=""/222)

264.807327ms ago: executing program 1 (id=192):
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x23, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x300)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
close_range(r0, r1, 0x0)

213.083897ms ago: executing program 3 (id=193):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000060000b000000000000000008500000041000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0xe, 0x0, &(0x7f0000000240)="ffffff7f00000000e7b335a5a4a0", 0x0, 0x18000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

212.490517ms ago: executing program 1 (id=194):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001000c10701000000000000000a0000000900020054495043"], 0x7b}}, 0x8000)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x3af4701e)
sendfile(r2, r0, 0x0, 0x10000a007)

197.401877ms ago: executing program 0 (id=195):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)

176.868598ms ago: executing program 3 (id=196):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000180)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@barrier}, {@user_xattr}]}, 0x80, 0x55d, &(0x7f0000002600)="$eJzs3c9vG1kdAPDvuHa2P9J1luUAK7EssKhdQe1mw+5GHJYiIThVWrHcS0jcKKoTV7Gz20SVNv0LkBACBCe4cEHiD0BClbhwREiV4AzSIhCCFA5IQGdle/KjyTh1U8fOj89Hms6b9zz+vjfuTObNPM0EcGq9EhHXIuJRmqavRUQ5yy9kU6x3p/bnHm7cnW1PSaTpu/9IIsnyNr8ryeYXstXORsQ3vxHxnWRv3Obq2q2Zer22nC1XW4u3q83VtSsLizPztfna0tTU5JvTb02/MX11IO28GBFvf+0vP/juz7/+9q+/+P6fb/ztcrvZMZ6V72zHU2hvomJeQZqmH8TWNil1tsWm9grLBwh2VBU7Lcycy/tEmqbpo7S8I+feUGoGAMBu7RPYj0XEZyPitSjHmfzTWQAAAOAYS78yHv9Lundocoz1yAcAAACOkUJnDGxSqGRjAcajUKhUumN4Px7nC/VGs/WFm42VpbkHPx6PiIkoFW4u1GtXs7HCE1FK2suTnfT28uu7lqci4oWI+H75XGe5Mtuoz4364gcAAACcEhd29f//Xe72/wEAAIATZmJvVmEU9QAAAAAOT07/HwAAADhh9P8BAADgRHvn+tl45/r1dPP913Pvra7carx3Za7WvFVZXJmtzDaWb1fmG435zjP7Fneueybn++qNxu0vxdLKnWqr1mxVm6trNxYbK0utGwuPvQIbAAAAGKIXPn3/j0lErH/5XGdqGxt1pYChKG6lkmyes/f/6fnu/MMhVQoYirxr+Lt9+NwQKgIMXfFAa6X9HDaAI6406goAI5c8obzn4J3fZfPPDLY+AADA4F36ZO/7//u/A2DdKwLgmLMTw+m160ZeWh5VRYCh69z/73fAr5MFOFFKfY0ABE6yZ77//0Rp+lQVAgAABm68MyWFSnZ5bzwKhUol4mLntQCl5OZCvXY1Ip6PiD+US8+1lyc7ayZP7DMAAAAAAAAAAAAAAAAAAAAAAAAAAF1pmkS6n2v7lgIAAADHQEThr8lvus/yv1R+dXz39YGx5D+dVwKPRcT7P3n3h3dmWq3lyXb+P7fyWz/K8l8fxRUMAAAAYLfNfvpmPx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABunhxt3Zhxt30/9u3J0dZty/fzUiJrbid6ZuSTHOduZnoxQR5/+VRHHHeklEnBlA/PV7EfGJvPhJu1pbIfPinzv8+DGRbYW8+BcGEB9Os/vt48+1vP2vEK905vn7XzHiseWD6n38i63j35ke+//FPmO89OCX1Z7x70W8VMw//mzGT/bET7J5oa/43/7W2lqvsvSnEZciP/7OaNXW4u1qc3XtysLizHxtvrY0NTX55vRb029MX63eXKjXsn9zY3zvU796tF/7z/eIP9Gz/d06vdpX6yP+/+DOxos9/l6141/+XE783/4s+8Te+IXsuz6fpdvllzbT6930Ti//4vcv79f+ue32l/r7/bsxL+/f7O0fcBA7CgAwMM3VtVsz9Xpt+TgkSgdZq91Lzyt6MdsCz16xsaOyfSSeMvHBnpzzz7BfpGma9vgfdT8i+vmeJPqJVcoqeajbZzTHIwAA4PBsn/SPuiYAAAAAAAAAAAAAAAAAAABweg3wmWFjuY/Zy3mywPpWKvFkYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgyPgoAAD//3zh2Fo=")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)

101.326779ms ago: executing program 2 (id=197):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000, 0x0, 0x200000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x5, 0x0, 0x0, 0x1, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000}, {0x1000000}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x1, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x6, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80, 0x0, 0xffffffff}, {0x80, 0x0, 0x0, 0x0, 0x400}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x2}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {0x7}, {0x3, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {0xffffffff}, {}, {0x4}, {}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0xfff}, {}, {0x0, 0xfffffffd}, {0x6, 0x2}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9d, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x2, 0x8000}, {0x6, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x2d}, {0x0, 0x0, 0x8000}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {0x0, 0x1}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x5}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

100.679788ms ago: executing program 0 (id=198):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000a40), r0)
unshare(0x22020600)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7e9, &(0x7f00000017c0)="$eJzs3c1rHG8dAPDvbF42SauJIGh7CggaKN2YGlsFDxEPIlgo6Nk2bLahZpMt2U1pQqDpQfAiqHgQ9NKzL/UgePXlqv+EeJAW0TRYT7oys7t53d0kbXa3/fXzgck8M/PMPPPN88yzz+4MuwF8sKbTP7mIKxHxwyRisrk+iYiRLDUcsdDI93p3u5hOSdTr3/pnkuX57aWDYyXN+aXmwqcj4o/fi7iWO17qeHNeLq03U7O11Yez1c2t6w9WF5dLy6W1m3Pz8zduffHWzZN7val//2Xr8ssfff1zv14Yjk89/8GfkliIy81te7vbxbc8/AnTMd38n4yk/8IjvnbRhQ1YMugT4I2kl+ZQ4yqPKzEZQ1mqg7e9AAGAd8KTiKgDAB+Y5LTX/yFDBAD4aGl9DrC3u11sTYP9RKK//vHViBhrxN+6v9nYMty8ZzeW3Qed2EuO3BlJImLqAsqfjoif/+47v0yn6NF9SIB2dp425nu7+WP9f5L2f6OnHyHfccvnu+1Wb+w3fWy1/g/65/fp+OdLJ8d/V/cf6BnL/h4b/4zl21y7b+L06z/3osOuZ+ibTpeO/75y6Nm2g/Hf/kNrU0PNpY9lY76R5P6Dcint2z4eETMxkk+X57Ks7Z+Cmnn131edyj88/vvXj7/7i7T8dH6QI/diOB/1xnN5/8vG60uLtcWLiD2L/2nE1eF28Sf749/kSP0v7Ed6p+NRj1bNN778/Z91ypnGn8bbmk7G31v1ZxGfbVv/B3WZdH0+cTZrDrOtRtHGb/7204lO5R/Ufz6bp+W33gv0Q1r/E93jn0pT1c2tlcVyubRePX8Zf342+YdO2w63//bxZ+3/iLT9jybfztKtlvZ4sVZbn4sYTb55cv2Ng31by638afwzn2l//bdv/42+IH1PeG9/qbvhl6O/ah6qbfyZnU7x91Ya/9K56r9Lot7c59im569XhjqVf7b6n89SM801Z+n/TjnTt2jNAAAAAAAAAAAAAAAAAAAAAAAAAHB+uYi4HEmusJ/O5QqFxm94fzImcuVKtXbtfmVjbSmy38qeipFc66suJw99H+pc8/vwW8s3ji1/ISI+ERE/yY9ny4Vipbw06OABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOnS0d//f5LOCoXGtr/nB312AEDPjA36BACAvvP6DwAfnvO9/o/37DwAgP459/v/etKbEwEA+ubMr//3enseAED/uP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAj925fTud6v/Z3S6my0uPNjdWKo+uL5WqK4XVjWKhWFl/WFiuVJbLpUKxstrxQDuNWblSeTgfaxuPZ2ulam22url1d7WysVa7+2B1cbl0tzTSt8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oyqm1sri+VyaV2iS2K8NN45TxIRAz/D0xJpXV/kAYff0ZB3/jqSteuumWPqvWn8o13yJBdZ1vjxNYd7ifFBdE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA74X/BwAA///YTBJy")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @auto="4cf2a36adc4bc2ebb4b811ea6fc55952"}})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r2, 0xc0185879, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80800)
vmsplice(r5, &(0x7f0000000040)=[{&(0x7f0000000000)="e3", 0x1}], 0x1, 0x1)
fcntl$setpipe(r4, 0x407, 0x176)
vmsplice(r5, &(0x7f0000000480)=[{&(0x7f00000000c0)='{', 0x1}], 0x1, 0xd)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b0000008000000001000000ffff000001"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0xca, r8}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000005c0)={r8, &(0x7f0000000080), &(0x7f0000000140)=""/241}, 0x20)

100.337868ms ago: executing program 2 (id=199):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r2, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10)

53.503019ms ago: executing program 2 (id=200):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x800000000006}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000080)="240000001a007f0214f9f407000904080a000000000000050002000008000f40fe00000e", 0x24)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x2, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=201):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x8}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0x3, 0xfffffffc, 0x8}}]}, {0x4}, {0x1, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.10.15' (ED25519) to the list of known hosts.
[   22.191564][   T30] audit: type=1400 audit(1762701494.734:64): avc:  denied  { mounton } for  pid=273 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   22.192674][  T273] cgroup: Unknown subsys name 'net'
[   22.214186][   T30] audit: type=1400 audit(1762701494.734:65): avc:  denied  { mount } for  pid=273 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   22.241455][   T30] audit: type=1400 audit(1762701494.764:66): avc:  denied  { unmount } for  pid=273 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   22.241597][  T273] cgroup: Unknown subsys name 'devices'
[   22.440526][  T273] cgroup: Unknown subsys name 'hugetlb'
[   22.446112][  T273] cgroup: Unknown subsys name 'rlimit'
[   22.672079][   T30] audit: type=1400 audit(1762701495.214:67): avc:  denied  { setattr } for  pid=273 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   22.695241][   T30] audit: type=1400 audit(1762701495.214:68): avc:  denied  { mounton } for  pid=273 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   22.720069][   T30] audit: type=1400 audit(1762701495.214:69): avc:  denied  { mount } for  pid=273 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   22.724059][  T275] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   22.751920][   T30] audit: type=1400 audit(1762701495.304:70): avc:  denied  { relabelto } for  pid=275 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.777299][   T30] audit: type=1400 audit(1762701495.304:71): avc:  denied  { write } for  pid=275 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.793516][  T273] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   22.803199][   T30] audit: type=1400 audit(1762701495.344:72): avc:  denied  { read } for  pid=273 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.837047][   T30] audit: type=1400 audit(1762701495.344:73): avc:  denied  { open } for  pid=273 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   25.251539][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.258587][  T281] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.266057][  T281] device bridge_slave_0 entered promiscuous mode
[   25.274150][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.281230][  T281] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.288449][  T281] device bridge_slave_1 entered promiscuous mode
[   25.364145][  T286] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.371247][  T286] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.378460][  T286] device bridge_slave_0 entered promiscuous mode
[   25.391335][  T286] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.398355][  T286] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.405723][  T286] device bridge_slave_1 entered promiscuous mode
[   25.433736][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.440866][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.448080][  T284] device bridge_slave_0 entered promiscuous mode
[   25.456256][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.463306][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.470759][  T284] device bridge_slave_1 entered promiscuous mode
[   25.497207][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.504258][  T282] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.511585][  T282] device bridge_slave_0 entered promiscuous mode
[   25.519980][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.527001][  T282] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.534352][  T282] device bridge_slave_1 entered promiscuous mode
[   25.581946][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.588995][  T283] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.596216][  T283] device bridge_slave_0 entered promiscuous mode
[   25.615987][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.623065][  T283] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.630417][  T283] device bridge_slave_1 entered promiscuous mode
[   25.657888][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.664934][  T281] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.672228][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.679256][  T281] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.769729][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.776766][  T282] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.784019][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.791040][  T282] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.802301][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.809339][  T284] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.816563][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.823589][  T284] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.843385][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.850630][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.858146][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.865472][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.872778][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.880042][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.888187][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   25.895601][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   25.919512][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   25.927581][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.934633][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.942248][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   25.950497][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.957513][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.982092][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.989953][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   26.013721][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   26.021434][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   26.029319][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   26.036644][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   26.044903][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.051925][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.059317][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   26.067748][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.074777][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.082207][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   26.090365][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.097367][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.104705][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   26.112849][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.119864][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.128648][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   26.136395][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   26.144563][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.151589][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.175682][  T281] device veth0_vlan entered promiscuous mode
[   26.182375][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   26.190837][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   26.198688][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   26.206401][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   26.214368][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   26.222718][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   26.230628][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   26.238488][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   26.246712][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.253730][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.261095][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   26.269237][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.276239][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.283583][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   26.291442][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   26.299471][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   26.319287][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   26.327362][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   26.335693][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   26.343958][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   26.352080][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   26.360394][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   26.376839][  T281] device veth1_macvtap entered promiscuous mode
[   26.386289][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   26.394607][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   26.402846][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.409872][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.417333][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   26.426408][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   26.434343][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   26.442284][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   26.450193][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   26.458198][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   26.466305][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   26.479740][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   26.488028][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   26.498009][  T282] device veth0_vlan entered promiscuous mode
[   26.507135][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   26.515301][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   26.525500][  T286] device veth0_vlan entered promiscuous mode
[   26.534692][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   26.542211][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   26.549742][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   26.557499][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   26.565587][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   26.573964][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   26.582316][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   26.590586][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   26.598849][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   26.607067][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   26.616090][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   26.623564][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   26.638638][  T283] device veth0_vlan entered promiscuous mode
[   26.647046][  T284] device veth0_vlan entered promiscuous mode
[   26.653347][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   26.661730][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   26.670117][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   26.677871][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   26.686020][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   26.693900][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   26.702062][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   26.709542][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   26.716846][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   26.724280][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   26.739906][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   26.748307][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   26.759409][  T281] request_module fs-gadgetfs succeeded, but still no fs?
[   26.770082][  T286] device veth1_macvtap entered promiscuous mode
[   26.780923][  T282] device veth1_macvtap entered promiscuous mode
[   26.787499][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   26.795476][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   26.802732][  T333] loop4: detected capacity change from 0 to 128
[   26.809602][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   26.809832][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   26.826252][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   26.834577][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   26.843697][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   26.851965][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   26.856565][  T333] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   26.870729][  T333] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   26.877177][  T284] device veth1_macvtap entered promiscuous mode
[   26.894463][  T283] device veth1_macvtap entered promiscuous mode
[   26.904730][  T333] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)"
[   26.916345][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   26.924095][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   26.932935][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   26.941218][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   26.948940][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   26.957090][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   26.965409][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   26.973597][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   26.981866][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   26.995472][  T342] loop4: detected capacity change from 0 to 256
[   27.002231][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   27.010871][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   27.019288][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   27.027841][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   27.036843][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   27.060587][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   27.069901][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   27.125879][  T349] loop3: detected capacity change from 0 to 2048
[   27.141631][  T354] loop2: detected capacity change from 0 to 1024
[   27.151978][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   27.168719][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   27.200374][   T30] kauditd_printk_skb: 37 callbacks suppressed
[   27.200386][   T30] audit: type=1400 audit(1762701499.744:111): avc:  denied  { prog_load } for  pid=357 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   27.242275][  T354] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[   27.254303][  T349] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   27.278884][  T354] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[   27.289334][   T30] audit: type=1400 audit(1762701499.764:112): avc:  denied  { bpf } for  pid=357 comm="syz.1.2" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   27.319203][  T345] loop4: detected capacity change from 0 to 40427
[   27.326086][   T30] audit: type=1400 audit(1762701499.764:113): avc:  denied  { perfmon } for  pid=357 comm="syz.1.2" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   27.348635][  T354] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,block_validity,nogrpid,acl,data=ordered,mblk_io_submit,discard,noquota,errors=remount-ro,bsddf,auto_da_alloc,. Quota mode: writeback.
[   27.369348][   T30] audit: type=1400 audit(1762701499.864:114): avc:  denied  { map_create } for  pid=348 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   27.388588][  T363] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[   27.389759][  T345] F2FS-fs (loop4): invalid crc value
[   27.408196][   T30] audit: type=1400 audit(1762701499.864:115): avc:  denied  { map_read map_write } for  pid=348 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   27.440827][  T345] F2FS-fs (loop4): Found nat_bits in checkpoint
[   27.509850][   T30] audit: type=1400 audit(1762701499.934:116): avc:  denied  { setattr } for  pid=348 comm="syz.3.4" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   27.564265][  T345] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   27.569002][   T30] audit: type=1400 audit(1762701500.074:117): avc:  denied  { read } for  pid=347 comm="syz.2.3" path="/0/file0/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   27.655892][   T30] audit: type=1400 audit(1762701500.194:118): avc:  denied  { append } for  pid=344 comm="syz.4.7" path="/2/file1/memory.events" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   27.709902][  T281] attempt to access beyond end of device
[   27.709902][  T281] loop4: rw=2049, want=45104, limit=40427
[   27.721164][   T30] audit: type=1400 audit(1762701500.224:119): avc:  denied  { map } for  pid=344 comm="syz.4.7" path="/2/file1/memory.events" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   27.746644][  T371] loop3: detected capacity change from 0 to 256
[   27.768887][   T30] audit: type=1400 audit(1762701500.224:120): avc:  denied  { prog_run } for  pid=357 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   27.787700][  T356] loop0: detected capacity change from 0 to 40427
[   27.802209][  T373] loop1: detected capacity change from 0 to 512
[   27.830606][  T371] =======================================================
[   27.830606][  T371] WARNING: The mand mount option has been deprecated and
[   27.830606][  T371]          and is ignored by this kernel. Remove the mand
[   27.830606][  T371]          option from the mount to silence this warning.
[   27.830606][  T371] =======================================================
[   27.867812][  T356] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[   27.867993][  T373] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[   27.878766][  T356] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   27.909211][  T356] F2FS-fs (loop0): fault_injection options not supported
[   27.916644][  T356] F2FS-fs (loop0): fault_type options not supported
[   27.923668][  T373] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2229: inode #15: comm syz.1.12: corrupted in-inode xattr
[   27.928761][  T371] FAT-fs (loop3): Directory bread(block 64) failed
[   27.942621][  T373] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.12: couldn't read orphan inode 15 (err -117)
[   27.954845][  T356] F2FS-fs (loop0): invalid crc value
[   27.966369][  T371] FAT-fs (loop3): Directory bread(block 65) failed
[   27.973771][  T373] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000000000008,noblock_validity,noload,delalloc,max_batch_time=0x0000000000000001,discard,inode_readahead_blks=0x0000000008000000,nomblk_io_submit,init_itable=0x0000000000000fff,,errors=continue. Quota mode: none.
[   27.988995][  T369] loop2: detected capacity change from 0 to 40427
[   28.003548][  T371] FAT-fs (loop3): Directory bread(block 66) failed
[   28.017113][  T356] F2FS-fs (loop0): Found nat_bits in checkpoint
[   28.028851][  T371] FAT-fs (loop3): Directory bread(block 67) failed
[   28.035434][  T371] FAT-fs (loop3): Directory bread(block 68) failed
[   28.042661][  T371] FAT-fs (loop3): Directory bread(block 69) failed
[   28.050734][  T369] F2FS-fs (loop2): invalid crc value
[   28.051322][  T371] FAT-fs (loop3): Directory bread(block 70) failed
[   28.062857][  T371] FAT-fs (loop3): Directory bread(block 71) failed
[   28.069440][  T371] FAT-fs (loop3): Directory bread(block 72) failed
[   28.075997][  T371] FAT-fs (loop3): Directory bread(block 73) failed
[   28.101484][  T369] F2FS-fs (loop2): Found nat_bits in checkpoint
[   28.136341][  T356] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   28.161082][  T383] loop1: detected capacity change from 0 to 512
[   28.168020][  T356] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   28.178701][  T369] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[   28.202084][  T369] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   28.212707][  T283] attempt to access beyond end of device
[   28.212707][  T283] loop0: rw=2049, want=45104, limit=40427
[   28.212841][  T383] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   28.292634][  T383] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.13: couldn't read orphan inode 26 (err -116)
[   28.304518][  T383] EXT4-fs (loop1): Remounting filesystem read-only
[   28.311212][  T383] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: writeback.
[   28.322480][  T383] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   28.346173][  T388] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=388 comm=syz.3.14
[   28.384589][  T284] attempt to access beyond end of device
[   28.384589][  T284] loop2: rw=2049, want=45104, limit=40427
[   28.440580][  T397] loop1: detected capacity change from 0 to 1024
[   28.454330][  T399] ip6t_rpfilter: unknown options
[   28.502353][  T403] loop0: detected capacity change from 0 to 1024
[   28.543035][  T403] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   28.560113][  T397] EXT4-fs error (device loop1): ext4_acquire_dquot:6200: comm syz.1.19: Failed to acquire dquot type 0
[   28.579223][  T385] loop4: detected capacity change from 0 to 40427
[   28.588496][  T397] EXT4-fs error (device loop1): mb_free_blocks:1860: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   28.603939][  T397] EXT4-fs error (device loop1): ext4_do_update_inode:5241: inode #13: comm syz.1.19: corrupted inode contents
[   28.616998][  T397] EXT4-fs error (device loop1): ext4_dirty_inode:6077: inode #13: comm syz.1.19: mark_inode_dirty error
[   28.621682][  T403] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,resgid=0x0000000000000000,mblk_io_submit,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,jqfmt=vfsv0,. Quota mode: none.
[   28.628335][  T397] EXT4-fs error (device loop1): ext4_do_update_inode:5241: inode #13: comm syz.1.19: corrupted inode contents
[   28.657690][  T403] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2756: inode #15: comm syz.0.21: corrupted in-inode xattr
[   28.676783][  T385] F2FS-fs (loop4): fault_injection options not supported
[   28.676794][  T403] EXT4-fs (loop0): Remounting filesystem read-only
[   28.676807][  T403] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   28.693721][  T397] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #13: comm syz.1.19: mark_inode_dirty error
[   28.704312][  T385] F2FS-fs (loop4): fault_type options not supported
[   28.722205][  T385] F2FS-fs (loop4): invalid crc value
[   28.723946][  T397] EXT4-fs error (device loop1): ext4_do_update_inode:5241: inode #13: comm syz.1.19: corrupted inode contents
[   28.739987][  T397] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem
[   28.741368][  T385] F2FS-fs (loop4): Found nat_bits in checkpoint
[   28.748954][  T397] EXT4-fs error (device loop1): ext4_do_update_inode:5241: inode #13: comm syz.1.19: corrupted inode contents
[   28.767178][  T397] EXT4-fs error (device loop1): ext4_truncate:4310: inode #13: comm syz.1.19: mark_inode_dirty error
[   28.779702][  T397] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem
[   28.782548][  T385] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   28.789401][  T397] EXT4-fs (loop1): 1 truncate cleaned up
[   28.805031][  T397] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   28.835831][  T416] loop0: detected capacity change from 0 to 512
[   28.836398][  T385] F2FS-fs (loop4): Unexpected flush for atomic writes: ino=10, npages=1
[   28.850840][  T397] EXT4-fs error (device loop1): ext4_acquire_dquot:6200: comm syz.1.19: Failed to acquire dquot type 0
[   28.858708][  T385] attempt to access beyond end of device
[   28.858708][  T385] loop4: rw=2049, want=45104, limit=40427
[   28.883304][  T281] attempt to access beyond end of device
[   28.883304][  T281] loop4: rw=2049, want=45112, limit=40427
[   28.883456][  T416] EXT4-fs (loop0): Ignoring removed orlov option
[   28.906425][  T416] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   28.915979][  T416] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2229: inode #15: comm syz.0.23: corrupted in-inode xattr
[   28.927962][  T416] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.23: couldn't read orphan inode 15 (err -117)
[   28.949318][  T416] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,user_xattr,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,nodiscard,,errors=continue. Quota mode: none.
[   29.038707][  T423] usb usb7: usbfs: process 423 (syz.4.24) did not claim interface 0 before use
[   29.057187][  T425] loop0: detected capacity change from 0 to 256
[   29.084285][  T429] loop4: detected capacity change from 0 to 1024
[   29.117577][  T429] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   29.139129][  T438] process 'syz.0.32' launched '/dev/fd/3' with NULL argv: empty string added
[   29.172432][  T429] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   29.189397][  T429] JBD2: no valid journal superblock found
[   29.189407][  T429] EXT4-fs (loop4): error loading journal
[   29.295788][  T456] syz.1.42[456] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   29.295856][  T456] syz.1.42[456] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   29.546821][  T494] loop1: detected capacity change from 0 to 2048
[   29.632671][  T494] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   29.687336][  T494] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[   29.834040][  T522] tipc: Started in network mode
[   29.872967][  T522] tipc: Node identity ae3a6e5771be, cluster identity 4711
[   29.894919][  T522] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   29.940169][  T516] tipc: Resetting bearer <eth:syzkaller0>
[   29.970102][  T516] tipc: Disabling bearer <eth:syzkaller0>
[   30.002483][  T535] loop1: detected capacity change from 0 to 1024
[   30.068316][  T535] EXT4-fs (loop1): Ignoring removed orlov option
[   30.107541][  T539] netlink: 4 bytes leftover after parsing attributes in process `syz.0.80'.
[   30.122074][  T535] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[   30.152931][  T539] netlink: 4 bytes leftover after parsing attributes in process `syz.0.80'.
[   30.516410][  T559] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   30.596427][  T566] loop3: detected capacity change from 0 to 512
[   30.682104][  T568] loop4: detected capacity change from 0 to 512
[   30.699881][  T566] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   30.718863][  T566] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   30.740233][  T568] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   30.792944][  T568] EXT4-fs (loop4): 1 truncate cleaned up
[   30.796032][  T566] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.87: Invalid block bitmap block 0 in block_group 0
[   30.813203][  T568] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000007,journal_dev=0x0000000000000001,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nouid32,. Quota mode: none.
[   30.884584][  T575] loop2: detected capacity change from 0 to 128
[   30.909930][  T566] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6178: Corrupt filesystem
[   30.919573][  T566] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.87: attempt to clear invalid blocks 983261 len 1
[   30.935012][  T566] EXT4-fs error (device loop3): __ext4_get_inode_loc:4358: comm syz.3.87: Invalid inode table block 0 in block_group 0
[   30.948281][  T566] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5873: Corrupt filesystem
[   30.957978][  T566] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[   30.966916][  T566] EXT4-fs error (device loop3): __ext4_get_inode_loc:4358: comm syz.3.87: Invalid inode table block 0 in block_group 0
[   30.981212][  T566] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5873: Corrupt filesystem
[   30.991030][  T566] EXT4-fs error (device loop3): ext4_truncate:4310: inode #11: comm syz.3.87: mark_inode_dirty error
[   31.012410][   T45] attempt to access beyond end of device
[   31.012410][   T45] loop2: rw=1, want=1041, limit=128
[   31.031661][  T566] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[   31.040738][  T566] EXT4-fs error (device loop3): __ext4_get_inode_loc:4358: comm syz.3.87: Invalid inode table block 0 in block_group 0
[   31.053538][  T566] EXT4-fs (loop3): 1 truncate cleaned up
[   31.059844][  T566] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,resuid=0x0000000000000000,journal_dev=0x0000000000000002,noblock_validity,,errors=continue. Quota mode: none.
[   31.090103][  T580] bridge: RTM_NEWNEIGH with invalid ether address
[   31.112271][  T582] loop0: detected capacity change from 0 to 1024
[   31.116425][  T586] tipc: Started in network mode
[   31.138360][  T586] tipc: Node identity 92eb5cd9c8a, cluster identity 4711
[   31.157051][  T586] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   31.166944][  T586] device syzkaller0 entered promiscuous mode
[   31.188587][  T586] tipc: Resetting bearer <eth:syzkaller0>
[   31.196112][  T582] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,jqfmt=vfsv1,nouid32,grpquota,,errors=continue. Quota mode: writeback.
[   31.219606][  T585] tipc: Resetting bearer <eth:syzkaller0>
[   31.232021][  T585] tipc: Disabling bearer <eth:syzkaller0>
[   31.404974][  T636] syz.1.122[636] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   31.405037][  T636] syz.1.122[636] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   31.405040][  T633] loop0: detected capacity change from 0 to 1024
[   31.440102][  T633] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   31.461180][  T633] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   31.478810][  T633] JBD2: no valid journal superblock found
[   31.497750][  T633] EXT4-fs (loop0): error loading journal
[   31.528328][  T648] loop1: detected capacity change from 0 to 2048
[   31.545569][  T656] capability: warning: `syz.2.132' uses deprecated v2 capabilities in a way that may be insecure
[   31.564050][  T334]  loop1: p2 p3 p7
[   31.578132][  T648]  loop1: p2 p3 p7
[   31.600610][  T664] loop2: detected capacity change from 0 to 128
[   31.628090][  T648] syz.1.127 (648) used greatest stack depth: 21728 bytes left
[   31.635566][  T670] loop3: detected capacity change from 0 to 1024
[   31.655491][  T674] hub 2-0:1.0: USB hub found
[   31.660443][  T674] hub 2-0:1.0: 1 port detected
[   31.670567][  T678] device veth0 entered promiscuous mode
[   31.676722][  T678] netlink: 4 bytes leftover after parsing attributes in process `syz.0.143'.
[   31.689121][  T670] EXT4-fs (loop3): Ignoring removed orlov option
[   31.709379][  T664] attempt to access beyond end of device
[   31.709379][  T664] loop2: rw=2049, want=1041, limit=128
[   31.722814][  T389] udevd[389]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   31.737383][  T351] udevd[351]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[   31.749055][  T334] udevd[334]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   31.767031][  T670] EXT4-fs (loop3): mounted filesystem without journal. Opts: block_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000008,orlov,nogrpid,noauto_da_alloc,data_err=ignore,,errors=continue. Quota mode: none.
[   31.832857][  T688] udevd[688]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   31.838121][  T351] udevd[351]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[   31.862344][  T687] udevd[687]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   31.928990][  T695] hub 5-0:1.0: USB hub found
[   31.934002][  T695] hub 5-0:1.0: 1 port detected
[   32.142100][  T688] udevd[688]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   32.152947][  T334] udevd[334]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[   32.164660][  T686] udevd[686]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   32.245681][  T719] loop9: detected capacity change from 0 to 7
[   32.260112][   T30] kauditd_printk_skb: 330 callbacks suppressed
[   32.260125][   T30] audit: type=1400 audit(32.244:447): avc:  denied  { read write } for  pid=721 comm="syz.2.158" name="usbmon7" dev="devtmpfs" ino=176 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   32.305382][   T30] audit: type=1400 audit(32.274:448): avc:  denied  { open } for  pid=721 comm="syz.2.158" path="/dev/usbmon7" dev="devtmpfs" ino=176 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   32.339573][   T30] audit: type=1400 audit(32.274:449): avc:  denied  { read } for  pid=705 comm="syz.4.152" name="event2" dev="devtmpfs" ino=270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   32.407545][   T30] audit: type=1400 audit(32.274:450): avc:  denied  { open } for  pid=705 comm="syz.4.152" path="/dev/input/event2" dev="devtmpfs" ino=270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   32.466334][   T30] audit: type=1400 audit(32.274:451): avc:  denied  { ioctl } for  pid=705 comm="syz.4.152" path="/dev/input/event2" dev="devtmpfs" ino=270 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   32.539051][   T30] audit: type=1400 audit(32.274:452): avc:  denied  { ioctl } for  pid=721 comm="syz.2.158" path="/dev/usbmon7" dev="devtmpfs" ino=176 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   32.569417][  T751] loop3: detected capacity change from 0 to 128
[   32.614654][   T30] audit: type=1400 audit(32.344:453): avc:  denied  { write } for  pid=727 comm="syz.3.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   32.635181][   T30] audit: type=1326 audit(32.424:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=740 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e50e836c9 code=0x7ffc0000
[   32.657938][  T751] FAT-fs (loop3): Directory bread(block 162) failed
[   32.669474][  T751] FAT-fs (loop3): Directory bread(block 163) failed
[   32.676717][  T751] FAT-fs (loop3): Directory bread(block 164) failed
[   32.683934][  T751] FAT-fs (loop3): Directory bread(block 165) failed
[   32.700150][  T751] FAT-fs (loop3): Directory bread(block 166) failed
[   32.706815][   T30] audit: type=1326 audit(32.424:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=740 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e50e836c9 code=0x7ffc0000
[   32.743091][  T751] FAT-fs (loop3): Directory bread(block 167) failed
[   32.760294][  T751] FAT-fs (loop3): Directory bread(block 168) failed
[   32.767072][  T751] FAT-fs (loop3): Directory bread(block 169) failed
[   32.786878][   T30] audit: type=1326 audit(32.424:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=740 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e50e836c9 code=0x7ffc0000
[   32.811186][  T751] FAT-fs (loop3): Directory bread(block 162) failed
[   32.817822][  T751] FAT-fs (loop3): Directory bread(block 163) failed
[   32.845087][  T751] attempt to access beyond end of device
[   32.845087][  T751] loop3: rw=3, want=232, limit=128
[   32.855639][  T774] loop0: detected capacity change from 0 to 128
[   32.864460][  T751] attempt to access beyond end of device
[   32.864460][  T751] loop3: rw=2051, want=234, limit=128
[   32.899818][  T774] FAT-fs (loop0): error, corrupted directory (invalid entries)
[   32.908816][  T774] FAT-fs (loop0): Filesystem has been set read-only
[   32.909219][  T766] loop1: detected capacity change from 0 to 8192
[   32.959150][  T779] loop2: detected capacity change from 0 to 512
[   32.969785][  T781] mmap: syz.3.186 (781) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[   32.981709][  T766]  loop1: p1 p2 < > p3 p4 < p5 >
[   32.986647][  T766] loop1: partition table partially beyond EOD, truncated
[   33.005516][  T766] loop1: p1 size 100663296 extends beyond EOD, truncated
[   33.013103][  T766] loop1: p2 start 591104 is beyond EOD, truncated
[   33.021013][  T779] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[   33.028993][  T766] loop1: p3 start 33572980 is beyond EOD, truncated
[   33.054594][  T779] EXT4-fs error (device loop2): ext4_do_update_inode:5241: inode #18: comm syz.2.185: corrupted inode contents
[   33.061974][  T787] loop3: detected capacity change from 0 to 1024
[   33.072894][  T766] loop1: p5 size 100663296 extends beyond EOD, truncated
[   33.079661][  T779] EXT4-fs error (device loop2): ext4_dirty_inode:6077: inode #18: comm syz.2.185: mark_inode_dirty error
[   33.102761][  T787] EXT4-fs (loop3): Ignoring removed orlov option
[   33.154108][  T779] EXT4-fs error (device loop2): ext4_do_update_inode:5241: inode #18: comm syz.2.185: corrupted inode contents
[   33.199096][  T779] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2971: inode #18: comm syz.2.185: mark_inode_dirty error
[   33.220209][  T787] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,bsddf,grpquota,nobarrier,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback.
[   33.228874][  T779] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2974: inode #18: comm syz.2.185: mark inode dirty (error -117)
[   33.256682][  T779] EXT4-fs warning (device loop2): ext4_evict_inode:303: xattr delete (err -117)
[   33.261959][  T686] udevd[686]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[   33.314666][  T795] loop0: detected capacity change from 0 to 2048
[   33.380303][  T805] xt_hashlimit: max too large, truncated to 1048576
[   33.408868][  T810] loop3: detected capacity change from 0 to 512
[   33.446493][  T814] loop0: detected capacity change from 0 to 2048
[   33.459374][  T810] EXT4-fs (loop3): orphan cleanup on readonly fs
[   33.477650][  T810] EXT4-fs warning (device loop3): ext4_enable_quotas:6452: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   33.542427][  T814] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[   33.556528][  T810] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   33.571971][  T814] EXT4-fs (loop0): shut down requested (2)
[   33.578199][  T810] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #13: comm syz.3.196: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   33.631535][  T823] netlink: 24 bytes leftover after parsing attributes in process `syz.2.201'.
[   33.648859][  T810] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.196: couldn't read orphan inode 13 (err -117)
[   33.679213][  T823] netlink: 24 bytes leftover after parsing attributes in process `syz.2.201'.
[   33.691035][  T823] ==================================================================
[   33.699094][  T823] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x870/0x3240
[   33.707257][  T823] Read of size 8 at addr ffff88810dd7acc0 by task syz.2.201/823
[   33.714876][  T823] 
[   33.717207][  T823] CPU: 1 PID: 823 Comm: syz.2.201 Not tainted syzkaller #0
[   33.724407][  T823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   33.734465][  T823] Call Trace:
[   33.737745][  T823]  <TASK>
[   33.740672][  T823]  __dump_stack+0x21/0x30
[   33.745005][  T823]  dump_stack_lvl+0xee/0x150
[   33.749603][  T823]  ? show_regs_print_info+0x20/0x20
[   33.754806][  T823]  ? load_image+0x3a0/0x3a0
[   33.759314][  T823]  print_address_description+0x7f/0x2c0
[   33.764868][  T823]  ? tc_setup_flow_action+0x870/0x3240
[   33.770333][  T823]  kasan_report+0xf1/0x140
[   33.774756][  T823]  ? tc_setup_flow_action+0x870/0x3240
[   33.780218][  T823]  __asan_report_load8_noabort+0x14/0x20
[   33.785857][  T823]  tc_setup_flow_action+0x870/0x3240
[   33.791146][  T823]  mall_replace_hw_filter+0x293/0x820
[   33.796528][  T823]  ? pcpu_block_update_hint_alloc+0x8c1/0xc50
[   33.802604][  T823]  ? mall_set_parms+0x520/0x520
[   33.807461][  T823]  ? tcf_exts_destroy+0xb0/0xb0
[   33.812318][  T823]  ? mall_set_parms+0x1e8/0x520
[   33.817184][  T823]  mall_change+0x526/0x740
[   33.821612][  T823]  ? __kasan_check_write+0x14/0x20
[   33.826734][  T823]  ? mall_get+0xa0/0xa0
[   33.830896][  T823]  ? tcf_chain_tp_insert_unique+0xac1/0xc10
[   33.836790][  T823]  tc_new_tfilter+0x12a2/0x1870
[   33.841645][  T823]  ? tcf_gate_entry_destructor+0x20/0x20
[   33.847283][  T823]  ? security_capable+0x87/0xb0
[   33.852140][  T823]  ? ns_capable+0x8c/0xf0
[   33.856468][  T823]  ? netlink_net_capable+0x125/0x160
[   33.861755][  T823]  ? tcf_gate_entry_destructor+0x20/0x20
[   33.867385][  T823]  rtnetlink_rcv_msg+0x81b/0xb90
[   33.872328][  T823]  ? rtnetlink_bind+0x80/0x80
[   33.877010][  T823]  ? memcpy+0x56/0x70
[   33.880995][  T823]  ? avc_has_perm_noaudit+0x2f4/0x460
[   33.886371][  T823]  ? arch_stack_walk+0xee/0x140
[   33.891226][  T823]  ? avc_denied+0x1b0/0x1b0
[   33.895725][  T823]  ? stack_trace_save+0x98/0xe0
[   33.900589][  T823]  ? avc_has_perm+0x158/0x240
[   33.905265][  T823]  ? avc_has_perm_noaudit+0x460/0x460
[   33.910634][  T823]  ? x64_sys_call+0x4b/0x9a0
[   33.915225][  T823]  ? selinux_nlmsg_lookup+0x416/0x4c0
[   33.920597][  T823]  netlink_rcv_skb+0x1e0/0x430
[   33.925368][  T823]  ? rtnetlink_bind+0x80/0x80
[   33.930048][  T823]  ? netlink_ack+0xb60/0xb60
[   33.934637][  T823]  ? __netlink_lookup+0x387/0x3b0
[   33.939666][  T823]  rtnetlink_rcv+0x1c/0x20
[   33.944085][  T823]  netlink_unicast+0x876/0xa40
[   33.948850][  T823]  netlink_sendmsg+0x86a/0xb70
[   33.953616][  T823]  ? netlink_getsockopt+0x530/0x530
[   33.958814][  T823]  ? sock_alloc_file+0xba/0x260
[   33.963666][  T823]  ? security_socket_sendmsg+0x82/0xa0
[   33.969127][  T823]  ? netlink_getsockopt+0x530/0x530
[   33.974331][  T823]  ____sys_sendmsg+0x5a2/0x8c0
[   33.979109][  T823]  ? __sys_sendmsg_sock+0x40/0x40
[   33.984137][  T823]  ? import_iovec+0x7c/0xb0
[   33.988642][  T823]  ___sys_sendmsg+0x1f0/0x260
[   33.993322][  T823]  ? __sys_sendmsg+0x250/0x250
[   33.998101][  T823]  ? __fdget+0x1a1/0x230
[   34.002353][  T823]  __x64_sys_sendmsg+0x1e2/0x2a0
[   34.007292][  T823]  ? ___sys_sendmsg+0x260/0x260
[   34.012154][  T823]  ? __kasan_check_write+0x14/0x20
[   34.017273][  T823]  ? switch_fpu_return+0x15d/0x2c0
[   34.022386][  T823]  x64_sys_call+0x4b/0x9a0
[   34.026801][  T823]  do_syscall_64+0x4c/0xa0
[   34.031221][  T823]  ? clear_bhb_loop+0x50/0xa0
[   34.035895][  T823]  ? clear_bhb_loop+0x50/0xa0
[   34.040569][  T823]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   34.046464][  T823] RIP: 0033:0x7f1fecbaf6c9
[   34.050873][  T823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   34.070479][  T823] RSP: 002b:00007f1feb617038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   34.078889][  T823] RAX: ffffffffffffffda RBX: 00007f1fece05fa0 RCX: 00007f1fecbaf6c9
[   34.086861][  T823] RDX: 0000000020000000 RSI: 0000200000000580 RDI: 0000000000000004
[   34.094832][  T823] RBP: 00007f1fecc31f91 R08: 0000000000000000 R09: 0000000000000000
[   34.102806][  T823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   34.110769][  T823] R13: 00007f1fece06038 R14: 00007f1fece05fa0 R15: 00007ffc48a347f8
[   34.118739][  T823]  </TASK>
[   34.121752][  T823] 
[   34.124069][  T823] Allocated by task 823:
[   34.128297][  T823]  __kasan_kmalloc+0xda/0x110
[   34.132974][  T823]  __kmalloc+0x13d/0x2c0
[   34.137213][  T823]  tcf_idr_create+0x5f/0x790
[   34.141799][  T823]  tcf_idr_create_from_flags+0x61/0x70
[   34.147254][  T823]  tcf_gact_init+0x346/0x580
[   34.151839][  T823]  tcf_action_init_1+0x3f7/0x6a0
[   34.156760][  T823]  tcf_action_init+0x1e9/0x710
[   34.161504][  T823]  tcf_exts_validate+0x217/0x520
[   34.166421][  T823]  mall_set_parms+0x48/0x520
[   34.170996][  T823]  mall_change+0x45a/0x740
[   34.175393][  T823]  tc_new_tfilter+0x12a2/0x1870
[   34.180224][  T823]  rtnetlink_rcv_msg+0x81b/0xb90
[   34.185140][  T823]  netlink_rcv_skb+0x1e0/0x430
[   34.189881][  T823]  rtnetlink_rcv+0x1c/0x20
[   34.194279][  T823]  netlink_unicast+0x876/0xa40
[   34.199021][  T823]  netlink_sendmsg+0x86a/0xb70
[   34.203768][  T823]  ____sys_sendmsg+0x5a2/0x8c0
[   34.208512][  T823]  ___sys_sendmsg+0x1f0/0x260
[   34.213169][  T823]  __x64_sys_sendmsg+0x1e2/0x2a0
[   34.218089][  T823]  x64_sys_call+0x4b/0x9a0
[   34.222485][  T823]  do_syscall_64+0x4c/0xa0
[   34.226885][  T823]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   34.232759][  T823] 
[   34.235062][  T823] The buggy address belongs to the object at ffff88810dd7ac00
[   34.235062][  T823]  which belongs to the cache kmalloc-192 of size 192
[   34.249094][  T823] The buggy address is located 0 bytes to the right of
[   34.249094][  T823]  192-byte region [ffff88810dd7ac00, ffff88810dd7acc0)
[   34.262692][  T823] The buggy address belongs to the page:
[   34.268300][  T823] page:ffffea0004375e80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10dd7a
[   34.278517][  T823] flags: 0x4000000000000200(slab|zone=1)
[   34.284151][  T823] raw: 4000000000000200 ffffea00043f7ec0 0000000300000003 ffff888100042c00
[   34.292715][  T823] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   34.301268][  T823] page dumped because: kasan: bad access detected
[   34.307657][  T823] page_owner tracks the page as allocated
[   34.313343][  T823] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 102, ts 3963761784, free_ts 3963744924
[   34.329118][  T823]  post_alloc_hook+0x192/0x1b0
[   34.333863][  T823]  prep_new_page+0x1c/0x110
[   34.338345][  T823]  get_page_from_freelist+0x2cc5/0x2d50
[   34.343868][  T823]  __alloc_pages+0x18f/0x440
[   34.348437][  T823]  new_slab+0xa1/0x4d0
[   34.352487][  T823]  ___slab_alloc+0x381/0x810
[   34.357057][  T823]  __slab_alloc+0x49/0x90
[   34.361366][  T823]  kmem_cache_alloc_trace+0x146/0x270
[   34.366717][  T823]  kernfs_fop_open+0x343/0xb30
[   34.371466][  T823]  do_dentry_open+0x834/0x1010
[   34.376212][  T823]  vfs_open+0x73/0x80
[   34.380175][  T823]  path_openat+0x2646/0x2f10
[   34.384745][  T823]  do_filp_open+0x1b3/0x3e0
[   34.389228][  T823]  do_sys_openat2+0x14c/0x7b0
[   34.393888][  T823]  __x64_sys_openat+0x136/0x160
[   34.398719][  T823]  x64_sys_call+0x219/0x9a0
[   34.403205][  T823] page last free stack trace:
[   34.407849][  T823]  free_unref_page_prepare+0x542/0x550
[   34.413288][  T823]  free_unref_page+0xa2/0x550
[   34.417948][  T823]  __free_pages+0x6c/0x100
[   34.422341][  T823]  free_pages+0x82/0x90
[   34.426474][  T823]  selinux_genfs_get_sid+0x20b/0x250
[   34.431738][  T823]  inode_doinit_with_dentry+0x86e/0xd70
[   34.437265][  T823]  selinux_d_instantiate+0x27/0x40
[   34.442354][  T823]  security_d_instantiate+0x9e/0xf0
[   34.447533][  T823]  d_splice_alias+0x6d/0x390
[   34.452101][  T823]  kernfs_iop_lookup+0x2c2/0x310
[   34.457019][  T823]  path_openat+0xfcf/0x2f10
[   34.461500][  T823]  do_filp_open+0x1b3/0x3e0
[   34.465982][  T823]  do_sys_openat2+0x14c/0x7b0
[   34.470639][  T823]  __x64_sys_openat+0x136/0x160
[   34.475469][  T823]  x64_sys_call+0x219/0x9a0
[   34.479949][  T823]  do_syscall_64+0x4c/0xa0
[   34.484347][  T823] 
[   34.486649][  T823] Memory state around the buggy address:
[   34.492254][  T823]  ffff88810dd7ab80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   34.500291][  T823]  ffff88810dd7ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.508333][  T823] >ffff88810dd7ac80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   34.516364][  T823]                                            ^
[   34.522492][  T823]  ffff88810dd7ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.530528][  T823]  ffff88810dd7ad80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   34.538574][  T823] ==================================================================
[   34.546616][  T823] Disabling lock debugging due to kernel taint
[   34.553317][  T810] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000400000,noblock_validity,min_batch_time=0x000000000000082f,grpquota,dioread_lock,journal_dev=0x0000000000000001,barrier,user_xattr,,errors=continue. Quota mode: writeback.