last executing test programs:

3m49.661177732s ago: executing program 32 (id=6248):
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x60002)
setreuid(0x0, 0xee00)
writev(r0, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)=ANY=[@ANYRES32=r0])

3m39.663834189s ago: executing program 2 (id=6326):
prlimit64(0x0, 0xe, 0x0, 0x0)
unshare(0x68040200)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xb8, 0x5002004a, 0xb, 0x0, 0xea02, 0x150, 0x3c8, 0x3c8, 0x150, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248)
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)

3m38.942031557s ago: executing program 2 (id=6332):
setitimer(0x2, &(0x7f0000000140)={{}, {0x0, 0x2710}}, 0x0)
getitimer(0x2, &(0x7f0000000b00))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x801, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x1000000, 0x200101, 0x0, 'queue1\x00', 0xffffffff})
r4 = dup(r3)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000001280)={0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0xf963}})
ioctl$LOOP_SET_CAPACITY(r4, 0x4c07)
clock_gettime(0x0, &(0x7f0000000500))
futimesat(r4, &(0x7f00000004c0)='./file0\x00', 0x0)
sendto$inet(r2, &(0x7f0000000180)="24aabceb44a9a3c91fe11e18d79a8411c53cf952b2a9900123d437108d8e0054a2a5501a840fe9395380bc1766b821b3fa49c5df0a4e9cbbde1af00d06a1af5081a4b4e57b21ee1cf2e01cc4400358254c4d1a665c8dc738b1a92cfd569e88a63c2bdf8b6bc2e6afd420370300956316a1b9e06a16021ae67ff71e9bdaae126ad1d138e29171210a97d40122d00525349edb0d8c10b5b6593788b014c3ff4e242a42bccbff8b55a93bcee6b8cbdd04b466068d742b6fc22440c843a7ef8a20a2ba5646a4", 0xfffffffffffffc23, 0x40800, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x1ee)
r5 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x800)
sendmsg$inet(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000140)="594e3433a8684b403f8277e1fa061faebd10e7c52a4467f18a7293116279ed30f6e4ce215cce167e00a1ad1df66ad6edbf5969917bcc5cec5e51d874966616b5bc03c9fd33d923e6f13ab29d688bdeb2ba503d", 0x53}, {&(0x7f00000000c0)="f3d0c5752c348fcef712e8743064970e6390cb80e0704cb1", 0x18}, {&(0x7f00000002c0)="b4227c6d324f3f526e29757a7d0b8c0c839a7643f659629139e6bf39f9c4bccf8b3d0ab779d76f6ae67b33093cd6b4a093a3bae6bdc41055f2c87a4d18c067b980888482b59dcbf5fd355a8795b516d3ad401dce812ac831a2988533d8adeca614b7f06aa65232d8fbb206968718d29cc21ed146a7886e2b67a071b0bf3dd9c7959585c6e22d14adac483e9295c7317226e0b6b21df61199124786b198617601cf98fb9974562f2655ed2b67db41dcdfdd1f8b91a2b2811b8d4ae2e58d759b0bd9e9b79cb7bf773a36c33638", 0xcc}, {&(0x7f00000001c0)="c3f3204460982aca5146c976e214b477b694ab9673ce02d651ca23b4bff592", 0x1f}, {&(0x7f0000000200)="19195b9e", 0x4}, {&(0x7f00000003c0)="3fdfe7568be63d466d41c191c34f18f1864edaaa641449e14a1ee2b50f10f61e1794cb89438e0c41219b425cb166284e26b5272d5ed0f0ab03286dd783c45a6eee24862af47754f3bdaee861cda3d3746697d97b819a2b27bbe3a9b01e8cc55f", 0x60}], 0x6}, 0x40c0)
r6 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x862b01)
r7 = syz_open_dev$evdev(&(0x7f0000000280), 0x0, 0x0)
read$hiddev(r7, &(0x7f0000002300)=""/102, 0x66)
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r9=>0x0})
bind$can_j1939(r8, &(0x7f0000000000)={0x1d, r9, 0x2, {0x0, 0xf0}, 0x2}, 0x18)
write$char_usb(r6, &(0x7f0000000040)="e2", 0x2250)

3m37.764769554s ago: executing program 2 (id=6338):
r0 = gettid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

3m36.972995832s ago: executing program 2 (id=6347):
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x204019, &(0x7f0000000240)=ANY=[@ANYBLOB="757466382c63727566742c6d6f64653d3078303030303030303030303030303037642c686964652c636865636b3d72656c617865642c757466382c757466382c007850bebd8d7d036618c1146a34cfd146c5861d8bd4466228f0bc2de3f77e11157c389fc315c06b7ba5db6a0be20cefe83f41117225bf80377cd9f3f8ce47ac8bf58ed6e8a5f46c37d64ff6e2fb871053a53f8747dada0e0a13c5a2c79eb2bada5d986d2d2899a7"], 0x0, 0x558, &(0x7f0000000fc0)="$eJzs3V1v01gawPHHpYUqK6HV7gqhqsAB9qKVSnASCIq4AK9zkh5I7Mh2UHuFKpqiihRWlJW2vUHcsDvSzIfgdj7EXM+XQfMRMvJL6GuSDiVNB/1/EfjEPjnnsRP56YniYwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5VdsuWNIwXntFDeZWA7+59zR79ZEVsnhgMaRfESv+J7OzcjVddfUfe5uvxP/dkvn02bzMxotZ2f3Llb8+/Pv0VP/1QwI+E9s7u6/Wut3O20kHMkbXLg3eVteeCX3TdOpamdBXlXLZvrtcC1XNNHQos5FuKjfQTuQHamFqURUqlZLS+VW/7dWrTkOrBTdZ+eBO0bbL6km+pZ0g9L27T/Khu2waDePVkzrx5rjOg/iD+NREKtJOU6mNzW6nNGoH4kqFk1QqjqpUtIvFQqFYLJTvV+4/sO3pIyvsQ+RIjcl/aDFZ3/DsDZzOVJb/pSFGPGnLiqhjH65UJRBfmgO2ZxYfZYW7emi/+/N/P8tf3ds8J0n+v54+uz4o/w+I5ewe27Iju/JK1qQrXenI24lHNN6HJQePeV20eGIk/PRYjDTFSdaoeI34oqQiZSmLLc9lWWoSipKaGGmIlrD3Pnuvm8mnKxAtjkTiSyBKFsSVRVFSkIpUpCRKtORlVXxpiyd1qYqTtLIhm8lxLw2J+UulwsAquf7nriPFIS2R/3F63+rUDZxar5//h7h4ZtEAAAAAAIBxsJJv3+Px/4xcS0o109D2pMMCAAAAAADfUK/X68m8WPH4X0SuicX4HwAAAACA742VXGNniUhObqSlDbGSy6X4EgAAAAAAgO9EcuX/9XiRzIFyQ6wv06Uw/gcAAAAA4Dvx/8Fz7M9mVVqXrF9+kyCYsT60Vv5pbTnxSmfrQrr1wuEWo9qcdTlrJFmUp7Nnrp63stkv9ybBTHv5vDFqrn8rC8BKv7L4qgDkR7mZ1rm5ni7X+1vSXnI109B51288LIjjXJ6K9Er0n9eb/5Vk93/wmpct2djsdvIv3nTXk4PxIW7lw1Y2geKReRSHxPIumW8huebi2D2eSS7EyPrNpf3a/TfgsThbU+nLp07c5yP5KLdEZHqvbu7g/s/GfRbyg/Y+i6Jwyj3/KLfTOrcXbqeLY6IojoqiuD+KP3wsThhFaVQUpVNGAQCTsjEiC1lHE/9XnOVOnN1P8+eFfJSFtM7CXHJinZ475oxujzqj26fMbj8fuQfSoBwb9/vToaz6KX7Bp4H9ho2iFR/CC++2/i1Xtnd272xurb3svOy8LhZLZfuebd8vykyyG9mC3AMAOMboe+yMrGHdGzGq/tuXnxTk5YW8ka6sy1JytUHyi4NjW83t+xnCUjJqjYPN7tNyaNSaS9JkeoeXpSGjuovJVQ79dotD6x6MoTT+NwIAgDN0a0QePkn+Xxox7j6Yy4ePjnP77tYGAADGQwefrVz0PysITOt5oVIpONGyVoHvPlWBqda1Ml6kA3fZ8epatQI/8l2/EReemaoOVdhutfwgUjU/UC0/NCvKEktUuBpGuqlC3XS8yLhhq6GdUCvX9yLHjVTVhK5qtf/VMOGyDpIXhy3tmppxncj4ngr9duDqvFKh1morJ5JWNFXtRaZm4qKnWoFpOsGqeuY32k2tqjp0A9OK/LTBfl/Gq/lBM2k2P+mDDQDAObG9s/tqrdvtvB1jYdL7CAAADiJLAwAAAAAAAAAAAAAAAAAAAABw/p3F9X8Uxl5Y+bXXOwdhnJPCRTkXYfy5CyNPHe/P5AQFYGx+DwAA///jeFNb")
socket$packet(0x11, 0x3, 0x300)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x21000)
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0)

3m35.90282962s ago: executing program 2 (id=6350):
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x60002)
setreuid(0x0, 0xee00)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000480)="580000001400192340835980820180000000000000ff810500000000070058000b480400945f64009427", 0x2a}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)=ANY=[@ANYRES32=r0])

3m34.181854506s ago: executing program 2 (id=6359):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000000), 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
accept4(r1, &(0x7f0000000100)=@pptp, 0x0, 0x800)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x4000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000014000180050002"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f0000000180), 0x1, 0x520, &(0x7f00000010c0)="$eJzs3d1rLGcZAPBnNtmer+iu2otaaHuwlZyiZzdpbBu8aCuIdwWl3h9Dsgkhm2zIbupJKJqD9woi2tteeSMI3grS/0BRCnovKkrRUwV7oY7M7OTkZLub5JD9oMnvB2/mnZmdeZ53kn3n85wJ4NK6GRGvRcRURDwfEZVieqkocdAt2ec+uP/WclaSSNM3/p5EUkzLPpYUJXOjWOxqd5D7d3o8bntvf2Op2WzsFOP1zuZ2vb23f3t9c2mtsdbYWliYf2nx5cUXF+eG0s6sXa989S8//sFPv/bKr7747T/e+dut72T5zhTzD9sxbN1tUs62xQPTEbEzimATMFW0pzzpRAAAOJPsGP/TEfG5/Pi/ElP50dzZJCPNDAAAABiW9NWZ+E8SkQIAAAAXVil/BjYp1YpnAWaiVKrVus/wPh7XS81Wu/OF1dbu1kr3WdlqlEur683GXPFMbTXKSTY+n9ePxl94MJ4cPHy94UeVa/n82nKruTK5yx4AAABwqdzoOf//V6V7/n+Ce2NLDgAAABie6lE1rUwyEQAAAGBkqh+Z8s5E8gAAAABG56Pn/wAAAMAF8vXXX89Kmr//uhqx8ube7kbrzdsrjfZGbXN3ubbc2tmurbVaa830SsTmaetrtlrbX4qt3bv1TqPdqbf39u9stna3OnfWj70CGwAAABijTz3z7h+SiDj48rW8ZB7LfkwNWMCzAnBhlB7lw38eXR7A+A3azQMX3/SkEwAmptwdJJPOA5ic0zqAgQ/v/Gb4uQAAAKMx+9n+9/+nj64NABfUI93/By4U9//h8nL/Hy6vsiMAuPRGf/8/TU9dFwAAMFIzeUlKteJe4EyUPky7ohrlZHW92ZiLiE9GxO8r5SvZ+Hy+ZOIfDQAAAAAAAAAAAAAAAAAAAAAAAADAGaVpEikAAABwoUWU/poU7/+arTw303t94LHkw0o+zN8O8MZP7i51Ojvz2fR/FNMjOm8X0194lCsP3jwOAAAAo3J4nn54Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/TB/beWD8vxOaWRxn3/KxFR7Rd/Oq7mw6tRjojr/0xi+nChZyKSiJgaQvyDexHxRL/4SZZWVIssjsUvtsq1PIuRx38qTdPv9ot/49zR4XJ7N+t/Xuv3/SvFzXzY//s/XZTzGtz/lR70f1N94mc9zyfOsP4rEfHkez+vD54b8eR0//7nMH4yIP6z/VbZZ6N865v7+4PyS9+JmD3a/3z/eISjWr2zuV1v7+3fXt9cWmusNbYWFuZfWnx58cXFufrqerNR/Owb44dP/fJ/g+K/fy/iet/9X7f/faj9S73tfy6rlAet+ch/37t7/zN5rZL2rCKPf+vZ/r//J47HP7Zps7+Jzxf7gWz+7GH9oFt/2NM/++3TJ7V/ZUD7T/v93+pZ16D98fPf+N6fTtxAAMBYtff2N5aazcbOyCtvp2k6plj5gci42nXuyuMfn1Tbe7/4Xbfyau+smye0Ir0y7j82lXNXenuKX4+/cwIAAIbq6KB/0pkAAAAAAAAAAAAAAAAAAADA5TWO/06sN+bBZJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCi/wcAAP//rgHbtw==")
r6 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000040)={0x1d, r7, 0x3}, 0x18)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r6)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r6)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r8=>r0, {0x8}}, './file0\x00'})
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r8, &(0x7f0000000180)="cd789c19edc061fac505e6685a3caa1a6f6b082a9a6e00a4fe2b2953002df4aba5aee43aed7e88cfc2c04ebe23d161aae4301964a54376d3f7", &(0x7f00000000c0)=""/9}, 0x20)

3m34.181410236s ago: executing program 33 (id=6359):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000000), 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
accept4(r1, &(0x7f0000000100)=@pptp, 0x0, 0x800)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x4000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000014000180050002"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f0000000180), 0x1, 0x520, &(0x7f00000010c0)="$eJzs3d1rLGcZAPBnNtmer+iu2otaaHuwlZyiZzdpbBu8aCuIdwWl3h9Dsgkhm2zIbupJKJqD9woi2tteeSMI3grS/0BRCnovKkrRUwV7oY7M7OTkZLub5JD9oMnvB2/mnZmdeZ53kn3n85wJ4NK6GRGvRcRURDwfEZVieqkocdAt2ec+uP/WclaSSNM3/p5EUkzLPpYUJXOjWOxqd5D7d3o8bntvf2Op2WzsFOP1zuZ2vb23f3t9c2mtsdbYWliYf2nx5cUXF+eG0s6sXa989S8//sFPv/bKr7747T/e+dut72T5zhTzD9sxbN1tUs62xQPTEbEzimATMFW0pzzpRAAAOJPsGP/TEfG5/Pi/ElP50dzZJCPNDAAAABiW9NWZ+E8SkQIAAAAXVil/BjYp1YpnAWaiVKrVus/wPh7XS81Wu/OF1dbu1kr3WdlqlEur683GXPFMbTXKSTY+n9ePxl94MJ4cPHy94UeVa/n82nKruTK5yx4AAABwqdzoOf//V6V7/n+Ce2NLDgAAABie6lE1rUwyEQAAAGBkqh+Z8s5E8gAAAABG56Pn/wAAAMAF8vXXX89Kmr//uhqx8ube7kbrzdsrjfZGbXN3ubbc2tmurbVaa830SsTmaetrtlrbX4qt3bv1TqPdqbf39u9stna3OnfWj70CGwAAABijTz3z7h+SiDj48rW8ZB7LfkwNWMCzAnBhlB7lw38eXR7A+A3azQMX3/SkEwAmptwdJJPOA5ic0zqAgQ/v/Gb4uQAAAKMx+9n+9/+nj64NABfUI93/By4U9//h8nL/Hy6vsiMAuPRGf/8/TU9dFwAAMFIzeUlKteJe4EyUPky7ohrlZHW92ZiLiE9GxO8r5SvZ+Hy+ZOIfDQAAAAAAAAAAAAAAAAAAAAAAAADAGaVpEikAAABwoUWU/poU7/+arTw303t94LHkw0o+zN8O8MZP7i51Ojvz2fR/FNMjOm8X0194lCsP3jwOAAAAo3J4nn54Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/TB/beWD8vxOaWRxn3/KxFR7Rd/Oq7mw6tRjojr/0xi+nChZyKSiJgaQvyDexHxRL/4SZZWVIssjsUvtsq1PIuRx38qTdPv9ot/49zR4XJ7N+t/Xuv3/SvFzXzY//s/XZTzGtz/lR70f1N94mc9zyfOsP4rEfHkez+vD54b8eR0//7nMH4yIP6z/VbZZ6N865v7+4PyS9+JmD3a/3z/eISjWr2zuV1v7+3fXt9cWmusNbYWFuZfWnx58cXFufrqerNR/Owb44dP/fJ/g+K/fy/iet/9X7f/faj9S73tfy6rlAet+ch/37t7/zN5rZL2rCKPf+vZ/r//J47HP7Zps7+Jzxf7gWz+7GH9oFt/2NM/++3TJ7V/ZUD7T/v93+pZ16D98fPf+N6fTtxAAMBYtff2N5aazcbOyCtvp2k6plj5gci42nXuyuMfn1Tbe7/4Xbfyau+smye0Ir0y7j82lXNXenuKX4+/cwIAAIbq6KB/0pkAAAAAAAAAAAAAAAAAAADA5TWO/06sN+bBZJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCi/wcAAP//rgHbtw==")
r6 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000040)={0x1d, r7, 0x3}, 0x18)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r6)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r6)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r8=>r0, {0x8}}, './file0\x00'})
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r8, &(0x7f0000000180)="cd789c19edc061fac505e6685a3caa1a6f6b082a9a6e00a4fe2b2953002df4aba5aee43aed7e88cfc2c04ebe23d161aae4301964a54376d3f7", &(0x7f00000000c0)=""/9}, 0x20)

3m9.87599409s ago: executing program 4 (id=6549):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000780)={[{@dioread_lock}, {@noblock_validity}, {@stripe={'stripe', 0x3d, 0x9}}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4d1, &(0x7f0000000e80)="$eJzs3M1vG0UbAPBnNx9NP5P2rV7oBzRQEBGFpEkL9MABEEi9gJDgUI4hDVVp2qImSLSqaECoHBF/AXBEQuLEhRNICAEXQFzhjpAq1EsLB2S09m5sN7ZjO21C699PWntmd3Znnt0de71jO4CeNZo9JBFbIuLXiBiuZOsLjFaerl+9OPPX1YszSZRKL/2ZlMtdu3pxpiharLc5z4ylEel7SexpUO/8+QunpufmZs/l+YmF029MzJ+/8OjJ09MnZk/Mnpk6cuTwocknHp96rK04Lq2wPIvr2u63z+7ddfSVD5+fKcWr33+WtXdLvrw2joqRtuptZTRGo5Srzh0sPz646q3/t2ytSSf969gQOtIXEdnhGij3/+Hoi+rBG47n3l3KfLNODQRumey9afuyuX35c7r0/gXciZImfXxorRsCrLHiHT/7/FtMa3n9sd6uPJ09zpbjv55PP75Q2Tdp9ll2pPKJva/J+v9vMG+omiwNr1D/log4tvj3R9kUDe9DtJC0XRIAYMlX2fXPI42u/9K6a5tt+RjKSEQciIgdEfG/iNgZ6VKZuyLi7g7rH70hv/z65+eNHW6yI9n135P52FYxVZYUcSVLua3l+AeS107OzR7M98lYDGzI8pMt6vj62V8+aLZstOb6L5uy+otrwbwdf/RvqF/n+PTC9CpCrnPlnYjd/Y3iT5ZGArI9sCsidnex/WyfnXz4071Zetvm5ctXjr+FmzDOVPok4qHK8V+MG+IvJJWamo1PTgzF3OzBieKsWO6Hny6/WJsfqEnXxT/UXkxD3QbbQHb8NzU8//P4i25QjNfOd17H5d/eb/qZZvnxT+LYYm2J/PzfWN1t2fk/mLxcTg/m896aXlg4NxkxmM+omz9V3VqRL8pn8Y/tb9z/d0T883G+3p6IyE7ieyLi3ojYl7f9voi4PyL2Z4UWG8f43TMPvN56D3V5/t8EWfzHWx3/iJGkdry+i0TfqW+/bFZ/e69/h8upsXxOO69/7TZwNfsOAAAAbhdpeQw6SceLdM3NqZ2xKZ07O79wYDTePHO8MlY9EgNpcadruOZ+6GR+b7jIT92QPxQR28vfNNpYzo/PnJ3bup6BA+Xf6tT1/0jT8fHKst+bfekFuHN0NI5W+6Wzz7+4+Y0B1pTfa0Lv0v+hd+n/0Lv0f+hdjfr/pYjr69AUYI15/4fepf9D79L/oXfp/9CTlv8kvvi7lW5+6V9N7Di6qtVveaI0fEu2vNj5Wn0rlRnorj1R+6cdTRNJRHQXcqStywy2Ufu6JdIVyzy10m4ZWNV/YmSJfXliQ0S0LNxf7YyX1myvFq8QiX+ZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbmv/BgAA//9qX+Lb")

3m9.415701308s ago: executing program 4 (id=6552):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000100)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@nouid32}, {@barrier_val}, {@grpjquota}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x5)
recvmmsg$unix(r0, &(0x7f0000001080)=[{{&(0x7f0000000fc0)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000001140)=""/213, 0xd5}, {&(0x7f0000000000)=""/50, 0x32}], 0x2, &(0x7f0000001040)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}], 0x1, 0x20, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x10)
fsmount(0xffffffffffffffff, 0x0, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
link(&(0x7f0000001240)='./file0\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

3m8.736063567s ago: executing program 4 (id=6555):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r1}, 0xf)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000007d00000a20000000000a03000000000060000000070000000900010073797a300000000044000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d05000d"], 0x8c}}, 0x20050800)

3m8.394949856s ago: executing program 4 (id=6558):
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x204019, &(0x7f0000000240)=ANY=[@ANYBLOB="757466382c63727566742c6d6f64653d3078303030303030303030303030303037642c686964652c636865636b3d72656c617865642c757466382c757466382c007850bebd8d7d036618c1146a34cfd146c5861d8bd4466228f0bc2de3f77e11157c389fc315c06b7ba5db6a0be20cefe83f41117225bf80377cd9f3f8ce47ac8bf58ed6e8a5f46c37d64ff6e2fb871053a53f8747dada0e0a13c5a2c79eb2bada5d986d2d2899a7"], 0x0, 0x558, &(0x7f0000000fc0)="$eJzs3V1v01gawPHHpYUqK6HV7gqhqsAB9qKVSnASCIq4AK9zkh5I7Mh2UHuFKpqiihRWlJW2vUHcsDvSzIfgdj7EXM+XQfMRMvJL6GuSDiVNB/1/EfjEPjnnsRP56YniYwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5VdsuWNIwXntFDeZWA7+59zR79ZEVsnhgMaRfESv+J7OzcjVddfUfe5uvxP/dkvn02bzMxotZ2f3Llb8+/Pv0VP/1QwI+E9s7u6/Wut3O20kHMkbXLg3eVteeCX3TdOpamdBXlXLZvrtcC1XNNHQos5FuKjfQTuQHamFqURUqlZLS+VW/7dWrTkOrBTdZ+eBO0bbL6km+pZ0g9L27T/Khu2waDePVkzrx5rjOg/iD+NREKtJOU6mNzW6nNGoH4kqFk1QqjqpUtIvFQqFYLJTvV+4/sO3pIyvsQ+RIjcl/aDFZ3/DsDZzOVJb/pSFGPGnLiqhjH65UJRBfmgO2ZxYfZYW7emi/+/N/P8tf3ds8J0n+v54+uz4o/w+I5ewe27Iju/JK1qQrXenI24lHNN6HJQePeV20eGIk/PRYjDTFSdaoeI34oqQiZSmLLc9lWWoSipKaGGmIlrD3Pnuvm8mnKxAtjkTiSyBKFsSVRVFSkIpUpCRKtORlVXxpiyd1qYqTtLIhm8lxLw2J+UulwsAquf7nriPFIS2R/3F63+rUDZxar5//h7h4ZtEAAAAAAIBxsJJv3+Px/4xcS0o109D2pMMCAAAAAADfUK/X68m8WPH4X0SuicX4HwAAAACA742VXGNniUhObqSlDbGSy6X4EgAAAAAAgO9EcuX/9XiRzIFyQ6wv06Uw/gcAAAAA4Dvx/8Fz7M9mVVqXrF9+kyCYsT60Vv5pbTnxSmfrQrr1wuEWo9qcdTlrJFmUp7Nnrp63stkv9ybBTHv5vDFqrn8rC8BKv7L4qgDkR7mZ1rm5ni7X+1vSXnI109B51288LIjjXJ6K9Er0n9eb/5Vk93/wmpct2djsdvIv3nTXk4PxIW7lw1Y2geKReRSHxPIumW8huebi2D2eSS7EyPrNpf3a/TfgsThbU+nLp07c5yP5KLdEZHqvbu7g/s/GfRbyg/Y+i6Jwyj3/KLfTOrcXbqeLY6IojoqiuD+KP3wsThhFaVQUpVNGAQCTsjEiC1lHE/9XnOVOnN1P8+eFfJSFtM7CXHJinZ475oxujzqj26fMbj8fuQfSoBwb9/vToaz6KX7Bp4H9ho2iFR/CC++2/i1Xtnd272xurb3svOy8LhZLZfuebd8vykyyG9mC3AMAOMboe+yMrGHdGzGq/tuXnxTk5YW8ka6sy1JytUHyi4NjW83t+xnCUjJqjYPN7tNyaNSaS9JkeoeXpSGjuovJVQ79dotD6x6MoTT+NwIAgDN0a0QePkn+Xxox7j6Yy4ePjnP77tYGAADGQwefrVz0PysITOt5oVIpONGyVoHvPlWBqda1Ml6kA3fZ8epatQI/8l2/EReemaoOVdhutfwgUjU/UC0/NCvKEktUuBpGuqlC3XS8yLhhq6GdUCvX9yLHjVTVhK5qtf/VMOGyDpIXhy3tmppxncj4ngr9duDqvFKh1morJ5JWNFXtRaZm4qKnWoFpOsGqeuY32k2tqjp0A9OK/LTBfl/Gq/lBM2k2P+mDDQDAObG9s/tqrdvtvB1jYdL7CAAADiJLAwAAAAAAAAAAAAAAAAAAAABw/p3F9X8Uxl5Y+bXXOwdhnJPCRTkXYfy5CyNPHe/P5AQFYGx+DwAA///jeFNb")
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000080)=0x4)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x21000)
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0)

3m8.090992625s ago: executing program 6 (id=6564):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000004000085000000720000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r2}, 0x18)
writev(r1, &(0x7f0000000380)=[{&(0x7f0000001080)='z', 0x1}], 0x1)
io_setup(0x5, &(0x7f00000002c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000008000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x5}, 0x18)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001080)=[{{&(0x7f0000000440)={0x2, 0x4e21, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x6, 0x2}]}}}], 0x18}}], 0x1, 0x4000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x7, 0xff, 0x0, 0x1, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018ed8, &(0x7f0000000300)={[{@dioread_nolock}, {@noload}, {@debug}, {@jqfmt_vfsv0}, {@journal_dev={'journal_dev', 0x3d, 0x17}}, {@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3881b9f4}}, {@noquota}]}, 0x6, 0x644, &(0x7f00000006c0)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEPCgoiHgt0ov/gHfp3ZsI6s2zUEUqFrR0ZWZnm81mN7ttsrtJ5vOBzT7zzLN5nm9mn8wzM/vsBFBas9mPNOJUxNubScR007qpqK+cLcq9+teTW9kjiVrtu/9MIinyGuWT4vlEsTAeEX+8EvHpyu561x89vrNYrdU9jTi3cffBufVHj8+u3l28vXx7+d7C+a9duDj/9YULC00N/XAniuer177z+V/85IdfXflT9WwSl+LG6I+XoiWOgzIbs/G2CLE5fyQiLmaJNn+Xo+YYhFBqleL9OBoRn43pqORLddOx+vOhNg7oq1olora3pFsB4KjSvaGsGuOAxrF9b8fBN/o8Khmcl5frB0C74x8pTjmM58dGk6+SpiOj+rmNkwdQf1bHmyfjz948mXkWO85DvH63dUYOoJ5ONrci4nPt4k/ytp3MI83iT3cc6ycRMR8RY0X7vrWPNiRN6X6ch9lLj/FXsvibt0MaEZeK5yz/ygfW33paa9DxA1BOLy4XO/LNbGl7/5eNPRrjn9ge/zxtvG5q/5dkcsPe/3Ue/zX29+P5uCdtGYdlY5br7X/laGvG33529Ved6q+P/2aeNR5Z/Y2x4CC83IqYaYn/p1mwxfgniz9pM/7Nity81Fsd3/7zP652Wjfs+GvPI063Pf7ZHpVmqT2uT55bWa0uz9d/tq3j93/4wW871d8+/o/6EGl72faf7BB/0/ZPW1+X/U0etP+VW60Zv7v+/G6n+qe6bv/072NJ/XhzrMj50dbGxtpCxFhyrShS5C9ubKyd3zveepnXtfx5oR7/mS+17/873v8tUU00/mX24MH37rzqtO5D3v9NF5Pf1npsQydZ/Evdt/+u/p/l/bLHOv7z/Ydf6LSuffzJvmICAAAAAACAskrza7BJOvcunaZzc/X5sp+JybR6f33jyyv3H95bijiTfx5yNI00yT8yMl1fTlZWq8sLxedhG8vnW5a/EhGfRMSvKxP58tyt+9WlYQcPAAAAAAAAAAAAAAAAAAAAh8SJYv5/4z7V/67U5/8DJdH9BnO77v8AHBP9vMEkcLjl/X+vXfzHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9MkXX/w1iYjNb0zkj8xYsc6kXzjeRt+rdKVv7QAGT4+G8np36d9gH0qnp/H/f4svB+x/c4AhSNpl5oOD2t6d/0XbV27b2n/bAAAAAAAAAAAAAIC606c6z/9/v7nBwFFj2h+U1z7m//vqADjifPU/lJdjfKDLLP4Y77Si2/x/AAAAAAAAAAAAAODATOWPJJ0r5gJPRZrOzUV8KiJOxmiyslpdno+IjyPiL5XRj7LlhWE3GgAAAAAAAAAAAAAAAAAAAI6Z9UeP7yxWq8trzYn/7co53onGXVC7F671UGbPxDfjPV8VyeD/LBMRMfSN0rfESFNOErGZbflD0bC19TgczcgTQ/7HBAAAAAAAAAAAAAAAAAAAJdQ097i9md8MuEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHjb9//vkliarL+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//6AzO/k=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)

3m6.938503343s ago: executing program 4 (id=6566):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000004eb04be22073669d77c13be0030000000000000000001101e78f4eaa202fcfe1af0cd925fb", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x7cc1, &(0x7f0000000140)={0x0, 0xa5dc, 0x1100, 0x2, 0x236}, &(0x7f0000000040), &(0x7f00000000c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x100000, 0x5dd8, 0x3, 0x0, 0x0, 0x8, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NETID(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r6, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {}, {0x8, 0x2, 0x7248}}}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x8800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x18)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000ffffff7f000000002000000000000000080000000079051c2cf4327a5d155850f8a89646681bd8604eceed830890f725ee633db2cee9cdb76ab7fd98d115b44f8490ff79b4366eec1aa911769677394a03a32fb4e57235e6883faf98e55bf8c3767d9ede201cc76d55726dbf6bd3a3d1f9e40388f5038944308d6288713b00000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair(0x1a, 0x4, 0x4, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mq_open(0x0, 0x40, 0x9, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r2, 0x18, &(0x7f00000001c0)={0x80000000, r0, 0x1, {0x4, 0x8}, 0x3e}, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61153c00000000006113780000000000bfa000000000000007000000ee0016055e03010000000000250500000000000069163e0000000000bf07000000000000260507000fff0720670600003f000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2474ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7166c23d28c0a7101b8b09736ecd34aa9dc1b498"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

3m6.678126442s ago: executing program 4 (id=6568):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000007d00000a20000000000a03000000000060000000070000000900010073797a300000000044000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d05000d"], 0x8c}}, 0x20050800)

3m6.665102132s ago: executing program 34 (id=6568):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000007d00000a20000000000a03000000000060000000070000000900010073797a300000000044000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d05000d"], 0x8c}}, 0x20050800)

3m6.463258702s ago: executing program 6 (id=6571):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x46, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000002780)='\x87&/\x16\xe7')
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003"], 0x44}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000500)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0xffffffff, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000003c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000440)=@gcm_128={{0x303}, "053200", "1ec2d524d78682576ec2d9e13dad1018", "993161e3"}, 0x28)
write$binfmt_script(r3, &(0x7f0000001300), 0x8f)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000ffffffff7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000340)={&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000240)=0x40)
writev(r3, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
close(r3)

3m6.366341072s ago: executing program 6 (id=6573):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x10)
r2 = syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xffd, '\x00', 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='mm_page_free\x00'}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, 0x0, 0x0, 0x4c2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000240)=ANY=[@ANYRES8=r2, @ANYRES16=0x0, @ANYRES16=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
setregid(0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x800000000003}, 0x100100, 0x5dd8, 0x3, 0x0, 0x0, 0x8, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000300390248ff050005001200", 0x2e}, {0x0}, {0x0}, {&(0x7f0000000140)}], 0x4}, 0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
sendto$inet(r6, 0x0, 0x0, 0x24000080, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = gettid()
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r8, &(0x7f0000001340)=[{&(0x7f0000001280)=""/151, 0x97}], 0x1)
readv(r8, &(0x7f0000001240)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

3m5.229134849s ago: executing program 6 (id=6576):
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x204019, &(0x7f0000000240)=ANY=[@ANYBLOB="757466382c63727566742c6d6f64653d3078303030303030303030303030303037642c686964652c636865636b3d72656c617865642c757466382c757466382c007850bebd8d7d036618c1146a34cfd146c5861d8bd4466228f0bc2de3f77e11157c389fc315c06b7ba5db6a0be20cefe83f41117225bf80377cd9f3f8ce47ac8bf58ed6e8a5f46c37d64ff6e2fb871053a53f8747dada0e0a13c5a2c79eb2bada5d986d2d2899a7"], 0x0, 0x558, &(0x7f0000000fc0)="$eJzs3V1v01gawPHHpYUqK6HV7gqhqsAB9qKVSnASCIq4AK9zkh5I7Mh2UHuFKpqiihRWlJW2vUHcsDvSzIfgdj7EXM+XQfMRMvJL6GuSDiVNB/1/EfjEPjnnsRP56YniYwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5VdsuWNIwXntFDeZWA7+59zR79ZEVsnhgMaRfESv+J7OzcjVddfUfe5uvxP/dkvn02bzMxotZ2f3Llb8+/Pv0VP/1QwI+E9s7u6/Wut3O20kHMkbXLg3eVteeCX3TdOpamdBXlXLZvrtcC1XNNHQos5FuKjfQTuQHamFqURUqlZLS+VW/7dWrTkOrBTdZ+eBO0bbL6km+pZ0g9L27T/Khu2waDePVkzrx5rjOg/iD+NREKtJOU6mNzW6nNGoH4kqFk1QqjqpUtIvFQqFYLJTvV+4/sO3pIyvsQ+RIjcl/aDFZ3/DsDZzOVJb/pSFGPGnLiqhjH65UJRBfmgO2ZxYfZYW7emi/+/N/P8tf3ds8J0n+v54+uz4o/w+I5ewe27Iju/JK1qQrXenI24lHNN6HJQePeV20eGIk/PRYjDTFSdaoeI34oqQiZSmLLc9lWWoSipKaGGmIlrD3Pnuvm8mnKxAtjkTiSyBKFsSVRVFSkIpUpCRKtORlVXxpiyd1qYqTtLIhm8lxLw2J+UulwsAquf7nriPFIS2R/3F63+rUDZxar5//h7h4ZtEAAAAAAIBxsJJv3+Px/4xcS0o109D2pMMCAAAAAADfUK/X68m8WPH4X0SuicX4HwAAAACA742VXGNniUhObqSlDbGSy6X4EgAAAAAAgO9EcuX/9XiRzIFyQ6wv06Uw/gcAAAAA4Dvx/8Fz7M9mVVqXrF9+kyCYsT60Vv5pbTnxSmfrQrr1wuEWo9qcdTlrJFmUp7Nnrp63stkv9ybBTHv5vDFqrn8rC8BKv7L4qgDkR7mZ1rm5ni7X+1vSXnI109B51288LIjjXJ6K9Er0n9eb/5Vk93/wmpct2djsdvIv3nTXk4PxIW7lw1Y2geKReRSHxPIumW8huebi2D2eSS7EyPrNpf3a/TfgsThbU+nLp07c5yP5KLdEZHqvbu7g/s/GfRbyg/Y+i6Jwyj3/KLfTOrcXbqeLY6IojoqiuD+KP3wsThhFaVQUpVNGAQCTsjEiC1lHE/9XnOVOnN1P8+eFfJSFtM7CXHJinZ475oxujzqj26fMbj8fuQfSoBwb9/vToaz6KX7Bp4H9ho2iFR/CC++2/i1Xtnd272xurb3svOy8LhZLZfuebd8vykyyG9mC3AMAOMboe+yMrGHdGzGq/tuXnxTk5YW8ka6sy1JytUHyi4NjW83t+xnCUjJqjYPN7tNyaNSaS9JkeoeXpSGjuovJVQ79dotD6x6MoTT+NwIAgDN0a0QePkn+Xxox7j6Yy4ePjnP77tYGAADGQwefrVz0PysITOt5oVIpONGyVoHvPlWBqda1Ml6kA3fZ8epatQI/8l2/EReemaoOVdhutfwgUjU/UC0/NCvKEktUuBpGuqlC3XS8yLhhq6GdUCvX9yLHjVTVhK5qtf/VMOGyDpIXhy3tmppxncj4ngr9duDqvFKh1morJ5JWNFXtRaZm4qKnWoFpOsGqeuY32k2tqjp0A9OK/LTBfl/Gq/lBM2k2P+mDDQDAObG9s/tqrdvtvB1jYdL7CAAADiJLAwAAAAAAAAAAAAAAAAAAAABw/p3F9X8Uxl5Y+bXXOwdhnJPCRTkXYfy5CyNPHe/P5AQFYGx+DwAA///jeFNb")
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000080)=0x4)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x21000)
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0)

3m4.792798628s ago: executing program 6 (id=6578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000031bc9b5c000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x2c, r3, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)

3m4.277578366s ago: executing program 6 (id=6581):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x15, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000950000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x74)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="a800000013000100"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000d00280a000060001980140004006b2e4f2fdd8733dc1c1639228919eb5e2efc02007b5d2f215d290000140005004af57c15cd92d389e606fce6a0eebda514000400f4d8d35abbd4fab3a3614be8a496bd8f140005008ebcd2c7e1cf0421ab20db4c32c433060500100004000000140003007665746831"], 0xa8}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
r4 = syz_io_uring_setup(0x237, &(0x7f0000000100)={0x0, 0x0, 0x10100, 0x0, 0x1eb}, &(0x7f0000000040)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, 0x0)
setregid(0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffff9c, &(0x7f0000000500)='./file0\x00', &(0x7f0000000580)=""/21, 0x15)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a04, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000140)=ANY=[@ANYRES64=r5, @ANYRES32, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b502000050002000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pipe(&(0x7f0000000440))
bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b00000000fff700000000000080000000000000581afd169d5136c011a0a547a419d03a8796793d663482f47c5bb7f17f3b81925d8f447c8f0437cbe5e70bb2367801a48911333b125c3e2d9cebec3cad05b14a50b3773fabcb4ce21d0039b602dbfd9e8737c2df3c14473eb765159b7a45b09591d88225fffdfd5ae0011c703e6608135fa77a22459dc1c02a68e0603570786fbeecbd5ca3185a3883ce3a2b3729b6063a53fc9b46", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x3b, 0x1, 0x0, 0x0, 0x0, 0x89, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x122, 0x0)
r7 = io_uring_setup(0x71b9, &(0x7f00000000c0)={0x0, 0xc63b})
io_uring_enter(r7, 0x0, 0x2, 0xf, &(0x7f0000000000)={[0x2000000]}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
socket$nl_route(0x10, 0x3, 0x0)

3m4.277267476s ago: executing program 35 (id=6581):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x15, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000950000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x74)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="a800000013000100"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000d00280a000060001980140004006b2e4f2fdd8733dc1c1639228919eb5e2efc02007b5d2f215d290000140005004af57c15cd92d389e606fce6a0eebda514000400f4d8d35abbd4fab3a3614be8a496bd8f140005008ebcd2c7e1cf0421ab20db4c32c433060500100004000000140003007665746831"], 0xa8}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
r4 = syz_io_uring_setup(0x237, &(0x7f0000000100)={0x0, 0x0, 0x10100, 0x0, 0x1eb}, &(0x7f0000000040)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, 0x0)
setregid(0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffff9c, &(0x7f0000000500)='./file0\x00', &(0x7f0000000580)=""/21, 0x15)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a04, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000140)=ANY=[@ANYRES64=r5, @ANYRES32, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b502000050002000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pipe(&(0x7f0000000440))
bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b00000000fff700000000000080000000000000581afd169d5136c011a0a547a419d03a8796793d663482f47c5bb7f17f3b81925d8f447c8f0437cbe5e70bb2367801a48911333b125c3e2d9cebec3cad05b14a50b3773fabcb4ce21d0039b602dbfd9e8737c2df3c14473eb765159b7a45b09591d88225fffdfd5ae0011c703e6608135fa77a22459dc1c02a68e0603570786fbeecbd5ca3185a3883ce3a2b3729b6063a53fc9b46", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x3b, 0x1, 0x0, 0x0, 0x0, 0x89, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x122, 0x0)
r7 = io_uring_setup(0x71b9, &(0x7f00000000c0)={0x0, 0xc63b})
io_uring_enter(r7, 0x0, 0x2, 0xf, &(0x7f0000000000)={[0x2000000]}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
socket$nl_route(0x10, 0x3, 0x0)

2m56.90626916s ago: executing program 5 (id=6626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETLED(r1, 0x4b45, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000180)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xb0}}, {@user_xattr}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2a}}, {@stripe={'stripe', 0x3d, 0x7f}}, {@orlov}, {@dioread_nolock}]}, 0x8, 0x45b, &(0x7f00000010c0)="$eJzs281rHOUfAPDvTJL217dfYq0vfVGjVQy+JE1atQcvioIHBcFLPcYkLbXbRpoIthStIvUoBcGjeBT8CzzpRdST4FXvUijSi9XTyuzOdF+6u0nTTabNfj4w2eeZeWbn+c4zz+4z82QDGFjj2Z8kYmdE/B4Ro/Vsa4Hx+sv1axfm/rl2YS6JavWtv5Jaub+vXZgrihb77cgzE2lE+mkS+zscd+nc+VOzlcrC2Tw/tXz6vamlc+efPXl69sTCiYUzM0ePHjk8/cLzM8/1Jc57srru+3DxwN7X3r78xtyxy+/8/G1SxN8WR5+M99r4RLXa58OVa1dTOhlexQ5D61gZVi1rhqy5Rmr9fzSGotF4o/HqJ6VWDlhX1VyXzRerwCaWRNk1AMpRfNFn97/FsnGjj/Jdfal+A5TFfT1f6luGI83LjLTd3/bTeEQcu/jvV9kS6/McAgCgxffZ+OeZTuO/NO5vKvf/2FqbGxrL51J2R8S9EbEnIu6LqJV9ICIe7HSQHhMC7ZMkN49/0itrj25l2fjvxXxuq3X8V4z+Ymwoz+2qxT+SHD9ZWThUOycREzGyNctP9zjGD6/89nm3bc3jv2zJjl+MBfN6XBne2rrP/Ozy7O3E3OzqxxH7hjvFn9yYCUgiYm9E7FvjMU4+9c2BbttWjr+H1cwzraD6dcST9fa/GG3xF5Le85NT/4vKwqGp4qq42S+/Xnqz2/FvK/4+yNp/e8fr/0b8Y0nzfO3Srbx7vXdf+uOzrvc0k2u6/hsrtuSvH8wuL5+djtiSvF6vdPP6mca+Rb4on8U/cbBz/98djTOxPyKyi/ihiHg4Ih7Jo3s0Ih6LiIM9zsJPLz/+bq8zVHb7z7e1/1hrkbb2byS2RPuazomhUz9+1/qOjeTqPv+O1FIT+Zra59+XveNaTb1u9WoGAACAu1UaETsjSSdvpNN0crL+P/x7YntaWVxafvr44vtn5uu/ERiLkbR40jXa9Dx0Or+tL/IzbfnD+XPjL4a21fKTc4uV+bKDhwG3o0v/z/zpNxqw+fVhHg24S+n/MLj0fxhc+j8Mrg79f1sZ9QA2Xqfv/49KqAew8dr6v2k/GCDu/2Fw6f8wuJr7f1JiPYANtbQtVv6R/GZIVKvV6h1Qjc2TiPSOqEZ/Esk694KdZQd464myP5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6478AAAD//+Jk61o=")
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r2, 0x10001, 0x0)

2m56.540504539s ago: executing program 5 (id=6628):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119, 0x400}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
recvmmsg(r3, &(0x7f0000000280), 0x0, 0x0, &(0x7f0000000380))
r4 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000180)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r7 = dup(r6)
write$P9_RLERRORu(r7, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100bd0000000000040000e12640000000000000", @ANYRES32=r4, @ANYBLOB], 0x50)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r7, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x0, 0x0, 0x32}, &(0x7f0000000500)='./file0\x00', 0x18})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

2m56.193321078s ago: executing program 5 (id=6631):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000100)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@nouid32}, {@barrier_val}, {@grpjquota}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x5)
recvmmsg$unix(r0, &(0x7f0000001080)=[{{&(0x7f0000000fc0)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000001140)=""/213, 0xd5}, {&(0x7f0000000000)=""/50, 0x32}], 0x2, &(0x7f0000001040)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}], 0x1, 0x20, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r4}, 0x10)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
link(&(0x7f0000001240)='./file0\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2m55.797511737s ago: executing program 5 (id=6636):
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x204019, &(0x7f0000000240)=ANY=[@ANYBLOB="757466382c63727566742c6d6f64653d3078303030303030303030303030303037642c686964652c636865636b3d72656c617865642c757466382c757466382c007850bebd8d7d036618c1146a34cfd146c5861d8bd4466228f0bc2de3f77e11157c389fc315c06b7ba5db6a0be20cefe83f41117225bf80377cd9f3f8ce47ac8bf58ed6e8a5f46c37d64ff6e2fb871053a53f8747dada0e0a13c5a2c79eb2bada5d986d2d2899a7"], 0x0, 0x558, &(0x7f0000000fc0)="$eJzs3V1v01gawPHHpYUqK6HV7gqhqsAB9qKVSnASCIq4AK9zkh5I7Mh2UHuFKpqiihRWlJW2vUHcsDvSzIfgdj7EXM+XQfMRMvJL6GuSDiVNB/1/EfjEPjnnsRP56YniYwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5VdsuWNIwXntFDeZWA7+59zR79ZEVsnhgMaRfESv+J7OzcjVddfUfe5uvxP/dkvn02bzMxotZ2f3Llb8+/Pv0VP/1QwI+E9s7u6/Wut3O20kHMkbXLg3eVteeCX3TdOpamdBXlXLZvrtcC1XNNHQos5FuKjfQTuQHamFqURUqlZLS+VW/7dWrTkOrBTdZ+eBO0bbL6km+pZ0g9L27T/Khu2waDePVkzrx5rjOg/iD+NREKtJOU6mNzW6nNGoH4kqFk1QqjqpUtIvFQqFYLJTvV+4/sO3pIyvsQ+RIjcl/aDFZ3/DsDZzOVJb/pSFGPGnLiqhjH65UJRBfmgO2ZxYfZYW7emi/+/N/P8tf3ds8J0n+v54+uz4o/w+I5ewe27Iju/JK1qQrXenI24lHNN6HJQePeV20eGIk/PRYjDTFSdaoeI34oqQiZSmLLc9lWWoSipKaGGmIlrD3Pnuvm8mnKxAtjkTiSyBKFsSVRVFSkIpUpCRKtORlVXxpiyd1qYqTtLIhm8lxLw2J+UulwsAquf7nriPFIS2R/3F63+rUDZxar5//h7h4ZtEAAAAAAIBxsJJv3+Px/4xcS0o109D2pMMCAAAAAADfUK/X68m8WPH4X0SuicX4HwAAAACA742VXGNniUhObqSlDbGSy6X4EgAAAAAAgO9EcuX/9XiRzIFyQ6wv06Uw/gcAAAAA4Dvx/8Fz7M9mVVqXrF9+kyCYsT60Vv5pbTnxSmfrQrr1wuEWo9qcdTlrJFmUp7Nnrp63stkv9ybBTHv5vDFqrn8rC8BKv7L4qgDkR7mZ1rm5ni7X+1vSXnI109B51288LIjjXJ6K9Er0n9eb/5Vk93/wmpct2djsdvIv3nTXk4PxIW7lw1Y2geKReRSHxPIumW8huebi2D2eSS7EyPrNpf3a/TfgsThbU+nLp07c5yP5KLdEZHqvbu7g/s/GfRbyg/Y+i6Jwyj3/KLfTOrcXbqeLY6IojoqiuD+KP3wsThhFaVQUpVNGAQCTsjEiC1lHE/9XnOVOnN1P8+eFfJSFtM7CXHJinZ475oxujzqj26fMbj8fuQfSoBwb9/vToaz6KX7Bp4H9ho2iFR/CC++2/i1Xtnd272xurb3svOy8LhZLZfuebd8vykyyG9mC3AMAOMboe+yMrGHdGzGq/tuXnxTk5YW8ka6sy1JytUHyi4NjW83t+xnCUjJqjYPN7tNyaNSaS9JkeoeXpSGjuovJVQ79dotD6x6MoTT+NwIAgDN0a0QePkn+Xxox7j6Yy4ePjnP77tYGAADGQwefrVz0PysITOt5oVIpONGyVoHvPlWBqda1Ml6kA3fZ8epatQI/8l2/EReemaoOVdhutfwgUjU/UC0/NCvKEktUuBpGuqlC3XS8yLhhq6GdUCvX9yLHjVTVhK5qtf/VMOGyDpIXhy3tmppxncj4ngr9duDqvFKh1morJ5JWNFXtRaZm4qKnWoFpOsGqeuY32k2tqjp0A9OK/LTBfl/Gq/lBM2k2P+mDDQDAObG9s/tqrdvtvB1jYdL7CAAADiJLAwAAAAAAAAAAAAAAAAAAAABw/p3F9X8Uxl5Y+bXXOwdhnJPCRTkXYfy5CyNPHe/P5AQFYGx+DwAA///jeFNb")
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000080)=0x4)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x21000)
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0)

2m55.471722936s ago: executing program 5 (id=6640):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53048c6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x1, 0x7fe2, 0x1, 0x12, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffad, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
get_robust_list(0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000002c0))
sendmsg$can_bcm(r2, &(0x7f00000003c0)={&(0x7f00000001c0), 0x10, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x2)
socket$packet(0x11, 0x2, 0x300)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/zoneinfo\x00', 0x0, 0x0)
preadv(r6, &(0x7f0000000000)=[{&(0x7f0000002600)=""/4104, 0x1008}], 0x1, 0x3ff, 0xfffffffc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a0300000000000000000002000006200000f7723715fc30989191b00065c4d637000e0a01030000000000000000020000020900010073797a3000000000140000001100010000000000000000000000000a"], 0x5c}}, 0x0)

2m55.257751816s ago: executing program 5 (id=6644):
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x60002)
setreuid(0x0, 0xee00)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000480)="580000001400192340835980820180000000000000ff8105000000000700", 0x1e}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, 0x0)

2m55.203427666s ago: executing program 36 (id=6644):
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x60002)
setreuid(0x0, 0xee00)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000480)="580000001400192340835980820180000000000000ff8105000000000700", 0x1e}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, 0x0)

2m11.455870664s ago: executing program 8 (id=7085):
r0 = syz_io_uring_setup(0x6de4, &(0x7f00000008c0)={0x0, 0x8000, 0x8, 0x1}, &(0x7f0000000440)=<r1=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x110a2, 0x10a5, 0x5, 0x0, 0x0)
io_uring_enter(r0, 0x81e, 0xfffffff9, 0x1, 0x0, 0x0)

2m10.891646303s ago: executing program 8 (id=7093):
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

2m10.320399462s ago: executing program 8 (id=7096):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
socket$caif_stream(0x25, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

2m10.300780342s ago: executing program 8 (id=7097):
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x204019, &(0x7f0000000240)=ANY=[@ANYBLOB="757466382c63727566742c6d6f64653d3078303030303030303030303030303037642c686964652c636865636b3d72656c617865642c757466382c757466382c007850bebd8d7d036618c1146a34cfd146c5861d8bd4466228f0bc2de3f77e11157c389fc315c06b7ba5db6a0be20cefe83f41117225bf80377cd9f3f8ce47ac8bf58ed6e8a5f46c37d64ff6e2fb871053a53f8747dada0e0a13c5a2c79eb2bada5d986d2d2899a7"], 0x0, 0x558, &(0x7f0000000fc0)="$eJzs3V1v01gawPHHpYUqK6HV7gqhqsAB9qKVSnASCIq4AK9zkh5I7Mh2UHuFKpqiihRWlJW2vUHcsDvSzIfgdj7EXM+XQfMRMvJL6GuSDiVNB/1/EfjEPjnnsRP56YniYwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5VdsuWNIwXntFDeZWA7+59zR79ZEVsnhgMaRfESv+J7OzcjVddfUfe5uvxP/dkvn02bzMxotZ2f3Llb8+/Pv0VP/1QwI+E9s7u6/Wut3O20kHMkbXLg3eVteeCX3TdOpamdBXlXLZvrtcC1XNNHQos5FuKjfQTuQHamFqURUqlZLS+VW/7dWrTkOrBTdZ+eBO0bbL6km+pZ0g9L27T/Khu2waDePVkzrx5rjOg/iD+NREKtJOU6mNzW6nNGoH4kqFk1QqjqpUtIvFQqFYLJTvV+4/sO3pIyvsQ+RIjcl/aDFZ3/DsDZzOVJb/pSFGPGnLiqhjH65UJRBfmgO2ZxYfZYW7emi/+/N/P8tf3ds8J0n+v54+uz4o/w+I5ewe27Iju/JK1qQrXenI24lHNN6HJQePeV20eGIk/PRYjDTFSdaoeI34oqQiZSmLLc9lWWoSipKaGGmIlrD3Pnuvm8mnKxAtjkTiSyBKFsSVRVFSkIpUpCRKtORlVXxpiyd1qYqTtLIhm8lxLw2J+UulwsAquf7nriPFIS2R/3F63+rUDZxar5//h7h4ZtEAAAAAAIBxsJJv3+Px/4xcS0o109D2pMMCAAAAAADfUK/X68m8WPH4X0SuicX4HwAAAACA742VXGNniUhObqSlDbGSy6X4EgAAAAAAgO9EcuX/9XiRzIFyQ6wv06Uw/gcAAAAA4Dvx/8Fz7M9mVVqXrF9+kyCYsT60Vv5pbTnxSmfrQrr1wuEWo9qcdTlrJFmUp7Nnrp63stkv9ybBTHv5vDFqrn8rC8BKv7L4qgDkR7mZ1rm5ni7X+1vSXnI109B51288LIjjXJ6K9Er0n9eb/5Vk93/wmpct2djsdvIv3nTXk4PxIW7lw1Y2geKReRSHxPIumW8huebi2D2eSS7EyPrNpf3a/TfgsThbU+nLp07c5yP5KLdEZHqvbu7g/s/GfRbyg/Y+i6Jwyj3/KLfTOrcXbqeLY6IojoqiuD+KP3wsThhFaVQUpVNGAQCTsjEiC1lHE/9XnOVOnN1P8+eFfJSFtM7CXHJinZ475oxujzqj26fMbj8fuQfSoBwb9/vToaz6KX7Bp4H9ho2iFR/CC++2/i1Xtnd272xurb3svOy8LhZLZfuebd8vykyyG9mC3AMAOMboe+yMrGHdGzGq/tuXnxTk5YW8ka6sy1JytUHyi4NjW83t+xnCUjJqjYPN7tNyaNSaS9JkeoeXpSGjuovJVQ79dotD6x6MoTT+NwIAgDN0a0QePkn+Xxox7j6Yy4ePjnP77tYGAADGQwefrVz0PysITOt5oVIpONGyVoHvPlWBqda1Ml6kA3fZ8epatQI/8l2/EReemaoOVdhutfwgUjU/UC0/NCvKEktUuBpGuqlC3XS8yLhhq6GdUCvX9yLHjVTVhK5qtf/VMOGyDpIXhy3tmppxncj4ngr9duDqvFKh1morJ5JWNFXtRaZm4qKnWoFpOsGqeuY32k2tqjp0A9OK/LTBfl/Gq/lBM2k2P+mDDQDAObG9s/tqrdvtvB1jYdL7CAAADiJLAwAAAAAAAAAAAAAAAAAAAABw/p3F9X8Uxl5Y+bXXOwdhnJPCRTkXYfy5CyNPHe/P5AQFYGx+DwAA///jeFNb")
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, 0x0, &(0x7f0000000080))
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x21000)
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0)

2m9.098125559s ago: executing program 8 (id=7101):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x61, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='host1x_cdma_push_gather\x00', r0}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r6, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfe, 0x2ffffffff}, 0xc)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000005c228a0b00ff010000850000000f000000040000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r9, 0x0, 0x8000000003}, 0x18)
r10 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r11 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r11, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r10, 0x4c00, r11)
sendfile(r10, r10, 0x0, 0x24002de8)
ioctl$LOOP_CLR_FD(r10, 0x4c01)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000780)={&(0x7f0000000000)={0x28, r1, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x5b}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x890}, 0x20000000)

2m8.713861638s ago: executing program 8 (id=7105):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53048c6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x1, 0x7fe2, 0x1, 0x12, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffad, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
get_robust_list(0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000002c0)={<r5=>0x0, <r6=>0x0})
sendmsg$can_bcm(r2, &(0x7f00000003c0)={&(0x7f00000001c0), 0x10, &(0x7f0000000380)={&(0x7f0000000300)={0x4, 0x80, 0xfffffffd, {}, {r5, r6/1000+10000}, {0x4, 0x1}, 0x1, @can={{0x4}, 0x1, 0x0, 0x0, 0x0, "ea80ae858e1129c9"}}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x2)
socket$packet(0x11, 0x2, 0x300)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/zoneinfo\x00', 0x0, 0x0)
preadv(r8, &(0x7f0000000000)=[{0x0}], 0x1, 0x3ff, 0xfffffffc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a0300000000000000000002000006200000f7723715fc30989191b00065c4d637000e0a01030000000000000000020000020900010073797a3000000000140000001100010000000000000000000000000a"], 0x5c}}, 0x0)

2m8.713533968s ago: executing program 37 (id=7105):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53048c6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x1, 0x7fe2, 0x1, 0x12, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffad, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
get_robust_list(0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000002c0)={<r5=>0x0, <r6=>0x0})
sendmsg$can_bcm(r2, &(0x7f00000003c0)={&(0x7f00000001c0), 0x10, &(0x7f0000000380)={&(0x7f0000000300)={0x4, 0x80, 0xfffffffd, {}, {r5, r6/1000+10000}, {0x4, 0x1}, 0x1, @can={{0x4}, 0x1, 0x0, 0x0, 0x0, "ea80ae858e1129c9"}}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x2)
socket$packet(0x11, 0x2, 0x300)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/zoneinfo\x00', 0x0, 0x0)
preadv(r8, &(0x7f0000000000)=[{0x0}], 0x1, 0x3ff, 0xfffffffc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a0300000000000000000002000006200000f7723715fc30989191b00065c4d637000e0a01030000000000000000020000020900010073797a3000000000140000001100010000000000000000000000000a"], 0x5c}}, 0x0)

4.44748279s ago: executing program 3 (id=8635):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01dfffffff0000000000210000000c000180080001", @ANYRES32=r1], 0x20}}, 0x0)

4.38376022s ago: executing program 3 (id=8637):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[@ANYBLOB="020300030c00000000070000000000000100"], 0x60}, 0x1, 0x7}, 0x0)

4.35406199s ago: executing program 3 (id=8639):
r0 = syz_io_uring_setup(0x6de4, &(0x7f00000008c0)={0x0, 0x8000, 0x8, 0x1}, &(0x7f0000000440)=<r1=>0x0, &(0x7f0000000200))
unshare(0x8000600)
r2 = memfd_create(&(0x7f0000000400)='\x01\fD\xd1\x1e\x803\x00\x00\xbf\xecs \xc5\xb55nVg\x1b\xa3\x8a\xcc\xf2!PmENs\xe5\x83Uz\xc0W\xc1\xcc\x97\xd1\x8e\x81\n\xc0\xb3Ac\xfe(\x00\x13\xaeZ\x8bp\x1e\xdc\x18\xddf\xe9\xe1\t\bR) \xa9P9(\xe1-q \xb3\x80\xb9\xdfj\xed\xc2_o\xa6\x04\xf5\x9f\x04\xf1\xd5\xe3\xfa\xfd\x161\x13r\xc49\x80\x86\x1a\xbf\xf8H\xe8Cc\x84\xa6y\xb7\xbe\xf5\xcc\xc9Z\x9f\xa6\xcbX\x891\xed\a\xf9\xa6\xd8\xd0\x03\x00\x00\x00\x00\x00\x00\x00\']\by\xb5\xbcI\xbf\xacw\xda\xed\xf0^\xd35\xeb=\xc7\x82;\xb32;\xc5\xa3\xc8\xb9\xf2\xe5\xf4\x93[\x91F\x83?\xfe\xd9\x7ffvQ\xff\xc0\x8f\xe4\xb8\xa3\xbf\xceAT\x17\xc6\x81\xc0m}O\xfd\xe0\x05$\xcd\xfdkMu\x9bQ\xd8z\xe0\xd6\xe2\xbe\xf4\xd5\x16\x94\xe0\xbf0\xde\xcaS/\xf7\xeb\x89bmX0\x94T\x10\x9dx@\xce:]\xb68\xa2W\xcb\x86\b#s\xb4q6\xe88\x19\x1a\x14Z\xf3\xd7\x92\xe4bT\x02\x00\x10r\x9b~n`m:]#\x989\xc3psjO\x80n\\\xb9\x9b\xeami\xd1\x9cSL\xb6\x87\t\x9bg\xd3\xcf\xc0F\x8c\x9b\x12O\xac`\xb4\x94IH\xb0\xcd\xe9eC\xb1\x8d{\x19\xde\x19\x8e\xb5l\xa6\x1e\r)j\xec\x02\x19SM\xa6\xcf\xb9b)\xe7\xa8\x03~{\xc5\x9b\xa8I\x19j\xa5g\x877Xa\x91\x144\x064w\xc1\xe7J)\xean\xfd\xc6\xa5Y\x84\x82U\xdc\x1bQ\xd54\x01\x98\x88\xc8\xce\x94\xf8d\x9c\xba\x1e\xf3o\x87\xbc\xbaL\x87\b<\xb8o\xc8nd\xe0\xea-5P\xa0\xc7\x18\xdb\\O\xb8xT\xa1', 0x0)
lseek(r2, 0x7fffffffffffffff, 0x0)
r3 = dup(r2)
sendfile(r2, r3, &(0x7f00000000c0), 0x101)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x110a2, 0x10a5, 0x5, 0x0, 0x0)
io_uring_enter(r0, 0x81e, 0xfffffff9, 0x1, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f00000000c0)=""/26, 0x1a, <r4=>0x0, 0x0}}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r5, &(0x7f0000000000)={&(0x7f0000000180)={0xa, 0x4622, 0x1000000080000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@rthdr={{0x18, 0x29, 0x3b, {0x3b, 0x0, 0x2}}}], 0x18}, 0x84)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r4, 0x4)

4.024512669s ago: executing program 3 (id=8644):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01dfffffff0000000000210000000c0001", @ANYRES32], 0x20}}, 0x0)

3.985624689s ago: executing program 3 (id=8646):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x8000000000000000}, 0x18)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
ioctl$PPPOEIOCDFWD(0xffffffffffffffff, 0x8903, 0xf0ff1f00000000)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/67, 0x43}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$igmp(0x2, 0x3, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x80, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r3=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000030000000000000000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
futex_waitv(&(0x7f0000000e80)=[{0x9, &(0x7f0000000440), 0x82}, {0x2, &(0x7f0000000480)=0xdd, 0x2}, {0xd5f1, 0x0, 0x2}, {0x6, &(0x7f0000000500)=0xff, 0x82}, {0x8000000000000000, &(0x7f0000000540)=0x2, 0x2}, {0x9, &(0x7f00000005c0)=0x2, 0x2}, {0x3, &(0x7f0000000640)=0x4, 0x82}, {0x5, &(0x7f0000000680)=0xa7, 0x2}, {0x810000000000000, &(0x7f00000006c0)=0x3a, 0x82}, {0x9, &(0x7f0000000700)=0x8000000000000001, 0x2}, {0x9, &(0x7f0000000740)=0x7, 0x2}, {0x1, &(0x7f0000000780)=0x1, 0x82}, {0x0, &(0x7f00000007c0)=0x1, 0x82}, {0x6, &(0x7f0000000800)=0x8000000000000001, 0x82}, {0x9, &(0x7f0000000840)=0x8, 0x82}, {0x27e90ca6, &(0x7f0000000880)=0x4d, 0x2}, {0x6, &(0x7f00000008c0)=0xe, 0x82}, {0x5, &(0x7f0000000900)=0x5, 0x2}, {0x1, &(0x7f0000000940)=0xed, 0x82}, {0x100000001, &(0x7f0000000980)=0xc, 0x2}, {0xffffffffffffffff, &(0x7f0000000a40)=0x6d6, 0x82}, {0x0, &(0x7f0000000a80)=0x8f89, 0x2}, {0x4, &(0x7f0000000ac0)=0x6b5, 0x2}, {0xd, &(0x7f0000000b00)=0x5, 0x82}, {0x5, &(0x7f0000000b40), 0x82}, {0x5, &(0x7f0000000b80)=0x2, 0x2}, {0x4d, &(0x7f0000000bc0)=0x10000, 0x82}, {0x4, &(0x7f0000000c00)=0x4, 0x2}, {0x8, &(0x7f0000000c40)=0x3, 0x82}, {0xffffffffffffffff, &(0x7f0000000c80)=0x100000001, 0x82}, {0xa, &(0x7f0000000cc0)=0x7, 0x82}, {0x6, &(0x7f0000000d40)=0x8, 0x82}, {0x0, &(0x7f0000000d80)=0x73fd, 0x82}, {0xfffffffffffffffd, &(0x7f0000000dc0)=0x4a62, 0x82}, {0x4, &(0x7f0000000e00)=0x100, 0x82}, {0x0, &(0x7f0000000e40)=0x2, 0x82}], 0x24, 0x0, &(0x7f0000001200), 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}}, 0x0)

3.586566398s ago: executing program 9 (id=8651):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffe)
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.pending_reads\x00', 0x80, 0x11)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
r6 = shmget$private(0x0, 0x4000, 0x80, &(0x7f0000ffc000/0x4000)=nil)
shmctl$IPC_INFO(r6, 0x3, &(0x7f0000000380)=""/132)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
futex_waitv(&(0x7f00000013c0)=[{0x800000, 0x0, 0x2}], 0x1, 0x0, 0x0, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000000)=[&(0x7f0000ffc000/0x1000)=nil], &(0x7f0000001180), 0xfffffffffffffffe, 0x0)

2.537914836s ago: executing program 9 (id=8661):
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119, 0x400}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100bd0000000000040000e12640000000000000", @ANYRES32=r3], 0x50)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x0, 0x0, 0x32}, &(0x7f0000000500)='./file0\x00', 0x18})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

2.457967516s ago: executing program 9 (id=8665):
r0 = syz_io_uring_setup(0x6de4, &(0x7f00000008c0)={0x0, 0x8000, 0x8, 0x1}, &(0x7f0000000440)=<r1=>0x0, &(0x7f0000000200))
unshare(0x8000600)
r2 = memfd_create(&(0x7f0000000400)='\x01\fD\xd1\x1e\x803\x00\x00\xbf\xecs \xc5\xb55nVg\x1b\xa3\x8a\xcc\xf2!PmENs\xe5\x83Uz\xc0W\xc1\xcc\x97\xd1\x8e\x81\n\xc0\xb3Ac\xfe(\x00\x13\xaeZ\x8bp\x1e\xdc\x18\xddf\xe9\xe1\t\bR) \xa9P9(\xe1-q \xb3\x80\xb9\xdfj\xed\xc2_o\xa6\x04\xf5\x9f\x04\xf1\xd5\xe3\xfa\xfd\x161\x13r\xc49\x80\x86\x1a\xbf\xf8H\xe8Cc\x84\xa6y\xb7\xbe\xf5\xcc\xc9Z\x9f\xa6\xcbX\x891\xed\a\xf9\xa6\xd8\xd0\x03\x00\x00\x00\x00\x00\x00\x00\']\by\xb5\xbcI\xbf\xacw\xda\xed\xf0^\xd35\xeb=\xc7\x82;\xb32;\xc5\xa3\xc8\xb9\xf2\xe5\xf4\x93[\x91F\x83?\xfe\xd9\x7ffvQ\xff\xc0\x8f\xe4\xb8\xa3\xbf\xceAT\x17\xc6\x81\xc0m}O\xfd\xe0\x05$\xcd\xfdkMu\x9bQ\xd8z\xe0\xd6\xe2\xbe\xf4\xd5\x16\x94\xe0\xbf0\xde\xcaS/\xf7\xeb\x89bmX0\x94T\x10\x9dx@\xce:]\xb68\xa2W\xcb\x86\b#s\xb4q6\xe88\x19\x1a\x14Z\xf3\xd7\x92\xe4bT\x02\x00\x10r\x9b~n`m:]#\x989\xc3psjO\x80n\\\xb9\x9b\xeami\xd1\x9cSL\xb6\x87\t\x9bg\xd3\xcf\xc0F\x8c\x9b\x12O\xac`\xb4\x94IH\xb0\xcd\xe9eC\xb1\x8d{\x19\xde\x19\x8e\xb5l\xa6\x1e\r)j\xec\x02\x19SM\xa6\xcf\xb9b)\xe7\xa8\x03~{\xc5\x9b\xa8I\x19j\xa5g\x877Xa\x91\x144\x064w\xc1\xe7J)\xean\xfd\xc6\xa5Y\x84\x82U\xdc\x1bQ\xd54\x01\x98\x88\xc8\xce\x94\xf8d\x9c\xba\x1e\xf3o\x87\xbc\xbaL\x87\b<\xb8o\xc8nd\xe0\xea-5P\xa0\xc7\x18\xdb\\O\xb8xT\xa1', 0x0)
lseek(r2, 0x7fffffffffffffff, 0x0)
r3 = dup(r2)
sendfile(r2, r3, &(0x7f00000000c0), 0x101)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x110a2, 0x10a5, 0x5, 0x0, 0x0)
io_uring_enter(r0, 0x81e, 0xfffffff9, 0x1, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x20, &(0x7f0000000100)={&(0x7f00000000c0)=""/26, 0x1a, <r4=>0x0, 0x0}}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r5, &(0x7f0000000000)={&(0x7f0000000180)={0xa, 0x4622, 0x1000000080000, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@rthdr={{0x18, 0x29, 0x3b, {0x3b, 0x0, 0x2}}}], 0x18}, 0x84)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r4, 0x4)

2.241841185s ago: executing program 9 (id=8668):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000000), 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
accept4(r1, &(0x7f0000000100)=@pptp, 0x0, 0x800)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x4000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r6}, 0x10)
readlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r8, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000000b1400036665e57a114c2cbd7008000100017b3b6af9d33f085ca22800030b000000000800"/56], 0x30}, 0x1, 0x0, 0x0, 0x4040840}, 0x8040085)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="744e2e724769a314bc109c521230a5a7c7b0a1bfd21793bd8295324acb418895d814fce0d401bf9b54cef9aa3f7e6dea8bc09f3892288c227cae0758645ddeecd96d15a7146b83a7ec1f923bd02adb3c7666351d9f2296c03b4dddd98eaae616d842a82c9d91814bd31fcdceba03e95e044b12859b14fb6886f9ff40d05fd6c7a6e33cf32dd33f21d61cf301e9fe3754e4e3c62b669681a6afe7ce00f7e52a7033f8f49b5cd200a28d08252b146671ede278964b726675a0253bc5c7be4c4e0a56bd0d2e28703deade025e840ece1cdc7ff489141b1a37462f063c6dc1e8f0b88110aeec99f5702d31b91bfcf51b6ede94658a", @ANYBLOB="bc482dc88950a5b6f1da12662aed8fae0d0dbe4d0c51a9822af4fd11fba0fa8568d87a564253a0810a714240ce70d81a3e668d849bfd2a2b02f0a9177a68d03153f5874aaa4aa02df23205d58311ada448febd0de8d29f9dbce65db33ca0be8c61d24925b1d313a54c9454ed74a175240f78b8b346918bd291415bd4e8a6f397adbea2f634fab294a2976df65de93828413bdbc8d2f71831e5df79ec11bb8dd8f535c7b8"], &(0x7f0000000340)='syzkaller\x00', 0x77, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r9, 0x6, 0x1b, 0x0, 0x0)

1.578046314s ago: executing program 0 (id=8678):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x8000000000000000}, 0x18)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
ioctl$PPPOEIOCDFWD(0xffffffffffffffff, 0x8903, 0xf0ff1f00000000)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/67, 0x43}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$igmp(0x2, 0x3, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x80, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r3=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000030000000000000000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
futex_waitv(&(0x7f0000000e80)=[{0x9, &(0x7f0000000440), 0x82}, {0x2, &(0x7f0000000480)=0xdd, 0x2}, {0xd5f1, 0x0, 0x2}, {0x6, &(0x7f0000000500)=0xff, 0x82}, {0x8000000000000000, &(0x7f0000000540)=0x2, 0x2}, {0x9, &(0x7f00000005c0)=0x2, 0x2}, {0x3, &(0x7f0000000640)=0x4, 0x82}, {0x5, &(0x7f0000000680)=0xa7, 0x2}, {0x810000000000000, &(0x7f00000006c0)=0x3a, 0x82}, {0x9, &(0x7f0000000700)=0x8000000000000001, 0x2}, {0x9, &(0x7f0000000740)=0x7, 0x2}, {0x1, &(0x7f0000000780)=0x1, 0x82}, {0x0, &(0x7f00000007c0)=0x1, 0x82}, {0x6, &(0x7f0000000800)=0x8000000000000001, 0x82}, {0x9, &(0x7f0000000840)=0x8, 0x82}, {0x27e90ca6, &(0x7f0000000880)=0x4d, 0x2}, {0x6, &(0x7f00000008c0)=0xe, 0x82}, {0x5, &(0x7f0000000900)=0x5, 0x2}, {0x1, &(0x7f0000000940)=0xed, 0x82}, {0x100000001, &(0x7f0000000980)=0xc, 0x2}, {0xffffffffffffffff, &(0x7f0000000a40)=0x6d6, 0x82}, {0x0, &(0x7f0000000a80)=0x8f89, 0x2}, {0x4, &(0x7f0000000ac0)=0x6b5, 0x2}, {0xd, &(0x7f0000000b00)=0x5, 0x82}, {0x5, &(0x7f0000000b40), 0x82}, {0x5, &(0x7f0000000b80)=0x2, 0x2}, {0x4d, &(0x7f0000000bc0)=0x10000, 0x82}, {0x4, &(0x7f0000000c00)=0x4, 0x2}, {0x8, &(0x7f0000000c40)=0x3, 0x82}, {0xffffffffffffffff, &(0x7f0000000c80)=0x100000001, 0x82}, {0xa, &(0x7f0000000cc0)=0x7, 0x82}, {0x6, &(0x7f0000000d40)=0x8, 0x82}, {0x0, &(0x7f0000000d80)=0x73fd, 0x82}, {0xfffffffffffffffd, &(0x7f0000000dc0)=0x4a62, 0x82}, {0x4, &(0x7f0000000e00)=0x100, 0x82}, {0x0, &(0x7f0000000e40)=0x2, 0x82}], 0x24, 0x0, &(0x7f0000001200), 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}}, 0x0)

1.348692263s ago: executing program 9 (id=8680):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe(0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000240)='tlb_flush\x00', r1}, 0x10)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000de83f80000000000040000e9c05873d283000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f00000002c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000005c0)=[{0x200000000006, 0xde, 0x0, 0x7ffc1ffb}]})
getcwd(&(0x7f0000000240)=""/87, 0x57)

843.934732ms ago: executing program 1 (id=8683):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000400)={0x9, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="1feb010018000000000000000c0000000c00000007000000030000000000000a0400000000002e61005f00"], &(0x7f0000000740)=""/204, 0x2b, 0xcc, 0x1, 0x2, 0x10000, @value}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xb, &(0x7f00000008c0)=ANY=[@ANYRESOCT=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095", @ANYRES32=r0], 0x0, 0x10000000, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x3, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
r4 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000880)='5', 0x1, 0xffffffffffffffff)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
sendfile(r5, r6, 0x0, 0xf2)
r7 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r8 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r4, r7, r8, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x40100, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x60}]})
r9 = socket$igmp6(0xa, 0x3, 0x3a)
socket(0x10, 0x3, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000010000000900000008"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r10}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000580)='kfree\x00', r11}, 0x18)
setsockopt$MRT6_ADD_MFC(r9, 0x29, 0x22, &(0x7f0000000080)={{0xa, 0x0, 0x101, @loopback, 0x18000}, {0xa, 0x0, 0x0, @dev}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}}, 0x5c)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r13)
sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)=ANY=[], 0xec}}, 0x0)
sendmsg$NLBL_MGMT_C_PROTOCOLS(r12, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="19000000", @ANYRES16=r14, @ANYBLOB="00032dbd7000fbdbdf250700000008000800ac14143d08000c000000000008000c0002000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000010}, 0x6080)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r12)
ioctl$sock_SIOCGIFINDEX_802154(r13, 0x8933, &(0x7f0000000240)={'wpan3\x00'})
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)

776.591372ms ago: executing program 3 (id=8684):
setitimer(0x2, &(0x7f0000000140)={{}, {0x0, 0x2710}}, 0x0)
getitimer(0x2, &(0x7f0000000b00))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x801, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x1000000, 0x200101, 0x0, 'queue1\x00', 0xffffffff})
r4 = dup(r3)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000001280)={0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0xf963}})
ioctl$LOOP_SET_CAPACITY(r4, 0x4c07)
clock_gettime(0x0, &(0x7f0000000500)={<r5=>0x0, <r6=>0x0})
futimesat(r4, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000580)={{r5, r6/1000+60000}})
sendto$inet(r2, &(0x7f0000000180)="24aabceb44a9a3c91fe11e18d79a8411c53cf952b2a9900123d437108d8e0054a2a5501a840fe9395380bc1766b821b3fa49c5df0a4e9cbbde1af00d06a1af5081a4b4e57b21ee1cf2e01cc4400358254c4d1a665c8dc738b1a92cfd569e88a63c2bdf8b6bc2e6afd420370300956316a1b9e06a16021ae67ff71e9bdaae126ad1d138e29171210a97d40122d00525349edb0d8c10b5b6593788b014c3ff4e242a42bccbff8b55a93bcee6b8cbdd04b466068d742b6fc224", 0xb8, 0x40800, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x1ee)
r7 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x800)
sendmsg$inet(r7, &(0x7f0000000240)={&(0x7f0000000080)={0x2, 0x4e20, @private=0xa010102}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000140)="594e3433a8684b403f8277e1fa061faebd10e7c52a4467f18a7293116279ed30f6e4ce215cce167e00a1ad1df66ad6edbf5969917bcc5cec5e51d874966616b5bc03c9fd33d923e6f13ab29d688bdeb2ba503d", 0x53}, {&(0x7f00000000c0)="f3d0c5752c348fcef712e8743064970e6390cb80e0704cb1", 0x18}, {&(0x7f00000002c0)="b4227c6d324f3f526e29757a7d0b8c0c839a7643f659629139e6bf39f9c4bccf8b3d0ab779d76f6ae67b33093cd6b4a093a3bae6bdc41055f2c87a4d18c067b980888482b59dcbf5fd355a8795b516d3ad401dce812ac831a2988533d8adeca614b7f06aa65232d8fbb206968718d29cc21ed146a7886e2b67a071b0bf3dd9c7959585c6e22d14adac483e9295c7317226e0b6b21df61199124786b198617601cf98fb9974562f2655ed2b67db41dcdfdd1f8b91a2b2811b8d4ae2e58d759b0bd9e9b79cb7bf773a36c33638", 0xcc}, {&(0x7f00000001c0)="c3f3204460982aca5146c976e214b477b694ab9673ce02d651ca23b4bff592", 0x1f}, {&(0x7f0000000200)="19195b9e", 0x4}, {&(0x7f00000003c0)="3fdfe7568be63d466d41c191c34f18f1864edaaa641449e14a1ee2b50f10f61e1794cb89438e0c41219b425cb166284e26b5272d5ed0f0ab03286dd783c45a6eee24862af47754f3bdaee861cda3d3746697d97b819a2b27bbe3a9b01e8cc55f", 0x60}], 0x6}, 0x40c0)
r8 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x862b01)
r9 = syz_open_dev$evdev(&(0x7f0000000280), 0x0, 0x0)
read$hiddev(r9, &(0x7f0000002300)=""/102, 0x66)
r10 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r11=>0x0})
bind$can_j1939(r10, &(0x7f0000000000)={0x1d, r11, 0x2, {0x0, 0xf0}, 0x2}, 0x18)
write$char_usb(r8, &(0x7f0000000040)="e2", 0x2250)

757.554342ms ago: executing program 1 (id=8685):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0) (fail_nth: 1)

716.043072ms ago: executing program 0 (id=8686):
ptrace$PTRACE_SECCOMP_GET_FILTER(0x1a, 0x0, 0xfffffffffffffffe, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
readv(r1, &(0x7f0000003400)=[{&(0x7f0000004c00)=""/4096, 0x1000}], 0x1)

691.175202ms ago: executing program 0 (id=8687):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53048c6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x1, 0x7fe2, 0x1, 0x12, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
get_robust_list(0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000002c0)={<r4=>0x0, <r5=>0x0})
sendmsg$can_bcm(r1, &(0x7f00000003c0)={&(0x7f00000001c0), 0x10, &(0x7f0000000380)={&(0x7f0000000300)={0x4, 0x80, 0xfffffffd, {}, {r4, r5/1000+10000}, {0x4, 0x1}, 0x1, @can={{0x4}, 0x1, 0x0, 0x0, 0x0, "ea80ae858e1129c9"}}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x2)
socket$packet(0x11, 0x2, 0x300)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/zoneinfo\x00', 0x0, 0x0)
preadv(r7, &(0x7f0000000000)=[{&(0x7f0000002600)=""/4104, 0x1008}], 0x1, 0x3ff, 0xfffffffc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x5c}}, 0x0)

562.212082ms ago: executing program 0 (id=8688):
r0 = syz_open_dev$usbfs(&(0x7f0000000340), 0x800000001fe, 0x2)
r1 = dup(r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000800000000500000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0xf, 0x0, 0x2, 0x0})

535.978551ms ago: executing program 1 (id=8689):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000001000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

535.589661ms ago: executing program 0 (id=8690):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[@ANYBLOB="020300030c00000000070000000000000100"], 0x60}, 0x1, 0x7}, 0x0)

528.611681ms ago: executing program 1 (id=8691):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00'}, 0x10)
mkdir(0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00', r4}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
request_key(&(0x7f0000000540)='user\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)=',$:@^@,\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r8}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2405, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0xd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r9 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r9, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'vcan0\x00'}}, 0x1e)
close(r9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1, 0x0, 0x5}, 0x18)

466.080851ms ago: executing program 0 (id=8692):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x61, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='host1x_cdma_push_gather\x00', r0}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r6, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfe, 0x2ffffffff}, 0xc)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000005c228a0b00ff010000850000000f000000040000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r10 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r10, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r9, 0x4c00, r10)
sendfile(r9, r9, 0x0, 0x24002de8)
ioctl$LOOP_CLR_FD(r9, 0x4c01)
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_XOR={0x8, 0x7, 0x800}, @TCA_FLOW_KEYS={0x8, 0x1, 0x16157}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x800)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000200), 0x4)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000780)={&(0x7f0000000000)={0x28, r1, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x5b}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x890}, 0x20000000)

441.011951ms ago: executing program 9 (id=8693):
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r0, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6(0xa, 0x2, 0x0)
setfsgid(0xffffffffffffffff)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r3, &(0x7f00000001c0)={&(0x7f0000000540)={0xa, 0x4e1f, 0x1000000080000, @local, 0x3}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x28}, 0x40010)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x12, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x2, 0x1, 0x0, 0x149}, 0x20)
setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x7, @loopback}, 0x1c)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendfile(r1, r0, 0x0, 0x578410e7)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x44, 0x5, 0x90, 0x840, r0, 0x2, '\x00', 0x0, r0, 0x4, 0x4, 0x4, 0x7, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0xc09, 0x70bd28, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x1}, @IFLA_GRE_ENCAP_FLAGS={0x6}]}}}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x50}}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000080), 0x3, 0x301000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fib6_table_lookup\x00'}, 0x18)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)

356.386551ms ago: executing program 7 (id=8694):
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119, 0x400}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x0, 0x0, 0x32}, &(0x7f0000000500)='./file0\x00', 0x18})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x1c1c41, 0x6)
r8 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}})

281.934931ms ago: executing program 1 (id=8695):
syz_io_uring_setup(0x45b4, &(0x7f00000035c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
r4 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x46, @local, @mcast1, 0x10, 0x0, 0x6, 0x3}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
syz_clone(0x280000, &(0x7f0000000080)="9ee9ba4251383021153a6555d6eb14aa4e601c33ab75470a3bd4f926df9d4de7a9c557256daa3acb773dccbb47a743bb", 0x30, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000380)="dd05cbfd4f269b00fb61cf2f906b24565f8ebb7d672d1dd108225beac85789efda8e4f5939a4dcb3d6e9f261a52cd648481a89257606a0787a52ae345763ae6dfa2d80f2ed7706ddc21c21a063d40842c1a7ef6ee72d0e29cc398cc7d39956695d9404f395cbf08d98c9f5e81d1f9aeaed283e91800c827a8eb866b745b373563b")
syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r2, 0x80, &(0x7f0000000300)=@hci={0x1f, 0x2}})
request_key(&(0x7f00000004c0)='.dead\x00', &(0x7f0000000500)={'syz', 0x2}, &(0x7f0000000540)='police\x00', 0xfffffffffffffffc)
syz_read_part_table(0x5d5, &(0x7f0000000c00)="$eJzs27+LHGUYB/DvzO7M7EL0/gOzkMZCSGtzeiDJkS6Nva2NhZ2g3C6KgqCNFjYWlqbJP6BtCJZWQZBYCNqJlY3eK/POzt0FG2ENEvh8uJv3B8/7PM8ws+WEZ1s5WqzqeF5KqTvt+N823T7g6K+sx7G7cuiVl6b16/du3b6zudv0+/0mTfLbdsqR5GS89MkLWc5HN0nGgt8s88m9048+/fzdPttsH58l+TLZJmWYW0vW7ZRg9v1FoVym5P/z4hOrrj6Y+nyrVy8WN5MskiGLcagW6T88uP794we7sUpKk1JNLeydTMPcUJuzG3Onv5+nazf7dylXO96Ok92VzSFtKeXr5+srOaYZ+n3Obj49vowPfzrLru/qz+XRt/Phmi0/rqeYi2LtwbcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBTUKqPX17t11/V6/KLNFeClvUvr/XLpDycTq1LKdkeXP/+8YOj9z94u807x28+euu9n09/XY2lF7l5eq0MQ5I/yxj3Rob+iYba80VzcPWkDJuhTrok18u8vcku39344Xq7SF+OLsO7ZoqsdvkvOgAAAAAAAAAAAAAAAAAAAIDk1u07m7vtOtNH8Gmzn5Ws/hlc/iilnIwBzfJyd530eVy/hf8lZf4kvoy7Y77nxoBqlTTri2ny2bWneWf8G38HAAD//y1cYQ0=")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x44000)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000080)={0x0, 0x1, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})

246.318191ms ago: executing program 7 (id=8696):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRES32=r0], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7a, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r2}, 0x10)
unshare(0x20000400)
fremovexattr(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="6f73782e0100bde4d776122a07000000d41b08407f53c4926644"])

200.884701ms ago: executing program 7 (id=8697):
ptrace$PTRACE_SECCOMP_GET_FILTER(0x1a, 0x0, 0xfffffffffffffffe, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
readv(r1, &(0x7f0000003400)=[{&(0x7f0000004c00)=""/4096, 0x1000}], 0x1)

188.96092ms ago: executing program 7 (id=8698):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01dfffffff000000000021", @ANYRES32=r1], 0x20}}, 0x0)

135.2915ms ago: executing program 7 (id=8699):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xcc0984f9ead32b32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000300)='logon\x00', &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000540)="b9e3bc931b21", 0x6, r2)

105.989ms ago: executing program 7 (id=8700):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r2}, 0x18)
writev(r1, &(0x7f0000000380)=[{&(0x7f0000001080)='z', 0x1}], 0x1)
io_setup(0x5, &(0x7f00000002c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000008000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x5}, 0x18)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001080)=[{{&(0x7f0000000440)={0x2, 0x4e21, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x6, 0x2}]}}}], 0x18}}], 0x1, 0x4000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x7, 0xff, 0x0, 0x1, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018ed8, &(0x7f0000000300)={[{@dioread_nolock}, {@noload}, {@debug}, {@jqfmt_vfsv0}, {@journal_dev={'journal_dev', 0x3d, 0x17}}, {@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3881b9f4}}, {@noquota}]}, 0x6, 0x644, &(0x7f00000006c0)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEPCgoiHgt0ov/gHfp3ZsI6s2zUEUqFrR0ZWZnm81mN7ttsrtJ5vOBzT7zzLN5nm9mn8wzM/vsBFBas9mPNOJUxNubScR007qpqK+cLcq9+teTW9kjiVrtu/9MIinyGuWT4vlEsTAeEX+8EvHpyu561x89vrNYrdU9jTi3cffBufVHj8+u3l28vXx7+d7C+a9duDj/9YULC00N/XAniuer177z+V/85IdfXflT9WwSl+LG6I+XoiWOgzIbs/G2CLE5fyQiLmaJNn+Xo+YYhFBqleL9OBoRn43pqORLddOx+vOhNg7oq1olora3pFsB4KjSvaGsGuOAxrF9b8fBN/o8Khmcl5frB0C74x8pTjmM58dGk6+SpiOj+rmNkwdQf1bHmyfjz948mXkWO85DvH63dUYOoJ5ONrci4nPt4k/ytp3MI83iT3cc6ycRMR8RY0X7vrWPNiRN6X6ch9lLj/FXsvibt0MaEZeK5yz/ygfW33paa9DxA1BOLy4XO/LNbGl7/5eNPRrjn9ge/zxtvG5q/5dkcsPe/3Ue/zX29+P5uCdtGYdlY5br7X/laGvG33529Ved6q+P/2aeNR5Z/Y2x4CC83IqYaYn/p1mwxfgniz9pM/7Nity81Fsd3/7zP652Wjfs+GvPI063Pf7ZHpVmqT2uT55bWa0uz9d/tq3j93/4wW871d8+/o/6EGl72faf7BB/0/ZPW1+X/U0etP+VW60Zv7v+/G6n+qe6bv/072NJ/XhzrMj50dbGxtpCxFhyrShS5C9ubKyd3zveepnXtfx5oR7/mS+17/873v8tUU00/mX24MH37rzqtO5D3v9NF5Pf1npsQydZ/Evdt/+u/p/l/bLHOv7z/Ydf6LSuffzJvmICAAAAAACAskrza7BJOvcunaZzc/X5sp+JybR6f33jyyv3H95bijiTfx5yNI00yT8yMl1fTlZWq8sLxedhG8vnW5a/EhGfRMSvKxP58tyt+9WlYQcPAAAAAAAAAAAAAAAAAAAAh8SJYv5/4z7V/67U5/8DJdH9BnO77v8AHBP9vMEkcLjl/X+vXfzHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9MkXX/w1iYjNb0zkj8xYsc6kXzjeRt+rdKVv7QAGT4+G8np36d9gH0qnp/H/f4svB+x/c4AhSNpl5oOD2t6d/0XbV27b2n/bAAAAAAAAAAAAAIC606c6z/9/v7nBwFFj2h+U1z7m//vqADjifPU/lJdjfKDLLP4Y77Si2/x/AAAAAAAAAAAAAODATOWPJJ0r5gJPRZrOzUV8KiJOxmiyslpdno+IjyPiL5XRj7LlhWE3GgAAAAAAAAAAAAAAAAAAAI6Z9UeP7yxWq8trzYn/7co53onGXVC7F671UGbPxDfjPV8VyeD/LBMRMfSN0rfESFNOErGZbflD0bC19TgczcgTQ/7HBAAAAAAAAAAAAAAAAAAAJdQ097i9md8MuEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHjb9//vkliarL+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//6AzO/k=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)

0s ago: executing program 1 (id=8701):
r0 = syz_open_dev$usbfs(&(0x7f0000000340), 0x800000001fe, 0x2)
r1 = dup(r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000800000000500000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0xf, 0x0, 0x2, 0x0})

kernel console output (not intermixed with test programs):

28486] I/O error, dev loop7, sector 5632 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 0
[  657.236733][T28486] I/O error, dev loop7, sector 5376 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  657.248807][T28499] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  657.268374][T28493] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  657.289608][T28506] ALSA: seq fatal error: cannot create timer (-19)
[  657.311980][T28499] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  657.343271][T28513] ALSA: seq fatal error: cannot create timer (-19)
[  657.351895][T28493] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  657.388227][T28499] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  657.427789][T28493] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  657.467583][T28499] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  657.479256][T28493] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  657.535676][T28499] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  657.547549][T28499] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  657.559440][T28499] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  657.574632][T28499] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  657.593096][T28493] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  657.606647][T28493] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  657.618948][T28493] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  657.620489][T28485] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  657.631327][T28493] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  657.738859][   T29] kauditd_printk_skb: 235 callbacks suppressed
[  657.738875][   T29] audit: type=1400 audit(1736596692.767:56307): avc:  denied  { nlmsg_write } for  pid=28517 comm="syz.9.8351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  657.773675][   T29] audit: type=1400 audit(1736596692.797:56308): avc:  denied  { write } for  pid=28517 comm="syz.9.8351" path="socket:[100327]" dev="sockfs" ino=100327 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  657.790681][T28522] 9pnet_fd: Insufficient options for proto=fd
[  657.841634][T28528] loop9: detected capacity change from 0 to 164
[  657.962390][   T29] audit: type=1326 audit(1736596692.987:56309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28532 comm="syz.7.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  657.986269][   T29] audit: type=1326 audit(1736596692.987:56310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28532 comm="syz.7.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  658.010006][   T29] audit: type=1326 audit(1736596692.987:56311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28532 comm="syz.7.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  658.033676][   T29] audit: type=1326 audit(1736596692.987:56312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28532 comm="syz.7.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  658.057390][   T29] audit: type=1326 audit(1736596692.987:56313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28532 comm="syz.7.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  658.078080][T28535] lo speed is unknown, defaulting to 1000
[  658.081092][   T29] audit: type=1326 audit(1736596692.987:56314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28532 comm="syz.7.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  658.110334][   T29] audit: type=1326 audit(1736596692.987:56315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28532 comm="syz.7.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  658.134041][   T29] audit: type=1326 audit(1736596692.987:56316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28532 comm="syz.7.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  658.339283][T28560] loop1: detected capacity change from 0 to 1024
[  658.361084][T28560] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  658.365775][T28562] ALSA: seq fatal error: cannot create timer (-19)
[  658.379408][T28560] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  658.412728][T28560] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[  658.451776][T28560] System zones: 0-1, 3-12
[  658.463340][T28560] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.8368: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  658.522671][T28560] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8368: couldn't read orphan inode 11 (err -117)
[  658.549779][T28560] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.582760][T28560] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.8368: Invalid block bitmap block 0 in block_group 0
[  658.597555][T28560] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.8368: Failed to acquire dquot type 0
[  658.655104][T28582] loop7: detected capacity change from 0 to 1024
[  658.662144][T28582] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  658.671324][T28582] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  658.701943][T28582] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[  658.722499][T28582] System zones: 0-1, 3-12
[  658.732980][T28582] EXT4-fs error (device loop7): ext4_ext_check_inode:524: inode #11: comm syz.7.8378: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  658.769803][T28582] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.8378: couldn't read orphan inode 11 (err -117)
[  658.771559][T24954] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.782645][T28582] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.803359][T16681] EXT4-fs error (device loop1): ext4_release_dquot:6961: comm kworker/u8:32: Failed to release dquot type 0
[  658.815138][T28582] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm syz.7.8378: Invalid block bitmap block 0 in block_group 0
[  658.835540][T28582] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.8378: Failed to acquire dquot type 0
[  658.883649][T28595] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8385'.
[  658.929730][T23208] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.947520][T28598] FAULT_INJECTION: forcing a failure.
[  658.947520][T28598] name failslab, interval 1, probability 0, space 0, times 0
[  658.960248][T28598] CPU: 1 UID: 0 PID: 28598 Comm: +}[@ Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  658.970520][T28598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  658.980596][T28598] Call Trace:
[  658.983904][T28598]  <TASK>
[  658.986852][T28598]  dump_stack_lvl+0xf2/0x150
[  658.991616][T28598]  dump_stack+0x15/0x1a
[  658.995807][T28598]  should_fail_ex+0x223/0x230
[  659.000582][T28598]  should_failslab+0x8f/0xb0
[  659.005285][T28598]  kmem_cache_alloc_noprof+0x52/0x320
[  659.010719][T28598]  ? audit_log_start+0x34c/0x6b0
[  659.015725][T28598]  audit_log_start+0x34c/0x6b0
[  659.020584][T28598]  audit_seccomp+0x4b/0x130
[  659.025147][T28598]  __seccomp_filter+0x6fa/0x1180
[  659.030175][T28598]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  659.035844][T28598]  ? vfs_write+0x596/0x920
[  659.040443][T28598]  ? __schedule+0x6fa/0x930
[  659.044968][T28598]  __secure_computing+0x9f/0x1c0
[  659.049988][T28598]  syscall_trace_enter+0xd1/0x1f0
[  659.055038][T28598]  do_syscall_64+0xaa/0x1c0
[  659.059595][T28598]  ? clear_bhb_loop+0x55/0xb0
[  659.064329][T28598]  ? clear_bhb_loop+0x55/0xb0
[  659.069086][T28598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.075207][T28598] RIP: 0033:0x7f895d605d29
[  659.079631][T28598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  659.099262][T28598] RSP: 002b:00007f895bc71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069
[  659.107721][T28598] RAX: ffffffffffffffda RBX: 00007f895d7f5fa0 RCX: 00007f895d605d29
[  659.115720][T28598] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00
[  659.123771][T28598] RBP: 00007f895bc71090 R08: 0000000000000000 R09: 0000000000000000
[  659.131786][T28598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  659.139862][T28598] R13: 0000000000000000 R14: 00007f895d7f5fa0 R15: 00007ffcf692f8c8
[  659.147856][T28598]  </TASK>
[  659.176398][T28603] netlink: 'syz.7.8387': attribute type 29 has an invalid length.
[  659.185352][T28596] lo speed is unknown, defaulting to 1000
[  659.244683][T28610] loop1: detected capacity change from 0 to 164
[  659.254416][T28612] loop7: detected capacity change from 0 to 512
[  659.266083][T28612] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  659.321985][T28612] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  659.372481][T23208] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.475561][T28627] lo speed is unknown, defaulting to 1000
[  659.556205][T28623] ALSA: seq fatal error: cannot create timer (-19)
[  659.796909][T28635] loop7: detected capacity change from 0 to 16384
[  659.864071][T28635] blk_print_req_error: 5 callbacks suppressed
[  659.864091][T28635] I/O error, dev loop7, sector 4864 op 0x0:(READ) flags 0x80700 phys_seg 14 prio class 0
[  659.894500][T28635] I/O error, dev loop7, sector 5120 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  659.910057][T28635] I/O error, dev loop7, sector 4864 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  659.919618][T28635] buffer_io_error: 984 callbacks suppressed
[  659.919704][T28635] Buffer I/O error on dev loop7, logical block 608, async page read
[  659.935126][T28639] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  659.983211][T28648] netlink: 'syz.3.8401': attribute type 29 has an invalid length.
[  660.008438][T28639] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.135148][T28639] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.230968][T28639] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.383687][T28666] lo speed is unknown, defaulting to 1000
[  660.522701][T28677] loop1: detected capacity change from 0 to 1024
[  660.539369][T28675] ALSA: seq fatal error: cannot create timer (-19)
[  660.551420][T28677] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  660.583323][T28677] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  660.608909][T28677] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[  660.619122][T28677] System zones: 0-1, 3-12
[  660.623958][T28677] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.8412: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  660.632493][T28634] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  660.650320][T28677] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8412: couldn't read orphan inode 11 (err -117)
[  660.652321][T28634] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  660.672567][T28634] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  660.673831][T28677] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  660.681134][T28634] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  660.681157][T28634] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  660.681177][T28634] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  660.681305][T28634] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  660.727854][T28634] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  660.736288][T28634] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  660.744811][T28634] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  660.764977][T28634] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  660.777326][T28677] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.8412: Invalid block bitmap block 0 in block_group 0
[  660.778768][T28634] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  660.805441][T28677] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.8412: Failed to acquire dquot type 0
[  660.807165][T28634] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  660.840369][T28634] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x800 phys_seg 96 prio class 0
[  660.871408][T24954] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  660.912867][T28684] netlink: 'syz.1.8414': attribute type 29 has an invalid length.
[  661.012106][T28691] ALSA: seq fatal error: cannot create timer (-19)
[  661.187473][T28696] lo speed is unknown, defaulting to 1000
[  661.229900][T28695] lo speed is unknown, defaulting to 1000
[  661.811998][T28711] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8423'.
[  661.821468][T28711] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8423'.
[  661.926080][T28716] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8424'.
[  662.000880][T28727] netlink: 296 bytes leftover after parsing attributes in process `syz.3.8431'.
[  662.043934][T28730] netlink: 'syz.0.8432': attribute type 29 has an invalid length.
[  662.099297][T28733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8431'.
[  662.156619][T28737] lo speed is unknown, defaulting to 1000
[  662.507720][T28745] lo speed is unknown, defaulting to 1000
[  662.607623][T28740] loop1: detected capacity change from 0 to 2048
[  662.666706][T28740]  loop1: p1 < > p2 p3 < p5 > p4
[  662.671749][T28740] loop1: partition table partially beyond EOD, truncated
[  662.934166][T28740] loop1: p1 start 4278190080 is beyond EOD, truncated
[  662.941062][T28740] loop1: p2 start 16908800 is beyond EOD, truncated
[  662.956049][T28740] loop1: p4 start 11326 is beyond EOD, truncated
[  662.962447][T28740] loop1: p5 start 16908800 is beyond EOD, truncated
[  663.018281][T28749] ALSA: seq fatal error: cannot create timer (-19)
[  663.057403][T28639] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  663.082373][T28639] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  663.116771][T28639] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  663.132569][T28639] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  663.188682][T28758] ALSA: seq fatal error: cannot create timer (-19)
[  663.211728][   T29] kauditd_printk_skb: 276 callbacks suppressed
[  663.211746][   T29] audit: type=1326 audit(1736596698.237:56584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.245617][T28762] netlink: 32 bytes leftover after parsing attributes in process `syz.9.8442'.
[  663.256508][   T29] audit: type=1326 audit(1736596698.267:56585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.280220][   T29] audit: type=1326 audit(1736596698.267:56586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.303964][   T29] audit: type=1326 audit(1736596698.267:56587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.327624][   T29] audit: type=1326 audit(1736596698.267:56588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.351295][   T29] audit: type=1326 audit(1736596698.267:56589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.364055][T28767] loop1: detected capacity change from 0 to 1024
[  663.374807][   T29] audit: type=1326 audit(1736596698.267:56590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.374844][   T29] audit: type=1326 audit(1736596698.267:56591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.427568][T28767] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  663.428333][   T29] audit: type=1326 audit(1736596698.267:56592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.460661][   T29] audit: type=1326 audit(1736596698.267:56593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28761 comm="syz.9.8442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f77adaa5d29 code=0x7ffc0000
[  663.484657][T28768] loop9: detected capacity change from 0 to 512
[  663.494112][T28767] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  663.505369][T28767] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[  663.515549][T28768] EXT4-fs warning (device loop9): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  663.536586][T28768] EXT4-fs (loop9): mount failed
[  663.541761][T28767] System zones: 0-1, 3-12
[  663.557066][T28767] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.8443: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  663.558129][T28769] lo speed is unknown, defaulting to 1000
[  663.610623][T28767] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8443: couldn't read orphan inode 11 (err -117)
[  663.628419][T28767] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  663.644190][T28765] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.8443: Invalid block bitmap block 0 in block_group 0
[  663.662705][T28765] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.8443: Failed to acquire dquot type 0
[  663.715647][T24954] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  663.730995][T28778] FAULT_INJECTION: forcing a failure.
[  663.730995][T28778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  663.744226][T28778] CPU: 0 UID: 0 PID: 28778 Comm: syz.9.8445 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  663.755023][T28778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  663.765100][T28778] Call Trace:
[  663.768407][T28778]  <TASK>
[  663.771397][T28778]  dump_stack_lvl+0xf2/0x150
[  663.776035][T28778]  dump_stack+0x15/0x1a
[  663.780294][T28778]  should_fail_ex+0x223/0x230
[  663.785107][T28778]  should_fail+0xb/0x10
[  663.789340][T28778]  should_fail_usercopy+0x1a/0x20
[  663.794392][T28778]  _copy_to_user+0x20/0xa0
[  663.798894][T28778]  simple_read_from_buffer+0xa0/0x110
[  663.804293][T28778]  proc_fail_nth_read+0xf9/0x140
[  663.809257][T28778]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  663.814939][T28778]  vfs_read+0x1a2/0x700
[  663.819109][T28778]  ? __rcu_read_unlock+0x4e/0x70
[  663.824149][T28778]  ? __fget_files+0x17c/0x1c0
[  663.828852][T28778]  ksys_read+0xe8/0x1b0
[  663.833135][T28778]  __x64_sys_read+0x42/0x50
[  663.837658][T28778]  x64_sys_call+0x2874/0x2dc0
[  663.842428][T28778]  do_syscall_64+0xc9/0x1c0
[  663.846989][T28778]  ? clear_bhb_loop+0x55/0xb0
[  663.851700][T28778]  ? clear_bhb_loop+0x55/0xb0
[  663.856393][T28778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.862333][T28778] RIP: 0033:0x7f77adaa473c
[  663.866753][T28778] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  663.886518][T28778] RSP: 002b:00007f77ac117030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  663.895006][T28778] RAX: ffffffffffffffda RBX: 00007f77adc95fa0 RCX: 00007f77adaa473c
[  663.903001][T28778] RDX: 000000000000000f RSI: 00007f77ac1170a0 RDI: 0000000000000006
[  663.911022][T28778] RBP: 00007f77ac117090 R08: 0000000000000000 R09: 0000000000000000
[  663.919017][T28778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  663.927009][T28778] R13: 0000000000000000 R14: 00007f77adc95fa0 R15: 00007ffde7ba9168
[  663.935004][T28778]  </TASK>
[  664.170863][T28793] lo speed is unknown, defaulting to 1000
[  664.652502][T28802] loop7: detected capacity change from 0 to 16384
[  664.834279][T28802] I/O error, dev loop7, sector 512 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 0
[  664.916966][T28813] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  664.976449][T28802] I/O error, dev loop7, sector 768 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  665.022116][T28817] ALSA: seq fatal error: cannot create timer (-19)
[  665.045181][T28812] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.056024][T28802] I/O error, dev loop7, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  665.065377][T28802] buffer_io_error: 599 callbacks suppressed
[  665.065394][T28802] Buffer I/O error on dev loop7, logical block 64, async page read
[  665.154499][T28813] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.199437][T28812] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.237516][T28813] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.277736][T28812] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.317759][T28813] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.367859][T28812] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.419345][T28813] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  665.461461][T28812] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  665.474954][T28801] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 64 prio class 0
[  665.484580][T28801] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  665.493023][T28801] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  665.501460][T28801] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  665.509844][T28801] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  665.518263][T28801] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  665.526652][T28801] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  665.534992][T28801] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  665.543418][T28801] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  665.552838][T28801] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  665.604274][T28812] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  665.637272][T28812] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  665.669969][T28813] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  665.675175][T28829] loop1: detected capacity change from 0 to 1024
[  665.689304][T28812] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  665.691475][T28829] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  665.701793][T28813] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  665.716217][T28829] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  665.728091][T28813] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  665.775643][T28829] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[  665.836953][T28835] netlink: 'syz.7.8464': attribute type 29 has an invalid length.
[  665.889079][T28829] System zones: 0-1, 3-12
[  665.936733][T28829] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.8462: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  666.021426][T28848] loop9: detected capacity change from 0 to 1024
[  666.036458][T28829] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.8462: couldn't read orphan inode 11 (err -117)
[  666.055782][T28848] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  666.066937][T28848] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  666.080970][T28851] ALSA: seq fatal error: cannot create timer (-19)
[  666.099546][T28848] JBD2: no valid journal superblock found
[  666.105432][T28848] EXT4-fs (loop9): Could not load journal inode
[  666.121994][T28829] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  666.230675][T28829] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.8462: Invalid block bitmap block 0 in block_group 0
[  666.259239][T28857] ALSA: seq fatal error: cannot create timer (-19)
[  666.287599][T28829] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.8462: Failed to acquire dquot type 0
[  666.441597][T24954] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.641005][T15157] EXT4-fs error (device loop1): ext4_release_dquot:6961: comm kworker/u8:15: Failed to release dquot type 0
[  666.784743][T23208] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  666.795786][T23208] CPU: 0 UID: 0 PID: 23208 Comm: syz-executor Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  666.806903][T23208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  666.817002][T23208] Call Trace:
[  666.820382][T23208]  <TASK>
[  666.823324][T23208]  dump_stack_lvl+0xf2/0x150
[  666.827997][T23208]  dump_stack+0x15/0x1a
[  666.832247][T23208]  dump_header+0x83/0x2d0
[  666.836600][T23208]  oom_kill_process+0x341/0x4c0
[  666.841492][T23208]  out_of_memory+0x9af/0xbe0
[  666.846127][T23208]  ? css_next_descendant_pre+0x11c/0x140
[  666.851827][T23208]  mem_cgroup_out_of_memory+0x13e/0x190
[  666.857508][T23208]  try_charge_memcg+0x508/0x7f0
[  666.858617][T28875] ALSA: seq fatal error: cannot create timer (-19)
[  666.862378][T23208]  charge_memcg+0x50/0xc0
[  666.873240][T23208]  mem_cgroup_swapin_charge_folio+0xd0/0x150
[  666.879259][T23208]  __read_swap_cache_async+0x236/0x480
[  666.884822][T23208]  swap_cluster_readahead+0x279/0x3f0
[  666.890228][T23208]  swapin_readahead+0xe4/0x6f0
[  666.895011][T23208]  ? swap_cache_get_folio+0x77/0x210
[  666.900345][T23208]  do_swap_page+0x31b/0x2550
[  666.904948][T23208]  ? hrtimer_try_to_cancel+0x106/0x1d0
[  666.910426][T23208]  ? __rcu_read_lock+0x36/0x50
[  666.915353][T23208]  ? __pfx_default_wake_function+0x10/0x10
[  666.921174][T23208]  handle_mm_fault+0x8e4/0x2ac0
[  666.926053][T23208]  exc_page_fault+0x3b9/0x650
[  666.930837][T23208]  asm_exc_page_fault+0x26/0x30
[  666.935744][T23208] RIP: 0033:0x7f813b0085a5
[  666.940224][T23208] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 3f 19 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  666.960059][T23208] RSP: 002b:00007ffc81044f68 EFLAGS: 00010246
[  666.966175][T23208] RAX: 0000000000000000 RBX: 00000000000003da RCX: 00007f813b0085a3
[  666.974155][T23208] RDX: 00007ffc81044f80 RSI: 0000000000000000 RDI: 0000000000000000
[  666.982194][T23208] RBP: 00007ffc81044fdc R08: 000000002cc79a1c R09: 7fffffffffffffff
[  666.990325][T23208] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032
[  666.998351][T23208] R13: 00000000000a2a9e R14: 00007ffc81045030 R15: 0000000000000bb8
[  667.006340][T23208]  </TASK>
[  667.009412][T23208] memory: usage 307200kB, limit 307200kB, failcnt 536
[  667.016482][T23208] memory+swap: usage 303664kB, limit 9007199254740988kB, failcnt 0
[  667.024473][T23208] kmem: usage 288608kB, limit 9007199254740988kB, failcnt 0
[  667.031940][T23208] Memory cgroup stats for /syz7:
[  667.046274][T23208] cache 0
[  667.054197][T23208] rss 0
[  667.057073][T23208] shmem 0
[  667.060021][T23208] mapped_file 3280896
[  667.064007][T23208] dirty 0
[  667.067035][T23208] writeback 0
[  667.070334][T23208] workingset_refault_anon 90
[  667.074931][T23208] workingset_refault_file 0
[  667.079511][T23208] swap 376832
[  667.082965][T23208] swapcached 4096
[  667.086685][T23208] pgpgin 237239
[  667.090235][T23208] pgpgout 237238
[  667.093843][T23208] pgfault 268873
[  667.097470][T23208] pgmajfault 27
[  667.100948][T23208] inactive_anon 0
[  667.104605][T23208] active_anon 4096
[  667.108364][T23208] inactive_file 0
[  667.112079][T23208] active_file 0
[  667.115646][T23208] unevictable 0
[  667.119134][T23208] hierarchical_memory_limit 314572800
[  667.124649][T23208] hierarchical_memsw_limit 9223372036854771712
[  667.130919][T23208] total_cache 0
[  667.134395][T23208] total_rss 0
[  667.137746][T23208] total_shmem 0
[  667.141216][T23208] total_mapped_file 3280896
[  667.145766][T23208] total_dirty 0
[  667.149352][T23208] total_writeback 0
[  667.153239][T23208] total_workingset_refault_anon 90
[  667.158396][T23208] total_workingset_refault_file 0
[  667.163431][T23208] total_swap 376832
[  667.167277][T23208] total_swapcached 4096
[  667.171504][T23208] total_pgpgin 237239
[  667.175489][T23208] total_pgpgout 237238
[  667.179666][T23208] total_pgfault 268873
[  667.183772][T23208] total_pgmajfault 27
[  667.187782][T23208] total_inactive_anon 0
[  667.191975][T23208] total_active_anon 4096
[  667.196248][T23208] total_inactive_file 0
[  667.200474][T23208] total_active_file 0
[  667.204459][T23208] total_unevictable 0
[  667.208480][T23208] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.8472,pid=28849,uid=0
[  667.223326][T23208] Memory cgroup out of memory: Killed process 28849 (syz.7.8472) total-vm:96720kB, anon-rss:788kB, file-rss:25664kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  667.393743][T28894] loop9: detected capacity change from 0 to 1024
[  667.413947][T28894] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  667.422965][T28898] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8488'.
[  667.423190][T28894] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  667.449530][T28894] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[  667.460246][T28894] System zones: 0-1, 3-12
[  667.465668][T28894] EXT4-fs error (device loop9): ext4_ext_check_inode:524: inode #11: comm syz.9.8487: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  667.490770][T28894] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.8487: couldn't read orphan inode 11 (err -117)
[  667.504506][T28908] netlink: 296 bytes leftover after parsing attributes in process `syz.7.8489'.
[  667.513846][T28894] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  667.525144][T28891] lo speed is unknown, defaulting to 1000
[  667.532498][T28894] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.8487: Invalid block bitmap block 0 in block_group 0
[  667.547550][T28894] EXT4-fs error (device loop9): ext4_acquire_dquot:6938: comm syz.9.8487: Failed to acquire dquot type 0
[  667.612288][T28891] chnl_net:caif_netlink_parms(): no params data found
[  667.629318][T28898] netlink: 14 bytes leftover after parsing attributes in process `syz.0.8488'.
[  667.666732][T28922] ALSA: seq fatal error: cannot create timer (-19)
[  667.681502][T23507] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  667.691706][T15157] EXT4-fs error (device loop9): ext4_release_dquot:6961: comm kworker/u8:15: Failed to release dquot type 0
[  667.696495][T28928] ALSA: seq fatal error: cannot create timer (-19)
[  667.750289][T28891] bridge0: port 1(bridge_slave_0) entered blocking state
[  667.757497][T28891] bridge0: port 1(bridge_slave_0) entered disabled state
[  667.770472][T28891] bridge_slave_0: entered allmulticast mode
[  667.778253][T28891] bridge_slave_0: entered promiscuous mode
[  667.785428][T28891] bridge0: port 2(bridge_slave_1) entered blocking state
[  667.792630][T28891] bridge0: port 2(bridge_slave_1) entered disabled state
[  667.801110][T28891] bridge_slave_1: entered allmulticast mode
[  667.810882][T28891] bridge_slave_1: entered promiscuous mode
[  667.843675][T28891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  667.865030][T28891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  667.906708][T28891] team0: Port device team_slave_0 added
[  667.914092][T28891] team0: Port device team_slave_1 added
[  667.933589][T28891] batman_adv: batadv0: Adding interface: batadv_slave_0
[  667.940693][T28891] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  667.967094][T28891] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  667.979162][T28891] batman_adv: batadv0: Adding interface: batadv_slave_1
[  667.986178][T28891] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  668.012322][T28891] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  668.043804][T28891] hsr_slave_0: entered promiscuous mode
[  668.051970][T28891] hsr_slave_1: entered promiscuous mode
[  668.062947][T28891] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  668.071717][T28891] Cannot create hsr debugfs directory
[  668.177400][T28891] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.247690][T28891] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.276159][T28937] syz.9.8498 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  668.287212][T28937] CPU: 0 UID: 0 PID: 28937 Comm: syz.9.8498 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  668.298182][T28937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  668.308336][T28937] Call Trace:
[  668.311704][T28937]  <TASK>
[  668.314676][T28937]  dump_stack_lvl+0xf2/0x150
[  668.319323][T28937]  dump_stack+0x15/0x1a
[  668.323514][T28937]  dump_header+0x83/0x2d0
[  668.327917][T28937]  oom_kill_process+0x341/0x4c0
[  668.332820][T28937]  out_of_memory+0x9af/0xbe0
[  668.337439][T28937]  ? css_next_descendant_pre+0x11c/0x140
[  668.343102][T28937]  mem_cgroup_out_of_memory+0x13e/0x190
[  668.348751][T28937]  try_charge_memcg+0x508/0x7f0
[  668.353692][T28937]  charge_memcg+0x50/0xc0
[  668.358047][T28937]  mem_cgroup_swapin_charge_folio+0xd0/0x150
[  668.364050][T28937]  __read_swap_cache_async+0x236/0x480
[  668.369585][T28937]  swap_cluster_readahead+0x279/0x3f0
[  668.375004][T28937]  swapin_readahead+0xe4/0x6f0
[  668.379796][T28937]  ? __rcu_read_unlock+0x34/0x70
[  668.384757][T28937]  ? swap_cache_get_folio+0x77/0x210
[  668.390057][T28937]  do_swap_page+0x31b/0x2550
[  668.394655][T28937]  ? __rcu_read_lock+0x36/0x50
[  668.399441][T28937]  ? __pfx_default_wake_function+0x10/0x10
[  668.405267][T28937]  handle_mm_fault+0x8e4/0x2ac0
[  668.410270][T28937]  exc_page_fault+0x3b9/0x650
[  668.414985][T28937]  asm_exc_page_fault+0x26/0x30
[  668.419944][T28937] RIP: 0033:0x7f77adacdb50
[  668.424393][T28937] Code: 48 8b 3c 25 00 03 00 00 e8 1d 13 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 e7 02 74 0b c3 66 2e 0f 1f 84 00 00 00 00 00 <64> 48 8b 04 25 10 00 00 00 8b 90 08 03 00 00 48 8d b8 08 03 00 00
[  668.444365][T28937] RSP: 002b:00007ffde7ba9258 EFLAGS: 00010246
[  668.450608][T28937] RAX: 0000000000000000 RBX: 00007f77adc95fa0 RCX: 00007f77adad85e5
[  668.458649][T28937] RDX: 00007ffde7ba92a0 RSI: 0000000000000000 RDI: 0000000000000000
[  668.466633][T28937] RBP: 00007f77adc97ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  668.474610][T28937] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000a339f
[  668.482594][T28937] R13: 00007ffde7ba93d0 R14: 0000000000000032 R15: ffffffffffffffff
[  668.490579][T28937]  </TASK>
[  668.493651][T28937] memory: usage 307200kB, limit 307200kB, failcnt 595
[  668.500616][T28937] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  668.508600][T28937] kmem: usage 297244kB, limit 9007199254740988kB, failcnt 0
[  668.515998][T28937] Memory cgroup stats for /syz9:
[  668.538097][T28937] cache 0
[  668.546087][T28937] rss 0
[  668.548871][T28937] shmem 0
[  668.551808][T28937] mapped_file 3280896
[  668.555883][T28937] dirty 0
[  668.558881][T28937] writeback 0
[  668.559326][T28943] netlink: 296 bytes leftover after parsing attributes in process `syz.1.8499'.
[  668.562242][T28937] workingset_refault_anon 45
[  668.562254][T28937] workingset_refault_file 18
[  668.580594][T28937] swap 212992
[  668.583907][T28937] swapcached 0
[  668.587398][T28937] pgpgin 202641
[  668.590876][T28937] pgpgout 202641
[  668.591359][T28947] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_team, syncid = 2, id = 0
[  668.594420][T28937] pgfault 240606
[  668.594431][T28937] pgmajfault 26
[  668.611472][T28937] inactive_anon 0
[  668.615113][T28937] active_anon 0
[  668.618706][T28937] inactive_file 0
[  668.622348][T28937] active_file 0
[  668.625813][T28937] unevictable 0
[  668.629334][T28937] hierarchical_memory_limit 314572800
[  668.634718][T28937] hierarchical_memsw_limit 9223372036854771712
[  668.639351][   T29] kauditd_printk_skb: 69 callbacks suppressed
[  668.639378][   T29] audit: type=1326 audit(1736596703.667:56654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x0
[  668.640941][T28937] total_cache 0
[  668.673681][T28937] total_rss 0
[  668.677064][T28937] total_shmem 0
[  668.680603][T28937] total_mapped_file 3280896
[  668.685102][T28937] total_dirty 0
[  668.688588][T28937] total_writeback 0
[  668.692413][T28937] total_workingset_refault_anon 45
[  668.697555][T28937] total_workingset_refault_file 18
[  668.702679][T28937] total_swap 212992
[  668.706524][T28937] total_swapcached 0
[  668.710426][T28937] total_pgpgin 202641
[  668.714412][T28937] total_pgpgout 202641
[  668.718521][T28937] total_pgfault 240606
[  668.722598][T28937] total_pgmajfault 26
[  668.726708][T28937] total_inactive_anon 0
[  668.730867][T28937] total_active_anon 0
[  668.734892][T28937] total_inactive_file 0
[  668.739089][T28937] total_active_file 0
[  668.743098][T28937] total_unevictable 0
[  668.745542][T28952] netlink: zone id is out of range
[  668.747136][T28937] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz9,task_memcg=/syz9,task=syz.9.8498,pid=28937,uid=0
[  668.757468][   T29] audit: type=1326 audit(1736596703.787:56655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  668.767078][T28937] Memory cgroup out of memory: Killed process 28937 (syz.9.8498) total-vm:96720kB, anon-rss:788kB, file-rss:25604kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  668.816094][   T29] audit: type=1326 audit(1736596703.797:56656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  668.854386][   T29] audit: type=1326 audit(1736596703.867:56657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  668.857171][T28891] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.878113][   T29] audit: type=1326 audit(1736596703.867:56658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  668.911552][   T29] audit: type=1326 audit(1736596703.867:56659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  668.935341][   T29] audit: type=1326 audit(1736596703.867:56660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  668.959068][   T29] audit: type=1326 audit(1736596703.867:56661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  668.982882][   T29] audit: type=1326 audit(1736596703.867:56662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  669.006626][   T29] audit: type=1326 audit(1736596703.867:56663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28948 comm="syz.7.8501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f813afd5d29 code=0x7ffc0000
[  669.014427][T28955] FAULT_INJECTION: forcing a failure.
[  669.014427][T28955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  669.043580][T28955] CPU: 0 UID: 0 PID: 28955 Comm: syz.1.8502 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  669.054361][T28955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  669.064442][T28955] Call Trace:
[  669.067794][T28955]  <TASK>
[  669.070749][T28955]  dump_stack_lvl+0xf2/0x150
[  669.075450][T28955]  dump_stack+0x15/0x1a
[  669.079779][T28955]  should_fail_ex+0x223/0x230
[  669.084572][T28955]  should_fail+0xb/0x10
[  669.088852][T28955]  should_fail_usercopy+0x1a/0x20
[  669.093900][T28955]  _copy_from_user+0x1e/0xb0
[  669.098542][T28955]  copy_msghdr_from_user+0x54/0x2a0
[  669.103818][T28955]  ? __fget_files+0x17c/0x1c0
[  669.108517][T28955]  __sys_sendmsg+0x13e/0x230
[  669.113135][T28955]  __x64_sys_sendmsg+0x46/0x50
[  669.118176][T28955]  x64_sys_call+0x2734/0x2dc0
[  669.122903][T28955]  do_syscall_64+0xc9/0x1c0
[  669.127422][T28955]  ? clear_bhb_loop+0x55/0xb0
[  669.132128][T28955]  ? clear_bhb_loop+0x55/0xb0
[  669.136963][T28955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  669.142935][T28955] RIP: 0033:0x7f895d605d29
[  669.147371][T28955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  669.167486][T28955] RSP: 002b:00007f895bc50038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  669.175933][T28955] RAX: ffffffffffffffda RBX: 00007f895d7f6080 RCX: 00007f895d605d29
[  669.183947][T28955] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[  669.191948][T28955] RBP: 00007f895bc50090 R08: 0000000000000000 R09: 0000000000000000
[  669.199970][T28955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  669.207947][T28955] R13: 0000000000000000 R14: 00007f895d7f6080 R15: 00007ffcf692f8c8
[  669.216073][T28955]  </TASK>
[  669.244363][T28958] netlink: 112 bytes leftover after parsing attributes in process `syz.9.8503'.
[  669.255230][T28891] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  669.328725][T28891] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  669.340303][T28891] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  669.341589][T28968] loop7: detected capacity change from 0 to 16384
[  669.356093][T28891] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  669.365420][T28891] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  669.406892][T28968] I/O error, dev loop7, sector 9472 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0
[  669.418524][T28968] I/O error, dev loop7, sector 9728 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0
[  669.429851][T28968] I/O error, dev loop7, sector 9472 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  669.430563][T28969] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  669.455883][T28891] 8021q: adding VLAN 0 to HW filter on device bond0
[  669.470357][T28891] 8021q: adding VLAN 0 to HW filter on device team0
[  669.482149][T15184] bridge0: port 1(bridge_slave_0) entered blocking state
[  669.489281][T15184] bridge0: port 1(bridge_slave_0) entered forwarding state
[  669.501489][T28971] FAULT_INJECTION: forcing a failure.
[  669.501489][T28971] name failslab, interval 1, probability 0, space 0, times 0
[  669.514183][T28971] CPU: 1 UID: 0 PID: 28971 Comm: syz.7.8508 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  669.521025][T28891] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  669.525000][T28971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  669.525018][T28971] Call Trace:
[  669.525026][T28971]  <TASK>
[  669.535368][T28891] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  669.545394][T28971]  dump_stack_lvl+0xf2/0x150
[  669.566684][T28971]  dump_stack+0x15/0x1a
[  669.570971][T28971]  should_fail_ex+0x223/0x230
[  669.575748][T28971]  should_failslab+0x8f/0xb0
[  669.580402][T28971]  kmem_cache_alloc_node_noprof+0x59/0x320
[  669.586313][T28971]  ? __alloc_skb+0x10b/0x310
[  669.591062][T28971]  __alloc_skb+0x10b/0x310
[  669.595504][T28971]  netlink_alloc_large_skb+0xad/0xe0
[  669.600933][T28971]  netlink_sendmsg+0x3b4/0x6e0
[  669.605770][T28971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  669.611086][T28971]  __sock_sendmsg+0x140/0x180
[  669.613295][T28891] 8021q: adding VLAN 0 to HW filter on device batadv0
[  669.615906][T28971]  ____sys_sendmsg+0x312/0x410
[  669.615944][T28971]  __sys_sendmsg+0x19d/0x230
[  669.616017][T28971]  __x64_sys_sendmsg+0x46/0x50
[  669.616045][T28971]  x64_sys_call+0x2734/0x2dc0
[  669.616068][T28971]  do_syscall_64+0xc9/0x1c0
[  669.616093][T28971]  ? clear_bhb_loop+0x55/0xb0
[  669.650939][T28971]  ? clear_bhb_loop+0x55/0xb0
[  669.655650][T28971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  669.661684][T28971] RIP: 0033:0x7f813afd5d29
[  669.666129][T28971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  669.686345][T28971] RSP: 002b:00007f8139641038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  669.694782][T28971] RAX: ffffffffffffffda RBX: 00007f813b1c5fa0 RCX: 00007f813afd5d29
[  669.702756][T28971] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  669.710741][T28971] RBP: 00007f8139641090 R08: 0000000000000000 R09: 0000000000000000
[  669.718720][T28971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  669.726729][T28971] R13: 0000000000000000 R14: 00007f813b1c5fa0 R15: 00007ffc81044c18
[  669.734715][T28971]  </TASK>
[  669.739764][T28969] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  669.758040][T15157] bridge0: port 2(bridge_slave_1) entered blocking state
[  669.765301][T15157] bridge0: port 2(bridge_slave_1) entered forwarding state
[  669.792828][T28981] ALSA: seq fatal error: cannot create timer (-19)
[  669.817640][T28969] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  669.844557][T28891] veth0_vlan: entered promiscuous mode
[  669.852402][T28988] netlink: 296 bytes leftover after parsing attributes in process `syz.7.8511'.
[  669.859045][T28891] veth1_vlan: entered promiscuous mode
[  669.873554][T28969] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  669.904783][T28891] veth0_macvtap: entered promiscuous mode
[  669.918100][T28891] veth1_macvtap: entered promiscuous mode
[  669.935554][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.946225][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.956120][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.966661][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.976562][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  669.987238][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  669.997209][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  670.007897][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.017825][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  670.028292][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.038162][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  670.048669][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.058528][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  670.069012][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.078892][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  670.089404][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.099272][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  670.109749][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.119631][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  670.130090][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.140083][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  670.150566][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.161526][T28891] batman_adv: batadv0: Interface activated: batadv_slave_0
[  670.169937][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.180537][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.182031][T28967] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.190416][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.200134][T28967] buffer_io_error: 56 callbacks suppressed
[  670.200150][T28967] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  670.210524][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.210543][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.216380][T28967] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  670.224799][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.234490][T28967] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  670.234519][T28967] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  670.244944][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.253354][T28967] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  670.263181][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.271471][T28967] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  670.279903][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.279922][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.279939][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.290375][T28967] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  670.298727][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.308559][T28967] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  670.308579][T28967] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  670.316948][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.327403][T28967] Buffer I/O error on dev loop7, logical block 9, lost async page write
[  670.339232][T28967] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.347714][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.380924][T28967] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.382808][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.442249][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.443008][T28967] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.452088][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.452108][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.452125][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.452141][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.452157][T28891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  670.513226][T28891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  670.524094][T28891] batman_adv: batadv0: Interface activated: batadv_slave_1
[  670.535007][T28967] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.542205][T28891] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  670.548672][T28967] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.553833][T28891] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  670.572641][T28891] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  670.581368][T28891] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  670.603392][T28967] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.605603][T28969] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  670.650451][T28967] I/O error, dev loop7, sector 7168 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.665099][T28969] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  670.697521][T28969] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  670.720685][T28967] I/O error, dev loop7, sector 8192 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  670.759691][T28969] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  670.778956][T28967] I/O error, dev loop7, sector 9216 op 0x1:(WRITE) flags 0x800 phys_seg 32 prio class 0
[  670.988907][T29009] loop1: detected capacity change from 0 to 512
[  671.000529][T29009] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  671.051148][T29012] loop9: detected capacity change from 0 to 1024
[  671.062861][T29012] EXT4-fs: Ignoring removed nobh option
[  671.068557][T29012] EXT4-fs: Ignoring removed bh option
[  671.069798][T29009] EXT4-fs (loop1): 1 truncate cleaned up
[  671.084783][T29009] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  671.124564][T29015] loop7: detected capacity change from 0 to 1024
[  671.146200][T29015] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  671.158965][T29019] netlink: 296 bytes leftover after parsing attributes in process `syz.3.8521'.
[  671.176397][T29012] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  671.198558][T24954] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  671.212579][T29015] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  671.231399][T29015] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[  671.246364][T29015] System zones: 0-1, 3-12
[  671.254078][T29015] EXT4-fs error (device loop7): ext4_ext_check_inode:524: inode #11: comm syz.7.8519: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  671.254993][T29024] FAULT_INJECTION: forcing a failure.
[  671.254993][T29024] name failslab, interval 1, probability 0, space 0, times 0
[  671.285409][T29024] CPU: 0 UID: 0 PID: 29024 Comm: syz.3.8522 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  671.288598][T29015] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.8519: couldn't read orphan inode 11 (err -117)
[  671.296271][T29024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  671.296290][T29024] Call Trace:
[  671.296299][T29024]  <TASK>
[  671.296309][T29024]  dump_stack_lvl+0xf2/0x150
[  671.296356][T29024]  dump_stack+0x15/0x1a
[  671.310680][T29025] loop1: detected capacity change from 0 to 1024
[  671.318196][T29024]  should_fail_ex+0x223/0x230
[  671.318247][T29024]  should_failslab+0x8f/0xb0
[  671.318285][T29024]  __kmalloc_cache_node_noprof+0x56/0x320
[  671.329285][T29025] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  671.333297][T29024]  ? __get_vm_area_node+0xfb/0x1c0
[  671.339733][T29025] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  671.344283][T29024]  __get_vm_area_node+0xfb/0x1c0
[  671.385187][T29024]  __vmalloc_node_range_noprof+0x280/0xe80
[  671.391125][T29024]  ? bpf_check+0xd4/0xd5e0
[  671.395585][T29024]  ? ___kmalloc_large_node+0xba/0x120
[  671.401029][T29024]  ? __kmalloc_node_noprof+0x2f3/0x410
[  671.406503][T29024]  ? cgroup_rstat_updated+0x9f/0x570
[  671.411965][T29024]  ? __kvmalloc_node_noprof+0x72/0x170
[  671.417445][T29024]  ? bpf_check+0xd4/0xd5e0
[  671.421967][T29024]  vzalloc_noprof+0x5e/0x70
[  671.426488][T29024]  ? bpf_check+0xd4/0xd5e0
[  671.431034][T29024]  bpf_check+0xd4/0xd5e0
[  671.435298][T29024]  ? __rcu_read_unlock+0x4e/0x70
[  671.440359][T29024]  ? obj_cgroup_charge_pages+0x13d/0x1a0
[  671.446042][T29024]  ? __rcu_read_unlock+0x4e/0x70
[  671.451049][T29024]  ? __memcg_kmem_charge_page+0xd2/0x170
[  671.456714][T29024]  ? __alloc_pages_noprof+0x1bc/0x340
[  671.462108][T29024]  ? alloc_pages_bulk_noprof+0x324/0x650
[  671.467761][T29024]  ? policy_nodemask+0x2ba/0x3e0
[  671.472761][T29024]  ? __vmap_pages_range_noflush+0x940/0x960
[  671.478671][T29024]  ? pcpu_block_refresh_hint+0x11f/0x180
[  671.484320][T29024]  ? pcpu_block_update_hint_alloc+0x1f4/0x6a0
[  671.490507][T29024]  ? _find_next_zero_bit+0x60/0x90
[  671.495669][T29024]  ? pcpu_block_refresh_hint+0x11f/0x180
[  671.501397][T29024]  ? pcpu_block_update_hint_alloc+0x685/0x6a0
[  671.507526][T29024]  ? pcpu_chunk_relocate+0x183/0x280
[  671.512826][T29024]  ? __mod_memcg_state+0x122/0x280
[  671.517992][T29024]  ? __rcu_read_unlock+0x4e/0x70
[  671.522951][T29024]  ? pcpu_memcg_post_alloc_hook+0x158/0x1c0
[  671.528920][T29024]  ? bpf_prog_alloc+0x59/0x150
[  671.533713][T29024]  ? should_fail_ex+0xd7/0x230
[  671.538591][T29024]  ? selinux_bpf_prog_load+0x35/0xe0
[  671.543892][T29024]  ? should_failslab+0x8f/0xb0
[  671.548715][T29024]  ? __kmalloc_cache_noprof+0x186/0x320
[  671.554351][T29024]  ? selinux_bpf_prog_load+0xbb/0xe0
[  671.559720][T29024]  bpf_prog_load+0xed4/0x1070
[  671.564449][T29024]  ? __rcu_read_unlock+0x4e/0x70
[  671.569423][T29024]  __sys_bpf+0x463/0x7a0
[  671.573858][T29024]  __x64_sys_bpf+0x43/0x50
[  671.578327][T29024]  x64_sys_call+0x2914/0x2dc0
[  671.583018][T29024]  do_syscall_64+0xc9/0x1c0
[  671.587534][T29024]  ? clear_bhb_loop+0x55/0xb0
[  671.592295][T29024]  ? clear_bhb_loop+0x55/0xb0
[  671.596981][T29024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  671.602923][T29024] RIP: 0033:0x7ff710485d29
[  671.607347][T29024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  671.627086][T29024] RSP: 002b:00007ff70eaf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  671.635528][T29024] RAX: ffffffffffffffda RBX: 00007ff710675fa0 RCX: 00007ff710485d29
[  671.643536][T29024] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[  671.651589][T29024] RBP: 00007ff70eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  671.659592][T29024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  671.667570][T29024] R13: 0000000000000001 R14: 00007ff710675fa0 R15: 00007ffc1e8fa178
[  671.675558][T29024]  </TASK>
[  671.678940][T29024] syz.3.8522: vmalloc error: size 1296, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  671.693645][T29024] CPU: 0 UID: 0 PID: 29024 Comm: syz.3.8522 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  671.704451][T29024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  671.714539][T29024] Call Trace:
[  671.717849][T29024]  <TASK>
[  671.720800][T29024]  dump_stack_lvl+0xf2/0x150
[  671.725428][T29024]  dump_stack+0x15/0x1a
[  671.729616][T29024]  warn_alloc+0x145/0x1b0
[  671.734019][T29024]  ? __get_vm_area_node+0xfb/0x1c0
[  671.739252][T29024]  __vmalloc_node_range_noprof+0x2a5/0xe80
[  671.745228][T29024]  ? ___kmalloc_large_node+0xba/0x120
[  671.750674][T29024]  ? __kmalloc_node_noprof+0x2f3/0x410
[  671.756250][T29024]  ? cgroup_rstat_updated+0x9f/0x570
[  671.761568][T29024]  ? __kvmalloc_node_noprof+0x72/0x170
[  671.767150][T29024]  ? bpf_check+0xd4/0xd5e0
[  671.771608][T29024]  vzalloc_noprof+0x5e/0x70
[  671.776214][T29024]  ? bpf_check+0xd4/0xd5e0
[  671.780691][T29024]  bpf_check+0xd4/0xd5e0
[  671.785017][T29024]  ? __rcu_read_unlock+0x4e/0x70
[  671.790047][T29024]  ? obj_cgroup_charge_pages+0x13d/0x1a0
[  671.795864][T29024]  ? __rcu_read_unlock+0x4e/0x70
[  671.800894][T29024]  ? __memcg_kmem_charge_page+0xd2/0x170
[  671.806541][T29024]  ? __alloc_pages_noprof+0x1bc/0x340
[  671.811986][T29024]  ? alloc_pages_bulk_noprof+0x324/0x650
[  671.817642][T29024]  ? policy_nodemask+0x2ba/0x3e0
[  671.822612][T29024]  ? __vmap_pages_range_noflush+0x940/0x960
[  671.828558][T29024]  ? pcpu_block_refresh_hint+0x11f/0x180
[  671.834285][T29024]  ? pcpu_block_update_hint_alloc+0x1f4/0x6a0
[  671.840408][T29024]  ? _find_next_zero_bit+0x60/0x90
[  671.845534][T29024]  ? pcpu_block_refresh_hint+0x11f/0x180
[  671.851385][T29024]  ? pcpu_block_update_hint_alloc+0x685/0x6a0
[  671.857520][T29024]  ? pcpu_chunk_relocate+0x183/0x280
[  671.862819][T29024]  ? __mod_memcg_state+0x122/0x280
[  671.867950][T29024]  ? __rcu_read_unlock+0x4e/0x70
[  671.872964][T29024]  ? pcpu_memcg_post_alloc_hook+0x158/0x1c0
[  671.878931][T29024]  ? bpf_prog_alloc+0x59/0x150
[  671.883764][T29024]  ? should_fail_ex+0xd7/0x230
[  671.888541][T29024]  ? selinux_bpf_prog_load+0x35/0xe0
[  671.893876][T29024]  ? should_failslab+0x8f/0xb0
[  671.898746][T29024]  ? __kmalloc_cache_noprof+0x186/0x320
[  671.904311][T29024]  ? selinux_bpf_prog_load+0xbb/0xe0
[  671.909752][T29024]  bpf_prog_load+0xed4/0x1070
[  671.914564][T29024]  ? __rcu_read_unlock+0x4e/0x70
[  671.919533][T29024]  __sys_bpf+0x463/0x7a0
[  671.923830][T29024]  __x64_sys_bpf+0x43/0x50
[  671.928332][T29024]  x64_sys_call+0x2914/0x2dc0
[  671.933151][T29024]  do_syscall_64+0xc9/0x1c0
[  671.937666][T29024]  ? clear_bhb_loop+0x55/0xb0
[  671.942361][T29024]  ? clear_bhb_loop+0x55/0xb0
[  671.947048][T29024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  671.953030][T29024] RIP: 0033:0x7ff710485d29
[  671.957533][T29024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  671.977152][T29024] RSP: 002b:00007ff70eaf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  671.985593][T29024] RAX: ffffffffffffffda RBX: 00007ff710675fa0 RCX: 00007ff710485d29
[  671.993621][T29024] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[  672.001636][T29024] RBP: 00007ff70eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  672.009749][T29024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  672.017771][T29024] R13: 0000000000000001 R14: 00007ff710675fa0 R15: 00007ffc1e8fa178
[  672.025763][T29024]  </TASK>
[  672.029047][T29024] Mem-Info:
[  672.032174][T29024] active_anon:6578 inactive_anon:0 isolated_anon:0
[  672.032174][T29024]  active_file:14747 inactive_file:2564 isolated_file:0
[  672.032174][T29024]  unevictable:0 dirty:228 writeback:1
[  672.032174][T29024]  slab_reclaimable:3402 slab_unreclaimable:154771
[  672.032174][T29024]  mapped:31602 shmem:3608 pagetables:736
[  672.032174][T29024]  sec_pagetables:0 bounce:0
[  672.032174][T29024]  kernel_misc_reclaimable:0
[  672.032174][T29024]  free:1677974 free_pcp:83925 free_cma:0
[  672.034447][T29025] JBD2: no valid journal superblock found
[  672.077221][T29024] Node 0 active_anon:26312kB inactive_anon:0kB active_file:58988kB inactive_file:10256kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:126408kB dirty:912kB writeback:4kB shmem:14432kB writeback_tmp:0kB kernel_stack:4368kB pagetables:2944kB sec_pagetables:0kB all_unreclaimable? no
[  672.077285][T29024] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  672.083034][T29025] EXT4-fs (loop1): Could not load journal inode
[  672.110803][T29024] lowmem_reserve[]: 0 2866 7844 0
[  672.110840][T29024] Node 0 DMA32 free:2950280kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953912kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB
[  672.163862][T29015] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  672.177672][T29024] lowmem_reserve[]: 0 0 4978 0
[  672.177712][T29024] Node 0 Normal free:3746256kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:26312kB inactive_anon:0kB active_file:58988kB inactive_file:10256kB unevictable:0kB writepending:916kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:332052kB local_pcp:168632kB free_cma:0kB
[  672.225307][T29024] lowmem_reserve[]: 0 0 0 0
[  672.230022][T29024] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  672.242850][T29024] Node 0 DMA32: 2*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950280kB
[  672.253777][T29015] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm syz.7.8519: Invalid block bitmap block 0 in block_group 0
[  672.259069][T29024] Node 0 Normal: 1568*4kB (UM) 1774*8kB (UME) 986*16kB (UM) 826*32kB (UME) 304*64kB (UM) 50*128kB (UM) 24*256kB (UME) 54*512kB (UME) 95*1024kB (UME) 52*2048kB (UM) 835*4096kB (UM) = 3746256kB
[  672.291761][T29024] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  672.293446][T29015] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.8519: Failed to acquire dquot type 0
[  672.301097][T29024] 20950 total pagecache pages
[  672.301109][T29024] 1 pages in swap cache
[  672.301117][T29024] Free swap  = 124340kB
[  672.301153][T29024] Total swap = 124996kB
[  672.301160][T29024] 2097051 pages RAM
[  672.301166][T29024] 0 pages HighMem/MovableOnly
[  672.301173][T29024] 80181 pages reserved
[  672.370211][T23507] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  672.401199][T29028] FAULT_INJECTION: forcing a failure.
[  672.401199][T29028] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  672.414409][T29028] CPU: 0 UID: 0 PID: 29028 Comm: syz.3.8523 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  672.425225][T29028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  672.435577][T29028] Call Trace:
[  672.438877][T29028]  <TASK>
[  672.441815][T29028]  dump_stack_lvl+0xf2/0x150
[  672.446641][T29028]  dump_stack+0x15/0x1a
[  672.450936][T29028]  should_fail_ex+0x223/0x230
[  672.455662][T29028]  should_fail+0xb/0x10
[  672.459833][T29028]  should_fail_usercopy+0x1a/0x20
[  672.465024][T29028]  strncpy_from_user+0x25/0x210
[  672.469965][T29028]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  672.475621][T29028]  ? getname_flags+0x81/0x3b0
[  672.480353][T29028]  getname_flags+0xb0/0x3b0
[  672.484996][T29028]  getname+0x17/0x20
[  672.488917][T29028]  do_sys_openat2+0x67/0x120
[  672.493546][T29028]  __x64_sys_openat+0xf3/0x120
[  672.498319][T29028]  x64_sys_call+0x2b30/0x2dc0
[  672.503081][T29028]  do_syscall_64+0xc9/0x1c0
[  672.507651][T29028]  ? clear_bhb_loop+0x55/0xb0
[  672.512338][T29028]  ? clear_bhb_loop+0x55/0xb0
[  672.517025][T29028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  672.523019][T29028] RIP: 0033:0x7ff710485d29
[  672.527502][T29028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  672.547120][T29028] RSP: 002b:00007ff70eaf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  672.555540][T29028] RAX: ffffffffffffffda RBX: 00007ff710675fa0 RCX: 00007ff710485d29
[  672.563622][T29028] RDX: 0000000000000401 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[  672.571608][T29028] RBP: 00007ff70eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  672.579595][T29028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  672.587647][T29028] R13: 0000000000000000 R14: 00007ff710675fa0 R15: 00007ffc1e8fa178
[  672.595648][T29028]  </TASK>
[  672.671333][T23208] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  672.686210][T16681] EXT4-fs error (device loop7): ext4_release_dquot:6961: comm kworker/u8:32: Failed to release dquot type 0
[  672.705543][T29039] netlink: 12 bytes leftover after parsing attributes in process `syz.9.8529'.
[  672.740984][T29046] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8528'.
[  672.777644][T29049] netlink: 12 bytes leftover after parsing attributes in process `syz.9.8532'.
[  672.802699][T29047] loop3: detected capacity change from 0 to 1024
[  672.822100][T29047] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  672.839297][T29047] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  672.856182][T29047] EXT4-fs (loop3): orphan cleanup on readonly fs
[  672.873208][T29047] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  672.903793][T29047] EXT4-fs (loop3): Remounting filesystem read-only
[  672.916312][T29047] EXT4-fs (loop3): 1 orphan inode deleted
[  672.929347][T29047] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  672.942110][T29047] SELinux: (dev loop3, type ext4) getxattr errno 5
[  672.948176][T29064] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8536'.
[  672.951105][T29047] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  672.957745][T29064] tipc: Started in network mode
[  672.971681][T29064] tipc: Node identity 7, cluster identity 1
[  672.977658][T29064] tipc: Node number set to 7
[  672.978073][T29065] loop7: detected capacity change from 0 to 164
[  673.221568][T29079] lo speed is unknown, defaulting to 1000
[  673.383538][T29088] FAULT_INJECTION: forcing a failure.
[  673.383538][T29088] name failslab, interval 1, probability 0, space 0, times 0
[  673.396250][T29088] CPU: 0 UID: 0 PID: 29088 Comm: syz.0.8546 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  673.407026][T29088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  673.417182][T29088] Call Trace:
[  673.420519][T29088]  <TASK>
[  673.423464][T29088]  dump_stack_lvl+0xf2/0x150
[  673.428125][T29088]  dump_stack+0x15/0x1a
[  673.432309][T29088]  should_fail_ex+0x223/0x230
[  673.437019][T29088]  should_failslab+0x8f/0xb0
[  673.441639][T29088]  kmem_cache_alloc_noprof+0x52/0x320
[  673.447024][T29088]  ? audit_log_start+0x34c/0x6b0
[  673.452035][T29088]  audit_log_start+0x34c/0x6b0
[  673.456820][T29088]  audit_seccomp+0x4b/0x130
[  673.461367][T29088]  __seccomp_filter+0x6fa/0x1180
[  673.466335][T29088]  ? __perf_event_task_sched_out+0x138/0x1010
[  673.472527][T29088]  __secure_computing+0x9f/0x1c0
[  673.477500][T29088]  syscall_trace_enter+0xd1/0x1f0
[  673.482655][T29088]  do_syscall_64+0xaa/0x1c0
[  673.487201][T29088]  ? clear_bhb_loop+0x55/0xb0
[  673.491894][T29088]  ? clear_bhb_loop+0x55/0xb0
[  673.496710][T29088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  673.502642][T29088] RIP: 0033:0x7f928e425d29
[  673.507069][T29088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  673.526761][T29088] RSP: 002b:00007f928ca97038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  673.535193][T29088] RAX: ffffffffffffffda RBX: 00007f928e615fa0 RCX: 00007f928e425d29
[  673.543185][T29088] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00000000200001c0
[  673.551252][T29088] RBP: 00007f928ca97090 R08: 0000000000000000 R09: 0000000000000000
[  673.559386][T29088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  673.567385][T29088] R13: 0000000000000000 R14: 00007f928e615fa0 R15: 00007ffcd9c66de8
[  673.575451][T29088]  </TASK>
[  673.658762][T29092] netlink: 12 bytes leftover after parsing attributes in process `syz.9.8548'.
[  673.697685][   T29] kauditd_printk_skb: 217 callbacks suppressed
[  673.697703][   T29] audit: type=1326 audit(1736596708.717:56872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.700240][T29095] loop9: detected capacity change from 0 to 1024
[  673.703944][   T29] audit: type=1326 audit(1736596708.717:56873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.731772][T29095] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  673.734307][   T29] audit: type=1326 audit(1736596708.717:56874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.757748][T29095] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  673.768755][   T29] audit: type=1326 audit(1736596708.717:56875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.825798][   T29] audit: type=1326 audit(1736596708.717:56876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.833304][T29095] JBD2: no valid journal superblock found
[  673.855465][T29095] EXT4-fs (loop9): Could not load journal inode
[  673.863776][   T29] audit: type=1326 audit(1736596708.757:56877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.887552][   T29] audit: type=1326 audit(1736596708.757:56878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.911216][   T29] audit: type=1326 audit(1736596708.757:56879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.934937][   T29] audit: type=1326 audit(1736596708.837:56880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  673.958707][   T29] audit: type=1326 audit(1736596708.837:56881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29089 comm="syz.3.8547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff710485d29 code=0x7ffc0000
[  675.028788][T29110] FAULT_INJECTION: forcing a failure.
[  675.028788][T29110] name failslab, interval 1, probability 0, space 0, times 0
[  675.041540][T29110] CPU: 1 UID: 0 PID: 29110 Comm: syz.9.8554 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  675.052411][T29110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  675.062506][T29110] Call Trace:
[  675.065797][T29110]  <TASK>
[  675.068764][T29110]  dump_stack_lvl+0xf2/0x150
[  675.073404][T29110]  dump_stack+0x15/0x1a
[  675.077771][T29110]  should_fail_ex+0x223/0x230
[  675.082473][T29110]  should_failslab+0x8f/0xb0
[  675.087110][T29110]  kmem_cache_alloc_noprof+0x52/0x320
[  675.092537][T29110]  ? getname_kernel+0x3d/0x1e0
[  675.097330][T29110]  getname_kernel+0x3d/0x1e0
[  675.101989][T29110]  kern_path+0x21/0x120
[  675.106205][T29110]  bpf_uprobe_multi_link_attach+0x1ed/0x850
[  675.112163][T29110]  link_create+0x627/0x660
[  675.116599][T29110]  __sys_bpf+0x430/0x7a0
[  675.120935][T29110]  __x64_sys_bpf+0x43/0x50
[  675.125455][T29110]  x64_sys_call+0x2914/0x2dc0
[  675.130245][T29110]  do_syscall_64+0xc9/0x1c0
[  675.134767][T29110]  ? clear_bhb_loop+0x55/0xb0
[  675.139468][T29110]  ? clear_bhb_loop+0x55/0xb0
[  675.144234][T29110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  675.150216][T29110] RIP: 0033:0x7f77adaa5d29
[  675.154695][T29110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  675.174326][T29110] RSP: 002b:00007f77ac117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  675.182850][T29110] RAX: ffffffffffffffda RBX: 00007f77adc95fa0 RCX: 00007f77adaa5d29
[  675.190866][T29110] RDX: 0000000000000040 RSI: 00000000200012c0 RDI: 000000000000001c
[  675.198930][T29110] RBP: 00007f77ac117090 R08: 0000000000000000 R09: 0000000000000000
[  675.206931][T29110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  675.214907][T29110] R13: 0000000000000000 R14: 00007f77adc95fa0 R15: 00007ffde7ba9168
[  675.222890][T29110]  </TASK>
[  676.307968][T29090] A link change request failed with some changes committed already. Interface ip6gre0 may have been left with an inconsistent configuration, please check.
[  676.345475][T29105] lo speed is unknown, defaulting to 1000
[  676.351748][T29108] lo speed is unknown, defaulting to 1000
[  676.469943][T29121] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8559'.
[  676.470035][T29119] netlink: 20 bytes leftover after parsing attributes in process `-/…<B¯ËÞ=Õ²á'.
[  676.511745][T29123] FAULT_INJECTION: forcing a failure.
[  676.511745][T29123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  676.524974][T29123] CPU: 1 UID: 0 PID: 29123 Comm: syz.7.8558 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  676.535805][T29123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  676.545890][T29123] Call Trace:
[  676.549186][T29123]  <TASK>
[  676.552129][T29123]  dump_stack_lvl+0xf2/0x150
[  676.556751][T29123]  dump_stack+0x15/0x1a
[  676.560933][T29123]  should_fail_ex+0x223/0x230
[  676.565637][T29123]  should_fail+0xb/0x10
[  676.569809][T29123]  should_fail_usercopy+0x1a/0x20
[  676.574887][T29123]  _copy_to_user+0x20/0xa0
[  676.579430][T29123]  simple_read_from_buffer+0xa0/0x110
[  676.584904][T29123]  proc_fail_nth_read+0xf9/0x140
[  676.589866][T29123]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  676.595485][T29123]  vfs_read+0x1a2/0x700
[  676.599659][T29123]  ? __rcu_read_unlock+0x4e/0x70
[  676.604676][T29123]  ? __fget_files+0x17c/0x1c0
[  676.609378][T29123]  ksys_read+0xe8/0x1b0
[  676.613549][T29123]  __x64_sys_read+0x42/0x50
[  676.618072][T29123]  x64_sys_call+0x2874/0x2dc0
[  676.622796][T29123]  do_syscall_64+0xc9/0x1c0
[  676.627331][T29123]  ? clear_bhb_loop+0x55/0xb0
[  676.632022][T29123]  ? clear_bhb_loop+0x55/0xb0
[  676.636750][T29123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.642668][T29123] RIP: 0033:0x7f813afd473c
[  676.647098][T29123] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  676.666717][T29123] RSP: 002b:00007f8139641030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  676.675263][T29123] RAX: ffffffffffffffda RBX: 00007f813b1c5fa0 RCX: 00007f813afd473c
[  676.683305][T29123] RDX: 000000000000000f RSI: 00007f81396410a0 RDI: 0000000000000004
[  676.691290][T29123] RBP: 00007f8139641090 R08: 0000000000000000 R09: 0000000000000000
[  676.699272][T29123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  676.707249][T29123] R13: 0000000000000000 R14: 00007f813b1c5fa0 R15: 00007ffc81044c18
[  676.715265][T29123]  </TASK>
[  676.796855][T29136] block device autoloading is deprecated and will be removed.
[  676.808484][T29138] vhci_hcd: invalid port number 15
[  676.814059][T29136] syz.7.8565: attempt to access beyond end of device
[  676.814059][T29136] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  676.816488][T29132] loop3: detected capacity change from 0 to 1024
[  676.847049][T29132] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  676.858047][T29132] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  676.870396][T29136] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8565'.
[  676.880034][T29132] JBD2: no valid journal superblock found
[  676.885796][T29132] EXT4-fs (loop3): Could not load journal inode
[  676.891586][T29136] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8565'.
[  677.056530][T29148] FAULT_INJECTION: forcing a failure.
[  677.056530][T29148] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  677.069632][T29148] CPU: 0 UID: 0 PID: 29148 Comm: syz.3.8569 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  677.080426][T29148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  677.090601][T29148] Call Trace:
[  677.093931][T29148]  <TASK>
[  677.096931][T29148]  dump_stack_lvl+0xf2/0x150
[  677.101568][T29148]  dump_stack+0x15/0x1a
[  677.105806][T29148]  should_fail_ex+0x223/0x230
[  677.110534][T29148]  should_fail+0xb/0x10
[  677.114794][T29148]  should_fail_usercopy+0x1a/0x20
[  677.119850][T29148]  strncpy_from_user+0x25/0x210
[  677.124738][T29148]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  677.130416][T29148]  ? getname_flags+0x81/0x3b0
[  677.135191][T29148]  getname_flags+0xb0/0x3b0
[  677.139726][T29148]  user_path_at+0x26/0x120
[  677.144243][T29148]  __se_sys_quotactl+0xb2/0x660
[  677.149128][T29148]  ? fput+0x1c4/0x200
[  677.153140][T29148]  __x64_sys_quotactl+0x55/0x70
[  677.158027][T29148]  x64_sys_call+0x826/0x2dc0
[  677.162726][T29148]  do_syscall_64+0xc9/0x1c0
[  677.167261][T29148]  ? clear_bhb_loop+0x55/0xb0
[  677.171978][T29148]  ? clear_bhb_loop+0x55/0xb0
[  677.176689][T29148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.182636][T29148] RIP: 0033:0x7ff710485d29
[  677.187075][T29148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  677.207152][T29148] RSP: 002b:00007ff70eaf7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  677.215589][T29148] RAX: ffffffffffffffda RBX: 00007ff710675fa0 RCX: 00007ff710485d29
[  677.223606][T29148] RDX: 0000000000000000 RSI: 00000000200008c0 RDI: ffffffff80000200
[  677.231607][T29148] RBP: 00007ff70eaf7090 R08: 0000000000000000 R09: 0000000000000000
[  677.239627][T29148] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[  677.247626][T29148] R13: 0000000000000000 R14: 00007ff710675fa0 R15: 00007ffc1e8fa178
[  677.255633][T29148]  </TASK>
[  677.264381][T29151] lo speed is unknown, defaulting to 1000
[  677.366616][T29157] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8571'.
[  677.451217][T29163] lo speed is unknown, defaulting to 1000
[  677.685423][T29173] netlink: 'syz.7.8576': attribute type 29 has an invalid length.
[  677.754657][T29175] ALSA: seq fatal error: cannot create timer (-19)
[  677.812997][T29180] loop9: detected capacity change from 0 to 1024
[  677.825320][T29180] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  677.836337][T29180] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  677.853306][T29180] JBD2: no valid journal superblock found
[  677.859139][T29180] EXT4-fs (loop9): Could not load journal inode
[  677.912318][T29183] FAULT_INJECTION: forcing a failure.
[  677.912318][T29183] name failslab, interval 1, probability 0, space 0, times 0
[  677.925150][T29183] CPU: 1 UID: 0 PID: 29183 Comm: syz.9.8580 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  677.935923][T29183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  677.946082][T29183] Call Trace:
[  677.949397][T29183]  <TASK>
[  677.952428][T29183]  dump_stack_lvl+0xf2/0x150
[  677.957107][T29183]  dump_stack+0x15/0x1a
[  677.961303][T29183]  should_fail_ex+0x223/0x230
[  677.966087][T29183]  should_failslab+0x8f/0xb0
[  677.970790][T29183]  kmem_cache_alloc_noprof+0x52/0x320
[  677.976223][T29183]  ? getname_kernel+0x3d/0x1e0
[  677.981061][T29183]  getname_kernel+0x3d/0x1e0
[  677.985751][T29183]  kern_path+0x21/0x120
[  677.989928][T29183]  bpf_uprobe_multi_link_attach+0x1ed/0x850
[  677.995896][T29183]  link_create+0x627/0x660
[  678.000356][T29183]  __sys_bpf+0x430/0x7a0
[  678.004715][T29183]  __x64_sys_bpf+0x43/0x50
[  678.009174][T29183]  x64_sys_call+0x2914/0x2dc0
[  678.013896][T29183]  do_syscall_64+0xc9/0x1c0
[  678.018472][T29183]  ? clear_bhb_loop+0x55/0xb0
[  678.023258][T29183]  ? clear_bhb_loop+0x55/0xb0
[  678.027963][T29183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  678.033943][T29183] RIP: 0033:0x7f77adaa5d29
[  678.038382][T29183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  678.058144][T29183] RSP: 002b:00007f77ac117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  678.066602][T29183] RAX: ffffffffffffffda RBX: 00007f77adc95fa0 RCX: 00007f77adaa5d29
[  678.074591][T29183] RDX: 0000000000000040 RSI: 00000000200012c0 RDI: 000000000000001c
[  678.082595][T29183] RBP: 00007f77ac117090 R08: 0000000000000000 R09: 0000000000000000
[  678.090622][T29183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  678.098611][T29183] R13: 0000000000000000 R14: 00007f77adc95fa0 R15: 00007ffde7ba9168
[  678.106616][T29183]  </TASK>
[  678.109332][T29187] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8581'.
[  678.138144][T29186] loop1: detected capacity change from 0 to 512
[  678.144786][T29186] ext4: Unknown parameter 'é'
[  678.159292][T29189] 9pnet_fd: Insufficient options for proto=fd
[  678.160150][T29186] loop1: detected capacity change from 0 to 512
[  678.177762][T29186] ext4: Unknown parameter 'é'
[  678.189612][T29186] loop1: detected capacity change from 0 to 512
[  678.197801][T29186] ext4: Unknown parameter 'é'
[  678.210117][T29186] loop1: detected capacity change from 0 to 512
[  678.218170][T29186] ext4: Unknown parameter 'é'
[  678.231977][T29186] loop1: detected capacity change from 0 to 512
[  678.238511][T29186] ext4: Unknown parameter 'é'
[  678.247264][T29186] loop1: detected capacity change from 0 to 512
[  678.255305][T29186] ext4: Unknown parameter 'é'
[  678.266518][T29186] loop1: detected capacity change from 0 to 512
[  678.272945][T29186] ext4: Unknown parameter 'é'
[  678.285524][T29186] loop1: detected capacity change from 0 to 512
[  678.292114][T29186] ext4: Unknown parameter 'é'
[  678.314801][T29186] loop1: detected capacity change from 0 to 512
[  678.325887][T29186] ext4: Unknown parameter 'é'
[  678.347893][T29186] loop1: detected capacity change from 0 to 512
[  678.354345][T29186] ext4: Unknown parameter 'é'
[  678.371236][T29200] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8587'.
[  678.373006][T29186] loop1: detected capacity change from 0 to 512
[  678.391558][T29186] ext4: Unknown parameter 'é'
[  678.399997][T29186] loop1: detected capacity change from 0 to 512
[  678.406641][T29186] ext4: Unknown parameter 'é'
[  678.415375][T29186] loop1: detected capacity change from 0 to 512
[  678.423379][T29186] ext4: Unknown parameter 'é'
[  678.433121][T29186] loop1: detected capacity change from 0 to 512
[  678.439890][T29186] ext4: Unknown parameter 'é'
[  678.452749][T29206] loop9: detected capacity change from 0 to 1024
[  678.462221][T29186] loop1: detected capacity change from 0 to 512
[  678.469359][T29186] ext4: Unknown parameter 'é'
[  678.482166][T29204] xt_ipvs: protocol family 7 not supported
[  678.482347][T29206] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  678.495321][T29186] loop1: detected capacity change from 0 to 512
[  678.498916][T29206] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  678.510234][T29186] ext4: Unknown parameter 'é'
[  678.522765][T29211] atomic_op ffff888112151d28 conn xmit_atomic 0000000000000000
[  678.531417][T29206] JBD2: no valid journal superblock found
[  678.537280][T29206] EXT4-fs (loop9): Could not load journal inode
[  678.544865][T29204] lo speed is unknown, defaulting to 1000
[  678.560548][T29186] loop1: detected capacity change from 0 to 512
[  678.597801][T29186] ext4: Unknown parameter 'é'
[  678.631118][T29186] loop1: detected capacity change from 0 to 512
[  678.643599][T29219] ALSA: seq fatal error: cannot create timer (-19)
[  678.643880][T29186] ext4: Unknown parameter 'é'
[  678.701046][T29186] loop1: detected capacity change from 0 to 512
[  678.721498][T29186] ext4: Unknown parameter 'é'
[  678.742434][T29186] loop1: detected capacity change from 0 to 512
[  678.756998][T29186] ext4: Unknown parameter 'é'
[  678.762321][T29236] xt_CT: You must specify a L4 protocol and not use inversions on it
[  678.781539][T29186] loop1: detected capacity change from 0 to 512
[  678.801296][T29186] ext4: Unknown parameter 'é'
[  678.844687][T29186] loop1: detected capacity change from 0 to 512
[  678.858734][T29186] ext4: Unknown parameter 'é'
[  678.868394][T29186] loop1: detected capacity change from 0 to 512
[  678.884635][T29241] loop3: detected capacity change from 0 to 1024
[  678.892747][T29186] ext4: Unknown parameter 'é'
[  678.898468][T29241] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  678.912407][T29186] loop1: detected capacity change from 0 to 512
[  678.919560][T29241] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  678.935764][T29186] ext4: Unknown parameter 'é'
[  678.957051][T29241] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[  678.975434][T29241] System zones: 0-1, 3-12
[  678.984593][T29241] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #11: comm syz.3.8597: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  679.008745][T29241] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.8597: couldn't read orphan inode 11 (err -117)
[  679.021963][T29241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  679.038794][T29241] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.8597: Invalid block bitmap block 0 in block_group 0
[  679.060889][T29241] __quota_error: 110 callbacks suppressed
[  679.060909][T29241] Quota error (device loop3): write_blk: dquota write failed
[  679.074216][T29241] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  679.096723][T29241] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.8597: Failed to acquire dquot type 0
[  679.113149][T29269] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8599'.
[  679.171877][T29278] syz.1.8601[29278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  679.172014][T29278] syz.1.8601[29278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  679.183962][T29278] syz.1.8601[29278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  679.208975][T29278] FAULT_INJECTION: forcing a failure.
[  679.208975][T29278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  679.217547][T28891] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  679.220532][T29278] CPU: 1 UID: 0 PID: 29278 Comm: syz.1.8601 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  679.253232][T29278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  679.263307][T29278] Call Trace:
[  679.266604][T29278]  <TASK>
[  679.269558][T29278]  dump_stack_lvl+0xf2/0x150
[  679.273272][T15157] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-8
[  679.274201][T29278]  dump_stack+0x15/0x1a
[  679.283262][T15157] EXT4-fs error (device loop3): ext4_release_dquot:6961: comm kworker/u8:15: Failed to release dquot type 0
[  679.287266][T29278]  should_fail_ex+0x223/0x230
[  679.287299][T29278]  should_fail+0xb/0x10
[  679.307644][T29278]  should_fail_usercopy+0x1a/0x20
[  679.312827][T29278]  _copy_from_user+0x1e/0xb0
[  679.317567][T29278]  copy_msghdr_from_user+0x54/0x2a0
[  679.322827][T29278]  ? __fget_files+0x17c/0x1c0
[  679.327640][T29278]  __sys_sendmsg+0x13e/0x230
[  679.332349][T29278]  __x64_sys_sendmsg+0x46/0x50
[  679.337163][T29278]  x64_sys_call+0x2734/0x2dc0
[  679.341858][T29278]  do_syscall_64+0xc9/0x1c0
[  679.346372][T29278]  ? clear_bhb_loop+0x55/0xb0
[  679.351112][T29278]  ? clear_bhb_loop+0x55/0xb0
[  679.355819][T29278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.361749][T29278] RIP: 0033:0x7f895d605d29
[  679.366175][T29278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  679.385905][T29278] RSP: 002b:00007f895bc71038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  679.394368][T29278] RAX: ffffffffffffffda RBX: 00007f895d7f5fa0 RCX: 00007f895d605d29
[  679.402412][T29278] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000005
[  679.410444][T29278] RBP: 00007f895bc71090 R08: 0000000000000000 R09: 0000000000000000
[  679.418426][T29278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  679.426406][T29278] R13: 0000000000000000 R14: 00007f895d7f5fa0 R15: 00007ffcf692f8c8
[  679.434454][T29278]  </TASK>
[  679.647904][   T29] audit: type=1326 audit(1736596714.677:56992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29307 comm="syz.0.8605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  679.705949][   T29] audit: type=1326 audit(1736596714.707:56993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29307 comm="syz.0.8605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  679.729704][   T29] audit: type=1326 audit(1736596714.707:56994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29307 comm="syz.0.8605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  679.753448][   T29] audit: type=1326 audit(1736596714.707:56995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29307 comm="syz.0.8605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  679.777086][   T29] audit: type=1326 audit(1736596714.707:56996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29307 comm="syz.0.8605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  679.800753][   T29] audit: type=1326 audit(1736596714.707:56997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29307 comm="syz.0.8605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  679.824428][   T29] audit: type=1326 audit(1736596714.707:56998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29307 comm="syz.0.8605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  679.881737][T29343] 9pnet_fd: Insufficient options for proto=fd
[  679.946508][T29360] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8610'.
[  679.980363][T29313] lo speed is unknown, defaulting to 1000
[  680.020075][T29371] loop3: detected capacity change from 0 to 164
[  680.041551][T29373] syz.0.8613[29373] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  680.041736][T29373] syz.0.8613[29373] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  680.053601][T29373] syz.0.8613[29373] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  680.098047][T29353] lo speed is unknown, defaulting to 1000
[  680.341199][T29383] lo speed is unknown, defaulting to 1000
[  680.592148][T29353] chnl_net:caif_netlink_parms(): no params data found
[  680.785989][T29353] bridge0: port 1(bridge_slave_0) entered blocking state
[  680.793249][T29353] bridge0: port 1(bridge_slave_0) entered disabled state
[  680.800649][T29353] bridge_slave_0: entered allmulticast mode
[  680.807691][T29353] bridge_slave_0: entered promiscuous mode
[  680.814903][T29353] bridge0: port 2(bridge_slave_1) entered blocking state
[  680.819340][T29390] FAULT_INJECTION: forcing a failure.
[  680.819340][T29390] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  680.822107][T29353] bridge0: port 2(bridge_slave_1) entered disabled state
[  680.835206][T29390] CPU: 1 UID: 0 PID: 29390 Comm: syz.9.8615 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  680.835238][T29390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  680.842688][T29353] bridge_slave_1: entered allmulticast mode
[  680.852997][T29390] Call Trace:
[  680.864294][T29353] bridge_slave_1: entered promiscuous mode
[  680.868970][T29390]  <TASK>
[  680.868981][T29390]  dump_stack_lvl+0xf2/0x150
[  680.885786][T29390]  dump_stack+0x15/0x1a
[  680.890012][T29390]  should_fail_ex+0x223/0x230
[  680.894781][T29390]  should_fail+0xb/0x10
[  680.899075][T29390]  should_fail_usercopy+0x1a/0x20
[  680.904160][T29390]  _copy_from_user+0x1e/0xb0
[  680.908795][T29390]  sctp_getsockopt_connectx3+0x189/0x350
[  680.914470][T29390]  sctp_getsockopt+0x805/0xab0
[  680.919381][T29390]  sock_common_getsockopt+0x5b/0x70
[  680.924701][T29390]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  680.930726][T29390]  do_sock_getsockopt+0x1ca/0x260
[  680.935893][T29390]  __x64_sys_getsockopt+0x18c/0x200
[  680.941125][T29390]  x64_sys_call+0x1288/0x2dc0
[  680.945837][T29390]  do_syscall_64+0xc9/0x1c0
[  680.950407][T29390]  ? clear_bhb_loop+0x55/0xb0
[  680.955120][T29390]  ? clear_bhb_loop+0x55/0xb0
[  680.959835][T29390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.965835][T29390] RIP: 0033:0x7f77adaa5d29
[  680.970277][T29390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.989925][T29390] RSP: 002b:00007f77ac117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  680.998374][T29390] RAX: ffffffffffffffda RBX: 00007f77adc95fa0 RCX: 00007f77adaa5d29
[  681.006388][T29390] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000009
[  681.014374][T29390] RBP: 00007f77ac117090 R08: 0000000020000180 R09: 0000000000000000
[  681.022479][T29390] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  681.030487][T29390] R13: 0000000000000000 R14: 00007f77adc95fa0 R15: 00007ffde7ba9168
[  681.039076][T29390]  </TASK>
[  681.102114][T29392] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8616'.
[  681.119749][T29394] loop3: detected capacity change from 0 to 1024
[  681.136877][T29394] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  681.147804][T29394] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  681.166261][T29394] JBD2: no valid journal superblock found
[  681.170608][T29353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  681.171995][T29394] EXT4-fs (loop3): Could not load journal inode
[  681.202151][T29353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  681.261365][T29398] 9pnet_fd: Insufficient options for proto=fd
[  681.262668][T29401] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.326354][T29401] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.339223][T29353] team0: Port device team_slave_0 added
[  681.363676][T29401] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.384385][T29410] loop9: detected capacity change from 0 to 164
[  681.393883][T29353] team0: Port device team_slave_1 added
[  681.424613][T29412] ALSA: seq fatal error: cannot create timer (-19)
[  681.431713][T29410] Unable to read rock-ridge attributes
[  681.440372][T29401] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.463714][T29353] batman_adv: batadv0: Adding interface: batadv_slave_0
[  681.470791][T29353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  681.496778][T29353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  681.509006][T29353] batman_adv: batadv0: Adding interface: batadv_slave_1
[  681.516059][T29353] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  681.542119][T29353] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  681.577428][T29353] hsr_slave_0: entered promiscuous mode
[  681.583486][T29415] loop1: detected capacity change from 0 to 128
[  681.590636][T29353] hsr_slave_1: entered promiscuous mode
[  681.593216][T29415] EXT4-fs: Ignoring removed nobh option
[  681.602050][T29353] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  681.603173][T29421] FAULT_INJECTION: forcing a failure.
[  681.603173][T29421] name failslab, interval 1, probability 0, space 0, times 0
[  681.609724][T29353] Cannot create hsr debugfs directory
[  681.622349][T29421] CPU: 1 UID: 0 PID: 29421 Comm: GPL Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  681.637883][T29421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  681.642207][T29415] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  681.648009][T29421] Call Trace:
[  681.648021][T29421]  <TASK>
[  681.648031][T29421]  dump_stack_lvl+0xf2/0x150
[  681.660709][T29415] ext4 filesystem being mounted at /290/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  681.663324][T29421]  dump_stack+0x15/0x1a
[  681.685323][T29421]  should_fail_ex+0x223/0x230
[  681.690108][T29421]  should_failslab+0x8f/0xb0
[  681.694802][T29421]  __kmalloc_noprof+0xab/0x3f0
[  681.699706][T29421]  ? alloc_pipe_info+0x1cb/0x360
[  681.704674][T29421]  alloc_pipe_info+0x1cb/0x360
[  681.709470][T29421]  create_pipe_files+0x67/0x3b0
[  681.714346][T29421]  __do_pipe_flags+0x46/0x190
[  681.719111][T29421]  do_pipe2+0x64/0x130
[  681.723370][T29421]  __x64_sys_pipe2+0x30/0x40
[  681.727990][T29421]  x64_sys_call+0x28a6/0x2dc0
[  681.732718][T29421]  do_syscall_64+0xc9/0x1c0
[  681.737235][T29421]  ? clear_bhb_loop+0x55/0xb0
[  681.741979][T29421]  ? clear_bhb_loop+0x55/0xb0
[  681.746672][T29421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.752690][T29421] RIP: 0033:0x7f77adaa5d29
[  681.757178][T29421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.776796][T29421] RSP: 002b:00007f77ac117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
[  681.785258][T29421] RAX: ffffffffffffffda RBX: 00007f77adc95fa0 RCX: 00007f77adaa5d29
[  681.793239][T29421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001900
[  681.801242][T29421] RBP: 00007f77ac117090 R08: 0000000000000000 R09: 0000000000000000
[  681.809230][T29421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  681.817278][T29421] R13: 0000000000000000 R14: 00007f77adc95fa0 R15: 00007ffde7ba9168
[  681.825379][T29421]  </TASK>
[  681.839606][T29401] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  681.854277][T29401] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  681.867559][T29401] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  681.914701][T24954] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  681.935329][T29401] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  682.007102][T29353] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.032846][T29433] 9pnet_fd: Insufficient options for proto=fd
[  682.046967][T29439] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29439 comm=syz.1.8636
[  682.059639][T29439] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=29439 comm=syz.1.8636
[  682.087839][T29353] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.167635][T29353] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.183514][T29451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8636'.
[  682.233915][T29353] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  682.335781][T29353] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  682.402089][T29353] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  682.423375][T29353] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  682.442525][T29353] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  682.524647][T29353] 8021q: adding VLAN 0 to HW filter on device bond0
[  682.554381][T29353] 8021q: adding VLAN 0 to HW filter on device team0
[  682.616898][T27066] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.624075][T27066] bridge0: port 1(bridge_slave_0) entered forwarding state
[  682.634129][T27066] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.641315][T27066] bridge0: port 2(bridge_slave_1) entered forwarding state
[  682.655055][T29474] netlink: 'syz.9.8648': attribute type 29 has an invalid length.
[  682.690820][T29476] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  682.767888][T29477] 9pnet_fd: Insufficient options for proto=fd
[  682.816079][T29353] 8021q: adding VLAN 0 to HW filter on device batadv0
[  683.091863][T29353] veth0_vlan: entered promiscuous mode
[  683.117083][T29353] veth1_vlan: entered promiscuous mode
[  683.157196][T29353] veth0_macvtap: entered promiscuous mode
[  683.175140][T29353] veth1_macvtap: entered promiscuous mode
[  683.198774][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.209678][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.219893][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.230484][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.240347][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.251038][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.260956][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.271465][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.281310][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.291852][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.301758][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.312272][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.322145][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.332618][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.342491][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.353152][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.363122][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.373788][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.383691][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.394304][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.404260][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.414735][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.424739][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  683.435223][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.472196][T29353] batman_adv: batadv0: Interface activated: batadv_slave_0
[  683.487036][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.497553][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.507414][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.517893][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.527780][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.538278][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.548163][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.558870][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.568744][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.579462][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.589324][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.599924][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.609840][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.620451][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.630377][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.641132][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.651011][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.661622][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.671510][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.681973][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.691873][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.702401][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.712321][T29353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.722801][T29353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.736055][T29353] batman_adv: batadv0: Interface activated: batadv_slave_1
[  683.745001][T29353] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  683.753864][T29353] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  683.762650][T29353] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  683.771482][T29353] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  683.777423][T29520] netlink: 'syz.0.8659': attribute type 29 has an invalid length.
[  683.842373][T29518] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8657'.
[  683.846436][T29523] 9pnet_fd: Insufficient options for proto=fd
[  683.908823][T29530] 9pnet_fd: Insufficient options for proto=fd
[  684.172997][T29544] 8021q: adding VLAN 0 to HW filter on device bond1
[  684.185663][T29544] bond0: (slave bond1): Enslaving as an active interface with an up link
[  684.305882][T29553] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8668'.
[  684.314898][T29553] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8668'.
[  684.358018][T29555] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8671'.
[  684.368978][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  684.368994][   T29] audit: type=1326 audit(1736596719.397:57078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="syz.0.8671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.398849][   T29] audit: type=1326 audit(1736596719.397:57079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="syz.0.8671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.423045][   T29] audit: type=1326 audit(1736596719.397:57080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="syz.0.8671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.446748][   T29] audit: type=1326 audit(1736596719.397:57081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.469846][   T29] audit: type=1326 audit(1736596719.397:57082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.494620][   T29] audit: type=1326 audit(1736596719.397:57083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.518399][   T29] audit: type=1326 audit(1736596719.397:57084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.541879][   T29] audit: type=1326 audit(1736596719.397:57085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.565072][   T29] audit: type=1326 audit(1736596719.397:57086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.588311][   T29] audit: type=1326 audit(1736596719.427:57087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29554 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f928e425d29 code=0x7ffc0000
[  684.685073][T29560] 9pnet: Could not find request transport: fd0x0000000000000005
[  684.731990][T29563] loop1: detected capacity change from 0 to 512
[  684.741251][T29565] loop7: detected capacity change from 0 to 1024
[  684.747700][T29560] 9pnet_fd: Insufficient options for proto=fd
[  684.748882][T29565] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  684.764820][T29565] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  684.781908][T29563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  684.784508][T29565] JBD2: no valid journal superblock found
[  684.800427][T29565] EXT4-fs (loop7): Could not load journal inode
[  684.809355][T29563] ext4 filesystem being mounted at /298/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  684.810433][T29570] vhci_hcd: invalid port number 15
[  684.856584][T29563] 9pnet: Could not find request transport: f
[  684.953979][T24954] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  685.202203][T29593] ALSA: seq fatal error: cannot create timer (-19)
[  685.677855][T29604] ALSA: seq fatal error: cannot create timer (-19)
[  685.688778][T29607] FAULT_INJECTION: forcing a failure.
[  685.688778][T29607] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  685.702198][T29607] CPU: 0 UID: 0 PID: 29607 Comm: syz.1.8685 Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  685.712982][T29607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  685.723124][T29607] Call Trace:
[  685.726470][T29607]  <TASK>
[  685.729473][T29607]  dump_stack_lvl+0xf2/0x150
[  685.734126][T29607]  dump_stack+0x15/0x1a
[  685.738360][T29607]  should_fail_ex+0x223/0x230
[  685.743080][T29607]  should_fail_alloc_page+0xfd/0x110
[  685.748482][T29607]  __alloc_pages_noprof+0x109/0x340
[  685.753724][T29607]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  685.759156][T29607]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  685.764623][T29607]  handle_mm_fault+0xdd7/0x2ac0
[  685.769517][T29607]  exc_page_fault+0x3b9/0x650
[  685.774228][T29607]  asm_exc_page_fault+0x26/0x30
[  685.779167][T29607] RIP: 0033:0x7f895d5b335b
[  685.783674][T29607] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  685.803308][T29607] RSP: 002b:00007f895bc6ee10 EFLAGS: 00010246
[  685.809616][T29607] RAX: 00007f895bc70f30 RBX: 00007f895d7cb620 RCX: 0000000000000000
[  685.817611][T29607] RDX: 00007f895bc70f78 RSI: 00007f895d665bd8 RDI: 00007f895bc6ee30
[  685.825593][T29607] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  685.833571][T29607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  685.841552][T29607] R13: 0000000000000000 R14: 00007f895d7f5fa0 R15: 00007ffcf692f8c8
[  685.849542][T29607]  </TASK>
[  685.852719][T29607] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  685.884120][T29614] vhci_hcd: invalid port number 15
[  685.946203][T29623] loop7: detected capacity change from 0 to 16384
[  686.005125][T29623] I/O error, dev loop7, sector 8960 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  686.019947][T29623] I/O error, dev loop7, sector 9216 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  686.020007][T29626] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.029916][T29623] I/O error, dev loop7, sector 8960 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  686.049168][T29623] buffer_io_error: 1174 callbacks suppressed
[  686.049183][T29623] Buffer I/O error on dev loop7, logical block 1120, async page read
[  686.097334][T29630] 9pnet: Could not find request transport: fd0x0000000000000005
[  686.111596][T29626] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.154151][T29630] 9pnet_fd: Insufficient options for proto=fd
[  686.198351][T29626] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.270106][T29634] loop1: detected capacity change from 0 to 2048
[  686.273582][T29641] netlink: 12 bytes leftover after parsing attributes in process `syz.7.8698'.
[  686.286877][T29626] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.317067][T29634]  loop1: p1 < > p2 p3 < p5 > p4
[  686.322108][T29634] loop1: partition table partially beyond EOD, truncated
[  686.341513][T29634] loop1: p1 start 4278190080 is beyond EOD, truncated
[  686.348397][T29634] loop1: p2 start 16908800 is beyond EOD, truncated
[  686.357107][T29634] loop1: p4 start 11326 is beyond EOD, truncated
[  686.363569][T29634] loop1: p5 start 16908800 is beyond EOD, truncated
[  686.377282][T29626] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  686.398379][T29626] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  686.424019][T29626] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  686.434611][T24954] ==================================================================
[  686.442740][T24954] BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_getattr
[  686.448574][T29626] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  686.450649][T24954] 
[  686.450658][T24954] read-write to 0xffff8881185230c8 of 8 bytes by task 29639 on cpu 1:
[  686.450680][T24954]  shmem_add_to_page_cache+0x3b9/0x4b0
[  686.474791][T24954]  shmem_get_folio_gfp+0x4f6/0xd90
[  686.479932][T24954]  shmem_write_begin+0xa2/0x180
[  686.484818][T24954]  generic_perform_write+0x1a8/0x4a0
[  686.490147][T24954]  shmem_file_write_iter+0xc2/0xe0
[  686.495400][T24954]  __kernel_write_iter+0x24b/0x4e0
[  686.500590][T24954]  dump_user_range+0x3ac/0x550
[  686.505841][T24954]  elf_core_dump+0x1bdc/0x1ce0
[  686.510655][T24954]  do_coredump+0x1898/0x1f40
[  686.515276][T24954]  get_signal+0xd4f/0x1000
[  686.519729][T24954]  arch_do_signal_or_restart+0x95/0x4b0
[  686.525326][T24954]  irqentry_exit_to_user_mode+0xa7/0x120
[  686.531012][T24954]  irqentry_exit+0x12/0x50
[  686.535500][T24954]  asm_exc_page_fault+0x26/0x30
[  686.540372][T24954] 
[  686.542717][T24954] read to 0xffff8881185230c8 of 8 bytes by task 24954 on cpu 0:
[  686.550358][T24954]  shmem_getattr+0x69/0x200
[  686.554885][T24954]  vfs_statx_path+0x171/0x2d0
[  686.559587][T24954]  vfs_statx+0xe1/0x170
[  686.563766][T24954]  __se_sys_newfstatat+0xdc/0x300
[  686.568814][T24954]  __x64_sys_newfstatat+0x55/0x70
[  686.573871][T24954]  x64_sys_call+0x236d/0x2dc0
[  686.578579][T24954]  do_syscall_64+0xc9/0x1c0
[  686.583115][T24954]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.589062][T24954] 
[  686.591408][T24954] value changed: 0x0000000000000bbf -> 0x0000000000000bc0
[  686.598537][T24954] 
[  686.600874][T24954] Reported by Kernel Concurrency Sanitizer on:
[  686.607040][T24954] CPU: 0 UID: 0 PID: 24954 Comm: syz-executor Not tainted 6.13.0-rc6-syzkaller-00231-g77a903cd8e5a #0
[  686.618021][T24954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  686.628097][T24954] ==================================================================
[  686.684770][T29647] vhci_hcd: invalid port number 15
[  686.697695][T29622] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  686.707448][T29622] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  686.715852][T29622] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  686.724274][T29622] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  686.732820][T29622] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  686.741205][T29622] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  686.749709][T29622] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  686.758097][T29622] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  686.766476][T29622] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  686.774869][T29622] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  686.786703][T29622] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  686.804666][T29622] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  686.817833][T29622] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  686.830834][T29622] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  686.843744][T29622] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  686.870480][T29622] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0