last executing test programs:

6.094084779s ago: executing program 3 (id=4172):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000017c0)=@newtaction={0x850, 0x30, 0xfbed, 0x70bd29, 0x0, {}, [{0x83c, 0x1, [@m_police={0x838, 0x1, 0x0, 0x0, {{0xb}, {0x80c, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, 0x0, 0x4, 0x5, 0x2, 0x4000, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x5f41fde7, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7ff, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa8, 0x28, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0xf, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1000000, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb7fe6bd0, 0x6, 0x1ffffffe, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaa84911, 0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x0, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0xfff, 0x1, 0x0, 0x0, 0x0, 0x2]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x800, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x3a4f, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x894e, 0x0, 0x2, 0x0, 0x0, 0x0, 0x17a00, 0x0, 0x5, 0x0, 0xfffffffd, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x9, 0x0, 0x0, 0x40000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9, 0x0, 0x800, 0x0, 0x8, 0x0, 0x0, 0x0, 0x400400, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffffffff, 0x10, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffbffff, 0x0, 0x0, 0xcd9, 0x0, 0x0, 0x7, 0x5, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x5, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0xfffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x319e, 0x8, 0x6, 0x0, 0x0, 0x0, 0x7, 0x2, 0x0, 0x2, 0x0, 0xfffffffc, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x800, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x850}}, 0x0)

5.714043156s ago: executing program 3 (id=4175):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setregset(0x4205, r1, 0xcf1f038a0dc030d3, 0xfffffffffffffffe)
socket(0x1, 0x4, 0xffffffe1)
r2 = io_uring_setup(0x667, &(0x7f0000000000)={0x0, 0x8dd3, 0x1, 0x42, 0x235})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000840), 0x0)
read(r3, &(0x7f00000001c0)=""/260, 0xfffffd3c)
close_range(r2, 0xffffffffffffffff, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0, 0xb}, 0x110d41, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7dc470d00281f324, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000980)={{r0}, &(0x7f0000000180), &(0x7f0000000940)=r4}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32], 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x100)

5.566729542s ago: executing program 3 (id=4180):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000001000010700000000200000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)
recvmmsg(r0, &(0x7f0000001580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f0000000500)=""/37, 0x25}, {&(0x7f0000003a40)=""/4093, 0xffd}, {&(0x7f0000000140)=""/85, 0x55}, {&(0x7f0000000600)=""/74, 0x4a}], 0x5}, 0x1801}], 0x1, 0x120, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0xf3a, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x24000154}, 0x20000050)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000540)={'ip6gre0\x00', &(0x7f0000000480)={'ip6gre0\x00', <r4=>0x0, 0x2f, 0x13, 0x0, 0x8, 0x30, @empty, @private1, 0xbc61, 0x7800, 0x3, 0xfffffff8}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f00000008c0)={'syztnl1\x00', &(0x7f0000000780)={'tunl0\x00', r4, 0x7, 0x781f, 0x6, 0x8001, {{0x3d, 0x4, 0x1, 0x2, 0xf4, 0x67, 0x0, 0xfe, 0x4, 0x0, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@cipso={0x86, 0x3c, 0x0, [{0x0, 0xd, "f4ed76d6ed629199117aa9"}, {0x1, 0xb, "4b6936b9394532ebc8"}, {0x5, 0x5, '\a`\f'}, {0x0, 0x4, "b455"}, {0x2, 0x3, '$'}, {0x7, 0x8, "a135fc911055"}, {0x5, 0x2}, {0x5, 0x8, "d5015f0599eb"}]}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x10, 0xf2, 0x0, 0x7, [0x2, 0x5, 0x7fff]}, @timestamp_prespec={0x44, 0x54, 0x4c, 0x3, 0x3, [{@broadcast, 0x1}, {@dev={0xac, 0x14, 0x14, 0x17}, 0xffffffff}, {@broadcast, 0x1}, {@local, 0x8}, {@remote, 0x2}, {@remote, 0x2}, {@multicast2, 0x7bdeace2}, {@rand_addr=0x64010102, 0x9}, {@broadcast, 0x3}, {@multicast1, 0x80000001}]}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x2c, 0xa4, 0x1, 0x5, [{@empty, 0x9}, {@remote, 0x101a4cdf}, {@local, 0x10001}, {@private=0xa010101, 0x1}, {@multicast1, 0x4}]}, @generic={0x44, 0xb, "50f59e38b96077fa81"}]}}}}})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000023f0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

3.81964108s ago: executing program 1 (id=4209):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x800000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x880, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"})
r2 = syz_open_pts(r1, 0x141601)
write(r2, &(0x7f0000000000)="d5", 0xfffffedf)
ioctl$TCFLSH(r1, 0x540b, 0x2)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f0000000040)={0x5, 0x8, 0x5, 0x0, 0x8000000000000000})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff6f}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file2\x00', 0xc0ed4040, &(0x7f0000000f40)={[{@commit={'commit', 0x3d, 0x4}}, {@nobarrier}, {@barrier}, {@quota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x9b9}}, {@data_writeback}, {@jqfmt_vfsv1}]}, 0x0, 0x47a, &(0x7f0000001000)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKe6LQQpYKAmQoiiB4zxYEi8G48m/gWe9GLUk4lXvBsSYriAntbMzgxtl93S0m13cT+fZNj3Zqa89503b/vmvd0G0LNGsn+SiI0RcTkihiOi0njCSP5y49r56j/XzleTqNXe+juJNCKuXztfLf6L+pbZkO+o1Yr8uiblXnw3YnJmZvp0kR+bPfHB2Jmz5549dmLy6PTR6ZMThw7t37dz4ODEgbbEmcV1ffvHp3Zse/WdS69XD19679fvs/puLI6XcbTTSH51m3qi3YV12KZ56aTSwYqwLFm79Rfb5RiOvhi6eWw4Xvmso5UDVlul2e/nwoUa8D+WDdSBXlT+os+ef8ttjcYdXeHqi/mERxb3jWLLj1Tq8xtRPBttWqXyByPi8IV/v8m2WKV5CACA+X7Mxj/PNBv/pfHAvPPuKdZQNkfEvRGxJSLui4itEXF/RP3cByPioWWW37hCcuv4J72yIFvrW2YJi8vGf88Xa1sLx3/l6C829xW5TfX4+5Mjx2am9xbXZE/0r8vy4wt+ZKGfXv7jq8Z9XxbT7CPzxn/ZlpW/MML0SuME3dTk7OTKI89d/TRie6VZ/MnNdcAkIrZFxPY7LOPYU9/taHWsWfzlWPi22rDOVPs24sm8/S9EQ/ylpOX65PhzBycOjA3GzPTesfKuuNVvv198s1X5K4q/DbL2X9/0/s/jz54Rk8GIM2fPHa+v1565g0L+/LyatDi09bbx33r/V3dHDCRv19MD5VnF60DyWvYyVO7/aHJ29vTE3M+W+frreB7/nl1z8U/GXP/fkj+e1a/EwxGR3cQ7I+KRiHi0aLvHIuLxiNi1SPi/vLT7/VbHWrf/IrPybZTFP7VI+2dveVlqrv2Xn+g7/vMPrcqvLan999dTe4o9S3n/W2oFV3LtAAAA4G6R1j8Dn6SjN9NpOjqaf4Z/a6xPKxHx9JFTH56cyj8rvzn603Kma3jefOh4MTdc5ica8vuKeeOv+4bq+dHqqZmpTgcPPW5Di/6f+au9Sy1AN/J9Lehd+j/0Lv0fepf+D73rhU5XAOiMgea7P1nregAdsfzx/+Cq1ANYe57/oXfp/9C79H/oSS2/G5+u6Cv/d2ui0h3VaJoY6o5qlIlIu6Ia7Uu88UXeJbqlPmWisuQ/ZnGHiXVND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gsAAP//ySHaEw==")

3.35912977s ago: executing program 0 (id=4216):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000023f0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x50)

3.316084012s ago: executing program 0 (id=4217):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@noblock_validity}, {@mb_optimize_scan}, {@sysvgroups}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@grpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
fallocate(r0, 0x0, 0x0, 0x8800000)
r1 = openat(0xffffffffffffff9c, 0x0, 0x441, 0x0)
fallocate(r1, 0x20, 0x4000, 0x8000)

3.050519554s ago: executing program 4 (id=4224):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, 0x0, 0x0)
r1 = epoll_create1(0x80000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a})
syz_open_procfs(0x0, &(0x7f0000000100)='net/raw\x00')
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000))
io_submit(0x0, 0x1, &(0x7f0000000940)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000540)={'syztnl2\x00', &(0x7f00000004c0)={'ip6tnl0\x00', 0x0, 0x2f, 0x9, 0x81, 0xfffffff9, 0x20, @private0, @mcast1, 0x8000, 0x7, 0x8000, 0x8e1}})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@dioread_lock}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r6, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

2.977606687s ago: executing program 2 (id=4225):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000200)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
kexec_load(0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@jqfmt_vfsold}, {@debug}, {@abort}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000580)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)={0x54, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x12}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x32}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x38}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x15}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x4000004)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x14, 0x2, 0x6, 0x3, 0x0, 0x0, {0xd}}, 0x14}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10040057}, 0x240008c4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, 0x0, &(0x7f0000000280)=r1}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000100)=ANY=[@ANYRES8=r7], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)
pread64(0xffffffffffffffff, &(0x7f0000000000)=""/232, 0xe8, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)

2.751569288s ago: executing program 1 (id=4226):
capset(&(0x7f0000000000)={0x20071026}, 0x0)
getpid()
capset(0x0, &(0x7f0000000440)={0x6, 0x0, 0x1000, 0x0, 0x60, 0x1c15})
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x14, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/683], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0), 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0f00000004"], 0x50)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffe, 0x6, 0x2, @scatter={0x0, 0x40000, 0x0}, &(0x7f0000000080)="0000501effd4", 0x0, 0x800004, 0x10030, 0x1, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}}, 0x40)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYRESOCT], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r7, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002bbd7000fedbdf25010000000000000008410000004c0018"], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x4000800)
sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000005c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="020027bd700002dcdf250100000000000000024100000073b75dbd5f5d9df135681d55095b2b1000136574683a6970766c616e300002e5d011114c77d50cede0362c699484c6bba8d2f448036d7b31d508035bf4dd9ce868a5871521b5044426bf70e269785b181236611192a14e28"], 0x2c}, 0x1, 0x0, 0x0, 0x8040041}, 0x840)

2.69380893s ago: executing program 1 (id=4227):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f0000000500)=0x100000001, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
connect$inet(r3, &(0x7f00000000c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0006}]})
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x50, 0x12, 0x1, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x4, 0x3}]}, 0x50}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='rss_stat\x00', r0}, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
getpeername$packet(r7, &(0x7f00000006c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x14)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000022c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000100)="8d", 0x1}, {&(0x7f0000000800)="a222a2ba3f3fb14d6e61e7b6c09463320b25a49c555967aa2d9c1be519ca8f9d974352eaed551e0448d4a54df52a222cc7c68e85fa31235bac42c0d6db457229eab2d4a09e3a0708e15d3d53771667863518c40022a6366c903beafb06ab8b378bef5a0f076c671f7507da92c5a8d764e287e3e99751db01678392e4490c59fcd1d2384f3027b6be1db81d7156652c91b7e2a80c4e163f5305fc8cca4a9a4ca10efe4a690c52421d181c695ede256b365a419f1051a990ee0eafe44a3571a991f5b3963349962341d8d1280386c1a505e6a4a005f7df9b3730d31b2bb7a7ec146111b0e7a3aded56d6dcf3193ba84756200bdde76b4d5b5e4eee5c8a20110cd96cae54798292e6520fafcd9084115b6516168c9b9d4edd87e896e1ba517ccba601904f97994da4bcbaf728b3d44b404b26bc8be8945875f2745e83ae19992d21f66898a890ee6fce4276cc096e4882c3c00bc7f77107b63a1c097d8e682b4a92feab81b6d342126437c0b13e1dfbd6d0ccb58efcbccb53f327c955398f52fab7ba1b5778e79c5c30f2751b17b58e838c5759196f884cd74bcf9f0332291bf860930f8af9e727c4271be8ce727226f8f3dab13b2e7baa03c39618bc7823336c391cbafe73a5b0f58c4a9d0d8baed9f45bd2c68de5cee52e6b0ae109a35a69864455267f25c89ec742ba51f82dd5f6e06e1dfdcae9df98cca8349651f8e622cb6413a4202a4ed762eae0d34d4b6c64d5a4601f1f8094e487c2c5ebee6e42edb8d025d818bfe9920c33301055d7c425c4c2dc5a626e82547bb7986bcc1ef5cff7468023eeb544ca700a20f910695c0cc943b44487bea880134b8128785aff95e524e562c507362355259b04c03e23cc5e56b7a247d7103aec3f0153a6cb09ad996d141fa07c51dacf9bc8cc174b63b17ec27d49a051a90bf80973b24cf65d27b86d3e2bfab7a98f54b9a80cf37b4990a12e78580fada01d94546306e3d51dfe5e83e234c1429ae3c979cb70aa8221fa974fc100a396c480b15c0fdd81579707d5c62e0a15be0d84a44b242852600987fb3d27fe32cd3c08f2cc3f461c43c72298ee6d6867d63c21b6e5c49df52f1e515925a6b3b472d4dfc5719ac51e83bc15f5cb58f6536816b7266094edef742fe7f39f75c5dd109f84ca3d074b3c0c7fb13926d48d41061b70ab52948c8408c73c2617515d0a59029f28bff97d84317b68e535f208bd09508ed222fb4eb9fd6b5bfafb3b72fe635614aa3ebc7dbe12baee735fe6073ae125b4f6a73729067a1649f9bf299f0735d5c7cd44f94b7b30e491d2742a15f2313f19d93a7f40bbbb3ee0eb787805236cbf5fca71c3269b5ca693239fd9fa0fe2efb281cc15144400d1f4ce2b3971307d0deed7f14221aa3ad41cb2526a18788b3321b1a4d12af537e51a932c20477a9d0ae5d073eb285b7b7b01e88f4cb1f719f5002f0db40eb98e69c01572a0a896e3803fe54cfd811618638a8b76dfa4265922c96b100fa850cc5cb171c891e5dc214e442330429e9149ddb52c49c5f4eba6ae66c7858fff7912035f1f57249e76219fe819dfe8e6856a2a92a139bb72885931658a099346c9f195500d4655128851eed851970ee9bdfbea242c20d35432e7f66247da4f115582377fb150b94875bd35a16c8f120448fc4a0e9079e317554bff46d2ed3e0ab5d73cadd586b9b2d39ab153645a63f89bbb502405d0db3e0d598f158466758464be2904e9da4221d11f1ddcf2821fbbdf4dae6a61e24ad9ee8258dd899fbe596d0eeb53de2f9b0b6a21962b2a24571d20525e9d88d1581bff232d5f9f7980dea4a40c1d2f60e75c5e97368954921398e4d78dc844f7a761ea30c64ab8b0bda8043813fad94c76833bebd9d4267aed91ffe8d43178a0d3a7a4e9a6f290475894fe9ad1d8f25347f7c227aea03307cbab4340349c4e8dbf8b75b34255cdde7ddd16a3bc84b847ec70e45c38f6d625ceb1c985078b1b653da87a9f091438e685fd5eede3dec3a1e6b165d26cc19f4f268b1ed43470a585ddfb4f902ee1f3011b970c0f387025e2d6ee7157eb2805cb6bc33b314022e3c78e76bc2429837660a91cf607164a1f4143daa2636d395340e334961eac9c63cfe27c02f6d413832aac2536f697a72a8b82520ec349252183eb398a529fbdc809458d3da93a7065aa6512d95f33491600d77c87bf82f8d0639f1b3a4a372fbc085af73f4e4ab85569a75799b5cb5cf37d69d8def81e9d3bfbd267e2d954c54d4465ee0f6e0c8a78f8a5e2c8e403685e98e74d45afcf77667b70b4107a9cb9673f043f11b727deaee8158539ac01490fee36556ff6f228a2cb6094f6792e47fb98ec13c90726a406e5cd1f7e26377854ad4b19cac9e42c457a8416473ba20f278996d157143833462e4f9f9e223453c8ca24541cee7847c0dbe7a00137a2d9aae1545e47a3bc7631991234b4d1814d6838d916c8abfc7b1b84496618e12b436bf39576c299c5b514a25238b7ce9e5ded1d18573a389741a2962ef421810527200da3d79e0e091b135f8ea110c700744481bb1928eefc9fcbc8a300ce2984391af23fe4d516d4075e46e703d9634f200afe292c165c2b3c3b742487a547202d3e3e57575a37d5a83dfa543f76cd2c33f5e950cf10a69937afcf16c63527828b3ab7b3e770730e6ef1e75914581d97cb194f9c63d647407b71c180fa5cc7754541b64f21863640abd9607364cc0a740793711c27fea3db4c1ff477cc085357af182755f00370bb74749e0f82b1191495626f8058f806b46c3b11d992e0d3be82e1875599075e4446253eb9fe43bebc5a21975138bb8099939c004adcbabb5d9db3a5e154b6d1bf3561a082a753fcbfefe451a5fb482e5a65043b2e700deb3e43e3ca1867e868198b42be2d3b045af22b0af7fc152f8a360fe77f23cad251e9e33cd2f8783d517272ff74e59907e574a37a5ecce14843502748427a7e228600b3f0ec7b2b22eb70af67e79a5b7e3cee4bb8c190661ba45cf72c2833df91158bf53c3b768d784b17ffe214e2ef266870998c12333aa6f36cded19002945f904d53d47446dbb2210096e419191ab0272368c2ab8e2e19a5d47ca6abc8563d21cfc14cf9602b960b2e5344c4d63fb10bbbb64800759b9fd2e822f0e45220fd4dd27bd567ae920f1fe563545196133fe21ccd7117ddc58ffa86e61285d3b0777205b7f20daa1b3fe225a0786920c802f234b14afebfab1d9afd05afe5b7cae3f60be7787b22fc0f8162a09353dacc92413f070d071f345661afda662a5e2f72a6349c0c5e5543b8eb0167a8f9b3d79b539e521c15e9c0233acd8df749dbfe7a3328df9710d48e7b0df865ca9a7b314cc0e3edd00944b564ba2c124595dcbcdc83640e595c992f7424c07057baca44a6918acf77f8549f7b75eae2c88514b018aaa28b8bccf709517afaca25b994dcf8afb15752fda05d38dd5e3b0b09a0bf61d05462a71903e965ef4e1176fbeb3e246a54c5ab9cc871d23043dd235a8b0b663497f66dfce7e60ead41d9094af9aa3d9418eccb72cb85d9509a5625d54bf3dbb4275e84c13864fbd0a65f4785e99fbaec7a99290e34a9be1b2e4495ef36281b5aa24cd99feec31cd90e71a3bf6868e3f78c6e56f9d31b03c4ed9db26de5bb9f51c4208e63a127939aa7d4182028a2ed2f0055345e9711c4527e9d68f2d56e92f9f052f8fd6aa091e36f2e2e7af12efa39220d303c0b1cbcd573fda0f80a881c8b04c7b8e9702c1e7d456ed173d1e017ceae6e065571c8b9aa33a7ef7a849c959075c6a26f7092f1eee8ea57ad1e1c968c4e1ce957ae3f4ca2a1420d9f37b762f962a144ce29c348a88cc523a6641ffb4f1c0d24387f1e8dc2e67a3aa9db7d53af609100212941bce92f25f10549b174d7ce2409a1378ed97a8c12690cde593a8be8ed61114e7ea6d9e77f703eeffb1afe1dea0913ef520acf4c4d0b0fdc27c189aec6928a3acbb4ec6f73086b2fe834d710ea4d4f3b8e9504fcfe56f5e065b6b67362d5058be33ae82741ef4980249dbc1e36376c2931221a81b95aebd0a014f3e6f362de7ad7f3e9f3f70788bbd761c7ab3b50b8a9873a8ee81f13e545d42505209b8953391a9d1f7506517bc59dca5c9212cfd81dc78dcd57ac982fa244864c6bbbcc5b992ab4bb12dca0a35220ef34e391dc8c2f94cdbe7ce03432ac984fbf6be52dbee6294d45076cdc88d1837846e733aa89848d7e74bbd25aff6341a25f5e756abd67f4434d323e3504ee810fde7fd78955c1a5b7a7ccf8aa06b6625b176359f001aa8908d445b2cbfee8d708ebe23aea026e865c0415f28911fd50cc6f61c4030cfc554158e1c249f64d0092164f59635bfb0dfbf7ca92ce9477951cccce7ee73535493cd7de054850a01ef9cfa33ed4a18a6534d53f4c163a3c5bd9c51ba3f770d02501c87ac83f448b8a8c8e8d1001978739f2222d88e73eb0d731031485db3f7bc66049ff8cdf7c4e29ccb17477955d6e3cdf8abd2774363665ee8f7c207670ffb16135a26fcdc1d2907386a29f19646d5e7c33597acf7612e519e086dc8f462cc0773decaa5b2560a6d272cc9c2239daa3fec042a764e710ee0e7d0d9f1c1bb5a20bc4e28c452cdf7a1051ce65cadc86219e77f422b8b9a0841284a52247fae8b294a09223a5c8224ceeaa334db19e40f62baa17525103b54bd06a8d270914c5b72fe9c93898ed30f9a0e97d85fc832b8a1728d31c6c2473a1b0f3a74f7b8d9db8f72b1cbc971845ec6deaf0d71f1ec30ec4c9ea481227a9dba9e1bc0450221f313f1b55af8b0636565af6af24b6e6c2daf54d1686d71c6c4c143a55209a3c633c25619636f31726e5af42ee61d416ce11cb5c485682bfe104e03f13497d2040a92506ccac70f55bd4220dc5b48da0a121cbe2effd5b9d61e7845979047e943b6147702b60028a4d73acc51cd79439ce674f605c008fa1fa86acf30d56f05b5478c273c793232a85db4aa08fdc7739e2437062717bbce87065c67b0c9bc064063bddb05395c50bd990b8f51682ae768eb5701080c6555261720c5a8f610b97c78e3c3316f4db23862d91b79d38b08ea2442bebbb2437fc2fd359ff5ee74364776ed84a6608205aa6827f30ca31a53c335460c323c7c24d7aa103d044e1d8caa7cbe20a7bb646fbffb1c78b1ca706bfa87b35540ddec0895602c6bbbbb331b23c0433d6105f7c251dfe636393b87b964a5e34f0f364ca6bac43b17dc0d59609600ae8a96291a622dddbd3837ee7eb0786747f6453e3e6ad5134993db0bc255dc5a3ea46ab2f41e628ed7511697b9c06cd2e8375f8139eb3627f76c04af71710ff2eb04eec3c7dddcac637206aa3b35e9833027f9b3cca5a8f736ac7c1064d77eb447913d23e3c8f79e3ec681b26ff2ec2836f362b220bd8f0f3713fd2a6c9db3706f25dbadcecb6f833e4d9f6b29ae53ac64f7fda7bdbeb1195aa9f57b9536631ad080d78015016763f24276429c3ca8616e5cc6d1fc1c1deb9072552122b8deec7f4f3e6c98fe59a684b371df58019c1d376f95dcdb9fb46cf1c54b326bccc76d864ff8ca6ccf183f7ec4341b8365c3d542c06f27c84f0c6cef20ab30e46194f418951ac8b7c10571a2ea155e0f45a1825d3d2f175b84ffd86bd8f87ce0a0b39c590d414dfe91d04ab2b496166a3e838baf101cc834cad333d28cb3104b8ff42f39019acec2ac49811c164221f0ee521cb8bf8a56efb5fe2aa054b69e7c4f408be39cf2c0c31262eb1812f7b4ea7ef99b72768102ddc9e76fe3d666d99ba3b", 0x1000}], 0x2, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast1, @multicast1}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}], 0xb0}}, {{&(0x7f0000000180)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000480)=[{&(0x7f00000002c0)="e8b540dde75b0246e8cb49f7690f5b8b2f1d8d1fa2f03a87e85784fe1d86572b403b91dbf4669302e6561f16c6438440778d59d1f6e28c65449d746a515f5d84e47a5417d00514376aad97d5d5bba885e5dd4894f0f430c1a30c1c56ec6e065d41d915a466b936d58567465ae586d08b349b3100dbc5babae7e18b1d1c1d5aee9fe2938ac7aba51b15329f0e9b2b7236dc0ca8ce72cc54079dcf263bc24350ff8133a579f595776a1509cef86d7b5790254ebeba8fd8d92e399a6d228006119f720eb3d862a52a3ca5bbe3d08d977376367c3aceb903094f2b2fb9b5bab2ed8138fc58efb98d3c389968cd53e2fa5c47167d50a060b198d89fb6f27f", 0xfc}, {&(0x7f00000003c0)="84c8b74757ed4e5d5c082e624811a78ceedc22c0199236b6190e4aa7615ce5edcaa1221ffe33063edc2cc88d02a624b91139ea125ac518bca8b5f31fe99f273e4d26e45c5e01abbd3f59c10d21815715ead5a16ff2389294316ec488083c344369759a96cef64539ee1c59178f9431b84449adc661bd502f90eb9d2f9cd2b3de6da4ff20c230ffffe21f804019d9f1e00ba63a17f037041c37f151bec8af4773", 0xa0}, {&(0x7f0000000640)="6b040912c20ec9bc0bb31ac4d30490bcecc4cee3235c5dc366d449d69bb5b238f97b0f02cbe1b50612f15d0fff20b1f25a4db81d5236108bdc291f9854299e26908e3f5702b3a16c11871d0b20636e04389c7158f81253549dcd706face04a0abb5f6a765123fbbae947", 0x6a}], 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="640101027f000000000000006400000000000000000000000700000001440c5253ac1414aa000000ff891b7ce00000016401010235dcfb96f5291412e0000002e0000002442cf941e000000200000002ac1414bb00000006ac1414aa010000080a01010100a20001e000000100000002000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="0a010102ffffffff000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140e00000000110000000000000000000000010000008d00000000000000"], 0xe0}}, {{&(0x7f0000001800)={0x2, 0x4e20, @rand_addr=0x64010100}, 0x10, &(0x7f0000001d40)=[{&(0x7f0000001840)="f4bfb1a0b3cd5c7129315391ae47bf002caeac5c97478a191a6313069be450ba76ba48bcf056d6623cb86d573f20ef07c74d8434b4e4c25956aa31e6de066ffb31868b0b2a7612e5722097750cd1225eb1fe8aa9079012b5af48d61c22c6fe714b71d3b3a3c229", 0x67}, {&(0x7f00000018c0)="9d2776ea6197965c7ce9fc12bd4bf183805c227efb7bfda326421c327d22a461d7289cf59c6a46dbec92c0ed6ef83af676f373d1ebbd56330feab0edd28bedc6fa84a79cab5dd4d0", 0x48}, {&(0x7f0000001940)="52560805dd8d878763fec84a26572b2c8924f340ff6397ee8c69fdbe53bb72d8a5a729ff5f9a67f7c14c8ea8aaf967b7ec607442647f3b830fcead81153581ca32fe5fc92f5a373f7be0d13f2709c859ca2d1bced9bd4886099448185452d52675c6fa148be32ab521aa0b8353633acb4f8f4d33054544552b942d9455c2152eced0a96b0f45ee6941afca36d49512b5e5567caf41b5c06118f15539eb114b555d0cef41fe1010cb43a36cb23117846211076d788701f1f6b0346c93830fdc96053d3f97faa4b69b0830ee444b10", 0xce}, {&(0x7f0000001a40)="d77c75fd521ec3a39288ffa9c9d26df7ecf937d1a6b75b38bc6c502310f186dbdaa7cc1c94a7fc2776bfe1c81fb13814125356d155832391bc6cb3f426faa3aab58c32d5c8dc0fa6d96c618737d283681f09271e7a4ee5c78a1cf0e7024d1790a9c37de3ba03b28ba4b693aee014e19fc4fb3f7e8ee96c4aefd9ee80cbf6067c38f29b5eadab63089af6aeaa01cd92c07303ceb43235ea9d9df173427820fb6431087b688f192f58ba745edda21738e31efbcfb6b8e57592b0f3fc5b2c82d4d13f4d19f73829ffd57afac8b5d20c7758ad6725de", 0xd4}, {&(0x7f0000001b40)="3c7fe515eb8cc419b1cf3621948fbf578b44", 0x12}, {&(0x7f0000001b80)="8daecbed2b22d18b8e9cd5466aaa27dc4000336d6879f80552e3d78a10f73bc980c4e1e22e2d26a7e33024329fc40e8ab5f44980dc5e1ace47b3887d976d6adacd1782999089f0a339b66dfa99c130b57bc27362169e9cf4f8cb6d842853c9", 0x5f}, {&(0x7f0000001c00)}, {&(0x7f0000001c40)="a70fb331ea5b0a22d71087ca5405008bc46bff4617448131d1f8dd79c23a8688e3b9f4d72ed49d49fae9a3989002b32bb2c23a02358618a7c3a969899a495d843ed028e5350f62d1e51c05d52e57b7b3b302324b20c1549b5b452eb550c5a28e316716d086da7ce6631e57445904995861604ef23cf5433f320932ddf7b4d331097c742e77a4e0a7b921d17d2cd6a4747b40e327349da784973968c1b23adfabe4c104bf45e10297c7247e9a59fd5a3b5f2716d0e4c86a73ffffe9f16fce0316d3893ef4bb25875546ccd1db35a9385fdd6edc6744491688d8af20d60a51556f1d5d2ade12f62ce94a9f815e2f2989060911f2942f67", 0xf6}], 0x8, &(0x7f0000001dc0)=ANY=[@ANYBLOB="1400000000000000000000000200000007000000000000001c000000000000000000000008000000", @ANYRES32=r8, @ANYBLOB="ac14142affffffff0000000014000000000000000000000001000000040000000000000014000000000000000000000001000000080000000000000090000000000000000000000007000000863f000000000607980a5299bb070433ba0111a5c4dd83a0604adfff1b5776fc0227070cb9f7c0d2eca5a6a9408400110ff78ba1738132f9198897ae5770f28907c2ac1e0101831fa2ac1414bb0a0101017f000001ac1414bb8cf683febcdc2e9fcff879ed322ef50a010100ac14141000000000940400004410c48000000001000000020000000594040100000000140000000000000000000000010000000100000000000000bc00000000000000000000000700000007236eac1414bb7f000001ac1e00017f000001ac1414bb64010102ac1414aaac1414aa8807da3540e44e862200000000000831b7e849d7a80502020911a500b16baf210505b65f190004139444046c30444466117f000001000000057f00000100000002ac1414bb00000008e000000200000002ac1414aa000000080a0101010000007fac1414aafffff426ac1414120000000207132fac1414aaac1414aaac14"], 0x1d0}}, {{&(0x7f0000001fc0)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000002140)=[{&(0x7f0000002000)="7221b69257a049a3c5ffcd24b83e9edd00783e71a28364e4bcba1d977e9dfa2b410e6903a4cd3535813429ec2277cb1b052df332795f12df9a2537903f62e374ef2efa80", 0x44}, {&(0x7f0000002080)="f74b72513c2f7f19eb96c77d9c5d745fdbf9d53d35045b170f478907a6694605685ce606f18a056d9847594a0fa7cb3673810e5f6085397b6f71a0206bd4bdf081b0fb28f696142bab01d0ff88252e4c025c8ed42d2fadde4062e4a9552ef34b6b0020e4dbd39ca06910431aa8729720838a49184c84b076ed4397e6292487f53cdbc1f6b3e1da26a7726fc1a521b451e8", 0x91}], 0x2, &(0x7f0000002180)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xfe}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010101, @loopback}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x70}}, {{&(0x7f0000002200)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000002280)=[{&(0x7f0000002240)="2ff54dc8faeb16896a75fcb1976161700c1928f83735baebbc2029ee12bfe49ee4d2e4c6ac86964d669c905ded923b2d8f9099c8b5", 0x35}], 0x1}}], 0x5, 0x4)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000240)={'gre0\x00', &(0x7f00000003c0)={'gretap0\x00', r8, 0x700, 0x700, 0x3, 0x4, {{0x9, 0x4, 0x1, 0x0, 0x24, 0x68, 0x0, 0xfe, 0x4, 0x0, @loopback, @private=0xa010100, {[@ssrr={0x89, 0xf, 0xe7, [@broadcast, @local, @loopback]}]}}}}})
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f0000000e40)={0x0, 0x0, 0x0, 'queue0\x00', 0xfffffffc})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_MCAST_MSFILTER(r10, 0x0, 0x30, 0x0, 0x110)

2.680103211s ago: executing program 4 (id=4228):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a808682b7fc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000023f0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a31"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x50)

2.546202216s ago: executing program 0 (id=4229):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0xc, 0x0, 0x0, 0x40f00, 0x6c, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="160000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000000000000081, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3, 0x0, 0x7fffffffffffffff}, 0x18)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='dots,nfs,dots,nodots,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c646d61736b3d30303030303030303030303030303030303030303030322c756d61736b3d303030303030303030303030303030303030302c000f5186c5e6c7e221acae1f2bce3f628976329421ce230baaaf88191a4017d68f03a16b33a382d61eba86fceff31784759104935bbab41ae1aad4f295ee75b6600e5750d28fba3de65d9ea879618828e5668b6fd6be8d61ed7d6e494317a9b4c4e09b8dd4c502067ee7d71a"], 0x1, 0x159, &(0x7f0000000840)="$eJzs27GKE0EcBvB/TKJRm9RisWBjFdQnUCSCuKAoKbRSiDaJBEyz2phH8QUFSZVuRPdI7nLJkRzs7ZH8fk0++GZgpsgOs7Af738dDSfTL5M38+g0GtF6GlksGtGNG9GM0iwAgEOySCn+pJTSrVnc/hUppXNDftayMACgMjuc/wDAgXH+A8Dxcf4DwPF59/7Dq2d53n+bZZ2I37NiUAzK37J/8TLvP8r+665mzYti0Fz2j8s+O9u3485J/2RjfzMePij7f93z1/lafzeG1W8fAAAAjkIvW9p4v+/1tvVlOvV+YO3+3op7rSvbBgCwh+n3H6NP4/Hnb3uFiMvMOojQjohrsAxBqDbU/WQCqrb609e9EgAAAAAAAAAAAAAAYJudvwfqXDx4kbZPr3uPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsO5vAAAA//9XS09N")
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)

2.544749616s ago: executing program 3 (id=4230):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000017c0)=@newtaction={0x488, 0x30, 0xfbed, 0x70bd29, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, 0x0, 0x4, 0x5, 0x2, 0x4000, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x5f41fde7, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7ff, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa8, 0x28, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0xf, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1000000, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb7fe6bd0, 0x6, 0x1ffffffe, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaa84911, 0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x0, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0xfff, 0x1, 0x0, 0x0, 0x0, 0x2]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x4000, 0xfffc, 0x5}, {0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)

2.502974588s ago: executing program 3 (id=4231):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
r1 = socket$xdp(0x2c, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xb, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000006c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000400850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, &(0x7f0000000140))
setsockopt$sock_cred(r4, 0x1, 0x11, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_RELOAD_REGDB(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r8, 0x421, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc35d4f6d52288271}, 0x200048c4)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="c3c700fe0000000072"], &(0x7f0000000480)='syzkaller\x00'}, 0x94)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001c40)={[{@dioread_nolock}, {@norecovery}, {@resgid}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@grpid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@subj_user={'subj_user', 0x3d, '\xb3'}}, {@obj_user={'obj_user', 0x3d, 'uid>'}}, {@uid_gt}, {@appraise_type}]}, 0xfd, 0x588, &(0x7f0000000680)="$eJzs3d9rW1UcAPDvTZP96rQdjKE+yGAPTsbStfXHBGHzUXQ40PcZ2qyMpsto0rHWgduDe/FFhiDiQPwDfN/j8B/wrxi4wZBR9EGFyk1vuq7Nj7bLTF0+H8h2Ts5Nzv3m3u/NOfcmTQAD62j6Ty7i1Yj4JokYWdeWj6zx6Opyy4+vT6W3JFZWPv09iTMbnivJ/h/OKq9ExC9fRZzIbe63trg0W6pUyvNZfaw+d2Wstrh08tJcaaY8U748MTl5+u3Jiffefadnsb55/s/vP7n34emvjy1/9/PDQ7eTOBsHs7Y0rh50cWN95Wjpn6xUiLMbFhzvQWe7SdLvFWBHhrI8L0R6DBiJoSzrgRfflxGxAgyoRP7DgGqOA5pz+x7Ng/83Hn2wOgHaHH9+9dxI7GvMjQ4sJ0/NjNL57mgP+k/7GH1w5/bdB3duR+fzEPu71AG25cbNiDiVz28+/iXZ8W/nTjVOHne2sY9Be/+BfrqXjn+SGxGb8j+3Nv6JFuOf4Ra5uxPd8z/3sAfdtJWO/95vOf5dO3SNDmW1lxpjvkJy8VKlfCoiXo6I41HYm9Y7Xc85vXx/pV1bGv/dbPyX3tL+m2PBbD0e5vc+/ZjpUr30LDGv9+hmxGstx7/J2vZPWmz/9PU4v8U+jpTvvN6urXv8z9fKTxFvtNz+T65oJZ2vT4419oex5l6x2R+3jvzarv9+x59u/wOd4x9N1l+vrW2/jx/3/VVu17bT/X9P8lmjvCe771qpXp8fj9iTfJwf3nj/xJPHNuvN5dP4jx9rnf+d9v908vX5FuO/dfhW20W7xv/3ukn6U25usffO0vint7X9t1+4/9EXP+w4/sb2f6tROp7ds5Xj31ZX8FleOwAAAAAAANhtchFxMJJcca2cyxWLhUbb4TiQq1Rr9RMXqwuXp6PxXdnRKOSaV7pH1n0eYjz7PGyzPrGhPhkRhyLi26H9jXpxqlqZ7nfwAAAAAAAAAAAAAAAAAAAAsEsMt/z+/2rbb0P9XjvguWv8sMHefq8F0A9df/K/F7/0BOxKXfMfeGFtP/+dGYAXhfd/GFzyHwaX/IfBtdX8L4w85xUB/nPe/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqfPnzqW3leXH16fS+vTVxYXZ6tWT0+XabHFuYao4VZ2/UpypVmcq5eJUda7b81Wq1SvjE7FwbaxertXHaotLF+aqC5frFy7NlWbKF8oFf2wYAAAAAAAAAAAAAAAAAAAANqktLs2WKpXyvELbwpno5RMmu++VP5Ot0o4ent8tUSj0tNDHgxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbPBvAAAA///YBDOu")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000100)={{}, {0x1, 0x2}, [{0x2, 0x5}, {0x2, 0x2}], {}, [], {0x10, 0x5}}, 0x34, 0x2)
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00')

2.309470587s ago: executing program 1 (id=4232):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1.996495001s ago: executing program 1 (id=4233):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000200)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
kexec_load(0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@jqfmt_vfsold}, {@debug}, {@abort}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000580)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)={0x4c, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x32}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x38}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x15}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x4000004)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x44, 0x2, 0x6, 0x3, 0x0, 0x0, {0xd}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040057}, 0x240008c4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000100)=ANY=[@ANYRES8=r7], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
socket$inet_udp(0x2, 0x2, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000000)=""/232, 0xe8, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)

1.990904972s ago: executing program 2 (id=4234):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000400), 0x1, 0x55f, &(0x7f0000000580)="$eJzs3d9rU+cbAPDnpK2/v18riGxjjIIXczhT2+6Hg124y7HJhO3ehfZYpKmRJhXbCdOLebObIYMxJozdb/e7lP0D+yuETZAhZbvYTcZJT2q0SRNrtNF8PnDkfXNO+p4n73le35M3IQEMrYnsn0LEyxHxTRJxMCKSfN9o5Dsn1o9bu391NtuSqNc//StpHJfVm3+r+bz9eeWliPjtq4jjhc3tVldWF0rlcrqU1ydri5cmqyurJy4slubT+fTi9MzMqbdnpt97952+xfrG2X++/+T2h6e+Prr23S93D91M4nQcyPe1xvEErrVWJmIif03G4vQjB071obFBkuz0CbAtI3mej0U2BhyMkTzrgRfflxFRB4ZUIv9hSDXnAc17+z7dBz837n2wfgO0Of7R9fdGYk/j3mjfWvLQnVF2vzveh/azNn7989bNbIv+vQ8B0NW16xFxcnR08/iX5OPf9p3s4ZhH2zD+wbNzO5v/vNlu/lPYmP9Em/nP/ja5ux3d879wtw/NdJTN/95vO//dWLQaH8lr/2vM+caS8xfKaTa2/T8ijsXY7qy+1XrOqbU79U77Wud/2Za135wL5udxd3T3w8+ZK9VKTxJzq3vXI15pO/9NNvo/adP/2etxtsc2jqS3Xuu0r3v8T1f9p4jX2/b/gxWtZOv1ycnG9TDZvCo2+/vGkd87tb/T8Wf9v2/r+MeT1vXa6uO38eOef9NO+x6KP3q//nclnzXKu/LHrpRqtaWpiF3Jx5sfn37w3Ga9eXwW/7GjW49/7a7/vRHxeY/x3zj886s9xd+t/5/CImsW/9xj9f/jF+589MUP248/6/+3GqVj+SO9jH+9nuCTvHYAAAAAAAAwaAoRcSCSQnGjXCgUi+uf7zgc+wrlSrV2/Hxl+eJcNL4rOx5jheZK98GWz0NM5Z+HbdanH6nPRMShiPh2ZG+jXpytlOd2OngAAAAAAAAAAAAAAAAAAAAYEPs7fP8/88fITp8d8NT5yW8YXl3zvx+/9AQMJP//w/CS/zC85D8ML/kPw0v+w/CS/zC85D8ML/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXX2zJlsq6/dvzqb1ecurywvVC6fmEurC8XF5dnibGXpUnG+Upkvp8XZymK3v1euVC5NTcfylclaWq1NVldWzy1Wli/Wzl1YLM2n59KxZxIVAAAAAAAAAAAAAAAAAAAAPF+qK6sLpXI5XVJQ2FZhdDBOY3UhYiBO40Up7PTIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/BcAAP//8NI25Q==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0xff, 0x0, 0x7fff0026}]})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x16, 0x0, "0af5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d1408407e5a774ef95f2fc1b947e00f000000123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x2c}}}, 0x0, 0x0, 0x34, 0x0, "029e089c1b4a04020bde79f04103c458187eb4532d996aff287154e786455261c425a7519cc275d04e4705abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3d}}}, 0x0, 0x0, 0x11, 0x0, "a1c1dd75a68473ba07d945c3b03e10950cd4b347113e55eb4285bf274bca67efbff2fdf98328de9434031348589bf28046d14810000000e3ffffff00"}, 0xd8)
close_range(r2, 0xffffffffffffffff, 0x0)

1.5700607s ago: executing program 0 (id=4235):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000200)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
kexec_load(0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@jqfmt_vfsold}, {@debug}, {@abort}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000580)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)={0x4c, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x32}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x38}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x15}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x4000004)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x44, 0x2, 0x6, 0x3, 0x0, 0x0, {0xd}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040057}, 0x240008c4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000100)=ANY=[@ANYRES8=r7], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
socket$inet_udp(0x2, 0x2, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000000)=""/232, 0xe8, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)

1.146033699s ago: executing program 4 (id=4236):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0xfc, 0x0, 0x0, 0x3ff, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x6025, 0x4, 0xb, 0x4, 0x1, 0x1, 0xa, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40404)
syz_read_part_table(0x1060, &(0x7f0000000000)="$eJzsz8FpAlEUBdA7n/mZCQSyTxFTRxaBrLJOE/bhypUd2I7FiIJ8YRwtQV2cs3k8ePfBDc9VcmqttXLb345J9zVmSsm2Jqm/U9Jm6Yd7bH+dbTinbuqSTbKu+U/qe5KPJN3PMCar75Skn48+D+Pyo8vf7qFdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBFXQIAAP//s1YVKg==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$selinux_load(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e7578"], 0x65)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000040)={0x0, 0x1, 0xa, 0x2, 0x163, &(0x7f0000000a00)="06aca78b6a364b1c367f6cf1b54e0c6d0cfcea2693552df52f59ea4dfd53c16e70bed7d19d69edb966c28e3a4a24a2ff37cd590f58a2840859d131ec558e1938223b8a5931a8307c1dfcc2cb6d56146b8f7cd20520b0a6338e245fb5aa744e20d3112b02166192b7c7930f840b5b9d5bf57aadbf34d28c49af79897fff518fd98c22e9b503679f80049cbacfd90d8742fae7b5fd7f109f9d577f4b18ecfa5c239abc7044895450ec8592286c64a19b9da1d7d02807d89d6d32179e4d6bd836045ceece7387d9dbfd73d79f4185df98ce45951b9827677589d775c21e39dfc711fea17b28664ae82c83d4af303d889ec121fb8956530ab70a50ef2aa9f4f29c5ae48bb51744dc84e8c81484af4653c9d21f3094a2a2ff6d6e6999f07af3298e3b3495854aba64961cc18ab605a92b55437f48f895d20ff71476054183e6e3878d39adf403db0318ac43f3242b991fb483d14d801deb614ef5e0a18b28afad26d2aa3a96d718dde2b8942df4cddc26e7c0f98c4a3591d9cba325370715ae96f11f0f36fe3fba7d7a742e2d5ee1478537c90e6739f778483bafb9ec88f1ac7a0a672d4c0d288f91c48f1fd7069957be2bae178935cfbb35f7d7e9902ffe155daf72fa504702c1cbdedc0daf6decf9ed5a74d743d67a8a5028e76f83f203f95e3fa743f6001403ebb074589ae485c69d5c86e1700dc8153ce1e236f003f7f6439405abbcd5cbd9629169db3f482715109a0ebbd69bcaacf977870b91fd43e668e0044143cee54600868f30a9b3cfc61031f24543825b52ca5c18f7e0a2eb7559c7216ca6a5626063e39648ed81155088ffa303a1266c96ef7b6a91ef0225fe89bfbb3079d8ea54367d85744c924176bc1b32ce9460292c46d311127f7af2219d94577ed15ee79f7f923266b372523a509528ec684556e13f86d3455f1ab47060bd590599c06a9fa9c558ab7bb7f647c1e69ae4ff522ed835c552b37e8cb00ea5deffbf438b4b314eecbe6bf9153a5ab3b8a5eda70f7bd44e158d55962f6c3d88c7e696c0f9d9e229d02c842952cb1081a03a8ff8f47f24a28808f4a4b2d07f23c0f64352b5961c652966745e5d689891e035dd7be5dda476cfc480798cb3004c14f7fc8a4923a388f7eb5faad383237e3725995cdcf64dbb895e05f2c8ecae8d212f93c16be8a53af7e0eca710e074141ae81cf6fcf96c176e348573977507ece3e32fb9b96b481bd8437e159f4978c75bdfebc41c7beac1a4e71f65c7856a05f84fc753df1a8ec363959cc884231d76e1139f776630f796930937a7375835c1decfd5e16b215afaebcac76a8bb3d324e38fa785b7acccee9fa5f937a467a46d9390d47ad76b0cbbee5a80a84c68d7f565d88b09791d24fdf111f6730ec3d14bd2c7dcebe7caf94fc243bbb37876f17451d64ed0b871221dd98a190c1bff461be9ce"})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r8 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x281442, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r8, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r9=>0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x3000000, &(0x7f0000000080), 0x1, 0x533, &(0x7f0000000b00)="$eJzs3e9rI2kdAPDvTJped7dncyqyHnh3uCe7h26yvXp3VeRuBdFXB+r5fi1tWkrTpjTpuS2H9vCFLwURFfwDfCP4Bwhyf4IIB/peVBTRPX2pO5Jkgv2RNKFNN73084Fpnmcm83y/z9BMZiYPMwFcWS9ExP2IKETESxExl89P8ykOOlPrfR88eme5NSWRZW/9I4kkn9dtq1Wfiogb+WozEfHNr0XcSk/GbeztbyzVatWdvF5pbm5XGnv7d9c3l9aqa9WthYX5VxdfW3xl8V6WO1c/SxHx+lf+8pMf/uKrr//mc9/544O/3fluK98vfaKTd0QsnytAH522i+1t0dXaRjsXEWxMWv0pFsadBQAAw2gdmn80Ij7dPv6fi0L7aA4AAACYJNkbs/GfJCIDAAAAJlYaEbORpOV8LMBspGm53BnD+/G4ntbqjeZnV+u7WyutZRGlKKar67XqvXyscCmKSas+n4+x7dZfPlZfiIhnIuLHc9fa9fJyvbYy7osfAAAAcEXceP7o+f+/59J2GQAAAJgwpb4VAAAAYFI45QcAAIDJ5/wfAAAAJtrX33yzNWXd53ivvL23u1F/++5KtbFR3txdLi/Xd7bLa/X6WvuefZuD2qvV69ufj63dh5VmtdGsNPb2H2zWd7eaD9aPPAIbAAAAeIKeef69PyQRcfDFa+0p8vsADjJ94ZkBl8qfx50AMEqFcScAjM3UuBMAxqY48B32EDDpkgHLTw7e6VwrjN9eTD4AAMDo3f7kyd//u7/tD742AHyYDTPWBwCYLH7dg6ureNYRgDdHnQkwLh/pvDzVb3nfm3cM8ft/5xpDlp0pMQAAYGRm21OSlvPj9NlI03I54un2YwGKyep6rXovPz/4/VzxqVZ9vr1mMnDMMAAAAAAAAAAAAAAAAAAAAAAAAADQkWVJZAAAAMBEi0j/mrTv5h9xe+7F2aNXB4499evnb/304VKzuTMfMZ38c641azoimj/L57+ceSQAAAAAXAKd8/T8dX7c2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwaT549M5yd3qScf/+5Ygo9Yo/FTPt15koRsT1fyUxdWi9JCIKI4h/8G5E3OwVP4nHWZaV8ix6xb92wfFL7U0zkyX5ew/HTyPixgjiw1X2Xmv/c7/X5y+NF9qvvT//U8c+j2fV3f9N5/XD8bv7v0Kf/c/Th+tp/xjPvv+rSt/470Y8O9WJez+O7n+68ZNO/CSOxb81ZB+//a39/Z4LDjXZa/93OFalubldaezt313fXFqrrlW3FhbmX118bfGVxXuV1fVaNf/bM8yPPvXrx6f1/3qf+KWj/T+x/V8cqvdZ/Pf9h48+1qkUe8W/c6v39+/NPvHT/LvvM3m5tfx2t3zQKR/23C9/99xp/V/p0/+ZAf2/M1T/4wsvfeP7f+q55MTWAACehMbe/sZSrVbdOaUwM8R7hi4URtLOGyPL57IU4nKkMa5C9r3O/+P52jnn6icKWfUHZ199KkaQxvSJz2khztpgEnHQamvIf0gAAGDC/P+gPxl3KgAAAAAAAAAAAAAAAAAAAHBlnfG2ZDMR0ZlTHHw7seMxD8bTVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU/0vAAD//xluyPE=")
read$msr(0xffffffffffffffff, 0x0, 0x0)
r10 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x40282, 0x88)
ioctl$EXT4_IOC_MOVE_EXT(r10, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x9, 0xfffffffffffffffd, 0x2, 0x9})
rmdir(&(0x7f00000002c0)='./file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={r9, 0x20, &(0x7f0000000100)={&(0x7f00000003c0)=""/232, 0xe8, 0x0, &(0x7f0000000680)=""/68, 0x44}}, 0x10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2e, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r11, 0x0, 0x4}, 0x18)
r12 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r12, 0xc0105512, &(0x7f0000000200))

1.11778064s ago: executing program 2 (id=4237):
capset(&(0x7f0000000000)={0x20071026}, 0x0)
getpid()
capset(0x0, &(0x7f0000000440)={0x6, 0x0, 0x1000, 0x0, 0x60, 0x1c15})
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x14, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/683], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0), 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0f00000004"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000000c0)={0x53, 0xfffffffe, 0x6, 0x2, @scatter={0x0, 0x40000, 0x0}, &(0x7f0000000080)="0000501effd4", 0x0, 0x800004, 0x10030, 0x1, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}}, 0x40)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYRESOCT], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r7, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002bbd7000fedbdf25010000000000000008410000004c0018"], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x4000800)
sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000005c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="020027bd700002dcdf250100000000000000024100000073b75dbd5f5d9df135681d55095b2b1000136574683a6970766c616e300002e5d011114c77d50cede0362c699484c6bba8d2f448036d7b31d508035bf4dd9ce868a5871521b5044426bf70e269785b181236611192a14e28"], 0x2c}, 0x1, 0x0, 0x0, 0x8040041}, 0x840)

1.004536625s ago: executing program 2 (id=4238):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x800000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x880, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"})
r2 = syz_open_pts(r1, 0x141601)
write(r2, &(0x7f0000000000)="d5", 0xfffffedf)
ioctl$TCFLSH(r1, 0x540b, 0x2)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f0000000040)={0x5, 0x8, 0x5, 0x0, 0x8000000000000000})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff6f}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file2\x00', 0xc0ed4040, &(0x7f0000000f40)={[{@commit={'commit', 0x3d, 0x4}}, {@nobarrier}, {@barrier}, {@quota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x9b9}}, {@data_writeback}, {@jqfmt_vfsv1}]}, 0x0, 0x47a, &(0x7f0000001000)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKe6LQQpYKAmQoiiB4zxYEi8G48m/gWe9GLUk4lXvBsSYriAntbMzgxtl93S0m13cT+fZNj3Zqa89503b/vmvd0G0LNGsn+SiI0RcTkihiOi0njCSP5y49r56j/XzleTqNXe+juJNCKuXztfLf6L+pbZkO+o1Yr8uiblXnw3YnJmZvp0kR+bPfHB2Jmz5549dmLy6PTR6ZMThw7t37dz4ODEgbbEmcV1ffvHp3Zse/WdS69XD19679fvs/puLI6XcbTTSH51m3qi3YV12KZ56aTSwYqwLFm79Rfb5RiOvhi6eWw4Xvmso5UDVlul2e/nwoUa8D+WDdSBXlT+os+ef8ttjcYdXeHqi/mERxb3jWLLj1Tq8xtRPBttWqXyByPi8IV/v8m2WKV5CACA+X7Mxj/PNBv/pfHAvPPuKdZQNkfEvRGxJSLui4itEXF/RP3cByPioWWW37hCcuv4J72yIFvrW2YJi8vGf88Xa1sLx3/l6C829xW5TfX4+5Mjx2am9xbXZE/0r8vy4wt+ZKGfXv7jq8Z9XxbT7CPzxn/ZlpW/MML0SuME3dTk7OTKI89d/TRie6VZ/MnNdcAkIrZFxPY7LOPYU9/taHWsWfzlWPi22rDOVPs24sm8/S9EQ/ylpOX65PhzBycOjA3GzPTesfKuuNVvv198s1X5K4q/DbL2X9/0/s/jz54Rk8GIM2fPHa+v1565g0L+/LyatDi09bbx33r/V3dHDCRv19MD5VnF60DyWvYyVO7/aHJ29vTE3M+W+frreB7/nl1z8U/GXP/fkj+e1a/EwxGR3cQ7I+KRiHi0aLvHIuLxiNi1SPi/vLT7/VbHWrf/IrPybZTFP7VI+2dveVlqrv2Xn+g7/vMPrcqvLan999dTe4o9S3n/W2oFV3LtAAAA4G6R1j8Dn6SjN9NpOjqaf4Z/a6xPKxHx9JFTH56cyj8rvzn603Kma3jefOh4MTdc5ica8vuKeeOv+4bq+dHqqZmpTgcPPW5Di/6f+au9Sy1AN/J9Lehd+j/0Lv0fepf+D73rhU5XAOiMgea7P1nregAdsfzx/+Cq1ANYe57/oXfp/9C79H/oSS2/G5+u6Cv/d2ui0h3VaJoY6o5qlIlIu6Ia7Uu88UXeJbqlPmWisuQ/ZnGHiXVND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gsAAP//ySHaEw==")

312.280906ms ago: executing program 4 (id=4239):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={0x0, 0x78}, 0x1, 0x7}, 0x8000)

291.857337ms ago: executing program 4 (id=4240):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r0, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000003c0)={0x596, <r2=>0x0}, 0x8)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x6, 0x14, &(0x7f0000000800)=ANY=[@ANYBLOB="18110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b70200000000000085000000860000000418010003000000950095860cc725440000000000001868000003000000000000000700000085000000a8000000186b000003000000000000000100000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x30, &(0x7f0000000500)=""/48, 0x41100, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x4, 0x10, 0x1, 0xcd6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000580)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x70}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x20, 0x19, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18110000d4782663328ccb34d37173570868e5b1937f6a87e363b16208f9224404bb9e500b493ca89704a87bab6c18765485b5dd687f33b4e2", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ffff00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018230000", @ANYRES32=0x1, @ANYBLOB="000000000100000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000400000085000000060000009500000000000000850000009c00000018000000e843000000000000400000004d254000f0ffffff9500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x8, 0x10, &(0x7f00000001c0)=""/16, 0x41000, 0x12, '\x00', r1, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, r2, r3, 0x5, 0x0, &(0x7f00000006c0)=[{0x1, 0x3, 0x10, 0xb}, {0x0, 0x4, 0xe, 0x2}, {0x2, 0x5, 0x5, 0xc}, {0x1, 0x2, 0xb}, {0x2, 0x1, 0xd, 0xa}]}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(0x0, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000200)={@broadcast, @dev={0xac, 0x14, 0x14, 0x14}, 0x1, "02823f6bd900000000000097efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb5, 0x0, 0xd, 0x9}, 0x3c)
r5 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r5, 0x0, 0x79)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r7 = gettid()
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9, 0x0, 0x1000000000000}, 0x18)
rt_sigtimedwait(&(0x7f0000000100)={[0x3ff]}, 0x0, 0x0, 0x8)
tkill(r7, 0x7)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r11, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x1018}, './file0\x00'})

189.885131ms ago: executing program 0 (id=4241):
io_setup(0x7, &(0x7f0000000280)=<r0=>0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f00000001c0)='/sys/power/pm_trace', 0x42, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0xfffffc98}])

188.736131ms ago: executing program 3 (id=4242):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000200)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
kexec_load(0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@jqfmt_vfsold}, {@debug}, {@abort}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000580)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)={0x4c, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x32}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x38}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x15}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x4000004)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x44, 0x2, 0x6, 0x3, 0x0, 0x0, {0xd}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040057}, 0x240008c4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000100)=ANY=[@ANYRES8=r7], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)
pread64(0xffffffffffffffff, &(0x7f0000000000)=""/232, 0xe8, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)

140.988043ms ago: executing program 1 (id=4243):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r2 = fcntl$dupfd(r1, 0x406, r1)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

70.545847ms ago: executing program 0 (id=4244):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

68.920077ms ago: executing program 2 (id=4245):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0xc, 0x0, 0x0, 0x40f00, 0x6c, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="160000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000000000000081, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3, 0x0, 0x7fffffffffffffff}, 0x18)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='dots,nfs,dots,nodots,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c646d61736b3d30303030303030303030303030303030303030303030322c756d61736b3d303030303030303030303030303030303030302c000f5186c5e6c7e221acae1f2bce3f628976329421ce230baaaf88191a4017d68f03a16b33a382d61eba86fceff31784759104935bbab41ae1aad4f295ee75b6600e5750d28fba3de65d9ea879618828e5668b6fd6be8d61ed7d6e494317a9b4c4e09b8dd4c502067ee7d71a"], 0x1, 0x159, &(0x7f0000000840)="$eJzs27GKE0EcBvB/TKJRm9RisWBjFdQnUCSCuKAoKbRSiDaJBEyz2phH8QUFSZVuRPdI7nLJkRzs7ZH8fk0++GZgpsgOs7Af738dDSfTL5M38+g0GtF6GlksGtGNG9GM0iwAgEOySCn+pJTSrVnc/hUppXNDftayMACgMjuc/wDAgXH+A8Dxcf4DwPF59/7Dq2d53n+bZZ2I37NiUAzK37J/8TLvP8r+665mzYti0Fz2j8s+O9u3485J/2RjfzMePij7f93z1/lafzeG1W8fAAAAjkIvW9p4v+/1tvVlOvV+YO3+3op7rSvbBgCwh+n3H6NP4/Hnb3uFiMvMOojQjohrsAxBqDbU/WQCqrb609e9EgAAAAAAAAAAAAAAYJudvwfqXDx4kbZPr3uPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsO5vAAAA//9XS09N")
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)

30.880978ms ago: executing program 4 (id=4246):
io_setup(0x7, &(0x7f0000000280)=<r0=>0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f00000001c0)='/sys/power/pm_trace', 0x42, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0xfffffc98}])

0s ago: executing program 2 (id=4247):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0xff, 0x0, 0x7fff0026}]})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x16, 0x0, "0af5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d1408407e5a774ef95f2fc1b947e00f000000123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x2c}}}, 0x0, 0x0, 0x34, 0x0, "029e089c1b4a04020bde79f04103c458187eb4532d996aff287154e786455261c425a7519cc275d04e4705abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3d}}}, 0x0, 0x0, 0x11, 0x0, "a1c1dd75a68473ba07d945c3b03e10950cd4b347113e55eb4285bf274bca67efbff2fdf98328de9434031348589bf28046d14810000000e3ffffff00"}, 0xd8)
close_range(r2, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

node failed
[  361.842772][T14780] EXT4-fs (loop2): mount failed
[  361.849176][T14782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.863253][ T8790] EXT4-fs (loop4): Remounting filesystem read-only
[  361.871075][T14782] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  361.961895][T14767] Set syz1 is full, maxelem 65536 reached
[  362.029709][T14792] loop2: detected capacity change from 0 to 2048
[  362.051755][T14794] loop1: detected capacity change from 0 to 1024
[  362.059950][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.085500][T14792] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.109108][T14792] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.130495][T14794] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.213363][T14794] EXT4-fs error (device loop1): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.1.3683: path /110/file1/file0: bad entry in directory: inode out of bounds - offset=24, inode=150994957, rec_len=16, size=80 fake=0
[  362.277121][ T8790] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:55: bg 0: block 345: padding at end of block bitmap is not set
[  362.293099][ T8790] EXT4-fs (loop3): Remounting filesystem read-only
[  362.309501][   T29] audit: type=1400 audit(1764797214.041:73131): avc:  denied  { watch } for  pid=14803 comm="syz.0.3686" path="/174" dev="tmpfs" ino=969 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  362.376187][   T29] audit: type=1400 audit(1764797214.111:73132): avc:  denied  { write } for  pid=14810 comm="syz.4.3689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  362.402507][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.533917][   T29] audit: type=1400 audit(1764797214.161:73133): avc:  denied  { prog_load } for  pid=14810 comm="syz.4.3689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  362.553375][   T29] audit: type=1400 audit(1764797214.171:73134): avc:  denied  { bpf } for  pid=14810 comm="syz.4.3689" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  362.574250][   T29] audit: type=1400 audit(1764797214.171:73135): avc:  denied  { perfmon } for  pid=14810 comm="syz.4.3689" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  362.739396][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.741186][ T2106] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:13: bg 0: block 345: padding at end of block bitmap is not set
[  362.763460][ T2106] EXT4-fs (loop2): Remounting filesystem read-only
[  362.837607][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.919450][T14837] bridge0: port 3(gretap0) entered blocking state
[  362.925994][T14837] bridge0: port 3(gretap0) entered disabled state
[  362.932768][T14837] gretap0: entered allmulticast mode
[  362.938935][T14837] gretap0: entered promiscuous mode
[  362.953043][T14837] bridge0: port 3(gretap0) entered blocking state
[  362.959622][T14837] bridge0: port 3(gretap0) entered forwarding state
[  363.006524][T14840] loop1: detected capacity change from 0 to 2048
[  363.042506][T14840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.055036][T14840] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.360430][ T8758] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:29: bg 0: block 345: padding at end of block bitmap is not set
[  363.375463][T14854] FAULT_INJECTION: forcing a failure.
[  363.375463][T14854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.385494][ T8758] EXT4-fs (loop1): Remounting filesystem read-only
[  363.388591][T14854] CPU: 1 UID: 0 PID: 14854 Comm: syz.4.3703 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  363.388632][T14854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  363.388652][T14854] Call Trace:
[  363.388663][T14854]  <TASK>
[  363.388677][T14854]  __dump_stack+0x1d/0x30
[  363.388728][T14854]  dump_stack_lvl+0xe8/0x140
[  363.388761][T14854]  dump_stack+0x15/0x1b
[  363.388844][T14854]  should_fail_ex+0x265/0x280
[  363.388880][T14854]  should_fail+0xb/0x20
[  363.388954][T14854]  should_fail_usercopy+0x1a/0x20
[  363.388990][T14854]  _copy_to_user+0x20/0xa0
[  363.389032][T14854]  simple_read_from_buffer+0xb5/0x130
[  363.389092][T14854]  proc_fail_nth_read+0x10e/0x150
[  363.389134][T14854]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  363.389253][T14854]  vfs_read+0x1a8/0x770
[  363.389286][T14854]  ? vt_ioctl+0xe91/0x18a0
[  363.389317][T14854]  ? __rcu_read_unlock+0x4f/0x70
[  363.389368][T14854]  ? __fget_files+0x184/0x1c0
[  363.389463][T14854]  ? mutex_lock+0x58/0x90
[  363.389519][T14854]  ksys_read+0xda/0x1a0
[  363.389593][T14854]  __x64_sys_read+0x40/0x50
[  363.389674][T14854]  x64_sys_call+0x2889/0x3000
[  363.389706][T14854]  do_syscall_64+0xd8/0x2a0
[  363.389819][T14854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.389850][T14854] RIP: 0033:0x7f1d6275e15c
[  363.389875][T14854] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  363.389902][T14854] RSP: 002b:00007f1d611bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  363.389929][T14854] RAX: ffffffffffffffda RBX: 00007f1d629b5fa0 RCX: 00007f1d6275e15c
[  363.389948][T14854] RDX: 000000000000000f RSI: 00007f1d611bf0a0 RDI: 0000000000000007
[  363.390058][T14854] RBP: 00007f1d611bf090 R08: 0000000000000000 R09: 0000000000000000
[  363.390076][T14854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.390096][T14854] R13: 00007f1d629b6038 R14: 00007f1d629b5fa0 R15: 00007ffc6aabbf18
[  363.390124][T14854]  </TASK>
[  363.614143][T14858] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3705'.
[  363.681236][T14860] pimreg: entered allmulticast mode
[  363.687127][T14860] pimreg: left allmulticast mode
[  363.713380][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.869163][T14872] netlink: 196 bytes leftover after parsing attributes in process `syz.4.3710'.
[  363.885930][T14874] FAULT_INJECTION: forcing a failure.
[  363.885930][T14874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.899295][T14874] CPU: 1 UID: 0 PID: 14874 Comm: syz.3.3709 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  363.899335][T14874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  363.899372][T14874] Call Trace:
[  363.899380][T14874]  <TASK>
[  363.899390][T14874]  __dump_stack+0x1d/0x30
[  363.899466][T14874]  dump_stack_lvl+0xe8/0x140
[  363.899491][T14874]  dump_stack+0x15/0x1b
[  363.899515][T14874]  should_fail_ex+0x265/0x280
[  363.899545][T14874]  should_fail+0xb/0x20
[  363.899565][T14874]  should_fail_usercopy+0x1a/0x20
[  363.899662][T14874]  _copy_from_user+0x1c/0xb0
[  363.899788][T14874]  __x64_sys_mq_open+0x8b/0x100
[  363.899836][T14874]  x64_sys_call+0x843/0x3000
[  363.899867][T14874]  do_syscall_64+0xd8/0x2a0
[  363.899893][T14874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.900003][T14874] RIP: 0033:0x7f34e5cef749
[  363.900023][T14874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.900048][T14874] RSP: 002b:00007f34e4757038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  363.900074][T14874] RAX: ffffffffffffffda RBX: 00007f34e5f45fa0 RCX: 00007f34e5cef749
[  363.900151][T14874] RDX: 0000000000000041 RSI: 0000000000000040 RDI: 0000200000000280
[  363.900169][T14874] RBP: 00007f34e4757090 R08: 0000000000000000 R09: 0000000000000000
[  363.900192][T14874] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  363.900237][T14874] R13: 00007f34e5f46038 R14: 00007f34e5f45fa0 R15: 00007ffe13d5a5c8
[  363.900259][T14874]  </TASK>
[  364.513186][T14893] loop2: detected capacity change from 0 to 2048
[  364.530696][T14895] FAULT_INJECTION: forcing a failure.
[  364.530696][T14895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.544291][T14895] CPU: 0 UID: 0 PID: 14895 Comm: syz.0.3715 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  364.544339][T14895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  364.544356][T14895] Call Trace:
[  364.544366][T14895]  <TASK>
[  364.544377][T14895]  __dump_stack+0x1d/0x30
[  364.544408][T14895]  dump_stack_lvl+0xe8/0x140
[  364.544466][T14895]  dump_stack+0x15/0x1b
[  364.544509][T14895]  should_fail_ex+0x265/0x280
[  364.544542][T14895]  should_fail+0xb/0x20
[  364.544568][T14895]  should_fail_usercopy+0x1a/0x20
[  364.544602][T14895]  _copy_from_user+0x1c/0xb0
[  364.544699][T14895]  ucma_write+0xd9/0x250
[  364.544743][T14895]  ? __pfx_ucma_write+0x10/0x10
[  364.544775][T14895]  vfs_write+0x269/0x960
[  364.544806][T14895]  ? __rcu_read_unlock+0x4f/0x70
[  364.544910][T14895]  ? __fget_files+0x184/0x1c0
[  364.545021][T14895]  ksys_write+0xda/0x1a0
[  364.545095][T14895]  __x64_sys_write+0x40/0x50
[  364.545162][T14895]  x64_sys_call+0x2847/0x3000
[  364.545213][T14895]  do_syscall_64+0xd8/0x2a0
[  364.545316][T14895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.545339][T14895] RIP: 0033:0x7f21eb02f749
[  364.545355][T14895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.545375][T14895] RSP: 002b:00007f21e9a97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  364.545400][T14895] RAX: ffffffffffffffda RBX: 00007f21eb285fa0 RCX: 00007f21eb02f749
[  364.545488][T14895] RDX: 0000000000000020 RSI: 0000200000000e00 RDI: 0000000000000005
[  364.545506][T14895] RBP: 00007f21e9a97090 R08: 0000000000000000 R09: 0000000000000000
[  364.545522][T14895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  364.545540][T14895] R13: 00007f21eb286038 R14: 00007f21eb285fa0 R15: 00007ffff9f900b8
[  364.545566][T14895]  </TASK>
[  364.785361][T14893] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  364.825354][T14893] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  365.229091][ T2106] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:13: bg 0: block 345: padding at end of block bitmap is not set
[  365.244081][ T2106] EXT4-fs (loop2): Remounting filesystem read-only
[  365.307601][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.321168][T14918] loop3: detected capacity change from 0 to 8192
[  365.374129][T14918]  loop3: p1 p2 < > p3 p4 < p5 >
[  365.379116][T14918] loop3: partition table partially beyond EOD, truncated
[  365.386596][T14918] loop3: p1 size 100663296 extends beyond EOD, truncated
[  365.408575][T14918] loop3: p2 start 591104 is beyond EOD, truncated
[  365.415098][T14918] loop3: p3 start 33572980 is beyond EOD, truncated
[  365.436556][T14918] loop3: p5 size 100663296 extends beyond EOD, truncated
[  365.453578][T14918] SELinux:  policydb version 0 does not match my version range 15-35
[  365.470635][T14918] SELinux: failed to load policy
[  365.777995][T14928] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3726'.
[  365.891040][T14950] loop1: detected capacity change from 0 to 512
[  365.897818][T14950] EXT4-fs: dax option not supported
[  365.968075][T14956] netlink: '+}[@': attribute type 10 has an invalid length.
[  365.979048][T14956] team0: Port device dummy0 added
[  365.988877][T14956] netlink: '+}[@': attribute type 10 has an invalid length.
[  365.996966][T14956] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  366.009361][ T8761] Bluetooth: hci0: Frame reassembly failed (-84)
[  366.015938][T14956] team0: Failed to send options change via netlink (err -105)
[  366.023538][T14956] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  366.032931][T14956] team0: Port device dummy0 removed
[  366.045950][T14956] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  366.187107][T14872] Process accounting resumed
[  366.564826][   T29] kauditd_printk_skb: 122 callbacks suppressed
[  366.564845][   T29] audit: type=1400 audit(1764797218.301:73258): avc:  denied  { append } for  pid=14964 comm="syz.2.3740" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  366.613129][   T29] audit: type=1400 audit(1764797218.331:73259): avc:  denied  { connect } for  pid=14964 comm="syz.2.3740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  366.710138][   T29] audit: type=1326 audit(1764797218.441:73260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14975 comm="syz.2.3744" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f23cf84f749 code=0x0
[  366.721820][T14972] loop4: detected capacity change from 0 to 128
[  366.733432][ T8761] Bluetooth: hci1: Frame reassembly failed (-90)
[  366.781170][T14972] FAT-fs (loop4): invalid media value (0x00)
[  366.788890][T14972] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  366.799131][T14972] FAT-fs (loop4): Can't find a valid FAT filesystem
[  366.826978][   T29] audit: type=1400 audit(1764797218.561:73261): avc:  denied  { execmem } for  pid=14981 comm="syz.1.3746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  366.985095][T14972] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3742'.
[  367.596143][ T2106] Bluetooth: hci2: Frame reassembly failed (-84)
[  367.603383][T14998] Bluetooth: hci2: Frame reassembly failed (-90)
[  367.746191][T15000] loop1: detected capacity change from 0 to 512
[  367.773118][T15000] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.785832][T15000] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  367.839497][   T29] audit: type=1400 audit(1764797219.571:73262): avc:  denied  { ioctl } for  pid=14999 comm="syz.1.3752" path="/126/file1/file2" dev="loop1" ino=16 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  367.958276][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.043902][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  368.044090][T10229] Bluetooth: hci0: command 0x1003 tx timeout
[  368.083648][   T29] audit: type=1326 audit(1764797219.811:73263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15006 comm="syz.1.3754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c29cf749 code=0x7ffc0000
[  368.108867][   T29] audit: type=1326 audit(1764797219.841:73264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15006 comm="syz.1.3754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f46c29cf749 code=0x7ffc0000
[  368.132537][   T29] audit: type=1326 audit(1764797219.841:73265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15006 comm="syz.1.3754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c29cf749 code=0x7ffc0000
[  368.156178][   T29] audit: type=1326 audit(1764797219.841:73266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15006 comm="syz.1.3754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f46c29cf749 code=0x7ffc0000
[  368.179817][   T29] audit: type=1326 audit(1764797219.841:73267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15006 comm="syz.1.3754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c29cf749 code=0x7ffc0000
[  368.205708][T15017] FAULT_INJECTION: forcing a failure.
[  368.205708][T15017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.218942][T15017] CPU: 1 UID: 0 PID: 15017 Comm: syz.0.3757 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  368.219059][T15017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  368.219077][T15017] Call Trace:
[  368.219086][T15017]  <TASK>
[  368.219096][T15017]  __dump_stack+0x1d/0x30
[  368.219135][T15017]  dump_stack_lvl+0xe8/0x140
[  368.219163][T15017]  dump_stack+0x15/0x1b
[  368.219233][T15017]  should_fail_ex+0x265/0x280
[  368.219262][T15017]  should_fail+0xb/0x20
[  368.219300][T15017]  should_fail_usercopy+0x1a/0x20
[  368.219331][T15017]  _copy_from_user+0x1c/0xb0
[  368.219364][T15017]  ucma_create_id+0x7d/0x250
[  368.219465][T15017]  ucma_write+0x1b3/0x250
[  368.219505][T15017]  ? __pfx_ucma_write+0x10/0x10
[  368.219539][T15017]  vfs_write+0x269/0x960
[  368.219606][T15017]  ? __rcu_read_unlock+0x4f/0x70
[  368.219667][T15017]  ? __fget_files+0x184/0x1c0
[  368.219757][T15017]  ksys_write+0xda/0x1a0
[  368.219787][T15017]  __x64_sys_write+0x40/0x50
[  368.219836][T15017]  x64_sys_call+0x2847/0x3000
[  368.219881][T15017]  do_syscall_64+0xd8/0x2a0
[  368.219912][T15017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.219941][T15017] RIP: 0033:0x7f21eb02f749
[  368.219960][T15017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.219984][T15017] RSP: 002b:00007f21e9a97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  368.220009][T15017] RAX: ffffffffffffffda RBX: 00007f21eb285fa0 RCX: 00007f21eb02f749
[  368.220035][T15017] RDX: 0000000000000020 RSI: 0000200000000100 RDI: 0000000000000003
[  368.220062][T15017] RBP: 00007f21e9a97090 R08: 0000000000000000 R09: 0000000000000000
[  368.220136][T15017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.220155][T15017] R13: 00007f21eb286038 R14: 00007f21eb285fa0 R15: 00007ffff9f900b8
[  368.220181][T15017]  </TASK>
[  368.419727][T15021] loop1: detected capacity change from 0 to 1024
[  368.447533][T15021] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  368.463352][T15029] 9pnet_fd: Insufficient options for proto=fd
[  368.527039][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.763818][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  368.764128][ T6881] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  368.984599][T15078] loop1: detected capacity change from 0 to 128
[  369.020441][T15078] FAT-fs (loop1): invalid media value (0x00)
[  369.027642][T15078] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  369.039607][T15078] FAT-fs (loop1): Can't find a valid FAT filesystem
[  369.076723][T15078] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3776'.
[  369.113028][ T8814] Bluetooth: hci0: Frame reassembly failed (-84)
[  369.172799][T15088] Bluetooth: hci0: Frame reassembly failed (-90)
[  369.280231][T15097] loop2: detected capacity change from 0 to 1024
[  369.287223][T15097] EXT4-fs: Ignoring removed bh option
[  369.294486][T15097] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  369.313938][T15097] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  369.334808][T15097] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  369.344053][T15097] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 2: comm syz.2.3785: lblock 2 mapped to illegal pblock 2 (length 1)
[  369.422012][T15097] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 48: comm syz.2.3785: lblock 0 mapped to illegal pblock 48 (length 1)
[  369.444130][T15097] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3785: Failed to acquire dquot type 0
[  369.455807][T15097] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  369.465395][T15097] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.3785: mark_inode_dirty error
[  369.477052][T15097] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  369.487503][T15097] EXT4-fs (loop2): 1 orphan inode deleted
[  369.493818][T15097] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.507601][ T8814] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:69: lblock 1 mapped to illegal pblock 1 (length 1)
[  369.525848][ T8814] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:69: Failed to release dquot type 0
[  369.547028][T15097] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #2: block 16: comm syz.2.3785: lblock 0 mapped to illegal pblock 16 (length 1)
[  369.562800][T15097] xt_hashlimit: max too large, truncated to 1048576
[  369.570335][T15097] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #2: block 16: comm syz.2.3785: lblock 0 mapped to illegal pblock 16 (length 1)
[  369.599596][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.608941][T13989] EXT4-fs error (device loop2): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  369.622409][T13989] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  369.633226][T13989] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  369.644903][ T3951] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  369.787542][T15113] loop2: detected capacity change from 0 to 1024
[  369.818993][T15113] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.923558][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.567249][ T8760] Bluetooth: hci1: Frame reassembly failed (-84)
[  370.574900][T15137] Bluetooth: hci1: Frame reassembly failed (-90)
[  370.876893][T15151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3805'.
[  370.902085][T15151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3805'.
[  371.147477][ T8761] Bluetooth: hci2: Frame reassembly failed (-84)
[  371.164252][T10229] Bluetooth: hci0: command 0x1003 tx timeout
[  371.170307][ T6881] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  371.495987][T15182] loop1: detected capacity change from 0 to 1024
[  371.614205][T15182] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.631478][T15181] EXT4-fs error (device loop1): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.1.3817: path /138/file1/file0: bad entry in directory: inode out of bounds - offset=24, inode=150994957, rec_len=16, size=80 fake=0
[  371.767422][   T29] kauditd_printk_skb: 445 callbacks suppressed
[  371.767508][   T29] audit: type=1400 audit(1764797223.501:73710): avc:  denied  { read write } for  pid=15186 comm="syz.2.3819" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  371.841370][   T29] audit: type=1400 audit(1764797223.501:73711): avc:  denied  { open } for  pid=15186 comm="syz.2.3819" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  371.903598][   T29] audit: type=1400 audit(1764797223.601:73712): avc:  denied  { ioctl } for  pid=15186 comm="syz.2.3819" path="/dev/virtual_nci" dev="devtmpfs" ino=132 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  371.959847][   T29] audit: type=1326 audit(1764797223.661:73713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.3819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  371.983638][   T29] audit: type=1326 audit(1764797223.661:73714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.3819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  372.007425][   T29] audit: type=1326 audit(1764797223.661:73715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.3819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  372.031088][   T29] audit: type=1326 audit(1764797223.661:73716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.3819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  372.054919][   T29] audit: type=1326 audit(1764797223.661:73717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.3819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  372.078606][   T29] audit: type=1326 audit(1764797223.661:73718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.3819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  372.102224][   T29] audit: type=1326 audit(1764797223.661:73719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.2.3819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  372.254690][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.310913][T15206] FAULT_INJECTION: forcing a failure.
[  372.310913][T15206] name failslab, interval 1, probability 0, space 0, times 0
[  372.323741][T15206] CPU: 0 UID: 0 PID: 15206 Comm: syz.0.3825 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  372.323820][T15206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  372.323838][T15206] Call Trace:
[  372.323848][T15206]  <TASK>
[  372.323858][T15206]  __dump_stack+0x1d/0x30
[  372.323965][T15206]  dump_stack_lvl+0xe8/0x140
[  372.323995][T15206]  dump_stack+0x15/0x1b
[  372.324019][T15206]  should_fail_ex+0x265/0x280
[  372.324082][T15206]  should_failslab+0x8c/0xb0
[  372.324115][T15206]  kmem_cache_alloc_noprof+0x50/0x480
[  372.324225][T15206]  ? security_inode_alloc+0x37/0x100
[  372.324260][T15206]  security_inode_alloc+0x37/0x100
[  372.324291][T15206]  inode_init_always_gfp+0x4b7/0x500
[  372.324325][T15206]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  372.324403][T15206]  alloc_inode+0x58/0x170
[  372.324503][T15206]  new_inode+0x1d/0xe0
[  372.324531][T15206]  hugetlbfs_get_inode+0x7b/0x370
[  372.324570][T15206]  ? mutex_unlock+0x4f/0x90
[  372.324604][T15206]  hugetlb_file_setup+0x192/0x3d0
[  372.324754][T15206]  ksys_mmap_pgoff+0x157/0x310
[  372.324803][T15206]  x64_sys_call+0x16bb/0x3000
[  372.324830][T15206]  do_syscall_64+0xd8/0x2a0
[  372.324913][T15206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.324967][T15206] RIP: 0033:0x7f21eb02f749
[  372.324988][T15206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.325046][T15206] RSP: 002b:00007f21e9a97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  372.325070][T15206] RAX: ffffffffffffffda RBX: 00007f21eb285fa0 RCX: 00007f21eb02f749
[  372.325084][T15206] RDX: 0000000001000003 RSI: 0000000000ff5000 RDI: 0000200000000000
[  372.325097][T15206] RBP: 00007f21e9a97090 R08: ffffffffffffffff R09: 0000000000000000
[  372.325110][T15206] R10: 00020000000ec072 R11: 0000000000000246 R12: 0000000000000001
[  372.325136][T15206] R13: 00007f21eb286038 R14: 00007f21eb285fa0 R15: 00007ffff9f900b8
[  372.325164][T15206]  </TASK>
[  372.529969][T15208] sd 0:0:1:0: device reset
[  372.563306][T15212] netlink: 19 bytes leftover after parsing attributes in process `syz.1.3828'.
[  372.603864][ T6881] Bluetooth: hci1: command 0x1003 tx timeout
[  372.610058][ T3951] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  372.815677][T15225] loop3: detected capacity change from 0 to 1024
[  372.846937][T15225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  372.882160][T15225] EXT4-fs error (device loop3): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.3.3832: path /131/file1/file0: bad entry in directory: inode out of bounds - offset=24, inode=150994957, rec_len=16, size=80 fake=0
[  373.163800][   T44] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  373.163842][ T3951] Bluetooth: hci2: command 0x1003 tx timeout
[  373.436298][T15244] Bluetooth: hci0: Frame reassembly failed (-90)
[  373.578497][T15250] loop2: detected capacity change from 0 to 128
[  373.586672][T15253] netlink: 19 bytes leftover after parsing attributes in process `syz.4.3841'.
[  373.599985][T15250] FAT-fs (loop2): invalid media value (0x00)
[  373.607704][T15250] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  373.618026][T15250] FAT-fs (loop2): Can't find a valid FAT filesystem
[  373.631873][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.641114][T15255] loop1: detected capacity change from 0 to 1024
[  373.677861][T15255] EXT4-fs: Ignoring removed nomblk_io_submit option
[  373.686875][T15250] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3844'.
[  373.718526][T15255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.740107][T15265] FAULT_INJECTION: forcing a failure.
[  373.740107][T15265] name failslab, interval 1, probability 0, space 0, times 0
[  373.753023][T15265] CPU: 1 UID: 0 PID: 15265 Comm: syz.3.3848 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  373.753116][T15265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  373.753134][T15265] Call Trace:
[  373.753143][T15265]  <TASK>
[  373.753154][T15265]  __dump_stack+0x1d/0x30
[  373.753184][T15265]  dump_stack_lvl+0xe8/0x140
[  373.753206][T15265]  dump_stack+0x15/0x1b
[  373.753225][T15265]  should_fail_ex+0x265/0x280
[  373.753279][T15265]  should_failslab+0x8c/0xb0
[  373.753315][T15265]  kmem_cache_alloc_noprof+0x50/0x480
[  373.753380][T15265]  ? security_file_alloc+0x32/0x100
[  373.753471][T15265]  security_file_alloc+0x32/0x100
[  373.753506][T15265]  init_file+0x5c/0x1c0
[  373.753587][T15265]  alloc_empty_file+0x8b/0x200
[  373.753628][T15265]  alloc_file_pseudo+0xc6/0x160
[  373.753668][T15265]  __shmem_file_setup+0x1de/0x210
[  373.753749][T15265]  shmem_file_setup+0x3b/0x50
[  373.753789][T15265]  __se_sys_memfd_create+0x2ef/0x5f0
[  373.753820][T15265]  __x64_sys_memfd_create+0x31/0x40
[  373.753849][T15265]  x64_sys_call+0x28cb/0x3000
[  373.753963][T15265]  do_syscall_64+0xd8/0x2a0
[  373.753987][T15265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.754009][T15265] RIP: 0033:0x7f34e5cef749
[  373.754050][T15265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.754073][T15265] RSP: 002b:00007f34e4756e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  373.754097][T15265] RAX: ffffffffffffffda RBX: 00000000000005fc RCX: 00007f34e5cef749
[  373.754114][T15265] RDX: 00007f34e4756ef0 RSI: 0000000000000000 RDI: 00007f34e5d74960
[  373.754131][T15265] RBP: 0000200000001000 R08: 00007f34e4756bb7 R09: 00007f34e4756e40
[  373.754148][T15265] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[  373.754225][T15265] R13: 00007f34e4756ef0 R14: 00007f34e4756eb0 R15: 00002000000005c0
[  373.754244][T15265]  </TASK>
[  373.957507][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.958595][T15267] loop2: detected capacity change from 0 to 512
[  373.973641][T15267] EXT4-fs: Ignoring removed oldalloc option
[  373.980406][T15267] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  374.003132][T15267] EXT4-fs (loop2): 1 truncate cleaned up
[  374.013109][T15267] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  374.038231][T15267] netlink: 2184 bytes leftover after parsing attributes in process `syz.2.3849'.
[  374.057471][T15267] netlink: 144 bytes leftover after parsing attributes in process `syz.2.3849'.
[  374.089584][T15274] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.101257][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.115252][T15265] netlink: 'syz.3.3848': attribute type 1 has an invalid length.
[  374.123120][T15265] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3848'.
[  374.167065][T15274] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.219792][T15274] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.222262][T15284] FAULT_INJECTION: forcing a failure.
[  374.222262][T15284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  374.243328][T15284] CPU: 1 UID: 0 PID: 15284 Comm: syz.3.3855 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  374.243362][T15284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  374.243432][T15284] Call Trace:
[  374.243439][T15284]  <TASK>
[  374.243450][T15284]  __dump_stack+0x1d/0x30
[  374.243476][T15284]  dump_stack_lvl+0xe8/0x140
[  374.243537][T15284]  dump_stack+0x15/0x1b
[  374.243560][T15284]  should_fail_ex+0x265/0x280
[  374.243625][T15284]  should_fail+0xb/0x20
[  374.243649][T15284]  should_fail_usercopy+0x1a/0x20
[  374.243679][T15284]  _copy_from_iter+0xcf/0xe70
[  374.243710][T15284]  ? __build_skb_around+0x164/0x1c0
[  374.243803][T15284]  ? __alloc_skb+0x223/0x320
[  374.243831][T15284]  netlink_sendmsg+0x471/0x6b0
[  374.243893][T15284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.243930][T15284]  __sock_sendmsg+0x145/0x180
[  374.243995][T15284]  ____sys_sendmsg+0x31e/0x4a0
[  374.244074][T15284]  ___sys_sendmsg+0x17b/0x1d0
[  374.244125][T15284]  __x64_sys_sendmsg+0xd4/0x160
[  374.244188][T15284]  x64_sys_call+0x17ba/0x3000
[  374.244215][T15284]  do_syscall_64+0xd8/0x2a0
[  374.244310][T15284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.244339][T15284] RIP: 0033:0x7f34e5cef749
[  374.244359][T15284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.244381][T15284] RSP: 002b:00007f34e4757038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  374.244458][T15284] RAX: ffffffffffffffda RBX: 00007f34e5f45fa0 RCX: 00007f34e5cef749
[  374.244475][T15284] RDX: 0000000004000010 RSI: 0000200000000280 RDI: 0000000000000006
[  374.244543][T15284] RBP: 00007f34e4757090 R08: 0000000000000000 R09: 0000000000000000
[  374.244557][T15284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  374.244570][T15284] R13: 00007f34e5f46038 R14: 00007f34e5f45fa0 R15: 00007ffe13d5a5c8
[  374.244659][T15284]  </TASK>
[  374.476234][T15274] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.559663][ T8760] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.599009][T15300] loop4: detected capacity change from 0 to 8192
[  374.606517][ T8760] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.615647][ T8760] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  374.624810][T15301] loop3: detected capacity change from 0 to 1024
[  374.637536][ T8760] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.650913][T15301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  374.665840][T15301] EXT4-fs error (device loop3): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.3.3857: path /136/file1/file0: bad entry in directory: inode out of bounds - offset=24, inode=150994957, rec_len=16, size=80 fake=0
[  374.694526][T15300]  loop4: p1 p2 < > p3 p4 < p5 >
[  374.699604][T15300] loop4: partition table partially beyond EOD, truncated
[  374.707002][T15300] loop4: p1 size 100663296 extends beyond EOD, truncated
[  374.716151][T15300] loop4: p2 start 591104 is beyond EOD, truncated
[  374.722657][T15300] loop4: p3 start 33572980 is beyond EOD, truncated
[  374.729889][T15300] loop4: p5 size 100663296 extends beyond EOD, truncated
[  374.747815][T15300] SELinux:  policydb version 0 does not match my version range 15-35
[  374.756879][T15300] SELinux: failed to load policy
[  374.776883][T15308] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3862'.
[  374.843247][T15313] loop4: detected capacity change from 0 to 1024
[  374.867048][T15313] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  374.921353][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.925675][T15320] loop1: detected capacity change from 0 to 512
[  374.937617][T15320] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  374.949870][T15320] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.3867: invalid indirect mapped block 4294967295 (level 0)
[  374.964455][T15320] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.3867: invalid indirect mapped block 4294967295 (level 1)
[  374.978929][T15320] EXT4-fs (loop1): 1 orphan inode deleted
[  374.984766][T15320] EXT4-fs (loop1): 1 truncate cleaned up
[  375.004648][T15320] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  375.050349][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.077237][T15332] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3873'.
[  375.172943][T15346] loop4: detected capacity change from 0 to 2048
[  375.186585][T15346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  375.198992][T15346] ext4 filesystem being mounted at /260/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  375.375455][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.483796][ T3951] Bluetooth: hci0: command 0x1003 tx timeout
[  375.490063][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  375.502064][ T8760] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:31: bg 0: block 345: padding at end of block bitmap is not set
[  375.519472][ T8760] EXT4-fs (loop4): Remounting filesystem read-only
[  375.584222][T15363] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=15363 comm=syz.0.3884
[  375.627572][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.835759][   T29] kauditd_printk_skb: 464 callbacks suppressed
[  376.835786][   T29] audit: type=1400 audit(1764797228.201:74184): avc:  denied  { setopt } for  pid=15375 comm="syz.4.3889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  377.118014][T15380] loop4: detected capacity change from 0 to 1024
[  377.724019][   T29] audit: type=1400 audit(1764797228.861:74185): avc:  denied  { mounton } for  pid=15375 comm="syz.4.3889" path="/264/file1" dev="tmpfs" ino=1457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  378.757545][T15391] Bluetooth: hci0: Frame reassembly failed (-90)
[  378.874835][T15380] EXT4-fs warning (device loop4): ext4_multi_mount_protect:394: Unable to create kmmpd thread for loop4.
[  379.033493][T15390] loop1: detected capacity change from 0 to 2048
[  379.114073][   T29] audit: type=1400 audit(1764797229.741:74186): avc:  denied  { read } for  pid=15386 comm="syz.1.3892" dev="nsfs" ino=4026532409 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  379.135611][   T29] audit: type=1400 audit(1764797229.741:74187): avc:  denied  { open } for  pid=15386 comm="syz.1.3892" path="net:[4026532409]" dev="nsfs" ino=4026532409 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  379.159114][   T29] audit: type=1400 audit(1764797229.741:74188): avc:  denied  { create } for  pid=15386 comm="syz.1.3892" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  379.179487][   T29] audit: type=1400 audit(1764797230.481:74189): avc:  denied  { block_suspend } for  pid=15386 comm="syz.1.3892" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  379.203387][T15395] loop4: detected capacity change from 0 to 8192
[  379.227879][T15390] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.240400][T15390] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  379.254058][   T29] audit: type=1400 audit(1764797230.981:74190): avc:  denied  { mount } for  pid=15386 comm="syz.1.3892" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  379.276442][T15395]  loop4: p1 p2 < > p3 p4 < p5 >
[  379.281405][T15395] loop4: partition table partially beyond EOD, truncated
[  379.295568][T15403] loop2: detected capacity change from 0 to 1024
[  379.302411][T15395] loop4: p1 size 100663296 extends beyond EOD, truncated
[  379.310079][T15403] EXT4-fs: Ignoring removed nomblk_io_submit option
[  379.318577][   T29] audit: type=1400 audit(1764797231.051:74191): avc:  denied  { add_name } for  pid=15386 comm="syz.1.3892" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  379.339643][   T29] audit: type=1400 audit(1764797231.051:74192): avc:  denied  { create } for  pid=15386 comm="syz.1.3892" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  379.364410][T15395] loop4: p2 start 591104 is beyond EOD, truncated
[  379.370888][T15395] loop4: p3 start 33572980 is beyond EOD, truncated
[  379.396193][T15404] SELinux:  policydb version 0 does not match my version range 15-35
[  379.404531][T15404] SELinux: failed to load policy
[  379.425656][T15403] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.439586][T15395] loop4: p5 size 100663296 extends beyond EOD, truncated
[  379.474700][   T29] audit: type=1400 audit(1764797231.111:74193): avc:  denied  { read write } for  pid=15386 comm="syz.1.3892" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  379.530017][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.614546][T15408] __nla_validate_parse: 1 callbacks suppressed
[  379.614566][T15408] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3898'.
[  380.074625][T15422] hub 9-0:1.0: USB hub found
[  380.079462][T15422] hub 9-0:1.0: 8 ports detected
[  380.084446][ T8790] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:55: bg 0: block 345: padding at end of block bitmap is not set
[  380.109833][ T8790] EXT4-fs (loop1): Remounting filesystem read-only
[  380.194633][T15426] loop4: detected capacity change from 0 to 1024
[  380.216950][T15426] EXT4-fs: Ignoring removed bh option
[  380.236162][T15426] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  380.254329][T15426] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  380.271429][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.281490][T15426] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  380.321874][T15426] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 2: comm syz.4.3906: lblock 2 mapped to illegal pblock 2 (length 1)
[  380.342692][T15426] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 48: comm syz.4.3906: lblock 0 mapped to illegal pblock 48 (length 1)
[  380.357407][T15426] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.3906: Failed to acquire dquot type 0
[  380.369364][T15426] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  380.379209][T15426] EXT4-fs error (device loop4): ext4_evict_inode:253: inode #11: comm syz.4.3906: mark_inode_dirty error
[  380.391010][T15426] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  380.401460][T15426] EXT4-fs (loop4): 1 orphan inode deleted
[  380.407704][T15426] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.420393][ T2106] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  380.449195][ T2106] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  380.536633][T15440] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #2: block 16: comm syz.4.3906: lblock 0 mapped to illegal pblock 16 (length 1)
[  380.627822][T15440] xt_hashlimit: max too large, truncated to 1048576
[  380.683428][T15440] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #2: block 16: comm syz.4.3906: lblock 0 mapped to illegal pblock 16 (length 1)
[  381.058094][T15426] Set syz1 is full, maxelem 65536 reached
[  381.093926][ T3951] Bluetooth: hci0: command 0x1003 tx timeout
[  381.100077][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  381.137574][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.162812][T11561] EXT4-fs error (device loop4): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  381.179301][T11561] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  381.189045][T11561] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  381.428165][T15451] loop3: detected capacity change from 0 to 128
[  381.436955][ T8790] Bluetooth: hci0: Frame reassembly failed (-90)
[  381.458074][T15451] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  381.507720][T15451] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  381.550774][T15460] loop4: detected capacity change from 0 to 1024
[  381.557794][T15460] EXT4-fs: Ignoring removed nomblk_io_submit option
[  381.594681][T15460] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.629436][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.692895][   T37] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  381.772977][T15470] loop3: detected capacity change from 0 to 128
[  381.853933][T15470] FAT-fs (loop3): invalid media value (0x00)
[  381.860894][T15470] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  381.870993][T15470] FAT-fs (loop3): Can't find a valid FAT filesystem
[  381.902078][   T29] kauditd_printk_skb: 93 callbacks suppressed
[  381.902097][   T29] audit: type=1400 audit(1764797233.631:74284): avc:  denied  { module_request } for  pid=15475 comm="syz.4.3923" kmod="netdev-syz_tun" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  382.059389][   T29] audit: type=1400 audit(1764797233.791:74285): avc:  denied  { create } for  pid=15469 comm="syz.3.3920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  382.060611][T15481] loop4: detected capacity change from 0 to 1024
[  382.090686][   T29] audit: type=1400 audit(1764797233.821:74286): avc:  denied  { write } for  pid=15469 comm="syz.3.3920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  382.118067][T15470] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3920'.
[  382.172338][   T29] audit: type=1400 audit(1764797233.901:74287): avc:  denied  { bind } for  pid=15483 comm="syz.3.3925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  382.224745][T15481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.235666][   T29] audit: type=1400 audit(1764797233.931:74288): avc:  denied  { listen } for  pid=15483 comm="syz.3.3925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  382.294205][   T29] audit: type=1400 audit(1764797234.031:74289): avc:  denied  { write } for  pid=15487 comm="syz.3.3927" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  382.327248][   T29] audit: type=1400 audit(1764797234.061:74290): avc:  denied  { allowed } for  pid=15480 comm="syz.4.3924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  382.363415][   T29] audit: type=1400 audit(1764797234.081:74291): avc:  denied  { map } for  pid=15480 comm="syz.4.3924" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=41963 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  382.364941][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.387870][   T29] audit: type=1400 audit(1764797234.081:74292): avc:  denied  { read write } for  pid=15480 comm="syz.4.3924" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=41963 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  382.387923][   T29] audit: type=1400 audit(1764797234.081:74293): avc:  denied  { create } for  pid=15480 comm="syz.4.3924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  382.463015][T15493] loop3: detected capacity change from 0 to 1024
[  382.473609][T15493] EXT4-fs: Ignoring removed bh option
[  382.479913][T15493] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  382.489056][T15493] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  382.511500][T15493] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  382.536502][T15493] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 2: comm syz.3.3929: lblock 2 mapped to illegal pblock 2 (length 1)
[  382.554382][T15504] loop1: detected capacity change from 0 to 512
[  382.565454][T15504] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  382.585631][T15493] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 48: comm syz.3.3929: lblock 0 mapped to illegal pblock 48 (length 1)
[  382.601195][T15493] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3929: Failed to acquire dquot type 0
[  382.613691][T15504] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  382.623271][T15504] block device autoloading is deprecated and will be removed.
[  382.623412][T15504] EXT4-fs (loop1): couldn't read superblock of external journal
[  382.640816][T15493] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  382.650563][T15493] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.3929: mark_inode_dirty error
[  382.662589][T15493] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  382.672881][T15493] EXT4-fs (loop3): 1 orphan inode deleted
[  382.679320][T15493] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.692144][ T2106] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  382.697956][T15493] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.3929: lblock 0 mapped to illegal pblock 16 (length 1)
[  382.706686][ T2106] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  382.735102][T15493] xt_hashlimit: max too large, truncated to 1048576
[  382.742664][T15493] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.3929: lblock 0 mapped to illegal pblock 16 (length 1)
[  382.770065][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.779547][T13177] EXT4-fs error (device loop3): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  382.793769][T13177] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  382.803420][T13177] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  383.346713][T15520] loop1: detected capacity change from 0 to 128
[  383.363193][T15520] FAT-fs (loop1): invalid media value (0x00)
[  383.371222][T15520] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  383.381340][T15520] FAT-fs (loop1): Can't find a valid FAT filesystem
[  383.413053][T15520] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3940'.
[  383.483799][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  383.483819][ T3951] Bluetooth: hci0: command 0x1003 tx timeout
[  383.557368][T15524] loop4: detected capacity change from 0 to 8192
[  383.594336][T15524]  loop4: p1 p2 < > p3 p4 < p5 >
[  383.599350][T15524] loop4: partition table partially beyond EOD, truncated
[  383.630358][T15524] loop4: p1 size 100663296 extends beyond EOD, truncated
[  383.646706][T15524] loop4: p2 start 591104 is beyond EOD, truncated
[  383.653285][T15524] loop4: p3 start 33572980 is beyond EOD, truncated
[  383.670262][T15524] loop4: p5 size 100663296 extends beyond EOD, truncated
[  383.687027][T15524] SELinux:  policydb version 0 does not match my version range 15-35
[  383.695625][T15524] SELinux: failed to load policy
[  383.793681][T15546] loop1: detected capacity change from 0 to 128
[  383.872659][T15546] FAT-fs (loop1): invalid media value (0x00)
[  383.882978][T15546] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  383.893710][T15546] FAT-fs (loop1): Can't find a valid FAT filesystem
[  383.914406][T15553] loop3: detected capacity change from 0 to 2048
[  383.978649][T15546] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3952'.
[  383.990184][T15553] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.014772][T15553] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  384.112572][T15573] loop2: detected capacity change from 0 to 128
[  384.119773][T15573] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  384.132054][T15573] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  384.166830][ T8814] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  384.253647][T15583] loop2: detected capacity change from 0 to 8192
[  384.282665][T15585] loop1: detected capacity change from 0 to 8192
[  384.314211][T15583]  loop2: p1 p2 < > p3 p4 < p5 >
[  384.319336][T15583] loop2: partition table partially beyond EOD, truncated
[  384.327127][T15583] loop2: p1 size 100663296 extends beyond EOD, truncated
[  384.334428][T15585]  loop1: p1 p2 < > p3 p4 < p5 >
[  384.336880][T15583] loop2: p2 start 591104 is beyond EOD, 
[  384.339428][T15585] loop1: partition table partially beyond EOD, 
[  384.345115][T15583] truncated
[  384.345127][T15583] loop2: p3 start 33572980 is beyond EOD, truncated
[  384.345886][T15583] loop2: p5 size 100663296 extends beyond EOD, 
[  384.351476][T15585] truncated
[  384.353870][T15585] loop1: p1 size 100663296 extends beyond EOD, 
[  384.354656][T15583] truncated
[  384.361299][T15585] truncated
[  384.390948][T15585] loop1: p2 start 591104 is beyond EOD, truncated
[  384.397514][T15585] loop1: p3 start 33572980 is beyond EOD, truncated
[  384.405210][T15583] SELinux:  policydb version 0 does not match my version range 15-35
[  384.413594][T15583] SELinux: failed to load policy
[  384.419054][ T8814] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:69: bg 0: block 345: padding at end of block bitmap is not set
[  384.424177][T15585] loop1: p5 size 100663296 extends beyond EOD, truncated
[  384.434597][ T8814] EXT4-fs (loop3): Remounting filesystem read-only
[  384.486227][T15585] SELinux:  policydb version 0 does not match my version range 15-35
[  384.508796][T15585] SELinux: failed to load policy
[  384.544283][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.576765][T15591] loop3: detected capacity change from 0 to 1024
[  384.598653][T15591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.721013][T15607] loop1: detected capacity change from 0 to 1024
[  384.727974][T15607] EXT4-fs: Ignoring removed bh option
[  384.734012][T15607] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  384.744841][T15607] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  384.756109][T15607] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  384.780220][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.790202][T15607] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #3: block 2: comm syz.1.3976: lblock 2 mapped to illegal pblock 2 (length 1)
[  384.814029][T15607] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #3: block 48: comm syz.1.3976: lblock 0 mapped to illegal pblock 48 (length 1)
[  384.838635][T15607] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.3976: Failed to acquire dquot type 0
[  384.850722][T15607] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  384.860384][T15607] EXT4-fs error (device loop1): ext4_evict_inode:253: inode #11: comm syz.1.3976: mark_inode_dirty error
[  384.871977][T15607] EXT4-fs warning (device loop1): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  384.882308][T15607] EXT4-fs (loop1): 1 orphan inode deleted
[  384.888891][T15607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.901472][ T2106] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  384.953026][ T2106] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  384.981267][T15616] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #2: block 16: comm syz.1.3976: lblock 0 mapped to illegal pblock 16 (length 1)
[  384.998018][T15616] xt_hashlimit: max too large, truncated to 1048576
[  385.005463][T15616] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #2: block 16: comm syz.1.3976: lblock 0 mapped to illegal pblock 16 (length 1)
[  385.241218][T15637] loop2: detected capacity change from 0 to 1024
[  385.314568][T15637] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.451953][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.741592][T15607] Set syz1 is full, maxelem 65536 reached
[  385.766314][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.766657][T15655] loop3: detected capacity change from 0 to 2048
[  385.783116][T12930] EXT4-fs error (device loop1): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  385.800643][T12930] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  385.812167][T12930] EXT4-fs error (device loop1): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  385.826508][T15655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.839749][T15655] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  385.857689][T15659] loop1: detected capacity change from 0 to 512
[  385.885943][T15659] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  385.895016][T15659] EXT4-fs (loop1): couldn't read superblock of external journal
[  386.105423][ T8761] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:32: bg 0: block 345: padding at end of block bitmap is not set
[  386.120402][ T8761] EXT4-fs (loop3): Remounting filesystem read-only
[  386.186302][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.195887][T15676] loop4: detected capacity change from 0 to 1024
[  386.208193][T15676] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  386.268777][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.281264][T15682] loop3: detected capacity change from 0 to 128
[  386.299663][T15684] loop4: detected capacity change from 0 to 1024
[  386.307068][T15684] EXT4-fs: Ignoring removed nomblk_io_submit option
[  386.311034][T15682] FAT-fs (loop3): invalid media value (0x00)
[  386.321204][T15682] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  386.325850][T15684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  386.330688][T15682] FAT-fs (loop3): Can't find a valid FAT filesystem
[  386.368939][T15682] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4003'.
[  386.370713][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.431715][T15692] loop4: detected capacity change from 0 to 1024
[  386.438632][T15692] EXT4-fs: Ignoring removed bh option
[  386.444566][T15692] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  386.453505][T15692] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  386.464610][T15692] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  386.473684][T15692] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 2: comm syz.4.4007: lblock 2 mapped to illegal pblock 2 (length 1)
[  386.488069][T15692] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 48: comm syz.4.4007: lblock 0 mapped to illegal pblock 48 (length 1)
[  386.502340][T15692] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.4007: Failed to acquire dquot type 0
[  386.514595][T15692] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  386.524302][T15692] EXT4-fs error (device loop4): ext4_evict_inode:253: inode #11: comm syz.4.4007: mark_inode_dirty error
[  386.535780][T15692] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  386.546136][T15692] EXT4-fs (loop4): 1 orphan inode deleted
[  386.552190][T15692] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.564815][ T2106] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  386.572397][T15692] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #2: block 16: comm syz.4.4007: lblock 0 mapped to illegal pblock 16 (length 1)
[  386.596798][ T2106] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  386.596896][T15692] xt_hashlimit: max too large, truncated to 1048576
[  386.616399][T15692] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #2: block 16: comm syz.4.4007: lblock 0 mapped to illegal pblock 16 (length 1)
[  386.647727][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.657520][T11561] EXT4-fs error (device loop4): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  386.670823][T11561] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  386.680386][T11561] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  386.730606][T15702] loop4: detected capacity change from 0 to 2048
[  386.739043][T15702] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  386.930472][   T29] kauditd_printk_skb: 185 callbacks suppressed
[  386.930491][   T29] audit: type=1400 audit(1764797238.661:74470): avc:  denied  { map_create } for  pid=15716 comm="syz.0.4015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  386.967770][   T29] audit: type=1400 audit(1764797238.691:74471): avc:  denied  { allowed } for  pid=15716 comm="syz.0.4015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  386.987378][   T29] audit: type=1400 audit(1764797238.691:74472): avc:  denied  { create } for  pid=15716 comm="syz.0.4015" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  387.020655][   T29] audit: type=1400 audit(1764797238.751:74473): avc:  denied  { open } for  pid=15716 comm="syz.0.4015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  387.040194][   T29] audit: type=1400 audit(1764797238.751:74474): avc:  denied  { kernel } for  pid=15716 comm="syz.0.4015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  387.059861][   T29] audit: type=1400 audit(1764797238.751:74475): avc:  denied  { prog_run } for  pid=15716 comm="syz.0.4015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  387.079379][   T29] audit: type=1400 audit(1764797238.781:74476): avc:  denied  { create } for  pid=15720 comm="syz.1.4016" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  387.100434][   T29] audit: type=1400 audit(1764797238.811:74477): avc:  denied  { execmem } for  pid=15720 comm="syz.1.4016" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  387.248940][   T29] audit: type=1400 audit(1764797238.981:74478): avc:  denied  { create } for  pid=15724 comm="syz.0.4017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  387.309593][   T29] audit: type=1400 audit(1764797239.041:74479): avc:  denied  { create } for  pid=15727 comm="syz.3.4018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  387.411766][T15729] loop1: detected capacity change from 0 to 1024
[  387.451212][T15725] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4017'.
[  387.483008][T15729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  387.512687][T15729] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #11: comm syz.1.4016: missing EA_INODE flag
[  387.524913][T15729] EXT4-fs (loop1): Remounting filesystem read-only
[  387.531633][T15729] EXT4-fs warning (device loop1): ext4_xattr_inode_dec_ref_all:1226: inode #18: comm syz.1.4016: ea_inode dec ref err=-30
[  387.544415][T15729] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -30)
[  387.737290][T15735] loop3: detected capacity change from 0 to 1024
[  387.787929][T15735] EXT4-fs: Ignoring removed bh option
[  387.838547][T15735] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  388.072981][T15735] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  388.095832][T15745] FAULT_INJECTION: forcing a failure.
[  388.095832][T15745] name failslab, interval 1, probability 0, space 0, times 0
[  388.108668][T15745] CPU: 1 UID: 0 PID: 15745 Comm: syz.4.4024 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  388.108705][T15745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  388.108719][T15745] Call Trace:
[  388.108781][T15745]  <TASK>
[  388.108789][T15745]  __dump_stack+0x1d/0x30
[  388.108817][T15745]  dump_stack_lvl+0xe8/0x140
[  388.108957][T15745]  dump_stack+0x15/0x1b
[  388.109041][T15745]  should_fail_ex+0x265/0x280
[  388.109071][T15745]  should_failslab+0x8c/0xb0
[  388.109107][T15745]  kmem_cache_alloc_noprof+0x50/0x480
[  388.109137][T15745]  ? skb_clone+0x151/0x1f0
[  388.109199][T15745]  skb_clone+0x151/0x1f0
[  388.109231][T15745]  __netlink_deliver_tap+0x2c9/0x500
[  388.109267][T15745]  netlink_unicast+0x66b/0x690
[  388.109366][T15745]  netlink_sendmsg+0x58b/0x6b0
[  388.109401][T15745]  ? __pfx_netlink_sendmsg+0x10/0x10
[  388.109435][T15745]  __sock_sendmsg+0x145/0x180
[  388.109469][T15745]  ____sys_sendmsg+0x31e/0x4a0
[  388.109544][T15745]  ___sys_sendmsg+0x17b/0x1d0
[  388.109596][T15745]  __x64_sys_sendmsg+0xd4/0x160
[  388.109626][T15745]  x64_sys_call+0x17ba/0x3000
[  388.109723][T15745]  do_syscall_64+0xd8/0x2a0
[  388.109753][T15745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.109775][T15745] RIP: 0033:0x7f1d6275f749
[  388.109790][T15745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.109815][T15745] RSP: 002b:00007f1d611bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  388.109841][T15745] RAX: ffffffffffffffda RBX: 00007f1d629b5fa0 RCX: 00007f1d6275f749
[  388.109889][T15745] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  388.109902][T15745] RBP: 00007f1d611bf090 R08: 0000000000000000 R09: 0000000000000000
[  388.109914][T15745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.109927][T15745] R13: 00007f1d629b6038 R14: 00007f1d629b5fa0 R15: 00007ffc6aabbf18
[  388.109953][T15745]  </TASK>
[  388.329663][T15735] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  388.338944][T15735] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 2: comm syz.3.4019: lblock 2 mapped to illegal pblock 2 (length 1)
[  388.353340][T15735] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 48: comm syz.3.4019: lblock 0 mapped to illegal pblock 48 (length 1)
[  388.380995][T15735] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.4019: Failed to acquire dquot type 0
[  388.400551][T15735] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  388.415297][T15735] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.4019: mark_inode_dirty error
[  388.460446][T15735] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  388.470914][T15735] EXT4-fs (loop3): 1 orphan inode deleted
[  388.477561][T15735] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.490177][ T2106] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  388.504712][ T2106] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:13: Failed to release dquot type 0
[  389.011482][T15765] loop2: detected capacity change from 0 to 128
[  389.030836][T15765] FAT-fs (loop2): invalid media value (0x00)
[  389.037665][T15765] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  389.047754][T15765] FAT-fs (loop2): Can't find a valid FAT filesystem
[  389.071100][T15765] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4030'.
[  389.274908][T15767] loop2: detected capacity change from 0 to 1024
[  389.306082][T15735] Set syz1 is full, maxelem 65536 reached
[  389.653937][T15767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.688384][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.702799][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.714371][T13177] EXT4-fs error (device loop3): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  389.772894][T13177] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  389.846758][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.856574][T13177] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  389.930653][T15785] loop1: detected capacity change from 0 to 8192
[  389.984066][T15785]  loop1: p1 p2 < > p3 p4 < p5 >
[  389.989119][T15785] loop1: partition table partially beyond EOD, truncated
[  390.013992][T15785] loop1: p1 size 100663296 extends beyond EOD, truncated
[  390.025806][T15785] loop1: p2 start 591104 is beyond EOD, truncated
[  390.032431][T15785] loop1: p3 start 33572980 is beyond EOD, truncated
[  390.039781][T15785] loop1: p5 size 100663296 extends beyond EOD, truncated
[  390.078498][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  390.178973][T15792] loop4: detected capacity change from 0 to 1024
[  390.197562][T15792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.223482][T15792] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #11: comm syz.4.4036: missing EA_INODE flag
[  390.236253][T15792] EXT4-fs (loop4): Remounting filesystem read-only
[  390.242843][T15792] EXT4-fs warning (device loop4): ext4_xattr_inode_dec_ref_all:1226: inode #18: comm syz.4.4036: ea_inode dec ref err=-30
[  390.255688][T15792] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -30)
[  390.321726][T15785] SELinux:  policydb version 0 does not match my version range 15-35
[  390.377892][T15785] SELinux: failed to load policy
[  390.383336][T15796] SELinux:  policydb version 0 does not match my version range 15-35
[  390.483783][T15796] SELinux: failed to load policy
[  390.566849][T15789] loop3: detected capacity change from 0 to 8192
[  390.655915][T15789]  loop3: p1 p2 < > p3 p4 < p5 >
[  390.661072][T15789] loop3: partition table partially beyond EOD, truncated
[  390.894925][T15789] loop3: p1 size 100663296 extends beyond EOD, truncated
[  390.915183][T15789] loop3: p2 start 591104 is beyond EOD, truncated
[  390.921650][T15789] loop3: p3 start 33572980 is beyond EOD, truncated
[  390.944547][T15789] loop3: p5 size 100663296 extends beyond EOD, truncated
[  390.966089][T15808] loop1: detected capacity change from 0 to 512
[  390.973693][T15808] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  390.984666][T15808] EXT4-fs (loop1): couldn't read superblock of external journal
[  391.065432][T15810] loop3: detected capacity change from 0 to 512
[  391.085008][T15810] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  391.117539][T15812] loop2: detected capacity change from 0 to 128
[  391.133350][T15812] FAT-fs (loop2): invalid media value (0x00)
[  391.139931][T15812] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  391.149979][T15812] FAT-fs (loop2): Can't find a valid FAT filesystem
[  391.158904][T15810] EXT4-fs (loop3): 1 orphan inode deleted
[  391.164741][T15810] EXT4-fs (loop3): 1 truncate cleaned up
[  391.170956][T15810] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.201434][T15812] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4043'.
[  391.266161][T15817] loop2: detected capacity change from 0 to 1024
[  391.294761][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.316662][T15817] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  391.414720][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.464659][T15830] loop3: detected capacity change from 0 to 1024
[  391.471588][T15830] EXT4-fs: Ignoring removed bh option
[  391.477351][T15830] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  391.486499][T15830] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  391.497476][T15830] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  391.506835][T15830] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 2: comm syz.3.4050: lblock 2 mapped to illegal pblock 2 (length 1)
[  391.521135][T15830] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 48: comm syz.3.4050: lblock 0 mapped to illegal pblock 48 (length 1)
[  391.537706][T15830] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.4050: Failed to acquire dquot type 0
[  391.564624][T15830] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  391.586069][T15830] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.4050: mark_inode_dirty error
[  391.607302][T15830] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  391.628829][T15830] EXT4-fs (loop3): 1 orphan inode deleted
[  391.638491][T15833] loop2: detected capacity change from 0 to 8192
[  391.646225][   T37] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  391.661086][T15830] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.673987][   T37] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[  391.692304][T15830] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.4050: lblock 0 mapped to illegal pblock 16 (length 1)
[  391.707474][T15830] xt_hashlimit: max too large, truncated to 1048576
[  391.714386][T15833]  loop2: p1 p2 < > p3 p4 < p5 >
[  391.719375][T15833] loop2: partition table partially beyond EOD, truncated
[  391.727332][T15830] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.4050: lblock 0 mapped to illegal pblock 16 (length 1)
[  391.741647][T15833] loop2: p1 size 100663296 extends beyond EOD, truncated
[  391.755733][T15833] loop2: p2 start 591104 is beyond EOD, truncated
[  391.762227][T15833] loop2: p3 start 33572980 is beyond EOD, truncated
[  391.796910][T15833] loop2: p5 size 100663296 extends beyond EOD, truncated
[  391.806063][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.825979][T13177] EXT4-fs error (device loop3): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  391.841661][T15833] SELinux:  policydb version 0 does not match my version range 15-35
[  391.858836][T15833] SELinux: failed to load policy
[  391.865581][T13177] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  391.903206][T13177] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  391.946728][T15840] loop1: detected capacity change from 0 to 1024
[  391.976927][T15840] EXT4-fs: Ignoring removed nomblk_io_submit option
[  391.997504][T15840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  392.024270][T15845] loop2: detected capacity change from 0 to 128
[  392.053283][   T29] kauditd_printk_skb: 165 callbacks suppressed
[  392.053298][   T29] audit: type=1400 audit(1764797243.781:74639): avc:  denied  { append } for  pid=15839 comm="syz.1.4055" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  392.101496][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.124382][T15845] FAT-fs (loop2): invalid media value (0x00)
[  392.131064][T15845] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  392.141313][T15845] FAT-fs (loop2): Can't find a valid FAT filesystem
[  392.148885][ T3951] Bluetooth: hci0: command 0x1003 tx timeout
[  392.155245][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  392.192037][T15852] netlink: 19 bytes leftover after parsing attributes in process `syz.1.4057'.
[  392.319563][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.345524][   T29] audit: type=1400 audit(1764797244.081:74640): avc:  denied  { read } for  pid=15863 comm="syz.0.4064" dev="nsfs" ino=4026532378 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  392.369565][T15859] loop2: detected capacity change from 0 to 1024
[  392.377027][T15859] EXT4-fs: Ignoring removed bh option
[  392.382802][   T29] audit: type=1400 audit(1764797244.081:74641): avc:  denied  { open } for  pid=15863 comm="syz.0.4064" path="net:[4026532378]" dev="nsfs" ino=4026532378 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  392.406412][   T29] audit: type=1400 audit(1764797244.081:74642): avc:  denied  { create } for  pid=15863 comm="syz.0.4064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  392.426583][   T29] audit: type=1400 audit(1764797244.081:74643): avc:  denied  { block_suspend } for  pid=15863 comm="syz.0.4064" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  392.448233][   T29] audit: type=1400 audit(1764797244.081:74644): avc:  denied  { write } for  pid=15863 comm="syz.0.4064" name="raw" dev="proc" ino=4026533386 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  392.453860][T15859] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  392.489006][T15869] loop4: detected capacity change from 0 to 1024
[  392.497849][T15859] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  392.504637][T15869] EXT4-fs: Ignoring removed bh option
[  392.517893][T15871] loop1: detected capacity change from 0 to 1024
[  392.524514][T15869] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  392.543880][T15869] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  392.544025][T15859] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  392.564125][T15859] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 2: comm syz.2.4063: lblock 2 mapped to illegal pblock 2 (length 1)
[  392.583875][T15859] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  392.584352][T15869] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  392.602262][T15859] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 48: comm syz.2.4063: lblock 0 mapped to illegal pblock 48 (length 1)
[  392.604760][T15871] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  392.639410][T15869] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 2: comm syz.4.4061: lblock 2 mapped to illegal pblock 2 (length 1)
[  392.672395][T15869] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  392.686591][T15859] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  392.696108][T15859] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.4063: Failed to acquire dquot type 0
[  392.748127][T15869] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 48: comm syz.4.4061: lblock 0 mapped to illegal pblock 48 (length 1)
[  392.764927][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.783880][T15859] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  392.793690][T15869] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  392.802518][T15869] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.4061: Failed to acquire dquot type 0
[  392.807348][T15859] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.4063: mark_inode_dirty error
[  392.825501][T15869] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  392.845272][T15859] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  392.872729][T15859] EXT4-fs (loop2): 1 orphan inode deleted
[  392.893116][T15869] EXT4-fs error (device loop4): ext4_evict_inode:253: inode #11: comm syz.4.4061: mark_inode_dirty error
[  392.905258][ T8814] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:69: lblock 1 mapped to illegal pblock 1 (length 1)
[  392.920295][T15859] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.946123][T15884] loop3: detected capacity change from 0 to 128
[  392.953813][ T8814] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:69: Failed to release dquot type 0
[  392.959209][ T8760] Bluetooth: hci0: Frame reassembly failed (-84)
[  392.971889][T15869] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  392.994631][T15869] EXT4-fs (loop4): 1 orphan inode deleted
[  393.001236][T15869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.014046][ T8760] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:31: lblock 1 mapped to illegal pblock 1 (length 1)
[  393.047923][ T8760] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:31: Failed to release dquot type 0
[  393.072699][T15869] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #2: block 16: comm syz.4.4061: lblock 0 mapped to illegal pblock 16 (length 1)
[  393.089066][T15859] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #2: block 16: comm syz.2.4063: lblock 0 mapped to illegal pblock 16 (length 1)
[  393.111404][T15869] xt_hashlimit: max too large, truncated to 1048576
[  393.119205][T15859] xt_hashlimit: max too large, truncated to 1048576
[  393.119838][T15869] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #2: block 16: comm syz.4.4061: lblock 0 mapped to illegal pblock 16 (length 1)
[  393.148602][T15859] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #2: block 16: comm syz.2.4063: lblock 0 mapped to illegal pblock 16 (length 1)
[  393.179248][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.190639][T11561] EXT4-fs error (device loop4): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  393.204002][T11561] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  393.216451][T11561] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  393.229672][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.239241][T13989] EXT4-fs error (device loop2): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  393.252375][T13989] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  393.262658][T13989] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  393.346409][T15899] loop2: detected capacity change from 0 to 512
[  393.354165][T15899] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  393.363667][T15899] EXT4-fs (loop2): couldn't read superblock of external journal
[  393.578965][T15909] loop4: detected capacity change from 0 to 1024
[  393.627360][T15909] EXT4-fs: Ignoring removed bh option
[  393.653203][T15909] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  393.664708][T15909] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  393.682865][T15909] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  393.695648][T15909] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 2: comm syz.4.4078: lblock 2 mapped to illegal pblock 2 (length 1)
[  393.710095][T15909] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 48: comm syz.4.4078: lblock 0 mapped to illegal pblock 48 (length 1)
[  393.725063][T15909] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.4078: Failed to acquire dquot type 0
[  393.736996][T15909] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  393.747027][T15909] EXT4-fs error (device loop4): ext4_evict_inode:253: inode #11: comm syz.4.4078: mark_inode_dirty error
[  393.758585][T15909] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  393.768947][T15909] EXT4-fs (loop4): 1 orphan inode deleted
[  393.775680][T15909] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.791555][ T8790] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:55: lblock 1 mapped to illegal pblock 1 (length 1)
[  393.808479][T15909] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #2: block 16: comm syz.4.4078: lblock 0 mapped to illegal pblock 16 (length 1)
[  393.836242][ T8790] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:55: Failed to release dquot type 0
[  393.850019][T15909] xt_hashlimit: max too large, truncated to 1048576
[  393.864364][T15909] EXT4-fs error (device loop4): ext4_map_blocks:777: inode #2: block 16: comm syz.4.4078: lblock 0 mapped to illegal pblock 16 (length 1)
[  393.922701][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.935562][T11561] EXT4-fs error (device loop4): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  393.962233][T11561] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  393.982403][T11561] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  394.255290][T15930] loop4: detected capacity change from 0 to 8192
[  394.294044][T15930]  loop4: p1 p2 < > p3 p4 < p5 >
[  394.299039][T15930] loop4: partition table partially beyond EOD, truncated
[  394.323840][T15930] loop4: p1 size 100663296 extends beyond EOD, truncated
[  394.344569][T15930] loop4: p2 start 591104 is beyond EOD, truncated
[  394.351040][T15930] loop4: p3 start 33572980 is beyond EOD, truncated
[  394.366664][T15930] loop4: p5 size 100663296 extends beyond EOD, truncated
[  394.383126][T15930] SELinux:  policydb version 0 does not match my version range 15-35
[  394.400261][T15930] SELinux: failed to load policy
[  394.466361][T15944] loop1: detected capacity change from 0 to 512
[  394.489599][T15944] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  394.519540][T15944] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.4092: invalid indirect mapped block 4294967295 (level 0)
[  394.534115][T15944] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.4092: invalid indirect mapped block 4294967295 (level 1)
[  394.555726][T15938] SELinux:  policydb version 0 does not match my version range 15-35
[  394.565178][T15944] EXT4-fs (loop1): 1 orphan inode deleted
[  394.570995][T15944] EXT4-fs (loop1): 1 truncate cleaned up
[  394.577148][T15944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  394.584144][T15938] SELinux: failed to load policy
[  394.640227][T15949] lo: Caught tx_queue_len zero misconfig
[  395.006427][ T3951] Bluetooth: hci0: command 0x1003 tx timeout
[  395.007879][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  395.140644][T15977] loop4: detected capacity change from 0 to 512
[  395.169169][T15977] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  395.194780][T15977] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.4106: invalid indirect mapped block 4294967295 (level 0)
[  395.221296][T15982] loop3: detected capacity change from 0 to 128
[  395.264346][T15977] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.4106: invalid indirect mapped block 4294967295 (level 1)
[  395.281693][T15982] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  395.316276][T15977] EXT4-fs (loop4): 1 orphan inode deleted
[  395.316307][T15982] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  395.322099][T15977] EXT4-fs (loop4): 1 truncate cleaned up
[  395.345070][T15984] loop2: detected capacity change from 0 to 128
[  395.361489][ T1954] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  395.407481][T15984] FAT-fs (loop2): invalid media value (0x00)
[  395.414242][T15984] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  395.424101][T15984] FAT-fs (loop2): Can't find a valid FAT filesystem
[  395.548828][T15988] loop4: detected capacity change from 0 to 2048
[  395.584153][T15984] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4103'.
[  395.672204][T15988] ext4 filesystem being mounted at /320/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  395.717021][T16000] loop3: detected capacity change from 0 to 1024
[  395.723795][T16000] EXT4-fs: Ignoring removed bh option
[  395.774246][T16000] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  395.910175][T16002] loop2: detected capacity change from 0 to 128
[  395.917001][T16000] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  395.944186][ T8760] Bluetooth: hci0: Frame reassembly failed (-84)
[  395.971802][T16000] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  396.128494][T16000] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 2: comm syz.3.4113: lblock 2 mapped to illegal pblock 2 (length 1)
[  396.153951][T16000] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 48: comm syz.3.4113: lblock 0 mapped to illegal pblock 48 (length 1)
[  396.201748][T15987] Process accounting paused
[  396.248143][T16000] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.4113: Failed to acquire dquot type 0
[  396.259474][ T8760] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:31: bg 0: block 345: padding at end of block bitmap is not set
[  396.284265][ T8760] EXT4-fs (loop4): Remounting filesystem read-only
[  396.304651][T16000] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  396.306325][T16013] loop1: detected capacity change from 0 to 512
[  396.333248][T16013] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  396.354005][T16013] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.4120: invalid indirect mapped block 4294967295 (level 0)
[  396.368694][T16013] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.4120: invalid indirect mapped block 4294967295 (level 1)
[  396.373942][T16000] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.4113: mark_inode_dirty error
[  396.383519][T16013] EXT4-fs (loop1): 1 orphan inode deleted
[  396.399732][T16013] EXT4-fs (loop1): 1 truncate cleaned up
[  396.419947][T16000] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  396.430562][T16000] EXT4-fs (loop3): 1 orphan inode deleted
[  396.443867][ T8814] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:69: lblock 1 mapped to illegal pblock 1 (length 1)
[  396.463860][ T8814] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:69: Failed to release dquot type 0
[  396.479096][T16000] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.4113: lblock 0 mapped to illegal pblock 16 (length 1)
[  396.494860][T16000] xt_hashlimit: max too large, truncated to 1048576
[  396.517265][T16000] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.4113: lblock 0 mapped to illegal pblock 16 (length 1)
[  396.562734][T16020] loop1: detected capacity change from 0 to 128
[  396.578881][T16020] FAT-fs (loop1): invalid media value (0x00)
[  396.585442][T16020] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  396.595485][T16020] FAT-fs (loop1): Can't find a valid FAT filesystem
[  396.632527][T13177] EXT4-fs error (device loop3): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  396.652444][T13177] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  396.669923][T16020] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4122'.
[  396.685943][T13177] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  396.758366][T16027] loop3: detected capacity change from 0 to 8192
[  396.887063][T16027]  loop3: p1 p2 < > p3 p4 < p5 >
[  396.892058][T16027] loop3: partition table partially beyond EOD, truncated
[  396.930201][T16027] loop3: p1 size 100663296 extends beyond EOD, truncated
[  396.948675][T16027] loop3: p2 start 591104 is beyond EOD, truncated
[  396.955272][T16027] loop3: p3 start 33572980 is beyond EOD, truncated
[  396.955431][T16035] loop4: detected capacity change from 0 to 8192
[  396.970394][T16027] loop3: p5 size 100663296 extends beyond EOD, truncated
[  396.982026][T16027] SELinux:  policydb version 0 does not match my version range 15-35
[  396.990554][T16027] SELinux: failed to load policy
[  397.013514][T16035]  loop4: p1 p2 < > p3 p4 < p5 >
[  397.018619][T16035] loop4: partition table partially beyond EOD, truncated
[  397.050652][T16035] loop4: p1 size 100663296 extends beyond EOD, truncated
[  397.068703][T16035] loop4: p2 start 591104 is beyond EOD, truncated
[  397.075213][T16035] loop4: p3 start 33572980 is beyond EOD, truncated
[  397.084909][T16035] loop4: p5 size 100663296 extends beyond EOD, truncated
[  397.112994][T16041] loop1: detected capacity change from 0 to 2048
[  397.128300][T16041] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  397.146524][T16035] SELinux:  policydb version 0 does not match my version range 15-35
[  397.154980][T16035] SELinux: failed to load policy
[  397.233864][T16046] loop4: detected capacity change from 0 to 512
[  397.241012][T16046] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  397.253119][T16046] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.4131: invalid indirect mapped block 4294967295 (level 0)
[  397.284009][T16046] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.4131: invalid indirect mapped block 4294967295 (level 1)
[  397.311209][T16046] EXT4-fs (loop4): 1 orphan inode deleted
[  397.317045][T16046] EXT4-fs (loop4): 1 truncate cleaned up
[  397.361551][T16051] loop4: detected capacity change from 0 to 1024
[  397.371178][   T29] kauditd_printk_skb: 51 callbacks suppressed
[  397.371197][   T29] audit: type=1400 audit(1764797249.101:74688): avc:  denied  { read } for  pid=16052 comm="syz.3.4134" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  397.471601][   T29] audit: type=1400 audit(1764797249.101:74689): avc:  denied  { open } for  pid=16052 comm="syz.3.4134" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  397.495848][   T29] audit: type=1400 audit(1764797249.101:74690): avc:  denied  { ioctl } for  pid=16052 comm="syz.3.4134" path="/dev/sg0" dev="devtmpfs" ino=137 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  397.521710][   T29] audit: type=1400 audit(1764797249.101:74691): avc:  denied  { connect } for  pid=16052 comm="syz.3.4134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  397.628688][T16068] loop4: detected capacity change from 0 to 512
[  397.635619][T16068] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  397.647719][T16068] EXT4-fs (loop4): 1 orphan inode deleted
[  397.649784][T16070] netlink: 19 bytes leftover after parsing attributes in process `syz.0.4138'.
[  397.653495][T16068] EXT4-fs (loop4): 1 truncate cleaned up
[  397.673965][   T29] audit: type=1326 audit(1764797249.381:74692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16067 comm="syz.4.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d6275f749 code=0x7ffc0000
[  397.697691][   T29] audit: type=1326 audit(1764797249.381:74693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16067 comm="syz.4.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d6275f749 code=0x7ffc0000
[  397.721296][   T29] audit: type=1326 audit(1764797249.381:74694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16067 comm="syz.4.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d6275f749 code=0x7ffc0000
[  397.744972][   T29] audit: type=1326 audit(1764797249.381:74695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16067 comm="syz.4.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d6275f749 code=0x7ffc0000
[  397.768663][   T29] audit: type=1326 audit(1764797249.381:74696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16067 comm="syz.4.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d6275f749 code=0x7ffc0000
[  397.792366][   T29] audit: type=1326 audit(1764797249.381:74697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16067 comm="syz.4.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d6275f749 code=0x7ffc0000
[  397.833135][ T8761] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:32: bg 0: block 345: padding at end of block bitmap is not set
[  397.854254][ T8761] EXT4-fs (loop1): Remounting filesystem read-only
[  397.881910][T16075] loop3: detected capacity change from 0 to 1024
[  397.889292][T16075] EXT4-fs: Ignoring removed bh option
[  397.895894][T16075] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  397.904826][T16075] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  397.919968][T16075] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  397.930047][T16075] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 2: comm syz.3.4141: lblock 2 mapped to illegal pblock 2 (length 1)
[  397.944468][T16075] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 48: comm syz.3.4141: lblock 0 mapped to illegal pblock 48 (length 1)
[  397.958930][T16075] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.4141: Failed to acquire dquot type 0
[  397.963914][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  397.970356][ T3951] Bluetooth: hci0: command 0x1003 tx timeout
[  397.982567][T16075] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  397.992281][T16075] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.4141: mark_inode_dirty error
[  398.004076][T16075] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  398.014487][T16075] EXT4-fs (loop3): 1 orphan inode deleted
[  398.028085][T16075] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.4141: lblock 0 mapped to illegal pblock 16 (length 1)
[  398.043430][ T8761] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 1)
[  398.058818][T16075] xt_hashlimit: max too large, truncated to 1048576
[  398.066270][T16075] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.4141: lblock 0 mapped to illegal pblock 16 (length 1)
[  398.080329][ T8761] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:32: Failed to release dquot type 0
[  398.113404][T16083] loop2: detected capacity change from 0 to 512
[  398.130357][T16083] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  398.142772][T13177] EXT4-fs error (device loop3): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  398.157090][T13177] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  398.166830][T13177] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  398.184728][T16083] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.4143: invalid indirect mapped block 4294967295 (level 0)
[  398.199028][T16083] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.4143: invalid indirect mapped block 4294967295 (level 1)
[  398.219706][T16083] EXT4-fs (loop2): 1 orphan inode deleted
[  398.225560][T16083] EXT4-fs (loop2): 1 truncate cleaned up
[  398.266734][T16091] loop2: detected capacity change from 0 to 1024
[  398.274199][T16091] EXT4-fs: Ignoring removed bh option
[  398.280139][T16091] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  398.289255][T16091] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  398.300585][T16091] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  398.310257][T16091] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 2: comm syz.2.4146: lblock 2 mapped to illegal pblock 2 (length 1)
[  398.324892][T16091] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 48: comm syz.2.4146: lblock 0 mapped to illegal pblock 48 (length 1)
[  398.339523][T16091] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.4146: Failed to acquire dquot type 0
[  398.353176][T16091] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  398.362974][T16091] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.4146: mark_inode_dirty error
[  398.374902][T16091] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  398.385426][T16091] EXT4-fs (loop2): 1 orphan inode deleted
[  398.404980][ T8761] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 1)
[  398.452818][T16100] loop3: detected capacity change from 0 to 2048
[  398.467105][ T8761] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:32: Failed to release dquot type 0
[  398.484856][T16107] loop4: detected capacity change from 0 to 128
[  398.493972][T16108] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #2: block 16: comm syz.2.4146: lblock 0 mapped to illegal pblock 16 (length 1)
[  398.510420][T16107] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  398.523659][T16100] ext4 filesystem being mounted at /182/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.538396][T16107] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  398.548230][T16108] xt_hashlimit: max too large, truncated to 1048576
[  398.575731][T16108] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #2: block 16: comm syz.2.4146: lblock 0 mapped to illegal pblock 16 (length 1)
[  398.657218][ T8814] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  398.813290][T16091] Set syz1 is full, maxelem 65536 reached
[  398.834363][T16113] netlink: 19 bytes leftover after parsing attributes in process `syz.4.4154'.
[  398.856852][T13989] EXT4-fs error (device loop2): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  398.869980][T13989] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  398.879722][T13989] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  398.907717][T16116] loop2: detected capacity change from 0 to 1024
[  398.914982][T16116] EXT4-fs: Ignoring removed bh option
[  398.920711][T16116] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  398.929874][T16116] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  398.940939][T16116] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  398.950588][T16116] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 2: comm syz.2.4155: lblock 2 mapped to illegal pblock 2 (length 1)
[  398.965122][T16116] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 48: comm syz.2.4155: lblock 0 mapped to illegal pblock 48 (length 1)
[  398.979656][T16116] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.4155: Failed to acquire dquot type 0
[  398.991176][T16116] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  399.001012][T16116] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.4155: mark_inode_dirty error
[  399.012503][T16116] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  399.022849][T16116] EXT4-fs (loop2): 1 orphan inode deleted
[  399.033817][   T37] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  399.048250][   T37] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[  399.072867][T13989] EXT4-fs error (device loop2): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  399.101806][ T8790] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:55: bg 0: block 345: padding at end of block bitmap is not set
[  399.103993][T13989] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  399.126017][ T8790] EXT4-fs (loop3): Remounting filesystem read-only
[  399.158628][T13989] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  399.176281][T16123] loop1: detected capacity change from 0 to 1024
[  399.346873][ T8761] Bluetooth: hci1: Frame reassembly failed (-84)
[  399.523939][T16143] Bluetooth: hci1: Frame reassembly failed (-90)
[  399.620093][T16145] loop4: detected capacity change from 0 to 1024
[  399.709267][T16152] loop4: detected capacity change from 0 to 1024
[  399.716871][T16152] EXT4-fs: Ignoring removed nomblk_io_submit option
[  399.777078][T16153] loop2: detected capacity change from 0 to 2048
[  399.797938][T16153] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  400.075559][T16165] loop3: detected capacity change from 0 to 1024
[  400.229361][ T8790] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:55: bg 0: block 345: padding at end of block bitmap is not set
[  400.262818][ T8790] EXT4-fs (loop2): Remounting filesystem read-only
[  400.524157][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  400.551610][T16173] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4173'.
[  400.573273][T16173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4173'.
[  400.634724][T16182] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4173'.
[  400.645714][T16181] xt_hashlimit: max too large, truncated to 1048576
[  400.675742][T16185] loop4: detected capacity change from 0 to 1024
[  400.683540][T16185] EXT4-fs: Ignoring removed nomblk_io_submit option
[  400.768809][T16199] loop4: detected capacity change from 0 to 1024
[  400.794852][T16205] netlink: 19 bytes leftover after parsing attributes in process `syz.3.4180'.
[  400.829994][T16208] loop4: detected capacity change from 0 to 128
[  401.404074][ T3951] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  402.033473][T16238] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98
[  402.252930][T16259] loop4: detected capacity change from 0 to 8192
[  402.304463][T16259]  loop4: p1 p2 < > p3 p4 < p5 >
[  402.309481][T16259] loop4: partition table partially beyond EOD, truncated
[  402.333824][T16259] loop4: p1 size 100663296 extends beyond EOD, truncated
[  402.345299][T16259] loop4: p2 start 591104 is beyond EOD, truncated
[  402.351785][T16259] loop4: p3 start 33572980 is beyond EOD, truncated
[  402.367007][T16259] loop4: p5 size 100663296 extends beyond EOD, truncated
[  402.381920][   T29] kauditd_printk_skb: 143 callbacks suppressed
[  402.381920][T16259] SELinux:  policydb version 0 does not match my version range 15-35
[  402.381971][   T29] audit: type=1400 audit(1764797254.111:74832): avc:  denied  { load_policy } for  pid=16258 comm="syz.4.4201" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  402.388404][T16259] SELinux: failed to load policy
[  402.501254][   T29] audit: type=1400 audit(1764797254.231:74833): avc:  denied  { write } for  pid=16258 comm="syz.4.4201" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  402.548286][T16280] loop1: detected capacity change from 0 to 512
[  402.554259][T16284] loop2: detected capacity change from 0 to 512
[  402.561344][   T29] audit: type=1400 audit(1764797254.291:74834): avc:  denied  { mounton } for  pid=16276 comm="syz.1.4209" path="/220/file2" dev="tmpfs" ino=1243 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  402.571874][T16284] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  402.597795][T16280] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  402.606951][T16280] EXT4-fs (loop1): couldn't read superblock of external journal
[  402.624417][T16284] EXT4-fs (loop2): 1 orphan inode deleted
[  402.630203][T16284] EXT4-fs (loop2): 1 truncate cleaned up
[  402.638896][T16279] SELinux:  policydb version 0 does not match my version range 15-35
[  402.649896][   T29] audit: type=1400 audit(1764797254.381:74835): avc:  denied  { mount } for  pid=16283 comm="syz.2.4211" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  402.662821][T16286] loop4: detected capacity change from 0 to 8192
[  402.678702][T16279] SELinux: failed to load policy
[  402.683805][   T29] audit: type=1400 audit(1764797254.411:74836): avc:  denied  { create } for  pid=16283 comm="syz.2.4211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  402.703763][   T29] audit: type=1400 audit(1764797254.411:74837): avc:  denied  { setopt } for  pid=16283 comm="syz.2.4211" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  402.724332][   T29] audit: type=1400 audit(1764797254.411:74838): avc:  denied  { validate_trans } for  pid=16283 comm="syz.2.4211" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  402.724368][   T29] audit: type=1326 audit(1764797254.411:74839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  402.724444][   T29] audit: type=1326 audit(1764797254.411:74840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  402.724478][   T29] audit: type=1326 audit(1764797254.411:74841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cf84f749 code=0x7ffc0000
[  402.733916][T16286]  loop4: p1 p2 < > p3 p4 < p5 >
[  402.821789][T16286] loop4: partition table partially beyond EOD, truncated
[  402.838323][T16286] loop4: p1 size 100663296 extends beyond EOD, truncated
[  402.851002][T16286] loop4: p2 start 591104 is beyond EOD, truncated
[  402.857609][T16286] loop4: p3 start 33572980 is beyond EOD, truncated
[  402.864940][T16286] loop4: p5 size 100663296 extends beyond EOD, truncated
[  402.876588][T16295] SELinux:  policydb version 0 does not match my version range 15-35
[  402.884818][T16295] SELinux: failed to load policy
[  402.906187][T16294] loop2: detected capacity change from 0 to 512
[  402.913113][T16294] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  402.934757][T16294] EXT4-fs (loop2): 1 orphan inode deleted
[  402.940559][T16294] EXT4-fs (loop2): 1 truncate cleaned up
[  402.946908][T16297] netlink: 19 bytes leftover after parsing attributes in process `syz.0.4216'.
[  403.001298][T16304] loop2: detected capacity change from 0 to 1024
[  403.092973][T16314] loop2: detected capacity change from 0 to 128
[  403.100158][T16314] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  403.112377][T16314] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  403.171277][ T8761] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  403.252695][T16321] loop4: detected capacity change from 0 to 2048
[  403.275552][T16321] ext4 filesystem being mounted at /351/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  403.342657][T16325] loop2: detected capacity change from 0 to 1024
[  403.481577][T16325] EXT4-fs: Ignoring removed bh option
[  403.507787][T16325] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  403.546438][T16325] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  403.628194][   T37] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 345: padding at end of block bitmap is not set
[  403.663233][   T37] EXT4-fs (loop4): Remounting filesystem read-only
[  403.670250][T16325] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  403.679680][T16325] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 2: comm syz.2.4225: lblock 2 mapped to illegal pblock 2 (length 1)
[  403.742023][T16325] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 48: comm syz.2.4225: lblock 0 mapped to illegal pblock 48 (length 1)
[  403.780978][T16325] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.4225: Failed to acquire dquot type 0
[  403.792835][T16325] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  403.804280][T16325] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.4225: mark_inode_dirty error
[  403.816207][T16325] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  403.844035][T16325] EXT4-fs (loop2): 1 orphan inode deleted
[  403.863998][ T1954] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1)
[  403.891682][T16325] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #2: block 16: comm syz.2.4225: lblock 0 mapped to illegal pblock 16 (length 1)
[  403.906631][T16325] xt_hashlimit: max too large, truncated to 1048576
[  403.914060][ T1954] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:12: Failed to release dquot type 0
[  403.944336][T16325] EXT4-fs error (device loop2): ext4_map_blocks:777: inode #2: block 16: comm syz.2.4225: lblock 0 mapped to illegal pblock 16 (length 1)
[  403.977188][T11561] EXT4-fs unmount: 49 callbacks suppressed
[  403.977206][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.085498][T16338] loop3: detected capacity change from 0 to 1024
[  404.216025][T16338] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  404.234127][T16338] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.4231: missing EA_INODE flag
[  404.246362][T16338] EXT4-fs (loop3): Remounting filesystem read-only
[  404.253018][T16338] EXT4-fs warning (device loop3): ext4_xattr_inode_dec_ref_all:1226: inode #18: comm syz.3.4231: ea_inode dec ref err=-30
[  404.266000][T16338] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30)
[  404.305886][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.376292][T13989] EXT4-fs error (device loop2): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  404.410126][T16345] loop1: detected capacity change from 0 to 1024
[  404.446545][T16345] EXT4-fs: Ignoring removed bh option
[  404.467977][T13989] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  404.485443][T16345] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  404.532471][T13989] EXT4-fs error (device loop2): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  404.552579][T16345] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  404.601633][T16345] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  404.636278][T16345] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #3: block 2: comm syz.1.4233: lblock 2 mapped to illegal pblock 2 (length 1)
[  404.696269][T16345] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #3: block 48: comm syz.1.4233: lblock 0 mapped to illegal pblock 48 (length 1)
[  404.722665][T16345] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.4233: Failed to acquire dquot type 0
[  404.745623][T16345] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  404.763976][T16345] EXT4-fs error (device loop1): ext4_evict_inode:253: inode #11: comm syz.1.4233: mark_inode_dirty error
[  404.792633][T16345] EXT4-fs warning (device loop1): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  404.816567][T16345] EXT4-fs (loop1): 1 orphan inode deleted
[  404.822796][T16345] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.951150][ T8814] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:69: lblock 1 mapped to illegal pblock 1 (length 1)
[  404.998204][T16354] netlink: 19 bytes leftover after parsing attributes in process `syz.4.4228'.
[  405.012286][T16355] loop2: detected capacity change from 0 to 1024
[  405.019178][ T8814] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:69: Failed to release dquot type 0
[  405.064641][T16356] EXT4-fs error (device loop1): ext4_map_blocks:777: inode #2: block 16: comm syz.1.4233: lblock 0 mapped to illegal pblock 16 (length 1)
[  405.085998][T16355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  405.155255][T13989] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.326465][T16361] loop4: detected capacity change from 0 to 8192
[  405.397371][T16366] loop2: detected capacity change from 0 to 512
[  405.404740][T16366] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  405.413551][T16366] EXT4-fs (loop2): couldn't read superblock of external journal
[  405.466341][T16367] SELinux:  policydb version 0 does not match my version range 15-35
[  405.474677][T16367] SELinux: failed to load policy
[  405.484848][T16361]  loop4: p1 p2 < > p3 p4 < p5 >
[  405.489836][T16361] loop4: partition table partially beyond EOD, truncated
[  405.582387][T16361] loop4: p1 size 100663296 extends beyond EOD, truncated
[  405.700238][T16361] loop4: p2 start 591104 is beyond EOD, truncated
[  405.706736][T16361] loop4: p3 start 33572980 is beyond EOD, truncated
[  405.720582][T16361] loop4: p5 size 100663296 extends beyond EOD, truncated
[  406.028906][T16350] Set syz1 is full, maxelem 65536 reached
[  406.038884][T16371] loop4: detected capacity change from 0 to 512
[  406.073700][T16345] Set syz1 is full, maxelem 65536 reached
[  406.082953][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.094658][T16371] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  406.107732][T16371] EXT4-fs (loop4): 1 orphan inode deleted
[  406.113536][T16371] EXT4-fs (loop4): 1 truncate cleaned up
[  406.119804][T16371] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.143114][T12930] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.158042][T16376] loop3: detected capacity change from 0 to 1024
[  406.158174][T12930] EXT4-fs error (device loop1): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  406.165067][T16376] EXT4-fs: Ignoring removed bh option
[  406.177834][T12930] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  406.184004][T16376] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  406.223561][T12930] EXT4-fs error (device loop1): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  406.228491][T16380] loop2: detected capacity change from 0 to 128
[  406.235056][T16376] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  406.252726][T11561] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.262552][T16376] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100]
[  406.284286][T13989] ==================================================================
[  406.292401][T13989] BUG: KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
[  406.299802][T13989] 
[  406.302131][T13989] write to 0xffff888237d27590 of 8 bytes by task 11561 on cpu 1:
[  406.309946][T13989]  invalidate_bh_lru+0x89/0xe0
[  406.314734][T13989]  smp_call_function_many_cond+0x88f/0xc60
[  406.320559][T13989]  on_each_cpu_cond_mask+0x3c/0x80
[  406.325686][T13989]  invalidate_bh_lrus+0x2a/0x30
[  406.330551][T13989]  blkdev_flush_mapping+0x9a/0x1a0
[  406.335696][T13989]  bdev_release+0x2bf/0x3d0
[  406.340220][T13989]  blkdev_release+0x15/0x20
[  406.344751][T13989]  __fput+0x29b/0x650
[  406.348839][T13989]  ____fput+0x1c/0x30
[  406.352842][T13989]  task_work_run+0x131/0x1a0
[  406.357456][T13989]  exit_to_user_mode_loop+0x1fe/0x740
[  406.362851][T13989]  do_syscall_64+0x202/0x2a0
[  406.367464][T13989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.373455][T13989] 
[  406.375783][T13989] read to 0xffff888237d27590 of 8 bytes by task 13989 on cpu 0:
[  406.383430][T13989]  has_bh_in_lru+0x35/0x1f0
[  406.387948][T13989]  smp_call_function_many_cond+0x2a9/0xc60
[  406.393767][T13989]  on_each_cpu_cond_mask+0x3c/0x80
[  406.398924][T13989]  invalidate_bh_lrus+0x2a/0x30
[  406.403791][T13989]  blkdev_flush_mapping+0x9a/0x1a0
[  406.408942][T13989]  bdev_release+0x2bf/0x3d0
[  406.413463][T13989]  blkdev_release+0x15/0x20
[  406.417978][T13989]  __fput+0x29b/0x650
[  406.421978][T13989]  ____fput+0x1c/0x30
[  406.425980][T13989]  task_work_run+0x131/0x1a0
[  406.430590][T13989]  exit_to_user_mode_loop+0x1fe/0x740
[  406.435980][T13989]  do_syscall_64+0x202/0x2a0
[  406.440595][T13989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.446497][T13989] 
[  406.448820][T13989] value changed: 0xffff88811a99f680 -> 0x0000000000000000
[  406.455927][T13989] 
[  406.458253][T13989] Reported by Kernel Concurrency Sanitizer on:
[  406.464416][T13989] CPU: 0 UID: 0 PID: 13989 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  406.474494][T13989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  406.484559][T13989] ==================================================================
[  406.493928][T16376] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 2: comm syz.3.4242: lblock 2 mapped to illegal pblock 2 (length 1)
[  406.508255][T16376] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 48: comm syz.3.4242: lblock 0 mapped to illegal pblock 48 (length 1)
[  406.529561][T16376] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.4242: Failed to acquire dquot type 0
[  406.541333][T16376] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  406.551038][T16376] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.4242: mark_inode_dirty error
[  406.563339][T16376] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  406.573797][T16376] EXT4-fs (loop3): 1 orphan inode deleted
[  406.580040][T16376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.594569][ T8761] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #3: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 1)
[  406.600290][T16376] EXT4-fs error (device loop3): ext4_map_blocks:777: inode #2: block 16: comm syz.3.4242: lblock 0 mapped to illegal pblock 16 (length 1)
[  406.611383][ T8761] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:32: Failed to release dquot type 0
[  406.644420][T13177] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.653863][T13177] EXT4-fs error (device loop3): __ext4_get_inode_loc:4828: comm syz-executor: Invalid inode table block 1 in block_group 0
[  406.666817][T13177] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6309: Corrupt filesystem
[  406.676451][T13177] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error