last executing test programs:

3m9.444315375s ago: executing program 0 (id=503):
r0 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$nvram(0xffffffffffffff9c, 0x0, 0x121880, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYRESOCT, @ANYBLOB='_'], 0x48)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000080)={0x2, &(0x7f00000000c0)=[{0x40, 0x8, 0xfe, 0x9}, {0x6, 0x0, 0x0, 0x8eb6}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x121d, &(0x7f0000000480)={0x0, 0xfffffffd, 0x80, 0x3, 0x34e}, &(0x7f0000000980)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r5 = socket(0x2a, 0x2, 0xfffffffe)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)={0x1})
socket$caif_stream(0x25, 0x1, 0x5)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r6 = io_uring_setup(0x21ab, &(0x7f0000000000)={0x0, 0x5439, 0x0, 0x0, 0x146})
r7 = dup2(r6, r6)
io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r8)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITE={0x17, 0x20, 0x2004, @fd_index=0xa, 0x5, &(0x7f0000000380)="faf1ba66c501700ec99b4b61dbe11bdf325150ee3ca108ea516f2aceabd55e28c9842b8933a974cdbcc4d4362f0d62e78301dc7b7505b25d9b36bd46b3fa543b8be07d3b6e32942248c64810dcf807edeb2ae4a69df2faa6c3a955852e3235b2a376485648b72dbd64d9fd2281cd259cbe9fe48c53445bb423e62baef7f6152f62130d536d3cc7f845215bfb5d8dcda624f692afae6b135bb186298cb44a663d01932463fa6c50bbbe65c39404448e24a15b8f07eb0cb0cf65efc51b4e3a6b255db3f8f53d9cd0dcf48187313384557984a6980579feb2c2c3376d0570e1f2512be916b089b570c3c22d110a47b3063fcfa5c153e3dc", 0xf6, 0x15, 0x0, {0x0, r8}})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
socket(0x840000000002, 0x3, 0xfa)

3m9.263129608s ago: executing program 0 (id=505):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r0, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000200)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x81}}, {0xa, 0x4e24, 0x0, @empty}, r3, 0x3}}, 0x48)
write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f0000000080)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e21, 0x80000000, @empty, 0x2}, r3}}, 0x30)

3m9.262610018s ago: executing program 0 (id=506):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x18)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000002010101000000020000000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4)

3m9.246433698s ago: executing program 0 (id=507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x419f, &(0x7f0000001140)={[{@nodelalloc}, {@noblock_validity}, {@jqfmt_vfsv0}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x541, &(0x7f0000000bc0)="$eJzs3d1rXGkZAPDnTGey/Uh3suqFLriu7kq7aGeajbsbvFgriF4tiOt9jck0hE4yITPZbULA9C8QRFT0Sm+8EfwDBCl446UIBb0TFFYU0VQvBLVHzsyZJJvOTNLudCYfvx+cnvd8zfO807xnzsfLOQGcWS9GxI2IeJim6SsRUc7nF/IhtjtDtt6Dna35bEgiTd/+exJJPq/7WUk+vpRvdj4ivvaViG8mj8ZtbmzenqvXa2v5dLW1vFptbmxeW1qeW6wt1lZmZqZfn31j9rXZ60Op5+WIePNLf/7et3/65Td/+dl3/3Tzr1ezasdkvnx/PR5D9hUVB63QqXqp/V10ZRusPUGw46rYrmHuQq810jRNH6blfXPujiQzAAAOyg5gPxQRn4qIV6Ic5wYfzgIAAAAnUPqFyfhv0rlD08NEn/kAAADACVJo94FNCpW8L8BkFAqVSqcP70fiYqHeaLY+c6uxvrJw/4eTETEVpcKtpXrtet5XeCpKSTY93S7vTb96YHomIp6LiO+WL7SnK/ON+sK4L34AAADAGXHpwPn/v8qd838AAADglJnqFvaeUlUYVy4AAADA0zE17gQAAACAp875PwAAAJxqX33rrWxIu++/XnhnY/12451rC7Xm7cry+nxlvrG2WllsNBbbz+xbPuzz6o3G6udiZf1OtVVrtqrNjc2by431ldbNpfe9AhsAAAAYoec+ce/3SURsf/5Ce8hMjDspYCSKu6UkH/do/X98tjN+b0RJASNx7gjrvPfMCBIBRq447gSAsSmNOwFg7JJDlvftvPObfPzJ4eYDAAAM35WP9b//P/gdANteEQAnnEYMZ9eB+/9peVyJACPXvv9/1A6/DhbgVCkdqQcgcJp94Pv/h0rTx0oIAAAYusn2kBQq+eW9ySgUKpWIy+3XApSSW0v12vWIeDYiflcuPZNNT7e3TA49ZwAAAAAAAAAAAAAAAAAAAAAAAAAAOtI0iXSQGwOXAgAAACdAROEvya86z/K/Un558uD1gYnk3+1XAk9ExLs/evv7d+ZarbXpbP4/due3fpDPf3UcVzAAAACAg7rn6d3zeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpgc7W/MPdrbS/+xszY8y7t++GBFTu/HbQ2dJMc63x+ejFBEX/5lEcd92SUScG0L87bsR8dFe8ZMsrd2QveJfePrxYyr/FnrFvzSE+HCW3cv2Pzd6tb9CvNge925/xYj3TT+p/vu/2N3/nevT/i8fMcbz939e7Rv/bsTzxd77n278pE/8l6JwpPjf+PrmZr9l6Y8jrkTv+PtjVVvLq9Xmxua1peW5xdpibWVmZvr12TdmX5u9Xr21VK/l//aM8Z2P/+LhoPpf7BN/6pD6vzy42rs/D/+7f2fnw51iqVf8qy89Gv8Pv/5Jvsaj8Qv5b9+n83K2/Eq3vN0p7/fCz377wqD6L+zVv/Q4//9XB9d/zzAaCgAwNM2Nzdtz9Xpt7SQUSk+yVXYYdhySVxhKoTjMP9pvDTXDNE3TrE31WHQvIo7yOUkcl++5Pu49EwAAMGx7B/3jzgQAAAAAAAAAAAAAAAAAAADOriE+M2yi32P2Dsbc3i0lngwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwb/w8AAP//cZLeLA==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x420600, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc4}})
link(&(0x7f0000000200)='./file1\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000ac0)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="0213f803030000002cbd7000fddbdf25010018"], 0x18}}, 0x2000)
r4 = socket$netlink(0x10, 0x3, 0x9)
io_setup(0x2278, &(0x7f0000000180)=<r5=>0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
io_submit(r5, 0x1, &(0x7f0000000140)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r0, &(0x7f0000000100)="7f", 0x1, 0x1, 0x0, 0x2}])
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
pwrite64(r7, &(0x7f0000000200)="8716403e6ec4ffff35ec4b31c90e837919ab6da09f9b47261337ca49c221ecd6e3d30cfb6eb8c1fda6d135f3db07951ff345fb00490393872d7d86b7a3dc108dda75dc4a37c3f10b3eb74ea1ba806e3f3bb02744131ce1cbee6193c9c8200c92244fe1d21a7d0da5d95243e37a208e0bd8dfba2bcf37b72f0f1c35aecdd9f04edc1cd5", 0x83, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x60642, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x0, 0xc, &(0x7f0000001240)=ANY=[@ANYBLOB="18000000000000000000000000000000000000006ff508ecf16099accb29c436f7ec682459623b36c8b873bb063306f034cd0dabe1", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r11}, 0x10)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000003c0)=0x1)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
r12 = dup(0xffffffffffffffff)
ioctl$KDGKBDIACR(r12, 0x4b4a, &(0x7f0000000080)=""/4096)
syz_open_dev$tty1(0xc, 0x4, 0x1)

3m8.958187942s ago: executing program 0 (id=509):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x5, 0xc, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000480)=[@ioring_restriction_sqe_op={0x1, 0x1c}], 0x1)

3m7.907905399s ago: executing program 0 (id=523):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={<r3=>0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0xa, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1c2}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000940)={r3, 0x71, "d656c9a61490b7e8773ca55437fa234c0170c8cbe5ebdd2be903d0f2f3f293a2d3e634319f6d7dcb302630c303d4a221bfbab81b44ec802e71e4b6fa67419e237fb41a26ab414c0fd27d76681ccf3157022592a50678c9650900e2a1efbe8a053a764d669b12049aaf41f70dcfaac678ed"}, &(0x7f0000000200)=0x79)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000040)={[{@jqfmt_vfsold}]}, 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=")
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
socket$can_raw(0x1d, 0x3, 0x1)
r10 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r10, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r10, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000bc0)=ANY=[@ANYRES32=r11, @ANYRES32=r7, @ANYBLOB='&'], 0x10)

3m7.864763859s ago: executing program 32 (id=523):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={<r3=>0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0xa, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1c2}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000940)={r3, 0x71, "d656c9a61490b7e8773ca55437fa234c0170c8cbe5ebdd2be903d0f2f3f293a2d3e634319f6d7dcb302630c303d4a221bfbab81b44ec802e71e4b6fa67419e237fb41a26ab414c0fd27d76681ccf3157022592a50678c9650900e2a1efbe8a053a764d669b12049aaf41f70dcfaac678ed"}, &(0x7f0000000200)=0x79)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000040)={[{@jqfmt_vfsold}]}, 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=")
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
socket$can_raw(0x1d, 0x3, 0x1)
r10 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r10, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r10, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000bc0)=ANY=[@ANYRES32=r11, @ANYRES32=r7, @ANYBLOB='&'], 0x10)

1m52.893582164s ago: executing program 3 (id=1969):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000480)={0x0, 0x11, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000eeff120000000a0004007778616e3300000008001500", @ANYRES32=0x0, @ANYBLOB="080001"], 0x30}}, 0x0)

1m52.851786546s ago: executing program 3 (id=1970):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f0000075c1dbeab4470341a09b338f072f71db8d9bb044b80bcdc09d7da21bf3097b6a36cf0b2f1831d7bec0f8b01bac2cd3ccbf4e18267bb20a6d2904493ce78e4d6213c44abfbfe7f6731b285c76eb47a1e017512005e3c1a1aeb09435b2a081cac5441d1e2eca51f0f283026abe99c4096758d1c5f547808009b27afa9c7b34a3902e5d645eaa344759bfcfcf44d9eb11f350d239a0457411e0900000000000000f011e48fcd8a10f1729670f2d4f80000e4c54ce93c05111c740b96e8af99f5341430b7e07524731a0253d5cbfe94f39bda156e233615d8cc2e8d3b375f1e424ac48891b8b757a4288ca04f80abbbf3462d0faf31e5b37203ba8cfe6036a7d19588df1b8cd3d99893577adb870005f5e41e3adc48f07e32000000e0a2a08f32758b3bd004205087b7959011c804e8424b8b4068533eb873b924fd30d96b47f82a63f910331f1d3663f50a559df60d222fa8fdf196d318fac50833ba98cd22fb865bb5340b63161abb1f7ac419455cdd38c012b41002f95517860b776583f2429c4a71ea9b514c33e2a14030f7d13c186f6f47ac7fb19352cd438daae5aa16264a5b5429daa9b99a1edcd7bcf3f8d1a2dfa7f703cc070dcbe96b2f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key$user(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000180)="172f3f843bcc259a77a65a9aec4669913d7c8e719f", 0x15, 0xfffffffffffffffc)
add_key(&(0x7f00000001c0)='logon\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000280)="c8ca38d4cdb62f409d5c2ff89c75dc9e72847fbacb09fe2bdc32bd99ac54f81bad3d819d6d91a7c5fdbf3bf3e515afa1f1d94f1cfcaf", 0x36, 0xfffffffffffffffe)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000002c0), 0x90002, 0x0)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000300)=0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1000000000000ab1}, 0x18)
mount$9p_fd(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000340)={{0x2, 0x4e23, @empty}, {0x0, @link_local}, 0xa, {0x2, 0x0, @multicast2}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @multicast}, 0x4e, {}, 'lo\x00'})
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

1m52.801593536s ago: executing program 3 (id=1972):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000001340)=@raw={'raw\x00', 0x8, 0x3, 0x250, 0xb8, 0x11, 0x148, 0x0, 0x0, 0x1b8, 0x2a8, 0x2a8, 0x1b8, 0x2a8, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0xffffffff, 0xffffff00, 'veth1_macvtap\x00', 'wg1\x00', {0xff}, {0xff}, 0x1, 0x0, 0x40}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, '\x00', {0x2000000000000000}}}}, {{@ip={@multicast2, @empty, 0x0, 0xffff00, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
io_setup(0xfffffff8, &(0x7f0000000000))

1m52.456952621s ago: executing program 3 (id=1977):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESDEC=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
truncate(&(0x7f00000001c0)='./file2\x00', 0xaeb3)
write$binfmt_format(r1, &(0x7f0000000000)='1\x00', 0x2400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x8008551d, &(0x7f0000000140)=ANY=[@ANYBLOB='x\x00'])
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6}]}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@deltaction={0x14, 0x31, 0x100}, 0x14}}, 0x10)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r6, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
r8 = add_key$user(&(0x7f0000000500), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000600)="8e", 0x1, 0xffffffffffffffff)
r9 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r9, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000080)=@chain={'key_or_keyring:', r8})
keyctl$KEYCTL_MOVE(0x1e, r8, 0xffffffffffffffff, r9, 0x0)

1m51.989642379s ago: executing program 3 (id=1987):
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00"/11], 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=<r4=>0xffffffffffffffff, @ANYRES16=<r5=>0xffffffffffffffff], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x20000400)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000900)=ANY=[@ANYRESOCT=r5, @ANYRES16=0x0, @ANYRES8, @ANYBLOB="65488440b0e021aa3f2cafdbb681a310457fbcb873afd66127279956eb45dc4223607a3f2ed2c17ea5e4d8cb064deb9ba08c54e7457a1b3383d1bf579446da199728c760bed9f005d0f29ac33e2cac69f690757bbb57a35e49918a8e9fd6329f294f2184073c8560c5ed3f2ca671e92a70e69f20fd6970cfacd706e679b66f7a95579f2260c9a48c0cb6cf8eec2868d2e4f7332a612b2b6f2f36b5", @ANYRES64, @ANYRESHEX=r4, @ANYRESOCT], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYRES16=r7, @ANYRES32=r7, @ANYRES16=r6], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c09, @void, @value}, 0x94)
r8 = socket$netlink(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000002010101000000020000000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")

1m51.474501746s ago: executing program 3 (id=1990):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x2}, 0x18)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x13f, 0x9}}, 0x20)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = syz_io_uring_setup(0x6440, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x3, 0x0, 0xce})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

1m51.473857386s ago: executing program 33 (id=1990):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x2}, 0x18)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x13f, 0x9}}, 0x20)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = syz_io_uring_setup(0x6440, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x3, 0x0, 0xce})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

1m35.354532283s ago: executing program 6 (id=2222):
r0 = socket(0x11, 0x800000003, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
sendto$inet6(r1, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffffed7a00000800395032303030"], 0x15)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r3}, &(0x7f0000000380), &(0x7f0000000400)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000500))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x67)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r6}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r5, &(0x7f0000000040)=ANY=[], 0x6)

1m35.337194713s ago: executing program 6 (id=2223):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a4f1ff0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x28, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffff20, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x48)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@ipv6_delroute={0x3c, 0x19, 0x1, 0x70bd25, 0x25dfdbfc, {0xa, 0x0, 0x14, 0x0, 0x0, 0x3, 0xfe, 0x6, 0x700}, [@RTA_PRIORITY={0x8, 0x1e, 0x6}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @LWT_BPF_IN={0x14, 0x1, 0x0, 0x1, @LWT_BPF_PROG_NAME={0xd, 0x2, '(^\xdem\xaa\xad\xef\x00\x00'}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40015}, 0x804)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa5400008500000082000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='writeback_bdi_register\x00', r6}, 0x18)
setresgid(0x0, 0x0, 0xee00)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000300)='kmem_cache_free\x00', r5}, 0x18)
write$binfmt_misc(r0, &(0x7f0000001280), 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r7, &(0x7f00000007c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000006c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000000202010400000000000000000800084000000002080005400000000008000440000000020900060073797a30000000000a000b00512e39333100000000000000"], 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000100060000000077f2ab26850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a0104000002960700000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f"], 0x118}, 0x1, 0x0, 0x0, 0x20044800}, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000180)=ANY=[@ANYRES32=r8, @ANYRES32=r8, @ANYBLOB="2f000000f31f000004"], 0x20)

1m35.268348994s ago: executing program 6 (id=2226):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x20, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000bbf3cb2cd30000000000005357e40000831e9e7d68a11c474b41a5000000", @ANYRESOCT=r1, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x65, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$sysfs(0xffffff9c, 0x0, 0x0, 0x0)
r4 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e24, @local}, 0x10)
syz_clone(0xa00100, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0xffffffffffffff40, &(0x7f0000000200)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x24008044}, 0x2004c0cd)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x50}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
open(0x0, 0x400, 0x1ad)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2c, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000001900010000000000000000001c140000fe000001000000001400"], 0x30}}, 0x0)
close(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0x2000000000)
preadv(r3, 0x0, 0x0, 0x0, 0x0)
r7 = socket(0x10, 0x80003, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000140)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_ts_info})
write(r7, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
close_range(r7, 0xffffffffffffffff, 0x0)
sendmmsg(r0, &(0x7f0000002e80)=[{{&(0x7f0000000340)=@l2tp6={0xa, 0x500, 0xffff1685, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0x20000}, 0x80, 0x0}, 0x5b4}], 0x1, 0x0)

1m35.226157515s ago: executing program 6 (id=2228):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./mnt\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffb)
sendfile(r0, r0, 0x0, 0x800000009)
r1 = open(&(0x7f00000003c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
io_uring_setup(0x7d9a, &(0x7f0000000240)={0x0, 0xdf07, 0x2, 0x3, 0xcd})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000004000001d8500000007000000440000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0205000202000000000000eaffffff00"], 0x10}, 0x1, 0x7}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000100)='devpts\x00', 0x0, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IMADDTIMER(r6, 0x80044940, &(0x7f00000000c0)=0x32)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r7 = io_uring_setup(0x5f79, &(0x7f0000000540)={0x0, 0x6d33, 0x40, 0x1, 0x4000000})
syz_io_uring_setup(0x5ecc, &(0x7f0000000ac0)={0x0, 0x777e, 0x1024, 0x40, 0x103, 0x0, r7}, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10)

1m35.062465237s ago: executing program 6 (id=2232):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)

1m34.623894744s ago: executing program 6 (id=2241):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000040), &(0x7f00000001c0)}, 0x20)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000340)=@ccm_128={{0x304}, "00000600", "dde8316df468fcdb11c429b280ba4712", "3cdda162", "8b980610dfe75102"}, 0x28)
close_range(r1, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000c00)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4a0, 0xe8, 0x2d0, 0x0, 0xe8, 0x1e0, 0x408, 0x408, 0x408, 0x408, 0x408, 0x6, &(0x7f00000003c0), {[{{@ip={@rand_addr=0x64010100, @loopback, 0x0, 0xff, 'veth0_vlan\x00', 'netpci0\x00', {0xff}, {}, 0x4, 0x2, 0x22}, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xa}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x3, 0x6}}}, {{@uncond, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x22319a4e110afa89}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast, 0x261, 0x3, [0xa, 0x39, 0x24, 0x2, 0x1a, 0x2b, 0x26, 0x34, 0x1d, 0xa, 0xe, 0x1b, 0x36, 0x3a, 0x2a, 0x1d], 0x0, 0x6, 0xffffffffffffffff}}}, {{@ip={@loopback, @rand_addr=0x64010102, 0xff, 0x0, 'gretap0\x00', 'virt_wifi0\x00', {0xff}, {}, 0xda, 0x0, 0x4}, 0x0, 0xc0, 0xf0, 0x0, {}, [@common=@icmp={{0x28}, {0xc, "85c1", 0x1}}, @inet=@rpfilter={{0x28}, {0x3}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x1, 0x1000, @empty, 0x4e23}}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x21, 0x7, 0x1}}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x50a70cf2, 0x9, @remote, 0x4e24}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000006c0)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@initdev}, 0x0, @in6=@mcast1}}, &(0x7f00000005c0)=0xe8)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
lchown(&(0x7f00000000c0)='./file0/../file0\x00', r6, r7)
lchown(&(0x7f0000000440)='./file0\x00', r4, r7)
r8 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r8, 0x29, 0x22, &(0x7f0000000080)={{0xa, 0x0, 0x103, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}, {0xa, 0x0, 0x0, @dev, 0x20000}, 0x0, {[0x0, 0x6, 0x0, 0x0, 0x4, 0x1, 0x0, 0x100000]}}, 0x5c)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048801}, 0x10)

1m34.597131084s ago: executing program 34 (id=2241):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000040), &(0x7f00000001c0)}, 0x20)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000340)=@ccm_128={{0x304}, "00000600", "dde8316df468fcdb11c429b280ba4712", "3cdda162", "8b980610dfe75102"}, 0x28)
close_range(r1, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000c00)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4a0, 0xe8, 0x2d0, 0x0, 0xe8, 0x1e0, 0x408, 0x408, 0x408, 0x408, 0x408, 0x6, &(0x7f00000003c0), {[{{@ip={@rand_addr=0x64010100, @loopback, 0x0, 0xff, 'veth0_vlan\x00', 'netpci0\x00', {0xff}, {}, 0x4, 0x2, 0x22}, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xa}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x3, 0x6}}}, {{@uncond, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x22319a4e110afa89}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast, 0x261, 0x3, [0xa, 0x39, 0x24, 0x2, 0x1a, 0x2b, 0x26, 0x34, 0x1d, 0xa, 0xe, 0x1b, 0x36, 0x3a, 0x2a, 0x1d], 0x0, 0x6, 0xffffffffffffffff}}}, {{@ip={@loopback, @rand_addr=0x64010102, 0xff, 0x0, 'gretap0\x00', 'virt_wifi0\x00', {0xff}, {}, 0xda, 0x0, 0x4}, 0x0, 0xc0, 0xf0, 0x0, {}, [@common=@icmp={{0x28}, {0xc, "85c1", 0x1}}, @inet=@rpfilter={{0x28}, {0x3}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x1, 0x1000, @empty, 0x4e23}}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x21, 0x7, 0x1}}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x50a70cf2, 0x9, @remote, 0x4e24}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000006c0)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@initdev}, 0x0, @in6=@mcast1}}, &(0x7f00000005c0)=0xe8)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
lchown(&(0x7f00000000c0)='./file0/../file0\x00', r6, r7)
lchown(&(0x7f0000000440)='./file0\x00', r4, r7)
r8 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r8, 0x29, 0x22, &(0x7f0000000080)={{0xa, 0x0, 0x103, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}, {0xa, 0x0, 0x0, @dev, 0x20000}, 0x0, {[0x0, 0x6, 0x0, 0x0, 0x4, 0x1, 0x0, 0x100000]}}, 0x5c)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048801}, 0x10)

1.795870512s ago: executing program 2 (id=3867):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000c50000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc11a900e8d164a40, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22, 0x0, @rand_addr, 0x99f}, 0x1c)
connect$inet6(r2, &(0x7f0000000340)={0x2, 0x4e21, 0x0, @private2}, 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000080)="580000001500add427322b1f3b7fffffff81000e224e217f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71006000000ffffffffffffffffffe7ee000000000000000002000000000000000000", 0x58}], 0x4f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r4 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x46, @local, @mcast1, 0x10, 0x0, 0x6, 0x3}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})

1.704220953s ago: executing program 2 (id=3871):
syz_usb_connect$hid(0x2, 0x36, 0x0, 0x0)

1.249587711s ago: executing program 4 (id=3876):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000380), &(0x7f0000000400)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x67)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, 0x0, 0x6)

1.212908871s ago: executing program 4 (id=3878):
syz_emit_ethernet(0x3a, &(0x7f0000000500)={@link_local, @random="7222675fbe3c", @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}}}}, 0x0)
rename(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='./file1\x00')
recvmsg(0xffffffffffffffff, 0x0, 0x100e0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0006}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18ed1700006a68b622ae9c979af352ef"], &(0x7f0000001b80)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x82, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40042, 0x0)
fsync(r1)

1.196081661s ago: executing program 7 (id=3879):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00"/11], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x1c, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054)

1.174107862s ago: executing program 4 (id=3880):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=ANY=[@ANYBLOB="54010000100013070000000000000000ac1414bb000000000000000000000000b71414aa00004000"/63, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="7f00000100000000000000000000000000000000320000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000a000100000000000000000048000200656362286369706865725f6e756c6c29"], 0x154}}, 0x0)

1.129058772s ago: executing program 2 (id=3882):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000001c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
close(r0)

1.128583312s ago: executing program 4 (id=3883):
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
close_range(r0, 0xffffffffffffffff, 0x400000000000000)
r1 = socket$kcm(0x10, 0x0, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90124fc60100c034002560100053582c137153e370248078000f01700d1bd", 0x2e}], 0x1}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x3)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x0)
setresuid(0x0, r2, 0x0)
syz_clone(0xb0201100, 0x0, 0x0, 0x0, 0x0, 0x0)

1.100269623s ago: executing program 7 (id=3884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000440)={'netdevsim0\x00', &(0x7f00000005c0)=@ethtool_drvinfo={0x3, "60c0dabb5b1426c4d39d6ca8f9e9b04f2598c3e8ca765c99257ba3ec12b64f21", "56234d41007178f07ce6e42270fbe2024bcc1b66d284ba6d4e79b07e5a2f036d", "d2e79b3c2756637d6823684de723331b49fe227470a7a99cc515e59d4a895167", "1c3215327faa228e1192e65bb2df9f393360e736a386f1d3e71cb741a0d9d110", "fe52afb405057833d62bf514c5cd9a58d5d3b660635aa1122c07d848a5c2eea7", "6c769b011440607014421e85", 0xffffff48, 0x80000001, 0xe, 0x6, 0x9}})

1.084896683s ago: executing program 2 (id=3885):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f0000075c1dbeab4470341a09b338f072f71db8d9bb044b80bcdc09d7da21bf3097b6a36cf0b2f1831d7bec0f8b01bac2cd3ccbf4e18267bb20a6d2904493ce78e4d6213c44abfbfe7f6731b285c76eb47a1e017512005e3c1a1aeb09435b2a081cac5441d1e2eca51f0f283026abe99c4096758d1c5f547808009b27afa9c7b34a3902e5d645eaa344759bfcfcf44d9eb11f350d239a0457411e0900000000000000f011e48fcd8a10f1729670f2d4f80000e4c54ce93c05111c740b96e8af99f5341430b7e07524731a0253d5cbfe94f39bda156e233615d8cc2e8d3b375f1e424ac48891b8b757a4288ca04f80abbbf3462d0faf31e5b37203ba8cfe6036a7d19588df1b8cd3d99893577adb870005f5e41e3adc48f07e32000000e0a2a08f32758b3bd004205087b7959011c804e8424b8b4068533eb873b924fd30d96b47f82a63f910331f1d3663f50a559df60d222fa8fdf196d318fac50833ba98cd22fb865bb5340b63161abb1f7ac419455cdd38c012b41002f95517860b776583f2429c4a71ea9b514c33e2a14030f7d13c186f6f47ac7fb19352cd438daae5aa16264a5b5429daa9b99a1edcd7bcf3f8d1a2dfa7f703cc070dcbe96b2ffc931f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key$user(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000180)="172f3f843bcc259a77a65a9aec4669913d7c8e719f", 0x15, 0xfffffffffffffffc)
add_key(&(0x7f00000001c0)='logon\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000280)="c8ca38d4cdb62f409d5c2ff89c75dc9e72847fbacb09fe2bdc32bd99ac54f81bad3d819d6d91a7c5fdbf3bf3e515afa1f1d94f1cfcaf", 0x36, 0xfffffffffffffffe)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000002c0), 0x90002, 0x0)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000300)=0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r2}, 0x18)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1000000000000ab1}, 0x18)
mount$9p_fd(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000340)={{0x2, 0x4e23, @empty}, {0x0, @link_local}, 0xa, {0x2, 0x0, @multicast2}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @multicast}, 0x4e, {}, 'lo\x00'})
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

1.064053133s ago: executing program 7 (id=3886):
io_uring_setup(0x7d1, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_setup(0x9, &(0x7f0000000b80)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

967.914955ms ago: executing program 2 (id=3887):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002980)=@newtfilter={0x89c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x86c, 0x2, [@TCA_FLOW_POLICE={0x868, 0xa, 0x0, 0x1, [@TCA_POLICE_RATE64={0xc, 0x8, 0x2}, @TCA_POLICE_RATE={0x404, 0x2, [0x100, 0x9, 0xffff0492, 0xfffffff8, 0xb, 0x1, 0x100, 0x6, 0x40, 0xdf25, 0xb, 0x4, 0x0, 0x7fff, 0xf67, 0x1, 0x0, 0x6, 0x4, 0x8, 0x3, 0xe82, 0xc, 0x6, 0xffff, 0x9, 0x10, 0x5, 0xe64, 0x5, 0x7, 0x8, 0x5, 0x1a501625, 0x95b, 0x568, 0x5, 0x0, 0x9, 0x1ff, 0xd4e8, 0x3bd, 0x5, 0xb, 0x3, 0x100, 0x81, 0xffffffff, 0x8000, 0x1, 0xdf1, 0x8, 0x22a3, 0x46d, 0x8000, 0x4, 0x7, 0x9aa, 0x3, 0x6, 0x8, 0x1ff, 0x2, 0x78, 0x2, 0x1, 0x3, 0x2, 0xffffffff, 0x4b0, 0x10000, 0x6, 0xfffffff5, 0x6190, 0x0, 0x7, 0x1, 0xf1ba, 0x7e46a352, 0x3, 0x62, 0xfff, 0x4, 0x6, 0x8, 0x101, 0x8, 0x9, 0xea2, 0x5, 0x10001, 0x10b, 0x2, 0x2, 0x735aa827, 0x0, 0xe3, 0x7ff, 0xcaa, 0x3, 0x90, 0x10, 0xbbc2, 0x5, 0x8, 0x5, 0x100, 0x10001, 0xbb49, 0x8001, 0x1, 0x9d6, 0x1, 0x16000000, 0xffff, 0xfffffffc, 0xc, 0x80000000, 0x4, 0x401, 0x0, 0x8, 0x6, 0x6, 0x2e11, 0x8000, 0xee, 0xa, 0x2, 0x8, 0x9, 0x0, 0xf, 0x7, 0x0, 0xfffffffa, 0x1, 0x0, 0x0, 0x8004, 0xd825, 0x10e, 0x4, 0x0, 0xef, 0x30000, 0x456fe48d, 0x80000000, 0x781b, 0x101, 0x8, 0x40, 0x8, 0x5, 0x6, 0xffffff01, 0xede, 0x7, 0x7b, 0x401, 0x7, 0xf, 0x4, 0x1000, 0x2, 0x5, 0xa1, 0xff, 0x10, 0x7fff, 0x8, 0x4, 0x0, 0xfffffff7, 0xa, 0x1, 0x4, 0xfffffffc, 0x2, 0x2, 0x2, 0x6, 0x8, 0x5, 0x2, 0x591, 0x0, 0x1, 0x7, 0xa542f845, 0x5, 0x4, 0x9, 0xfffffffa, 0xa, 0x4, 0x5, 0x10000, 0x0, 0x3ff, 0x6, 0x0, 0x5, 0x5, 0xe, 0x6, 0xb, 0x2, 0x8, 0x9, 0x4, 0x80, 0xb6, 0x81, 0x3b, 0x8f, 0x5, 0x10000000, 0xfffffffe, 0xc, 0x9, 0xffff, 0x34c0, 0xf547, 0x5, 0xe9a3, 0xff, 0x1000, 0x9, 0x4, 0x6, 0x81, 0x7, 0xfff, 0x93b1, 0x8, 0xffffff37, 0x5d74, 0x7, 0x3, 0x20, 0x7fff, 0x6db, 0x8, 0x8, 0xe, 0xff80, 0x800, 0x4b, 0x4, 0x9, 0x4, 0xdca9, 0x4, 0x3, 0x80]}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7, 0x7fffffff, 0xffff, 0x5, 0x69, 0x13, 0xfff, 0xb, 0x6, 0xff, 0x6, 0x6, 0x3, 0x7, 0x9, 0x8, 0x9, 0x43, 0x77fc, 0x2, 0x1, 0x80000001, 0x8001, 0x69, 0x6, 0x708bea95, 0x3, 0x3, 0x67000000, 0x1ff, 0x9, 0x7fff, 0x4, 0x9, 0x1def, 0x0, 0x1ff, 0xdc58, 0x6, 0x80000001, 0x4, 0x1, 0x7, 0x2, 0x5, 0xa, 0x80000000, 0x6ee, 0x3, 0x4, 0x100, 0x80000000, 0x6, 0x9, 0xffffe33e, 0x69c8, 0xb6, 0x8, 0x3, 0xa0, 0x9, 0x1ad, 0x2483, 0x1, 0x3, 0x992e, 0x3, 0x3ff, 0x81, 0xac, 0x0, 0x9f, 0x1000, 0x7f, 0x8, 0x9, 0x2, 0x6, 0x3, 0x7, 0xd, 0x2, 0x1, 0xfffffff9, 0xfffffe00, 0x2, 0x0, 0x9, 0x0, 0xf, 0x7, 0x10, 0x3, 0x80000c7e, 0x0, 0x9, 0x4, 0x6, 0x9, 0x69e0, 0xff800, 0x1048, 0xb54, 0x10001, 0x80, 0xddcc, 0x8, 0x7f, 0x7ff, 0x8, 0x6, 0x6, 0xe8, 0x2, 0xffffffff, 0x0, 0xfffff001, 0x7, 0xaec, 0x0, 0x5, 0x2ae, 0x3, 0x40, 0x160c000, 0x7, 0xfce, 0x6, 0xe56, 0x7ff, 0x3, 0xf6, 0xa, 0x3, 0x7, 0x10001, 0x3ff, 0x7, 0x2, 0xfffffff8, 0x8, 0x9, 0x0, 0x1000, 0xfffffff8, 0x8, 0x7ff, 0x7, 0x8, 0x9, 0x7, 0x1, 0x79, 0x6, 0x100, 0x56, 0x5, 0x1, 0x6, 0x82, 0x1, 0x8, 0x400, 0x1, 0x1, 0x0, 0x8, 0x2, 0xffff, 0x0, 0x7, 0x2, 0x8, 0xe09, 0x7, 0x18fca8aa, 0xd6d, 0x1600000, 0x0, 0x4, 0x3, 0x7, 0x7fff, 0x10000, 0x7, 0x8, 0x400, 0x31, 0x0, 0x4, 0x2, 0x1, 0x8, 0x7, 0x10001, 0x4, 0x0, 0xa, 0xfff, 0x8, 0x8, 0x1, 0x3, 0xfffffffd, 0x5, 0x4, 0x1ff, 0x639, 0x1ff, 0x5, 0x2, 0xe, 0x1e41, 0x8, 0x800, 0xfff, 0xdc2, 0x3, 0xffffffff, 0x80000000, 0x5, 0x9, 0x4, 0x4, 0x4, 0x3, 0x1, 0x6, 0x1, 0x4, 0xd, 0xa, 0x5a6, 0x1, 0xc, 0xb, 0x8, 0x6, 0x8, 0x4, 0x8, 0x8, 0x3, 0x276, 0x5, 0xef7, 0x8, 0x5, 0x4, 0x1, 0x7, 0x1, 0x91, 0x7, 0x8, 0x67]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffff9, 0x1, 0xcc, 0x4, 0x5, {0x6, 0x2, 0x12, 0x7, 0xffbf, 0x7}, {0x3, 0x0, 0x6, 0x8, 0xf9, 0x7}, 0xfff, 0x5, 0x2}}]}]}}]}, 0x89c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

950.471295ms ago: executing program 4 (id=3888):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000380), &(0x7f0000000400)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x67)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, 0x0, 0x6)

897.891266ms ago: executing program 7 (id=3890):
syz_emit_ethernet(0x3a, &(0x7f0000000500)={@link_local, @random="7222675fbe3c", @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}}}}, 0x0)
rename(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='./file1\x00')
recvmsg(0xffffffffffffffff, 0x0, 0x100e0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0006}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18ed1700006a68b622ae9c979af352ef"], &(0x7f0000001b80)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x82, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40042, 0x0)
fsync(r1)

871.328756ms ago: executing program 7 (id=3891):
setresuid(0xee00, 0x0, 0x0)
ioprio_set$uid(0x3, 0xee00, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000100001000044d900000000000000000a20000000000a03000000000060000000070000000900010073797a300000000070000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d2c001280140001800c000100636f756e7465720004000280140000800900019a6c617374000000000400028008000340000001", @ANYRES32=r0], 0xb8}, 0x1, 0x0, 0x0, 0x81}, 0x54800)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001480)=ANY=[@ANYBLOB="2cc8bef3e02958fb5846e83eb96449d03a3f1478115be1496611eaf3104995521ced1c2cbeb4694fe5bbf3ddcc6206e138b480a135c0b9d195aeb5e8f668978dae5b85a91ea85f37059b2921545956856a991ef22c6a51ebcaff241b99e3b25f5cb46dae4398b2c3b1c86cd827b1912040184573653622bda0926fd9daa0763bb6be517ef675223c8ad03e83a1e97f7b86bf39d237c77b0b4ba3c3ee1f91a81b58a2fbc13e77be1117f657fdfc2cf16d4b61c3ac16b3b24a8dded42b2b8060e51e8ce2361c2720ffe653a90bd9d294100e81e4e6b546e21b0a733e003511af90273482d75f1afba1e986332282e92a085a430d568b"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x8000}, 0x18)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
ioctl$KDSKBENT(r3, 0x4b47, &(0x7f00000001c0)={0x88, 0x9})
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000240))
r4 = socket$pptp(0x18, 0x1, 0x2)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000580)=ANY=[], 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001ac0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
fcntl$notify(0xffffffffffffffff, 0x402, 0x4)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r7, 0x402, 0xd)
close_range(r4, 0xffffffffffffffff, 0x0)

840.022187ms ago: executing program 4 (id=3892):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

811.234857ms ago: executing program 2 (id=3893):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x41}, 0x3}}, 0x10)
listen(r0, 0x0)
accept4(r0, 0x0, 0x0, 0x80000)

810.691037ms ago: executing program 5 (id=3894):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000940)={0x0, 0x63, "d656c9a61490b7e8773ca55437fa234c0170c8cbe5ebdd2be903d0f2f3f293a2d3e634319f6d7dcb302630c303d4a221bfbab81b44ec802e71e4b6fa67419e237fb41a26ab414c0fd27d76681ccf3157022592a50678c9650900e2a1efbe8a053a764d"}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd21142"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000040)={[{@jqfmt_vfsold}]}, 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=")
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
socket$can_raw(0x1d, 0x3, 0x1)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000bc0)=ANY=[@ANYRES32=r9, @ANYRES32=r6, @ANYBLOB='&'], 0x10)

657.549759ms ago: executing program 1 (id=3897):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f0000075c1dbeab4470341a09b338f072f71db8d9bb044b80bcdc09d7da21bf3097b6a36cf0b2f1831d7bec0f8b01bac2cd3ccbf4e18267bb20a6d2904493ce78e4d6213c44abfbfe7f6731b285c76eb47a1e017512005e3c1a1aeb09435b2a081cac5441d1e2eca51f0f283026abe99c4096758d1c5f547808009b27afa9c7b34a3902e5d645eaa344759bfcfcf44d9eb11f350d239a0457411e0900000000000000f011e48fcd8a10f1729670f2d4f80000e4c54ce93c05111c740b96e8af99f5341430b7e07524731a0253d5cbfe94f39bda156e233615d8cc2e8d3b375f1e424ac48891b8b757a4288ca04f80abbbf3462d0faf31e5b37203ba8cfe6036a7d19588df1b8cd3d99893577adb870005f5e41e3adc48f07e32000000e0a2a08f32758b3bd004205087b7959011c804e8424b8b4068533eb873b924fd30d96b47f82a63f910331f1d3663f50a559df60d222fa8fdf196d318fac50833ba98cd22fb865bb5340b63161abb1f7ac419455cdd38c012b41002f95517860b776583f2429c4a71ea9b514c33e2a14030f7d13c186f6f47ac7fb19352cd438daae5aa16264a5b5429daa9b99a1edcd7bcf3f8d1a2dfa7f703cc070dcbe96b2ffc931f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key$user(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000180)="172f3f843bcc259a77a65a9aec4669913d7c8e719f", 0x15, 0xfffffffffffffffc)
add_key(&(0x7f00000001c0)='logon\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000280)="c8ca38d4cdb62f409d5c2ff89c75dc9e72847fbacb09fe2bdc32bd99ac54f81bad3d819d6d91a7c5fdbf3bf3e515afa1f1d94f1cfcaf", 0x36, 0xfffffffffffffffe)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000002c0), 0x90002, 0x0)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000300)=0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r2}, 0x18)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1000000000000ab1}, 0x18)
mount$9p_fd(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000340)={{0x2, 0x4e23, @empty}, {0x0, @link_local}, 0xa, {0x2, 0x0, @multicast2}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @multicast}, 0x4e, {}, 'lo\x00'})
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

613.92081ms ago: executing program 1 (id=3898):
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
close_range(r0, 0xffffffffffffffff, 0x400000000000000)
r1 = socket$kcm(0x10, 0x0, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90124fc60100c034002560100053582c137153e370248078000f01700d1bd", 0x2e}], 0x1}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x0)
setresuid(0x0, r2, 0x0)
syz_clone(0xb0201100, 0x0, 0x0, 0x0, 0x0, 0x0)

580.68121ms ago: executing program 1 (id=3899):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6c"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getrlimit(0x0, &(0x7f0000000500))
socket$tipc(0x1e, 0x2, 0x0)

544.181041ms ago: executing program 1 (id=3900):
io_uring_setup(0x7d1, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_setup(0x9, &(0x7f0000000b80)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

318.774414ms ago: executing program 5 (id=3901):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x13, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f0000000180))

270.551865ms ago: executing program 5 (id=3902):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000380), &(0x7f0000000400)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x67)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, 0x0, 0x6)

253.523146ms ago: executing program 5 (id=3903):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000c80)='kfree\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdf})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x0, 0x0, 0xfcffffff, 0xe33, 0x4000000, 0x1, 0x0, 0x0, 0x3})

200.175236ms ago: executing program 5 (id=3904):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002980)=@newtfilter={0x89c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x86c, 0x2, [@TCA_FLOW_POLICE={0x868, 0xa, 0x0, 0x1, [@TCA_POLICE_RATE64={0xc, 0x8, 0x2}, @TCA_POLICE_RATE={0x404, 0x2, [0x100, 0x9, 0xffff0492, 0xfffffff8, 0xb, 0x1, 0x100, 0x6, 0x40, 0xdf25, 0xb, 0x4, 0x0, 0x7fff, 0xf67, 0x1, 0x0, 0x6, 0x4, 0x8, 0x3, 0xe82, 0xc, 0x6, 0xffff, 0x9, 0x10, 0x5, 0xe64, 0x5, 0x7, 0x8, 0x5, 0x1a501625, 0x95b, 0x568, 0x5, 0x0, 0x9, 0x1ff, 0xd4e8, 0x3bd, 0x5, 0xb, 0x3, 0x100, 0x81, 0xffffffff, 0x8000, 0x1, 0xdf1, 0x8, 0x22a3, 0x46d, 0x8000, 0x4, 0x7, 0x9aa, 0x3, 0x6, 0x8, 0x1ff, 0x2, 0x78, 0x2, 0x1, 0x3, 0x2, 0xffffffff, 0x4b0, 0x10000, 0x6, 0xfffffff5, 0x6190, 0x0, 0x7, 0x1, 0xf1ba, 0x7e46a352, 0x3, 0x62, 0xfff, 0x4, 0x6, 0x8, 0x101, 0x8, 0x9, 0xea2, 0x5, 0x10001, 0x10b, 0x2, 0x2, 0x735aa827, 0x0, 0xe3, 0x7ff, 0xcaa, 0x3, 0x90, 0x10, 0xbbc2, 0x5, 0x8, 0x5, 0x100, 0x10001, 0xbb49, 0x8001, 0x1, 0x9d6, 0x1, 0x16000000, 0xffff, 0xfffffffc, 0xc, 0x80000000, 0x4, 0x401, 0x0, 0x8, 0x6, 0x6, 0x2e11, 0x8000, 0xee, 0xa, 0x2, 0x8, 0x9, 0x0, 0xf, 0x7, 0x0, 0xfffffffa, 0x1, 0x0, 0x0, 0x8004, 0xd825, 0x10e, 0x4, 0x0, 0xef, 0x30000, 0x456fe48d, 0x80000000, 0x781b, 0x101, 0x8, 0x40, 0x8, 0x5, 0x6, 0xffffff01, 0xede, 0x7, 0x7b, 0x401, 0x7, 0xf, 0x4, 0x1000, 0x2, 0x5, 0xa1, 0xff, 0x10, 0x7fff, 0x8, 0x4, 0x0, 0xfffffff7, 0xa, 0x1, 0x4, 0xfffffffc, 0x2, 0x2, 0x2, 0x6, 0x8, 0x5, 0x2, 0x591, 0x0, 0x1, 0x7, 0xa542f845, 0x5, 0x4, 0x9, 0xfffffffa, 0xa, 0x4, 0x5, 0x10000, 0x0, 0x3ff, 0x6, 0x0, 0x5, 0x5, 0xe, 0x6, 0xb, 0x2, 0x8, 0x9, 0x4, 0x80, 0xb6, 0x81, 0x3b, 0x8f, 0x5, 0x10000000, 0xfffffffe, 0xc, 0x9, 0xffff, 0x34c0, 0xf547, 0x5, 0xe9a3, 0xff, 0x1000, 0x9, 0x4, 0x6, 0x81, 0x7, 0xfff, 0x93b1, 0x8, 0xffffff37, 0x5d74, 0x7, 0x3, 0x20, 0x7fff, 0x6db, 0x8, 0x8, 0xe, 0xff80, 0x800, 0x4b, 0x4, 0x9, 0x4, 0xdca9, 0x4, 0x3, 0x80]}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7, 0x7fffffff, 0xffff, 0x5, 0x69, 0x13, 0xfff, 0xb, 0x6, 0xff, 0x6, 0x6, 0x3, 0x7, 0x9, 0x8, 0x9, 0x43, 0x77fc, 0x2, 0x1, 0x80000001, 0x8001, 0x69, 0x6, 0x708bea95, 0x3, 0x3, 0x67000000, 0x1ff, 0x9, 0x7fff, 0x4, 0x9, 0x1def, 0x0, 0x1ff, 0xdc58, 0x6, 0x80000001, 0x4, 0x1, 0x7, 0x2, 0x5, 0xa, 0x80000000, 0x6ee, 0x3, 0x4, 0x100, 0x80000000, 0x6, 0x9, 0xffffe33e, 0x69c8, 0xb6, 0x8, 0x3, 0xa0, 0x9, 0x1ad, 0x2483, 0x1, 0x3, 0x992e, 0x3, 0x3ff, 0x81, 0xac, 0x0, 0x9f, 0x1000, 0x7f, 0x8, 0x9, 0x2, 0x6, 0x3, 0x7, 0xd, 0x2, 0x1, 0xfffffff9, 0xfffffe00, 0x2, 0x0, 0x9, 0x0, 0xf, 0x7, 0x10, 0x3, 0x80000c7e, 0x0, 0x9, 0x4, 0x6, 0x9, 0x69e0, 0xff800, 0x1048, 0xb54, 0x10001, 0x80, 0xddcc, 0x8, 0x7f, 0x7ff, 0x8, 0x6, 0x6, 0xe8, 0x2, 0xffffffff, 0x0, 0xfffff001, 0x7, 0xaec, 0x0, 0x5, 0x2ae, 0x3, 0x40, 0x160c000, 0x7, 0xfce, 0x6, 0xe56, 0x7ff, 0x3, 0xf6, 0xa, 0x3, 0x7, 0x10001, 0x3ff, 0x7, 0x2, 0xfffffff8, 0x8, 0x9, 0x0, 0x1000, 0xfffffff8, 0x8, 0x7ff, 0x7, 0x8, 0x9, 0x7, 0x1, 0x79, 0x6, 0x100, 0x56, 0x5, 0x1, 0x6, 0x82, 0x1, 0x8, 0x400, 0x1, 0x1, 0x0, 0x8, 0x2, 0xffff, 0x0, 0x7, 0x2, 0x8, 0xe09, 0x7, 0x18fca8aa, 0xd6d, 0x1600000, 0x0, 0x4, 0x3, 0x7, 0x7fff, 0x10000, 0x7, 0x8, 0x400, 0x31, 0x0, 0x4, 0x2, 0x1, 0x8, 0x7, 0x10001, 0x4, 0x0, 0xa, 0xfff, 0x8, 0x8, 0x1, 0x3, 0xfffffffd, 0x5, 0x4, 0x1ff, 0x639, 0x1ff, 0x5, 0x2, 0xe, 0x1e41, 0x8, 0x800, 0xfff, 0xdc2, 0x3, 0xffffffff, 0x80000000, 0x5, 0x9, 0x4, 0x4, 0x4, 0x3, 0x1, 0x6, 0x1, 0x4, 0xd, 0xa, 0x5a6, 0x1, 0xc, 0xb, 0x8, 0x6, 0x8, 0x4, 0x8, 0x8, 0x3, 0x276, 0x5, 0xef7, 0x8, 0x5, 0x4, 0x1, 0x7, 0x1, 0x91, 0x7, 0x8, 0x67]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffff9, 0x1, 0xcc, 0x4, 0x5, {0x6, 0x2, 0x12, 0x7, 0xffbf, 0x7}, {0x3, 0x0, 0x6, 0x8, 0xf9, 0x7}, 0xfff, 0x5, 0x2}}]}]}}]}, 0x89c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

199.761756ms ago: executing program 7 (id=3905):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x41}, 0x3}}, 0x10)
listen(r3, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0)
close(0xffffffffffffffff)
accept4(r3, 0x0, 0x0, 0x80000)

98.509418ms ago: executing program 5 (id=3906):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e0, &(0x7f0000001200)="$eJzs3c9vVNUeAPDvmf6gpbzXQl7ee7iQJsZAorS0gCHGBWyNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJo45k7nlk57p6Wl7a3czycZeu49cznndvqdc+6Zc+4EUFmD2T+1iP0RMZ0i+tP8Yl5nNDMHF553/48Pz2SPFPX6q7+lSM19+fNT82df8+CeiPjh+xT7OlaWOzN39cL41NTkleb28OzF6eGZuauHz18cPzd5bvLS6HOjJ44fO35i5MiGzuva8h29EXHjnff6Px574+sv/0wj3/w8luJkvNh84tLz2CyDMdj4naSVWX0nNruwknQ0/06WvsSps8QKsS7569cVEf+L/uiIBy9ef3z0cqmVA7ZUPUXUgYpK4h8qKu8H5Nf2y6+Da6X0SoDtcO/UwgDAyvjvXBgbjJ7G2MDu+ymWDuukiNjYyFyrPRFx5/bYjbO3x27EFo3DAcXmr0fE/4viPzXifyB6YqAR/7WW+M/6BaebP7P9r2yw/OVDxeIfts9C/PesGv/RJv7fXBL/b22w/MEHybd7W+K/d6OnBAAAAAAAAJV161REPFv0+X9tcf5PFMz/6YuIk5tQ/uCy7ZWf/9fubkIxQIF7pyJeKJz/W8tn/w50NFP/aswH6Epnz09NHomIf0fEoejalW2PrFLG4U/2fdEub7A5/y9/ZOXfac4FbNbjbueu1mMmxmfHH/W8gYh71yOeKJz/mxbb/1TQ/mfvB9MPWca+p2+ebpe3dvwDW6X+VcTBwvb/wV0r0ur35xhu9AeG817BSk9+8Om37crfaPy7xQQ8uqz93716/A+kpffrmVl/GUfnOuvt8jba/+9OrzVuOdPd3Pf++OzslZGI7vRSR7a3Zf/o+usMj6M8HvJ4yeL/0FOrj/8V9f97I2J+2f+dfm9dU5z77199v7Srj/4/lCeL/4l1tf/rT4zeHPiuXfkP1/4fa7T1hxY/jQjjfxARn+dh2t26vyAcO4uytru+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA4qEXEnki1ocV0rTY0FNEXEf+J3bWpyzOzz5y9/O6liSyv8f3/tfybfvsXtlP+/f8DS7ZHl20fjYi9EfFZR29je+jM5amJsk8eAAAAAAAAAAAAAAAAAAAAdoi+Nuv/M792lF07YMt1ll0BoDQF8f9jGfUAtp/2H6pL/EN1iX+oLvEP1SX+obrEP1SX+IfqEv8AAAAAAPBY2Xvg1k8pIuaf7208Mt3NvK5SawZstVrZFQBK4xY/UF2m/kB1ucYH0hr5PW0PWuvI1UyfeYSDAQAAAAAAAAAAAKByDu63/h+qyvp/qC7r/6G68vX/B0quB7D9XOMDscZK/sL1/2seBQAAAAAAAAAAAABsppm5qxfGp6Ymr0i8vjOqsZ2Jer1+Lfsr2Cn1+Ycn8qnwO6U+yxL5Wr+HO6q89yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDV3wEAAP//o1kjUQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b70300000000002085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)

37.754539ms ago: executing program 1 (id=3907):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x13, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f0000000180))

0s ago: executing program 1 (id=3908):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f0000075c1dbeab4470341a09b338f072f71db8d9bb044b80bcdc09d7da21bf3097b6a36cf0b2f1831d7bec0f8b01bac2cd3ccbf4e18267bb20a6d2904493ce78e4d6213c44abfbfe7f6731b285c76eb47a1e017512005e3c1a1aeb09435b2a081cac5441d1e2eca51f0f283026abe99c4096758d1c5f547808009b27afa9c7b34a3902e5d645eaa344759bfcfcf44d9eb11f350d239a0457411e0900000000000000f011e48fcd8a10f1729670f2d4f80000e4c54ce93c05111c740b96e8af99f5341430b7e07524731a0253d5cbfe94f39bda156e233615d8cc2e8d3b375f1e424ac48891b8b757a4288ca04f80abbbf3462d0faf31e5b37203ba8cfe6036a7d19588df1b8cd3d99893577adb870005f5e41e3adc48f07e32000000e0a2a08f32758b3bd004205087b7959011c804e8424b8b4068533eb873b924fd30d96b47f82a63f910331f1d3663f50a559df60d222fa8fdf196d318fac50833ba98cd22fb865bb5340b63161abb1f7ac419455cdd38c012b41002f95517860b776583f2429c4a71ea9b514c33e2a14030f7d13c186f6f47ac7fb19352cd438daae5aa16264a5b5429daa9b99a1edcd7bcf3f8d1a2dfa7f703cc070dcbe96b2ffc931f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key$user(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000180)="172f3f843bcc259a77a65a9aec4669913d7c8e719f", 0x15, 0xfffffffffffffffc)
add_key(&(0x7f00000001c0)='logon\x00', &(0x7f0000000200)={'syz', 0x0}, &(0x7f0000000280)="c8ca38d4cdb62f409d5c2ff89c75dc9e72847fbacb09fe2bdc32bd99ac54f81bad3d819d6d91a7c5fdbf3bf3e515afa1f1d94f1cfcaf", 0x36, 0xfffffffffffffffe)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000002c0), 0x90002, 0x0)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000300)=0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r2}, 0x18)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1000000000000ab1}, 0x18)
mount$9p_fd(0x0, 0x0, &(0x7f0000000140), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000340)={{0x2, 0x4e23, @empty}, {0x0, @link_local}, 0xa, {0x2, 0x0, @multicast2}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @multicast}, 0x4e, {}, 'lo\x00'})
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

kernel console output (not intermixed with test programs):

81 - 0
[  226.384833][T13504] netlink: 'syz.1.3066': attribute type 10 has an invalid length.
[  226.392830][T13504] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3066'.
[  226.441132][T13504] team0: Failed to send port change of device geneve1 via netlink (err -105)
[  226.450393][T13504] team0: Failed to send options change via netlink (err -105)
[  226.457898][T13504] team0: Port device geneve1 added
[  226.504616][T13485] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3061: bg 0: block 345: padding at end of block bitmap is not set
[  226.519933][T13485] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  226.532622][T13485] EXT4-fs (loop7): This should not happen!! Data will be lost
[  226.532622][T13485] 
[  226.594586][T13519] loop4: detected capacity change from 0 to 1024
[  226.602123][T13519] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  226.615260][T13521] loop5: detected capacity change from 0 to 164
[  226.621767][T13519] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  226.629845][T13519] EXT4-fs (loop4): orphan cleanup on readonly fs
[  226.629955][T13521] Unable to read rock-ridge attributes
[  226.643167][T13519] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  226.645754][T13521] Unable to read rock-ridge attributes
[  226.654052][T13519] EXT4-fs (loop4): Remounting filesystem read-only
[  226.671534][T13519] EXT4-fs (loop4): 1 orphan inode deleted
[  226.678017][T13519] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  226.690247][T13519] SELinux: (dev loop4, type ext4) getxattr errno 5
[  226.690522][   T31] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  226.698018][T13519] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.709499][   T31] EXT4-fs (loop7): This should not happen!! Data will be lost
[  226.709499][   T31] 
[  226.735941][   T31] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  226.748892][   T31] EXT4-fs (loop7): This should not happen!! Data will be lost
[  226.748892][   T31] 
[  226.758546][   T31] EXT4-fs (loop7): Total free blocks count 0
[  226.764689][   T31] EXT4-fs (loop7): Free/Dirty block details
[  226.770643][   T31] EXT4-fs (loop7): free_blocks=0
[  226.811297][T13531] netlink: 'syz.5.3083': attribute type 4 has an invalid length.
[  226.881101][T13537] loop4: detected capacity change from 0 to 512
[  226.896976][T13537] ext4: Unknown parameter 'smackfshat'
[  226.924701][T13537] loop4: detected capacity change from 0 to 1024
[  226.969516][T13491] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.984191][T13537] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.997525][T13537] ext4 filesystem being mounted at /572/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  227.012967][T13537] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 393: padding at end of block bitmap is not set
[  227.029636][T13537] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  227.042211][T13537] EXT4-fs (loop4): This should not happen!! Data will be lost
[  227.042211][T13537] 
[  227.054283][T13548] loop7: detected capacity change from 0 to 1024
[  227.064276][T13491] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.079320][T13548] EXT4-fs error (device loop7): ext4_orphan_get:1415: comm syz.7.3089: bad orphan inode 2304
[  227.092483][T13548] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.108267][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.175691][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.191360][T13491] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.269814][T13491] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.299501][T13491] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.324124][T13491] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.350553][T13491] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.496830][T13557] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3091'.
[  227.522888][T13557] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3091'.
[  227.540912][T13557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  227.549440][T13557] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  227.574669][T13569] hub 9-0:1.0: USB hub found
[  227.579515][T13569] hub 9-0:1.0: 8 ports detected
[  227.589273][T13569] loop7: detected capacity change from 0 to 164
[  227.599342][T13569] iso9660: Unknown parameter ''
[  227.667924][T13574] SELinux:  Context system_u:object_r:udev_exec_t:s0 is not valid (left unmapped).
[  227.725133][T13578] 9pnet_fd: Insufficient options for proto=fd
[  227.912772][T13584] usb usb8: usbfs: process 13584 (syz.5.3102) did not claim interface 0 before use
[  227.933979][T13584] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  228.028505][T13588] loop5: detected capacity change from 0 to 1024
[  228.052431][T13588] EXT4-fs error (device loop5): ext4_orphan_get:1415: comm syz.5.3104: bad orphan inode 2304
[  228.075076][T13588] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.153566][ T5076] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.198567][T13593] loop5: detected capacity change from 0 to 512
[  228.248661][T13593] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.272769][T13593] ext4 filesystem being mounted at /507/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  228.356107][ T5076] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.366643][T13603] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3108'.
[  228.405476][T13607] loop5: detected capacity change from 0 to 128
[  228.481590][T13611] loop5: detected capacity change from 0 to 1024
[  228.520491][T13611] EXT4-fs error (device loop5): ext4_orphan_get:1415: comm syz.5.3112: bad orphan inode 2304
[  228.560196][T13611] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.582912][T13618] loop4: detected capacity change from 0 to 128
[  228.606002][T13618] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  228.642767][T13618] ext4 filesystem being mounted at /578/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.678435][T13618] dccp_invalid_packet: P.type (RESPONSE) not Data || [Data]Ack, while P.X == 0
[  228.796943][ T3301] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  228.857283][T13629] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3120'.
[  228.996589][T13637] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3121'.
[  229.315599][T13648] usb usb8: usbfs: process 13648 (syz.7.3126) did not claim interface 0 before use
[  229.325297][T13648] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  229.523321][ T5076] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.555382][T13660] loop7: detected capacity change from 0 to 2048
[  229.585123][T13660] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.615276][T13662] netlink: 'syz.5.3132': attribute type 4 has an invalid length.
[  229.623687][T13660] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3131'.
[  229.785024][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.844785][T13676] usb usb8: usbfs: process 13676 (syz.2.3137) did not claim interface 0 before use
[  229.869463][T13676] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  229.892140][T13673] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3136'.
[  229.901320][T13673] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3136'.
[  229.912870][T13680] loop7: detected capacity change from 0 to 1024
[  229.924576][T13673] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.933118][T13673] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.956534][T13680] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.157656][T13703] netlink: 'syz.4.3146': attribute type 4 has an invalid length.
[  230.171134][T13705] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3147'.
[  230.175879][T13707] usb usb8: usbfs: process 13707 (syz.1.3148) did not claim interface 0 before use
[  230.189935][T13707] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  230.224671][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.259392][T13715] loop7: detected capacity change from 0 to 128
[  230.277129][T13715] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00e50002)
[  230.287110][T13715] FAT-fs (loop7): Filesystem has been set read-only
[  230.339656][T13721] loop4: detected capacity change from 0 to 512
[  230.361387][T13721] ext4: Unknown parameter 'smackfshat'
[  230.387843][T13723] loop7: detected capacity change from 0 to 2048
[  230.405591][T13721] loop4: detected capacity change from 0 to 1024
[  230.432268][T13723] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.445725][T13723] ext4 filesystem being mounted at /195/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.460173][T13721] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.473189][T13721] ext4 filesystem being mounted at /587/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.487317][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  230.487386][   T29] audit: type=1326 audit(1742738883.822:11379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.520114][   T29] audit: type=1326 audit(1742738883.822:11380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.527511][T13721] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 393: padding at end of block bitmap is not set
[  230.543763][   T29] audit: type=1326 audit(1742738883.822:11381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.581256][   T29] audit: type=1326 audit(1742738883.822:11382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.605734][   T29] audit: type=1326 audit(1742738883.822:11383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.630309][   T29] audit: type=1326 audit(1742738883.822:11384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.653936][   T29] audit: type=1326 audit(1742738883.822:11385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.663244][T13721] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  230.677546][   T29] audit: type=1326 audit(1742738883.822:11386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.677588][   T29] audit: type=1326 audit(1742738883.822:11387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.690079][T13721] EXT4-fs (loop4): This should not happen!! Data will be lost
[  230.690079][T13721] 
[  230.713666][   T29] audit: type=1326 audit(1742738883.822:11388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13727 comm="syz.1.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  230.854852][T13738] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3159'.
[  230.897572][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.933344][T13745] netlink: 'syz.4.3162': attribute type 4 has an invalid length.
[  230.939016][T13747] loop5: detected capacity change from 0 to 164
[  231.009390][T13747] Unable to read rock-ridge attributes
[  231.016943][T13747] Unable to read rock-ridge attributes
[  231.057908][T13752] loop4: detected capacity change from 0 to 256
[  231.077853][T13755] loop5: detected capacity change from 0 to 128
[  231.101944][T13755] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00e50002)
[  231.112005][T13755] FAT-fs (loop5): Filesystem has been set read-only
[  231.151694][T13767] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3171'.
[  231.205486][T13769] bridge: RTM_NEWNEIGH with invalid ether address
[  231.217219][T13771] loop5: detected capacity change from 0 to 512
[  231.225875][T13735] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3156: bg 0: block 345: padding at end of block bitmap is not set
[  231.241946][T13775] loop4: detected capacity change from 0 to 2048
[  231.252135][T13771] ext4: Unknown parameter 'smackfshat'
[  231.276641][T13775] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.296768][T13735] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  231.309333][T13735] EXT4-fs (loop7): This should not happen!! Data will be lost
[  231.309333][T13735] 
[  231.319778][T13771] loop5: detected capacity change from 0 to 1024
[  231.335078][T13775] ext4 filesystem being mounted at /591/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.364841][T13771] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.377239][T13771] ext4 filesystem being mounted at /516/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.399543][T13771] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 393: padding at end of block bitmap is not set
[  231.414782][T13771] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  231.427292][T13771] EXT4-fs (loop5): This should not happen!! Data will be lost
[  231.427292][T13771] 
[  231.483042][T13791] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  231.508059][ T5076] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.524673][ T4639] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  231.537517][ T4639] EXT4-fs (loop7): This should not happen!! Data will be lost
[  231.537517][ T4639] 
[  231.611894][ T4639] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  231.624789][ T4639] EXT4-fs (loop7): This should not happen!! Data will be lost
[  231.624789][ T4639] 
[  231.634522][ T4639] EXT4-fs (loop7): Total free blocks count 0
[  231.640516][ T4639] EXT4-fs (loop7): Free/Dirty block details
[  231.646442][ T4639] EXT4-fs (loop7): free_blocks=0
[  231.734063][T13786] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3174: bg 0: block 345: padding at end of block bitmap is not set
[  231.748794][T13786] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  231.761422][T13786] EXT4-fs (loop4): This should not happen!! Data will be lost
[  231.761422][T13786] 
[  231.778963][T13807] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3184'.
[  231.867625][ T4639] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  231.880355][ T4639] EXT4-fs (loop4): This should not happen!! Data will be lost
[  231.880355][ T4639] 
[  231.916682][ T4639] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  231.929674][ T4639] EXT4-fs (loop4): This should not happen!! Data will be lost
[  231.929674][ T4639] 
[  231.939535][ T4639] EXT4-fs (loop4): Total free blocks count 0
[  231.945563][ T4639] EXT4-fs (loop4): Free/Dirty block details
[  231.951476][ T4639] EXT4-fs (loop4): free_blocks=0
[  231.996197][T13819] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3189'.
[  232.006259][T13819] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3189'.
[  232.027721][T13819] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.037144][T13819] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.200692][T13837] loop4: detected capacity change from 0 to 1024
[  232.224028][T13837] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.290304][T13846] netlink: 76 bytes leftover after parsing attributes in process `syz.7.3196'.
[  232.422060][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.537779][T13873] netlink: 'syz.7.3202': attribute type 21 has an invalid length.
[  232.601127][T13880] usb usb8: usbfs: process 13880 (syz.7.3205) did not claim interface 0 before use
[  232.619258][T13880] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  232.681117][T13887] loop7: detected capacity change from 0 to 128
[  232.688875][T13887] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00e50002)
[  232.698939][T13887] FAT-fs (loop7): Filesystem has been set read-only
[  232.724192][T13884] loop5: detected capacity change from 0 to 256
[  232.779146][T13884] FAT-fs (loop5): bogus number of FAT sectors
[  232.786594][T13884] FAT-fs (loop5): Can't find a valid FAT filesystem
[  233.106764][   T37] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.176150][   T37] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.255754][   T37] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.336431][   T37] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.369504][T13893] chnl_net:caif_netlink_parms(): no params data found
[  233.659213][   T37] team0: Port device geneve1 removed
[  233.676561][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.699079][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  233.719962][   T37] bond0 (unregistering): Released all slaves
[  233.755139][T13893] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.762449][T13893] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.783202][T13893] bridge_slave_0: entered allmulticast mode
[  233.797839][T13893] bridge_slave_0: entered promiscuous mode
[  233.815410][   T37] tipc: Left network mode
[  233.816718][T13893] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.827098][T13893] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.846500][T13893] bridge_slave_1: entered allmulticast mode
[  233.861842][T13893] bridge_slave_1: entered promiscuous mode
[  233.961071][   T37] hsr_slave_0: left promiscuous mode
[  233.984101][   T37] hsr_slave_1: left promiscuous mode
[  233.992010][   T37] veth1_macvtap: left promiscuous mode
[  233.998027][   T37] veth0_macvtap: left promiscuous mode
[  234.003595][   T37] veth1_vlan: left promiscuous mode
[  234.009738][   T37] veth0_vlan: left promiscuous mode
[  234.125492][   T37] team0 (unregistering): Port device team_slave_1 removed
[  234.133387][T13965] loop7: detected capacity change from 0 to 128
[  234.140171][   T37] team0 (unregistering): Port device team_slave_0 removed
[  234.143793][T13965] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00e50002)
[  234.157413][T13965] FAT-fs (loop7): Filesystem has been set read-only
[  234.191379][T13893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.204907][T13893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.222243][   T10] infiniband syz1: ib_query_port failed (-19)
[  234.286300][T13893] team0: Port device team_slave_0 added
[  234.305402][T13893] team0: Port device team_slave_1 added
[  234.355222][T13893] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.362337][T13893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.388329][T13893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.403994][T13893] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.410997][T13893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.437051][T13893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  234.492379][T14000] bridge: RTM_NEWNEIGH with invalid ether address
[  234.512157][T13893] hsr_slave_0: entered promiscuous mode
[  234.518351][T13893] hsr_slave_1: entered promiscuous mode
[  234.525674][T13893] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  234.533342][T13893] Cannot create hsr debugfs directory
[  234.542890][   T37] IPVS: stop unused estimator thread 0...
[  234.571854][T14004] loop5: detected capacity change from 0 to 1024
[  234.601640][T14006] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.611620][T14006] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.629481][T14004] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.780902][ T5076] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.885421][T13893] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  234.894129][T13893] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  234.903523][T13893] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  234.912710][T13893] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  235.002067][T13893] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.028383][T13893] 8021q: adding VLAN 0 to HW filter on device team0
[  235.040225][T12047] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.047406][T12047] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.077576][T12047] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.084777][T12047] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.180860][T13893] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.309430][T14087] __nla_validate_parse: 3 callbacks suppressed
[  235.309505][T14087] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3254'.
[  235.319290][T14105] loop7: detected capacity change from 0 to 512
[  235.347316][T14087] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3254'.
[  235.349164][T14105] EXT4-fs: Ignoring removed bh option
[  235.368947][T14110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.384614][T14105] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  235.397075][T14110] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.414799][T14105] EXT4-fs (loop7): 1 truncate cleaned up
[  235.427696][T14105] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.484751][T14094] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14094 comm=syz.7.3255
[  235.490524][T13893] veth0_vlan: entered promiscuous mode
[  235.525544][T13893] veth1_vlan: entered promiscuous mode
[  235.553759][T13893] veth0_macvtap: entered promiscuous mode
[  235.553857][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.561200][T13893] veth1_macvtap: entered promiscuous mode
[  235.586548][T13893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.597049][T13893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.606945][T13893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.617439][T13893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.627371][T13893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.637839][T13893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.655607][T13893] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.663984][T13893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.674919][T13893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.684821][T13893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.695322][T13893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.705216][T13893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.715684][T13893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.727077][T14128] usb usb8: usbfs: process 14128 (syz.7.3256) did not claim interface 0 before use
[  235.736979][T14128] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  235.744924][T13893] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.763393][T13893] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.772291][T13893] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.781190][T13893] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.790084][T13893] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.880998][T14138] usb usb8: usbfs: process 14138 (syz.4.3207) did not claim interface 0 before use
[  235.892929][T14138] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  235.931061][T14140] netlink: 'syz.4.3259': attribute type 21 has an invalid length.
[  235.948038][T14140] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3259'.
[  235.957163][T14140] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3259'.
[  236.000153][   T29] kauditd_printk_skb: 161 callbacks suppressed
[  236.000173][   T29] audit: type=1400 audit(1742738888.986:11550): avc:  denied  { ioctl } for  pid=14143 comm="syz.7.3261" path="socket:[40639]" dev="sockfs" ino=40639 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  236.080927][T14152] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3263'.
[  236.111568][T14151] netlink: 'syz.2.3265': attribute type 4 has an invalid length.
[  236.119573][T14152] loop7: detected capacity change from 0 to 512
[  236.147418][T14152] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.196848][T14152] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.225965][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.267287][T14174] usb usb8: usbfs: process 14174 (syz.5.3274) did not claim interface 0 before use
[  236.290970][T14174] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  236.334572][T14185] loop5: detected capacity change from 0 to 512
[  236.357043][T14185] ext4: Unknown parameter 'smackfshat'
[  236.374239][T14185] loop5: detected capacity change from 0 to 1024
[  236.411812][T14185] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.431370][T14193] netlink: 'syz.7.3280': attribute type 4 has an invalid length.
[  236.435820][T14185] ext4 filesystem being mounted at /543/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.456644][T14185] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3277: bg 0: block 393: padding at end of block bitmap is not set
[  236.473593][T14185] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  236.486078][T14185] EXT4-fs (loop5): This should not happen!! Data will be lost
[  236.486078][T14185] 
[  236.545378][ T5076] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.598536][T14201] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3282'.
[  236.624888][T14201] loop5: detected capacity change from 0 to 512
[  236.676395][T14201] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.692309][T14201] ext4 filesystem being mounted at /544/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.716554][ T5076] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.725701][T14207] loop7: detected capacity change from 0 to 2048
[  236.751168][T14207] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.764894][T14207] ext4 filesystem being mounted at /227/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.808431][T14213] loop5: detected capacity change from 0 to 1024
[  236.826119][T14213] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  236.850601][T14213] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  236.859318][T14213] EXT4-fs (loop5): orphan cleanup on readonly fs
[  236.867364][T14213] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  236.877774][T14213] EXT4-fs (loop5): Remounting filesystem read-only
[  236.894129][T14213] Quota error (device loop5): write_blk: dquota write failed
[  236.901573][T14213] Quota error (device loop5): write_blk: dquota write failed
[  236.909100][T14213] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  236.926311][T14213] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  236.935298][T14213] EXT4-fs (loop5): 1 orphan inode deleted
[  236.945081][T14213] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  236.957182][T14213] SELinux: (dev loop5, type ext4) getxattr errno 5
[  236.964392][T14213] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.997813][   T29] audit: type=1326 audit(1742738889.912:11551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.1.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  237.021987][T14227] loop4: detected capacity change from 0 to 512
[  237.031573][T14227] ext4: Unknown parameter 'smackfshat'
[  237.047904][T14227] loop4: detected capacity change from 0 to 1024
[  237.055316][   T29] audit: type=1326 audit(1742738889.912:11552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.1.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  237.079138][   T29] audit: type=1326 audit(1742738889.912:11553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.1.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  237.103144][   T29] audit: type=1326 audit(1742738889.912:11554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.1.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  237.127236][   T29] audit: type=1326 audit(1742738889.912:11555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.1.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  237.197762][T14227] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.212289][T14227] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.231478][T14237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3297'.
[  237.245430][T14227] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3293: bg 0: block 393: padding at end of block bitmap is not set
[  237.298609][T14227] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  237.311063][T14227] EXT4-fs (loop4): This should not happen!! Data will be lost
[  237.311063][T14227] 
[  237.341839][T13893] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.390121][T14245] loop5: detected capacity change from 0 to 164
[  237.403430][T14247] loop4: detected capacity change from 0 to 512
[  237.409944][T14245] Unable to read rock-ridge attributes
[  237.425701][T14245] Unable to read rock-ridge attributes
[  237.438212][T14247] EXT4-fs: journaled quota format not specified
[  237.510249][T14218] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3285: bg 0: block 345: padding at end of block bitmap is not set
[  237.534621][T14218] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  237.547146][T14218] EXT4-fs (loop7): This should not happen!! Data will be lost
[  237.547146][T14218] 
[  237.598739][ T4462] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  237.611484][ T4462] EXT4-fs (loop7): This should not happen!! Data will be lost
[  237.611484][ T4462] 
[  237.671642][ T4462] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  237.684542][ T4462] EXT4-fs (loop7): This should not happen!! Data will be lost
[  237.684542][ T4462] 
[  237.694285][ T4462] EXT4-fs (loop7): Total free blocks count 0
[  237.700318][ T4462] EXT4-fs (loop7): Free/Dirty block details
[  237.706274][ T4462] EXT4-fs (loop7): free_blocks=0
[  237.788544][T14260] loop7: detected capacity change from 0 to 1024
[  237.797054][T14260] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  237.808402][T14260] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  237.826821][T14260] EXT4-fs (loop7): orphan cleanup on readonly fs
[  237.841662][T14260] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  237.851498][T14260] EXT4-fs (loop7): Remounting filesystem read-only
[  237.859456][T14260] EXT4-fs (loop7): 1 orphan inode deleted
[  237.866306][T14260] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  237.880579][T14260] SELinux: (dev loop7, type ext4) getxattr errno 5
[  237.891217][T14260] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.903317][T14265] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3309'.
[  237.948825][T14265] loop4: detected capacity change from 0 to 512
[  237.959403][T14267] usb usb8: usbfs: process 14267 (syz.7.3310) did not claim interface 0 before use
[  237.969609][T14267] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  237.970164][T14265] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.014253][T14265] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.060502][T13893] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.091012][T14273] loop4: detected capacity change from 0 to 512
[  238.105748][T14273] ext4: Unknown parameter 'smackfshat'
[  238.121051][T14275] loop7: detected capacity change from 0 to 164
[  238.140730][T14275] Unable to read rock-ridge attributes
[  238.147026][T14273] loop4: detected capacity change from 0 to 1024
[  238.150538][T14275] Unable to read rock-ridge attributes
[  238.190782][T14273] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.208083][T14279] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  238.214976][T14273] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.233642][T14273] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 393: padding at end of block bitmap is not set
[  238.275366][T13893] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.466314][T14303] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3324'.
[  238.481022][T14305] loop7: detected capacity change from 0 to 512
[  238.513423][T14305] ext4: Unknown parameter 'smackfshat'
[  238.522435][T14310] loop4: detected capacity change from 0 to 256
[  238.558365][T14305] loop7: detected capacity change from 0 to 1024
[  238.570602][T14310] FAT-fs (loop4): Directory bread(block 64) failed
[  238.577446][T14310] FAT-fs (loop4): Directory bread(block 65) failed
[  238.585801][T14310] FAT-fs (loop4): Directory bread(block 66) failed
[  238.592500][T14310] FAT-fs (loop4): Directory bread(block 67) failed
[  238.605617][T14310] FAT-fs (loop4): Directory bread(block 68) failed
[  238.621324][T14310] FAT-fs (loop4): Directory bread(block 69) failed
[  238.628263][T14305] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.646229][T14310] FAT-fs (loop4): Directory bread(block 70) failed
[  238.654066][T14305] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.665279][T14310] FAT-fs (loop4): Directory bread(block 71) failed
[  238.675825][T14310] FAT-fs (loop4): Directory bread(block 72) failed
[  238.688850][T14305] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 393: padding at end of block bitmap is not set
[  238.708653][T14310] FAT-fs (loop4): Directory bread(block 73) failed
[  238.748861][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.759803][T14310] bio_check_eod: 409 callbacks suppressed
[  238.759817][T14310] syz.4.3328: attempt to access beyond end of device
[  238.759817][T14310] loop4: rw=1, sector=1224, nr_sectors = 32 limit=256
[  238.781279][T14310] syz.4.3328: attempt to access beyond end of device
[  238.781279][T14310] loop4: rw=1, sector=1288, nr_sectors = 68 limit=256
[  238.863589][T14333] loop7: detected capacity change from 0 to 1024
[  238.872740][T14335] netlink: '+}[@': attribute type 21 has an invalid length.
[  238.880345][T14335] netlink: 156 bytes leftover after parsing attributes in process `+}[@'.
[  238.894624][T14333] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.137512][T14355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.147047][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.150892][T14355] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.188008][T14363] loop7: detected capacity change from 0 to 512
[  239.199522][T14363] ext4: Unknown parameter 'smackfshat'
[  239.212525][T14363] loop7: detected capacity change from 0 to 1024
[  239.237378][T14363] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.250664][T14363] ext4 filesystem being mounted at /240/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.268820][T14363] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 393: padding at end of block bitmap is not set
[  239.293934][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.326411][T14369] loop7: detected capacity change from 0 to 2048
[  239.344057][T14369] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.356356][T14369] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.382580][T14371] block device autoloading is deprecated and will be removed.
[  239.468263][T14382] netlink: '+}[@': attribute type 21 has an invalid length.
[  239.585790][T14388] SELinux:  Context system_u:object_r:login_exec_t:s0 is not valid (left unmapped).
[  239.657938][T14378] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3348: bg 0: block 345: padding at end of block bitmap is not set
[  239.672879][T14378] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  239.685391][T14378] EXT4-fs (loop7): This should not happen!! Data will be lost
[  239.685391][T14378] 
[  239.700926][T14394] netlink: 'syz.5.3357': attribute type 4 has an invalid length.
[  239.738147][  T339] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  239.750917][  T339] EXT4-fs (loop7): This should not happen!! Data will be lost
[  239.750917][  T339] 
[  239.793802][T12047] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  239.806593][T12047] EXT4-fs (loop7): This should not happen!! Data will be lost
[  239.806593][T12047] 
[  239.816321][T12047] EXT4-fs (loop7): Total free blocks count 0
[  239.822391][T12047] EXT4-fs (loop7): Free/Dirty block details
[  239.828499][T12047] EXT4-fs (loop7): free_blocks=0
[  240.032661][T14421] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.041503][T14429] loop5: detected capacity change from 0 to 2048
[  240.043025][T14421] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.081506][T14429] ext4 filesystem being mounted at /560/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.203992][T14439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.212609][T14439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.636968][T14450] $Hÿ: renamed from bond0 (while UP)
[  240.644406][T14450] $Hÿ: entered promiscuous mode
[  240.649659][T14450] bond_slave_0: entered promiscuous mode
[  240.655439][T14450] bond_slave_1: entered promiscuous mode
[  240.844563][T14463] __nla_validate_parse: 14 callbacks suppressed
[  240.844620][T14463] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3379'.
[  240.866688][T14465] loop4: detected capacity change from 0 to 512
[  240.882124][T14465] ext4: Unknown parameter 'smackfshat'
[  240.908156][T14465] loop4: detected capacity change from 0 to 1024
[  240.935888][T14463] loop2: detected capacity change from 0 to 512
[  240.950754][T14465] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.973820][T14475] usb usb8: usbfs: process 14475 (syz.5.3384) did not claim interface 0 before use
[  240.975991][T14465] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 393: padding at end of block bitmap is not set
[  240.983326][T14475] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  241.029087][T14463] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.048424][T14481] loop5: detected capacity change from 0 to 164
[  241.072730][T14481] Unable to read rock-ridge attributes
[  241.090751][T14481] Unable to read rock-ridge attributes
[  241.109267][T14484] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3387'.
[  241.191603][T14498] loop2: detected capacity change from 0 to 1024
[  241.201548][T14496] netlink: '+}[@': attribute type 21 has an invalid length.
[  241.209640][T14496] netlink: 156 bytes leftover after parsing attributes in process `+}[@'.
[  241.218228][T14496] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  241.237167][T14498] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.3393: bad orphan inode 2304
[  241.263987][T14505] netlink: 'syz.5.3395': attribute type 4 has an invalid length.
[  241.316897][T14484] loop7: detected capacity change from 0 to 2048
[  241.323550][T14484] EXT4-fs: Ignoring removed bh option
[  241.329360][T14484] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  241.341059][T14514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3399'.
[  241.409259][T14523] loop5: detected capacity change from 0 to 164
[  241.426976][T14523] Unable to read rock-ridge attributes
[  241.435961][T14523] Unable to read rock-ridge attributes
[  241.510759][   T29] kauditd_printk_skb: 575 callbacks suppressed
[  241.510777][   T29] audit: type=1326 audit(1742738894.130:12127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.588473][   T29] audit: type=1326 audit(1742738894.168:12128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.612270][   T29] audit: type=1326 audit(1742738894.168:12129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.636010][   T29] audit: type=1326 audit(1742738894.168:12130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.659818][   T29] audit: type=1326 audit(1742738894.168:12131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.683518][   T29] audit: type=1326 audit(1742738894.168:12132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.707600][   T29] audit: type=1326 audit(1742738894.168:12133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.731318][   T29] audit: type=1326 audit(1742738894.168:12134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.754950][   T29] audit: type=1326 audit(1742738894.168:12135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.778645][   T29] audit: type=1326 audit(1742738894.168:12136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14532 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f0196edd169 code=0x7ffc0000
[  241.893031][T14548] netlink: 'syz.4.3412': attribute type 4 has an invalid length.
[  241.951529][T14551] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3413'.
[  242.010242][T14551] loop5: detected capacity change from 0 to 512
[  242.018778][T14555] usb usb8: usbfs: process 14555 (syz.7.3415) did not claim interface 0 before use
[  242.038616][T14555] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  242.070672][T14551] ext4 filesystem being mounted at /572/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.139573][T14560] loop7: detected capacity change from 0 to 1024
[  242.148351][T14562] usb usb8: usbfs: process 14562 (syz.5.3417) did not claim interface 0 before use
[  242.158929][T14560] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  242.176111][T14562] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  242.180403][T14560] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  242.208098][T14560] EXT4-fs (loop7): orphan cleanup on readonly fs
[  242.237387][T14560] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  242.261224][T14560] EXT4-fs (loop7): Remounting filesystem read-only
[  242.267970][T14560] EXT4-fs (loop7): 1 orphan inode deleted
[  242.278204][T14560] SELinux: (dev loop7, type ext4) getxattr errno 5
[  242.303455][T14568] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  242.382392][T14577] loop7: detected capacity change from 0 to 164
[  242.399017][T14577] Unable to read rock-ridge attributes
[  242.428499][T14577] Unable to read rock-ridge attributes
[  242.641133][T14610] loop4: detected capacity change from 0 to 1024
[  242.722376][T14624] pim6reg1: entered promiscuous mode
[  242.727799][T14624] pim6reg1: entered allmulticast mode
[  242.797041][T14630] netlink: '+}[@': attribute type 21 has an invalid length.
[  242.804572][T14630] netlink: 156 bytes leftover after parsing attributes in process `+}[@'.
[  242.813188][T14630] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  242.845713][T14636] loop4: detected capacity change from 0 to 256
[  242.888874][T14636] FAT-fs (loop4): Directory bread(block 64) failed
[  242.910625][T14636] FAT-fs (loop4): Directory bread(block 65) failed
[  242.918134][T14636] FAT-fs (loop4): Directory bread(block 66) failed
[  242.925227][T14636] FAT-fs (loop4): Directory bread(block 67) failed
[  242.931891][T14636] FAT-fs (loop4): Directory bread(block 68) failed
[  242.939228][T14636] FAT-fs (loop4): Directory bread(block 69) failed
[  242.945984][T14636] FAT-fs (loop4): Directory bread(block 70) failed
[  242.952614][T14636] FAT-fs (loop4): Directory bread(block 71) failed
[  242.959760][T14636] FAT-fs (loop4): Directory bread(block 72) failed
[  242.965221][T14642] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3453'.
[  242.966430][T14636] FAT-fs (loop4): Directory bread(block 73) failed
[  242.976759][T14642] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3453'.
[  242.995927][T14642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  243.003750][T14636] syz.4.3449: attempt to access beyond end of device
[  243.003750][T14636] loop4: rw=1, sector=1224, nr_sectors = 32 limit=256
[  243.008260][T14642] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  243.018371][T14636] syz.4.3449: attempt to access beyond end of device
[  243.018371][T14636] loop4: rw=1, sector=1288, nr_sectors = 68 limit=256
[  243.069680][T14652] FAULT_INJECTION: forcing a failure.
[  243.069680][T14652] name failslab, interval 1, probability 0, space 0, times 0
[  243.082424][T14652] CPU: 0 UID: 0 PID: 14652 Comm: syz.2.3454 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  243.082456][T14652] Tainted: [W]=WARN
[  243.082462][T14652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  243.082474][T14652] Call Trace:
[  243.082483][T14652]  <TASK>
[  243.082495][T14652]  dump_stack_lvl+0xf2/0x150
[  243.082529][T14652]  dump_stack+0x15/0x1a
[  243.082556][T14652]  should_fail_ex+0x24a/0x260
[  243.082671][T14652]  ? sctp_add_bind_addr+0x6f/0x1e0
[  243.082696][T14652]  should_failslab+0x8f/0xb0
[  243.082735][T14652]  __kmalloc_cache_noprof+0x4e/0x320
[  243.082764][T14652]  ? sctp_get_port_local+0x79c/0xa90
[  243.082846][T14652]  sctp_add_bind_addr+0x6f/0x1e0
[  243.082872][T14652]  sctp_do_bind+0x434/0x4c0
[  243.082908][T14652]  sctp_connect_new_asoc+0x15b/0x3b0
[  243.082946][T14652]  sctp_sendmsg+0xefb/0x18f0
[  243.083043][T14652]  ? __pfx_sctp_sendmsg+0x10/0x10
[  243.083068][T14652]  inet_sendmsg+0xc5/0xd0
[  243.083181][T14652]  __sock_sendmsg+0x102/0x180
[  243.083223][T14652]  __sys_sendto+0x1a8/0x230
[  243.083264][T14652]  __x64_sys_sendto+0x78/0x90
[  243.083296][T14652]  x64_sys_call+0x29fa/0x2dc0
[  243.083347][T14652]  do_syscall_64+0xc9/0x1c0
[  243.083459][T14652]  ? clear_bhb_loop+0x55/0xb0
[  243.083491][T14652]  ? clear_bhb_loop+0x55/0xb0
[  243.083518][T14652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.083616][T14652] RIP: 0033:0x7fe29d26d169
[  243.083636][T14652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.083658][T14652] RSP: 002b:00007fe29b8d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  243.083680][T14652] RAX: ffffffffffffffda RBX: 00007fe29d485fa0 RCX: 00007fe29d26d169
[  243.083697][T14652] RDX: 000000000000fee4 RSI: 0000200000847fff RDI: 0000000000000004
[  243.083761][T14652] RBP: 00007fe29b8d1090 R08: 000020000005ffe4 R09: 000000000000001c
[  243.083776][T14652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.083795][T14652] R13: 0000000000000000 R14: 00007fe29d485fa0 R15: 00007ffcc176aea8
[  243.083852][T14652]  </TASK>
[  243.301248][T14654] FAULT_INJECTION: forcing a failure.
[  243.301248][T14654] name failslab, interval 1, probability 0, space 0, times 0
[  243.313999][T14654] CPU: 1 UID: 0 PID: 14654 Comm: syz.4.3455 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  243.314037][T14654] Tainted: [W]=WARN
[  243.314045][T14654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  243.314068][T14654] Call Trace:
[  243.314075][T14654]  <TASK>
[  243.314085][T14654]  dump_stack_lvl+0xf2/0x150
[  243.314167][T14654]  dump_stack+0x15/0x1a
[  243.314241][T14654]  should_fail_ex+0x24a/0x260
[  243.314279][T14654]  ? audit_log_d_path+0x8e/0x150
[  243.314321][T14654]  should_failslab+0x8f/0xb0
[  243.314370][T14654]  __kmalloc_cache_noprof+0x4e/0x320
[  243.314399][T14654]  audit_log_d_path+0x8e/0x150
[  243.314440][T14654]  audit_log_d_path_exe+0x42/0x70
[  243.314569][T14654]  audit_log_task+0x1ec/0x250
[  243.314607][T14654]  audit_seccomp+0x68/0x130
[  243.314644][T14654]  __seccomp_filter+0x6fa/0x1180
[  243.314675][T14654]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  243.314751][T14654]  ? vfs_write+0x644/0x920
[  243.314784][T14654]  __secure_computing+0x9f/0x1c0
[  243.314808][T14654]  syscall_trace_enter+0xd1/0x1f0
[  243.314841][T14654]  ? fpregs_assert_state_consistent+0x83/0xa0
[  243.314871][T14654]  do_syscall_64+0xaa/0x1c0
[  243.314912][T14654]  ? clear_bhb_loop+0x55/0xb0
[  243.314950][T14654]  ? clear_bhb_loop+0x55/0xb0
[  243.314978][T14654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.315007][T14654] RIP: 0033:0x7f0196edd169
[  243.315026][T14654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.315049][T14654] RSP: 002b:00007f0195547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  243.315081][T14654] RAX: ffffffffffffffda RBX: 00007f01970f5fa0 RCX: 00007f0196edd169
[  243.315129][T14654] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  243.315144][T14654] RBP: 00007f0195547090 R08: 0000000000000000 R09: 0000000000000000
[  243.315158][T14654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.315170][T14654] R13: 0000000000000000 R14: 00007f01970f5fa0 R15: 00007ffdd19e5b98
[  243.315222][T14654]  </TASK>
[  243.567128][T14660] loop2: detected capacity change from 0 to 164
[  243.596050][T14660] Unable to read rock-ridge attributes
[  243.607419][T14660] Unable to read rock-ridge attributes
[  243.723053][T14672] loop2: detected capacity change from 0 to 512
[  243.734335][T14672] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  243.749160][T14672] EXT4-fs (loop2): 1 truncate cleaned up
[  243.806125][T14666] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=14666 comm=syz.2.3461
[  243.840520][T14683] loop4: detected capacity change from 0 to 256
[  243.863385][T14683] FAT-fs (loop4): Directory bread(block 64) failed
[  243.890864][T14683] FAT-fs (loop4): Directory bread(block 65) failed
[  243.898114][T14683] FAT-fs (loop4): Directory bread(block 66) failed
[  243.904990][T14683] FAT-fs (loop4): Directory bread(block 67) failed
[  243.921174][T14683] FAT-fs (loop4): Directory bread(block 68) failed
[  243.928176][T14683] FAT-fs (loop4): Directory bread(block 69) failed
[  243.935130][T14683] FAT-fs (loop4): Directory bread(block 70) failed
[  243.942016][T14683] FAT-fs (loop4): Directory bread(block 71) failed
[  243.948696][T14683] FAT-fs (loop4): Directory bread(block 72) failed
[  243.955433][T14683] FAT-fs (loop4): Directory bread(block 73) failed
[  244.019559][T14695] FAULT_INJECTION: forcing a failure.
[  244.019559][T14695] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.032801][T14695] CPU: 1 UID: 0 PID: 14695 Comm: syz.2.3468 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  244.032831][T14695] Tainted: [W]=WARN
[  244.032838][T14695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  244.032852][T14695] Call Trace:
[  244.032860][T14695]  <TASK>
[  244.032880][T14695]  dump_stack_lvl+0xf2/0x150
[  244.032915][T14695]  dump_stack+0x15/0x1a
[  244.032937][T14695]  should_fail_ex+0x24a/0x260
[  244.033007][T14695]  should_fail+0xb/0x10
[  244.033039][T14695]  should_fail_usercopy+0x1a/0x20
[  244.033072][T14695]  _copy_from_user+0x1c/0xa0
[  244.033092][T14695]  restore_altstack+0x48/0xd0
[  244.033157][T14695]  __do_sys_rt_sigreturn+0xd7/0x160
[  244.033192][T14695]  x64_sys_call+0x2982/0x2dc0
[  244.033222][T14695]  do_syscall_64+0xc9/0x1c0
[  244.033255][T14695]  ? clear_bhb_loop+0x55/0xb0
[  244.033361][T14695]  ? clear_bhb_loop+0x55/0xb0
[  244.033395][T14695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.033485][T14695] RIP: 0033:0x7fe29d209359
[  244.033505][T14695] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  244.033528][T14695] RSP: 002b:00007fe29b8afa80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  244.033550][T14695] RAX: ffffffffffffffda RBX: 00007fe29d486080 RCX: 00007fe29d209359
[  244.033565][T14695] RDX: 00007fe29b8afa80 RSI: 00007fe29b8afbb0 RDI: 0000000000000021
[  244.033578][T14695] RBP: 00007fe29b8b0090 R08: 0000000000000000 R09: 0000000000000000
[  244.033592][T14695] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  244.033685][T14695] R13: 0000000000000000 R14: 00007fe29d486080 R15: 00007ffcc176aea8
[  244.033724][T14695]  </TASK>
[  244.148236][T14683] syz.4.3467: attempt to access beyond end of device
[  244.148236][T14683] loop4: rw=1, sector=1224, nr_sectors = 32 limit=256
[  244.251147][T14683] syz.4.3467: attempt to access beyond end of device
[  244.251147][T14683] loop4: rw=1, sector=1288, nr_sectors = 68 limit=256
[  244.460319][T14728] Cannot find set identified by id 0 to match
[  244.552708][T14734] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in;
[  244.552708][T14734]    program syz.4.3483 not setting count and/or reply_len properly
[  244.636349][T14741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.645872][T14741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.700473][T14750] netlink: '+}[@': attribute type 21 has an invalid length.
[  244.728697][T14752] loop4: detected capacity change from 0 to 256
[  244.742310][T14752] FAT-fs (loop4): Directory bread(block 64) failed
[  244.749044][T14752] FAT-fs (loop4): Directory bread(block 65) failed
[  244.756083][T14752] FAT-fs (loop4): Directory bread(block 66) failed
[  244.762669][T14752] FAT-fs (loop4): Directory bread(block 67) failed
[  244.769277][T14752] FAT-fs (loop4): Directory bread(block 68) failed
[  244.775847][T14752] FAT-fs (loop4): Directory bread(block 69) failed
[  244.782389][T14752] FAT-fs (loop4): Directory bread(block 70) failed
[  244.788969][T14752] FAT-fs (loop4): Directory bread(block 71) failed
[  244.795542][T14752] FAT-fs (loop4): Directory bread(block 72) failed
[  244.802089][T14752] FAT-fs (loop4): Directory bread(block 73) failed
[  244.825955][T14752] syz.4.3488: attempt to access beyond end of device
[  244.825955][T14752] loop4: rw=1, sector=1224, nr_sectors = 32 limit=256
[  244.840418][T14752] syz.4.3488: attempt to access beyond end of device
[  244.840418][T14752] loop4: rw=1, sector=1288, nr_sectors = 68 limit=256
[  244.929829][T14754] netlink: '+}[@': attribute type 21 has an invalid length.
[  244.948106][T14758] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  244.978612][T14762] vhci_hcd: invalid port number 129
[  244.983882][T14762] vhci_hcd: default hub control req: 6008 v0000 i0081 l0
[  244.991257][T14763] vhci_hcd: invalid port number 129
[  244.996518][T14763] vhci_hcd: default hub control req: 6008 v0000 i0081 l0
[  245.058454][T14771] netlink: 'syz.4.3497': attribute type 4 has an invalid length.
[  245.132411][T14774] loop4: detected capacity change from 0 to 512
[  245.139122][T14774] ext4: Unknown parameter 'smackfshat'
[  245.151537][T14774] loop4: detected capacity change from 0 to 1024
[  245.170084][T14774] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.190561][ T4639] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 393: padding at end of block bitmap is not set
[  245.206365][ T4639] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  245.218835][ T4639] EXT4-fs (loop4): This should not happen!! Data will be lost
[  245.218835][ T4639] 
[  245.300801][T14790] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  246.004632][T14806] netlink: '+}[@': attribute type 21 has an invalid length.
[  246.170496][T14829] loop2: detected capacity change from 0 to 1024
[  246.227502][T14834] loop4: detected capacity change from 0 to 164
[  246.235808][T14834] Unable to read rock-ridge attributes
[  246.242832][T14834] Unable to read rock-ridge attributes
[  246.337435][T14841] __nla_validate_parse: 8 callbacks suppressed
[  246.337455][T14841] netlink: 100 bytes leftover after parsing attributes in process `syz.5.3523'.
[  246.419741][T14847] loop4: detected capacity change from 0 to 2048
[  246.445121][T14847] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.451765][T14859] loop5: detected capacity change from 0 to 164
[  246.461966][T14855] loop2: detected capacity change from 0 to 512
[  246.471075][T14847] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.471471][T14859] Unable to read rock-ridge attributes
[  246.485525][T14847] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.496759][T14855] ext4: Unknown parameter 'smackfshat'
[  246.508906][T14855] loop2: detected capacity change from 0 to 1024
[  246.513460][T14859] Unable to read rock-ridge attributes
[  246.539077][T14855] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.572289][   T37] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 393: padding at end of block bitmap is not set
[  246.589327][   T37] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117
[  246.601941][   T37] EXT4-fs (loop2): This should not happen!! Data will be lost
[  246.601941][   T37] 
[  247.094642][T14880] usb usb8: usbfs: process 14880 (syz.4.3537) did not claim interface 0 before use
[  247.108295][T14880] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  247.124137][T14883] loop5: detected capacity change from 0 to 164
[  247.140613][T14883] Unable to read rock-ridge attributes
[  247.207517][T14892] Cannot find set identified by id 0 to match
[  247.225990][   T29] kauditd_printk_skb: 552 callbacks suppressed
[  247.226007][   T29] audit: type=1326 audit(1742738899.481:12685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.255972][   T29] audit: type=1326 audit(1742738899.481:12686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.280250][   T29] audit: type=1326 audit(1742738899.481:12687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.304040][   T29] audit: type=1326 audit(1742738899.481:12688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.327755][   T29] audit: type=1326 audit(1742738899.481:12689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.351369][   T29] audit: type=1326 audit(1742738899.481:12690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.375077][   T29] audit: type=1326 audit(1742738899.481:12691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.398830][   T29] audit: type=1326 audit(1742738899.481:12692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.422557][   T29] audit: type=1326 audit(1742738899.481:12693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.446227][   T29] audit: type=1326 audit(1742738899.481:12694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.1.3543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  247.513306][T14900] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  247.609542][T14919] loop5: detected capacity change from 0 to 128
[  247.640964][T14919] FAT-fs (loop5): error, invalid FAT chain (i_pos 548, last_block 8)
[  247.649123][T14919] FAT-fs (loop5): Filesystem has been set read-only
[  247.656005][T14919] FAT-fs (loop5): error, corrupted file size (i_pos 548, 522)
[  247.683603][T14926] No such timeout policy "syz0"
[  247.700819][T14926] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3555'.
[  247.757450][T14930] loop7: detected capacity change from 0 to 256
[  247.766069][T14932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3560'.
[  247.797972][T14930] FAT-fs (loop7): Directory bread(block 64) failed
[  247.819207][T14930] FAT-fs (loop7): Directory bread(block 65) failed
[  247.834191][T14930] FAT-fs (loop7): Directory bread(block 66) failed
[  247.862991][T14930] FAT-fs (loop7): Directory bread(block 67) failed
[  247.886060][T14930] FAT-fs (loop7): Directory bread(block 68) failed
[  247.907257][T14930] FAT-fs (loop7): Directory bread(block 69) failed
[  247.927011][T14930] FAT-fs (loop7): Directory bread(block 70) failed
[  247.949367][T14930] FAT-fs (loop7): Directory bread(block 71) failed
[  247.957571][T14930] FAT-fs (loop7): Directory bread(block 72) failed
[  247.979853][T14930] FAT-fs (loop7): Directory bread(block 73) failed
[  247.987319][T14949] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3568'.
[  248.035867][T14930] syz.7.3559: attempt to access beyond end of device
[  248.035867][T14930] loop7: rw=1, sector=1224, nr_sectors = 32 limit=256
[  248.063343][T14930] syz.7.3559: attempt to access beyond end of device
[  248.063343][T14930] loop7: rw=1, sector=1288, nr_sectors = 68 limit=256
[  248.108179][T14960] loop2: detected capacity change from 0 to 2048
[  248.174563][T14960] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.193872][   T37] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.217628][T14969] netlink: 'syz.7.3573': attribute type 4 has an invalid length.
[  248.250912][   T37] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.328105][T14972] loop7: detected capacity change from 0 to 256
[  248.349104][   T37] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.383206][T14972] FAT-fs (loop7): Directory bread(block 64) failed
[  248.401151][T14972] FAT-fs (loop7): Directory bread(block 65) failed
[  248.440035][T14972] FAT-fs (loop7): Directory bread(block 66) failed
[  248.456748][   T37] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.479085][T14972] FAT-fs (loop7): Directory bread(block 67) failed
[  248.500573][T14972] FAT-fs (loop7): Directory bread(block 68) failed
[  248.524823][T14972] FAT-fs (loop7): Directory bread(block 69) failed
[  248.539972][T14944] chnl_net:caif_netlink_parms(): no params data found
[  248.560026][T14972] FAT-fs (loop7): Directory bread(block 70) failed
[  248.588232][T14972] FAT-fs (loop7): Directory bread(block 71) failed
[  248.621763][T14972] FAT-fs (loop7): Directory bread(block 72) failed
[  248.650506][T14972] FAT-fs (loop7): Directory bread(block 73) failed
[  248.664519][   T37] bridge_slave_1: left allmulticast mode
[  248.670192][   T37] bridge_slave_1: left promiscuous mode
[  248.675925][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.697926][T14970] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3571: bg 0: block 345: padding at end of block bitmap is not set
[  248.720211][   T37] bridge_slave_0: left allmulticast mode
[  248.725911][   T37] bridge_slave_0: left promiscuous mode
[  248.731608][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.752116][T14970] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  248.764688][T14970] EXT4-fs (loop2): This should not happen!! Data will be lost
[  248.764688][T14970] 
[  248.797740][T14972] syz.7.3574: attempt to access beyond end of device
[  248.797740][T14972] loop7: rw=1, sector=1224, nr_sectors = 32 limit=256
[  248.833234][T14972] syz.7.3574: attempt to access beyond end of device
[  248.833234][T14972] loop7: rw=1, sector=1288, nr_sectors = 68 limit=256
[  248.868407][   T37] team0: Port device geneve1 removed
[  248.880100][   T51] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  248.892923][   T51] EXT4-fs (loop2): This should not happen!! Data will be lost
[  248.892923][   T51] 
[  248.932878][   T51] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  248.945666][   T51] EXT4-fs (loop2): This should not happen!! Data will be lost
[  248.945666][   T51] 
[  248.955437][   T51] EXT4-fs (loop2): Total free blocks count 0
[  248.961458][   T51] EXT4-fs (loop2): Free/Dirty block details
[  248.967404][   T51] EXT4-fs (loop2): free_blocks=0
[  248.972349][   T51] EXT4-fs (loop2): dirty_blocks=2032
[  249.041760][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  249.063844][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.077844][   T37] bond0 (unregistering): (slave macvlan3): Releasing backup interface
[  249.094854][   T37] team_slave_0: left promiscuous mode
[  249.100382][   T37] team_slave_1: left promiscuous mode
[  249.106690][   T37] bond0 (unregistering): Released all slaves
[  249.162819][T14944] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.170051][T14944] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.177390][T14944] bridge_slave_0: entered allmulticast mode
[  249.184505][T14944] bridge_slave_0: entered promiscuous mode
[  249.191779][T14944] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.194598][T14991] xt_hashlimit: max too large, truncated to 1048576
[  249.198852][T14944] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.213008][T14944] bridge_slave_1: entered allmulticast mode
[  249.219627][T14944] bridge_slave_1: entered promiscuous mode
[  249.234412][   T37] tipc: Left network mode
[  249.234470][T14996] loop7: detected capacity change from 0 to 256
[  249.255672][T14996] FAT-fs (loop7): Directory bread(block 64) failed
[  249.262289][T14996] FAT-fs (loop7): Directory bread(block 65) failed
[  249.268970][T14996] FAT-fs (loop7): Directory bread(block 66) failed
[  249.275739][T14996] FAT-fs (loop7): Directory bread(block 67) failed
[  249.277983][T14944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  249.292986][T14996] FAT-fs (loop7): Directory bread(block 68) failed
[  249.300806][T14996] FAT-fs (loop7): Directory bread(block 69) failed
[  249.309843][T14996] FAT-fs (loop7): Directory bread(block 70) failed
[  249.316836][T14997] loop4: detected capacity change from 0 to 512
[  249.322964][T14996] FAT-fs (loop7): Directory bread(block 71) failed
[  249.330050][T14996] FAT-fs (loop7): Directory bread(block 72) failed
[  249.332840][T14944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  249.336652][T14996] FAT-fs (loop7): Directory bread(block 73) failed
[  249.361653][T14997] EXT4-fs (loop4): 1 orphan inode deleted
[  249.372802][T14997] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.386174][ T4639] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:8: Failed to release dquot type 1
[  249.397930][   T37] hsr_slave_0: left promiscuous mode
[  249.404532][   T37] hsr_slave_1: left promiscuous mode
[  249.412521][T14996] syz.7.3581: attempt to access beyond end of device
[  249.412521][T14996] loop7: rw=1, sector=1224, nr_sectors = 32 limit=256
[  249.428327][   T37] veth1_macvtap: left promiscuous mode
[  249.433870][   T37] veth0_macvtap: left promiscuous mode
[  249.439857][T14996] syz.7.3581: attempt to access beyond end of device
[  249.439857][T14996] loop7: rw=1, sector=1288, nr_sectors = 68 limit=256
[  249.448505][   T37] veth1_vlan: left promiscuous mode
[  249.460146][   T37] veth0_vlan: left promiscuous mode
[  249.525460][T15004] netlink: 'syz.1.3583': attribute type 4 has an invalid length.
[  249.533992][   T37] team0 (unregistering): Port device team_slave_1 removed
[  249.546441][   T37] team0 (unregistering): Port device team_slave_0 removed
[  249.589355][T14944] team0: Port device team_slave_0 added
[  249.619861][T14944] team0: Port device team_slave_1 added
[  249.683316][T14944] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.690411][T14944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.716379][T14944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.727008][T15013] loop7: detected capacity change from 0 to 2048
[  249.728042][T14944] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.740505][T14944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.767017][T14944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.780236][T15013] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.812919][T14944] hsr_slave_0: entered promiscuous mode
[  249.819207][T14944] hsr_slave_1: entered promiscuous mode
[  249.904979][T15030] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  249.972362][   T37] IPVS: stop unused estimator thread 0...
[  250.020646][T15043] usb usb8: usbfs: process 15043 (syz.2.3589) did not claim interface 0 before use
[  250.035417][T15043] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  250.098115][T15051] usb usb8: usbfs: process 15051 (syz.1.3590) did not claim interface 0 before use
[  250.122379][T15054] loop4: detected capacity change from 0 to 164
[  250.123197][T15051] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  250.149168][T15054] Unable to read rock-ridge attributes
[  250.169835][T15054] Unable to read rock-ridge attributes
[  250.181884][T15056] loop2: detected capacity change from 0 to 256
[  250.202773][T15056] FAT-fs (loop2): Directory bread(block 64) failed
[  250.213289][T15056] FAT-fs (loop2): Directory bread(block 65) failed
[  250.231020][T15056] FAT-fs (loop2): Directory bread(block 66) failed
[  250.253229][T14944] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  250.253893][T15056] FAT-fs (loop2): Directory bread(block 67) failed
[  250.299567][T15056] FAT-fs (loop2): Directory bread(block 68) failed
[  250.303331][T14944] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  250.330644][T15056] FAT-fs (loop2): Directory bread(block 69) failed
[  250.333268][T14944] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  250.351160][T15056] FAT-fs (loop2): Directory bread(block 70) failed
[  250.377938][T15056] FAT-fs (loop2): Directory bread(block 71) failed
[  250.378373][T14944] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  250.404690][T15056] FAT-fs (loop2): Directory bread(block 72) failed
[  250.423741][T15026] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3584: bg 0: block 345: padding at end of block bitmap is not set
[  250.448113][T15056] FAT-fs (loop2): Directory bread(block 73) failed
[  250.485806][T15026] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  250.491427][T14944] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.498411][T15026] EXT4-fs (loop7): This should not happen!! Data will be lost
[  250.498411][T15026] 
[  250.536602][T15056] syz.2.3593: attempt to access beyond end of device
[  250.536602][T15056] loop2: rw=1, sector=1224, nr_sectors = 32 limit=256
[  250.561008][T14944] 8021q: adding VLAN 0 to HW filter on device team0
[  250.576036][T15056] syz.2.3593: attempt to access beyond end of device
[  250.576036][T15056] loop2: rw=1, sector=1288, nr_sectors = 68 limit=256
[  250.620038][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.623741][ T4639] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  250.627182][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.639762][ T4639] EXT4-fs (loop7): This should not happen!! Data will be lost
[  250.639762][ T4639] 
[  250.657408][T15091] loop4: detected capacity change from 0 to 2048
[  250.677944][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.685152][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.722262][T15091] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.724505][T12047] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  250.745757][T12047] EXT4-fs (loop7): This should not happen!! Data will be lost
[  250.745757][T12047] 
[  250.746950][T14944] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  250.755463][T12047] EXT4-fs (loop7): Total free blocks count 0
[  250.765829][T14944] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  250.782250][T12047] EXT4-fs (loop7): Free/Dirty block details
[  250.784353][T15097] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3607'.
[  250.788148][T12047] EXT4-fs (loop7): free_blocks=0
[  250.802168][T12047] EXT4-fs (loop7): dirty_blocks=2032
[  250.825031][T15091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  250.853242][T15105] loop2: detected capacity change from 0 to 2048
[  250.871153][T15091] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  250.912616][T15105] Alternate GPT is invalid, using primary GPT.
[  250.919136][T15105]  loop2: p2 p3 p7
[  250.965360][T15122] netlink: 'syz.7.3610': attribute type 21 has an invalid length.
[  250.997707][T15122] netlink: 156 bytes leftover after parsing attributes in process `syz.7.3610'.
[  251.006906][T15122] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3610'.
[  251.029435][T14944] 8021q: adding VLAN 0 to HW filter on device batadv0
[  251.036432][T15126] loop2: detected capacity change from 0 to 2048
[  251.070772][ T3291] udevd[3291]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  251.082801][ T4181] udevd[4181]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  251.115728][T15126] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.156115][T15126] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  251.165502][T15126] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  251.266650][T14944] veth0_vlan: entered promiscuous mode
[  251.280094][T14944] veth1_vlan: entered promiscuous mode
[  251.298710][T14944] veth0_macvtap: entered promiscuous mode
[  251.307739][T14944] veth1_macvtap: entered promiscuous mode
[  251.320469][T14944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.331040][T14944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.340945][T14944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.351565][T14944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.361528][T14944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.372294][T14944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.382241][T14944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.392744][T14944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.404458][T14944] batman_adv: batadv0: Interface activated: batadv_slave_0
[  251.413137][T14944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.423717][T14944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.433594][T14944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.444043][T14944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.453865][T14944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.464318][T14944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.474165][T14944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.484696][T14944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.495407][T14944] batman_adv: batadv0: Interface activated: batadv_slave_1
[  251.520775][T14944] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  251.529655][T14944] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  251.538476][T14944] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  251.547287][T14944] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  251.608537][T15178] loop5: detected capacity change from 0 to 1024
[  251.634889][T15180] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  251.747677][T15188] usb usb8: usbfs: process 15188 (syz.7.3628) did not claim interface 0 before use
[  251.760636][T15188] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  251.848962][T15195] loop2: detected capacity change from 0 to 164
[  251.879938][T15195] Unable to read rock-ridge attributes
[  251.892672][T15195] Unable to read rock-ridge attributes
[  251.980284][T15204] loop5: detected capacity change from 0 to 512
[  251.993750][T15204] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  252.014475][T15204] EXT4-fs (loop5): 1 truncate cleaned up
[  252.052426][T15212] loop4: detected capacity change from 0 to 256
[  252.078823][T15212] FAT-fs (loop4): Directory bread(block 64) failed
[  252.086941][T15212] FAT-fs (loop4): Directory bread(block 65) failed
[  252.093588][T15212] FAT-fs (loop4): Directory bread(block 66) failed
[  252.106174][T15212] FAT-fs (loop4): Directory bread(block 67) failed
[  252.113662][T15212] FAT-fs (loop4): Directory bread(block 68) failed
[  252.121137][T15212] FAT-fs (loop4): Directory bread(block 69) failed
[  252.121775][T15214] usb usb8: usbfs: process 15214 (syz.7.3640) did not claim interface 0 before use
[  252.127736][T15212] FAT-fs (loop4): Directory bread(block 70) failed
[  252.146815][T15212] FAT-fs (loop4): Directory bread(block 71) failed
[  252.157574][T15212] FAT-fs (loop4): Directory bread(block 72) failed
[  252.164478][T15212] FAT-fs (loop4): Directory bread(block 73) failed
[  252.176132][T15214] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  252.237265][T15224] loop5: detected capacity change from 0 to 164
[  252.255672][T15224] Unable to read rock-ridge attributes
[  252.268785][T15224] Unable to read rock-ridge attributes
[  252.283122][T15223] loop7: detected capacity change from 0 to 1024
[  252.296509][T15228] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3646'.
[  252.339894][T15228] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3646'.
[  252.349141][T15228] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3646'.
[  252.431259][T15242] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3651'.
[  252.570380][T15250] usb usb8: usbfs: process 15250 (syz.7.3654) did not claim interface 0 before use
[  252.581421][   T29] kauditd_printk_skb: 268 callbacks suppressed
[  252.581446][   T29] audit: type=1326 audit(1742738904.495:12962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6861674127 code=0x7ffc0000
[  252.605012][T15250] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  252.611369][   T29] audit: type=1326 audit(1742738904.495:12963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6861619359 code=0x7ffc0000
[  252.642091][   T29] audit: type=1326 audit(1742738904.495:12964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  252.669485][   T29] audit: type=1326 audit(1742738904.504:12965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6861674127 code=0x7ffc0000
[  252.693137][   T29] audit: type=1326 audit(1742738904.504:12966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6861619359 code=0x7ffc0000
[  252.716958][   T29] audit: type=1326 audit(1742738904.504:12967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  252.740633][   T29] audit: type=1326 audit(1742738904.513:12968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6861674127 code=0x7ffc0000
[  252.764276][   T29] audit: type=1326 audit(1742738904.513:12969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6861619359 code=0x7ffc0000
[  252.787849][   T29] audit: type=1326 audit(1742738904.513:12970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  252.811387][   T29] audit: type=1326 audit(1742738904.532:12971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15219 comm="syz.1.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6861674127 code=0x7ffc0000
[  252.891383][T15256] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3656'.
[  252.900722][T15256] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3656'.
[  252.912535][T15256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.921360][T15256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.202613][T15265] loop2: detected capacity change from 0 to 256
[  253.223276][T15265] FAT-fs (loop2): Directory bread(block 64) failed
[  253.230514][T15265] FAT-fs (loop2): Directory bread(block 65) failed
[  253.237638][T15265] FAT-fs (loop2): Directory bread(block 66) failed
[  253.245828][T15265] FAT-fs (loop2): Directory bread(block 67) failed
[  253.253535][T15265] FAT-fs (loop2): Directory bread(block 68) failed
[  253.260487][T15265] FAT-fs (loop2): Directory bread(block 69) failed
[  253.268957][T15265] FAT-fs (loop2): Directory bread(block 70) failed
[  253.275765][T15265] FAT-fs (loop2): Directory bread(block 71) failed
[  253.284251][T15265] FAT-fs (loop2): Directory bread(block 72) failed
[  253.290984][T15265] FAT-fs (loop2): Directory bread(block 73) failed
[  253.460807][T15278] loop5: detected capacity change from 0 to 164
[  253.475939][T15279] netlink: 'syz.4.3664': attribute type 4 has an invalid length.
[  253.509518][T15278] Unable to read rock-ridge attributes
[  253.534320][T15278] Unable to read rock-ridge attributes
[  253.585797][T15288] loop4: detected capacity change from 0 to 2048
[  253.620861][T15288] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.056084][T15313] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3678'.
[  254.080349][T15313] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3678'.
[  254.117714][T15313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.136058][T15313] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.180114][T15299] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3668: bg 0: block 345: padding at end of block bitmap is not set
[  254.204360][T15323] netlink: 'syz.1.3679': attribute type 4 has an invalid length.
[  254.215261][T15299] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  254.227789][T15299] EXT4-fs (loop4): This should not happen!! Data will be lost
[  254.227789][T15299] 
[  254.290319][   T51] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  254.303174][   T51] EXT4-fs (loop4): This should not happen!! Data will be lost
[  254.303174][   T51] 
[  254.369595][   T51] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  254.382471][   T51] EXT4-fs (loop4): This should not happen!! Data will be lost
[  254.382471][   T51] 
[  254.392182][   T51] EXT4-fs (loop4): Total free blocks count 0
[  254.398322][   T51] EXT4-fs (loop4): Free/Dirty block details
[  254.404240][   T51] EXT4-fs (loop4): free_blocks=0
[  254.409234][   T51] EXT4-fs (loop4): dirty_blocks=2032
[  254.556238][T15332] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.578610][T15332] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.617206][T15343] loop4: detected capacity change from 0 to 512
[  254.624149][T15343] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  254.657060][T15343] EXT4-fs (loop4): 1 truncate cleaned up
[  254.677158][T15348] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  254.749524][T15350] netlink: 'syz.2.3691': attribute type 4 has an invalid length.
[  254.759681][T15356] FAULT_INJECTION: forcing a failure.
[  254.759681][T15356] name failslab, interval 1, probability 0, space 0, times 0
[  254.772612][T15356] CPU: 0 UID: 0 PID: 15356 Comm: syz.7.3694 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  254.772700][T15356] Tainted: [W]=WARN
[  254.772708][T15356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.772728][T15356] Call Trace:
[  254.772737][T15356]  <TASK>
[  254.772775][T15356]  dump_stack_lvl+0xf2/0x150
[  254.772804][T15356]  dump_stack+0x15/0x1a
[  254.772825][T15356]  should_fail_ex+0x24a/0x260
[  254.772864][T15356]  should_failslab+0x8f/0xb0
[  254.772896][T15356]  __kmalloc_noprof+0xab/0x3f0
[  254.772985][T15356]  ? sock_kmalloc+0x83/0xc0
[  254.773022][T15356]  sock_kmalloc+0x83/0xc0
[  254.773053][T15356]  ____sys_sendmsg+0x127/0x4b0
[  254.773159][T15356]  __sys_sendmsg+0x19d/0x230
[  254.773286][T15356]  __x64_sys_sendmsg+0x46/0x50
[  254.773317][T15356]  x64_sys_call+0x2734/0x2dc0
[  254.773448][T15356]  do_syscall_64+0xc9/0x1c0
[  254.773488][T15356]  ? clear_bhb_loop+0x55/0xb0
[  254.773531][T15356]  ? clear_bhb_loop+0x55/0xb0
[  254.773579][T15356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.773608][T15356] RIP: 0033:0x7fd486b3d169
[  254.773654][T15356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.773672][T15356] RSP: 002b:00007fd4851a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.773691][T15356] RAX: ffffffffffffffda RBX: 00007fd486d55fa0 RCX: 00007fd486b3d169
[  254.773704][T15356] RDX: 0000000020000000 RSI: 0000200000000600 RDI: 0000000000000006
[  254.773720][T15356] RBP: 00007fd4851a7090 R08: 0000000000000000 R09: 0000000000000000
[  254.773735][T15356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.773752][T15356] R13: 0000000000000000 R14: 00007fd486d55fa0 R15: 00007fff916db348
[  254.773774][T15356]  </TASK>
[  255.012525][T15367] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=280 sclass=netlink_audit_socket pid=15367 comm=syz.4.3696
[  255.025242][T15367] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15367 comm=syz.4.3696
[  255.060763][T15367] loop4: detected capacity change from 0 to 1024
[  255.113334][T15373] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  255.228447][T15386] loop5: detected capacity change from 0 to 1024
[  255.369559][T15398] FAULT_INJECTION: forcing a failure.
[  255.369559][T15398] name failslab, interval 1, probability 0, space 0, times 0
[  255.382418][T15398] CPU: 1 UID: 0 PID: 15398 Comm: syz.4.3710 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  255.382531][T15398] Tainted: [W]=WARN
[  255.382538][T15398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  255.382551][T15398] Call Trace:
[  255.382560][T15398]  <TASK>
[  255.382569][T15398]  dump_stack_lvl+0xf2/0x150
[  255.382601][T15398]  dump_stack+0x15/0x1a
[  255.382628][T15398]  should_fail_ex+0x24a/0x260
[  255.382669][T15398]  should_failslab+0x8f/0xb0
[  255.382707][T15398]  kmem_cache_alloc_noprof+0x52/0x320
[  255.382736][T15398]  ? skb_clone+0x154/0x1f0
[  255.382872][T15398]  skb_clone+0x154/0x1f0
[  255.382942][T15398]  __netlink_deliver_tap+0x2bd/0x4f0
[  255.383002][T15398]  netlink_unicast+0x64a/0x670
[  255.383039][T15398]  netlink_sendmsg+0x5cc/0x6e0
[  255.383103][T15398]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.383127][T15398]  __sock_sendmsg+0x140/0x180
[  255.383170][T15398]  ____sys_sendmsg+0x326/0x4b0
[  255.383272][T15398]  __sys_sendmsg+0x19d/0x230
[  255.383322][T15398]  __x64_sys_sendmsg+0x46/0x50
[  255.383353][T15398]  x64_sys_call+0x2734/0x2dc0
[  255.383417][T15398]  do_syscall_64+0xc9/0x1c0
[  255.383454][T15398]  ? clear_bhb_loop+0x55/0xb0
[  255.383561][T15398]  ? clear_bhb_loop+0x55/0xb0
[  255.383592][T15398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.383626][T15398] RIP: 0033:0x7f0196edd169
[  255.383644][T15398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.383697][T15398] RSP: 002b:00007f0195547038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.383721][T15398] RAX: ffffffffffffffda RBX: 00007f01970f5fa0 RCX: 00007f0196edd169
[  255.383737][T15398] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  255.383752][T15398] RBP: 00007f0195547090 R08: 0000000000000000 R09: 0000000000000000
[  255.383767][T15398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.383848][T15398] R13: 0000000000000000 R14: 00007f01970f5fa0 R15: 00007ffdd19e5b98
[  255.383871][T15398]  </TASK>
[  255.383891][T15398] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3710'.
[  255.470396][T15395] loop7: detected capacity change from 0 to 8192
[  255.613431][T15398] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073608888328)
[  255.624134][T15398] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  256.205927][T15427] usb usb8: usbfs: process 15427 (syz.4.3722) did not claim interface 0 before use
[  256.317207][T15427] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  256.529653][T15423] loop5: detected capacity change from 0 to 8192
[  256.558945][T15431] loop2: detected capacity change from 0 to 1024
[  256.781602][T15457] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  256.876517][T15465] loop5: detected capacity change from 0 to 512
[  256.886341][T15465] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  256.927746][T15465] EXT4-fs (loop5): 1 truncate cleaned up
[  256.976491][T15470] loop4: detected capacity change from 0 to 2048
[  256.996713][T15474] loop2: detected capacity change from 0 to 512
[  257.050168][T15470] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.076922][T15474] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.247986][T15496] loop7: detected capacity change from 0 to 2048
[  257.288545][T15496] ext4 filesystem being mounted at /314/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.303763][T15489] loop2: detected capacity change from 0 to 8192
[  257.345939][T15504] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  257.380822][T15496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  257.425024][T15496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  257.462567][T15494] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3741: bg 0: block 345: padding at end of block bitmap is not set
[  257.483032][T15494] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  257.495674][T15494] EXT4-fs (loop4): This should not happen!! Data will be lost
[  257.495674][T15494] 
[  257.499537][T15512] netlink: 'syz.1.3757': attribute type 21 has an invalid length.
[  257.527089][T15512] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3757'.
[  257.560350][T15516] usb usb8: usbfs: process 15516 (syz.1.3759) did not claim interface 0 before use
[  257.569903][T15516] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  257.605222][ T4462] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  257.617987][ T4462] EXT4-fs (loop4): This should not happen!! Data will be lost
[  257.617987][ T4462] 
[  257.640538][T15518] loop5: detected capacity change from 0 to 512
[  257.652551][T15518] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  257.678663][ T4462] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  257.684555][T15518] EXT4-fs (loop5): 1 truncate cleaned up
[  257.691805][ T4462] EXT4-fs (loop4): This should not happen!! Data will be lost
[  257.691805][ T4462] 
[  257.691825][ T4462] EXT4-fs (loop4): Total free blocks count 0
[  257.713264][ T4462] EXT4-fs (loop4): Free/Dirty block details
[  257.719185][ T4462] EXT4-fs (loop4): free_blocks=0
[  257.724173][ T4462] EXT4-fs (loop4): dirty_blocks=2032
[  257.791559][T15529] loop5: detected capacity change from 0 to 764
[  257.870266][T13893] EXT4-fs unmount: 58 callbacks suppressed
[  257.887458][T15537] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  257.930672][T15543] netlink: 'syz.1.3769': attribute type 21 has an invalid length.
[  257.950913][T15545] loop5: detected capacity change from 0 to 2048
[  257.951933][T15543] __nla_validate_parse: 1 callbacks suppressed
[  257.951950][T15543] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3769'.
[  257.972722][T15543] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3769'.
[  257.989849][T15541] loop2: detected capacity change from 0 to 1024
[  257.996833][T15541] EXT4-fs: Ignoring removed nobh option
[  258.002550][T15541] EXT4-fs: Ignoring removed bh option
[  258.010828][T15545] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.028442][T15545] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.055014][T15541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.084163][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.095869][T15552] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  258.108885][T15552] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  258.147337][T12653] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.159079][T15557] loop4: detected capacity change from 0 to 512
[  258.204660][T15557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.230564][T15557] ext4 filesystem being mounted at /99/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.261350][T15572] loop2: detected capacity change from 0 to 512
[  258.271561][T15572] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  258.291679][   T29] kauditd_printk_skb: 547 callbacks suppressed
[  258.291695][   T29] audit: type=1326 audit(1742738909.836:13519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.323188][T15572] EXT4-fs (loop2): 1 truncate cleaned up
[  258.337500][T15572] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.395235][T13893] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.398263][   T29] audit: type=1326 audit(1742738909.873:13520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.427897][   T29] audit: type=1326 audit(1742738909.873:13521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.451599][   T29] audit: type=1326 audit(1742738909.873:13522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.475299][   T29] audit: type=1326 audit(1742738909.873:13523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.499037][   T29] audit: type=1326 audit(1742738909.873:13524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.522914][   T29] audit: type=1326 audit(1742738909.873:13525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.546618][   T29] audit: type=1326 audit(1742738909.873:13526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.570161][   T29] audit: type=1326 audit(1742738909.873:13527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.593978][   T29] audit: type=1326 audit(1742738909.873:13528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15573 comm="syz.7.3778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd486b3d169 code=0x7ffc0000
[  258.621747][T12653] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.633019][T15555] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3770: bg 0: block 345: padding at end of block bitmap is not set
[  258.659202][T15555] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  258.671941][T15555] EXT4-fs (loop5): This should not happen!! Data will be lost
[  258.671941][T15555] 
[  258.687536][T15586] syz.4.3780 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  258.710184][T15586] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3780'.
[  258.719501][T15588] loop2: detected capacity change from 0 to 1024
[  258.757414][T15588] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.761956][   T51] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[  258.782179][   T51] EXT4-fs (loop5): This should not happen!! Data will be lost
[  258.782179][   T51] 
[  258.820245][   T51] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[  258.833179][   T51] EXT4-fs (loop5): This should not happen!! Data will be lost
[  258.833179][   T51] 
[  258.843052][   T51] EXT4-fs (loop5): Total free blocks count 0
[  258.849434][   T51] EXT4-fs (loop5): Free/Dirty block details
[  258.855412][   T51] EXT4-fs (loop5): free_blocks=0
[  258.970886][T12653] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.004310][T15604] FAULT_INJECTION: forcing a failure.
[  259.004310][T15604] name failslab, interval 1, probability 0, space 0, times 0
[  259.017037][T15604] CPU: 0 UID: 0 PID: 15604 Comm: syz.2.3787 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  259.017112][T15604] Tainted: [W]=WARN
[  259.017120][T15604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  259.017135][T15604] Call Trace:
[  259.017143][T15604]  <TASK>
[  259.017152][T15604]  dump_stack_lvl+0xf2/0x150
[  259.017187][T15604]  dump_stack+0x15/0x1a
[  259.017273][T15604]  should_fail_ex+0x24a/0x260
[  259.017379][T15604]  should_failslab+0x8f/0xb0
[  259.017444][T15604]  kmem_cache_alloc_node_noprof+0x59/0x320
[  259.017469][T15604]  ? __alloc_skb+0x10b/0x310
[  259.017493][T15604]  __alloc_skb+0x10b/0x310
[  259.017515][T15604]  inet6_netconf_notify_devconf+0xfc/0x1c0
[  259.017629][T15604]  addrconf_ifdown+0xd30/0xed0
[  259.017663][T15604]  ? __rcu_read_unlock+0x4e/0x70
[  259.017690][T15604]  ? __rcu_read_unlock+0x4e/0x70
[  259.017719][T15604]  addrconf_notify+0x2ff/0x950
[  259.017800][T15604]  ? ip6mr_device_event+0x12f/0x150
[  259.017828][T15604]  ? __pfx_addrconf_notify+0x10/0x10
[  259.017847][T15604]  raw_notifier_call_chain+0x6f/0x1d0
[  259.017881][T15604]  ? up_write+0x30/0xf0
[  259.017905][T15604]  ? mutex_is_locked+0x12/0x30
[  259.017964][T15604]  call_netdevice_notifiers_info+0xae/0x100
[  259.018005][T15604]  unregister_netdevice_many_notify+0x98a/0x1280
[  259.018042][T15604]  ? selinux_capable+0x1f2/0x260
[  259.018147][T15604]  unregister_netdevice_queue+0x1f4/0x220
[  259.018242][T15604]  ip6gre_tunnel_siocdevprivate+0x23f/0x6f0
[  259.018277][T15604]  ? __pfx_ip6gre_tunnel_siocdevprivate+0x10/0x10
[  259.018356][T15604]  dev_ifsioc+0x84b/0xa10
[  259.018386][T15604]  dev_ioctl+0x8e9/0xab0
[  259.018415][T15604]  sock_ioctl+0x57d/0x600
[  259.018488][T15604]  ? __pfx_sock_ioctl+0x10/0x10
[  259.018603][T15604]  __se_sys_ioctl+0xc9/0x140
[  259.018628][T15604]  __x64_sys_ioctl+0x43/0x50
[  259.018658][T15604]  x64_sys_call+0x1690/0x2dc0
[  259.018744][T15604]  do_syscall_64+0xc9/0x1c0
[  259.018783][T15604]  ? clear_bhb_loop+0x55/0xb0
[  259.018825][T15604]  ? clear_bhb_loop+0x55/0xb0
[  259.018852][T15604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.018988][T15604] RIP: 0033:0x7fe29d26d169
[  259.019006][T15604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.019029][T15604] RSP: 002b:00007fe29b8d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.019066][T15604] RAX: ffffffffffffffda RBX: 00007fe29d485fa0 RCX: 00007fe29d26d169
[  259.019082][T15604] RDX: 0000200000000600 RSI: 00000000000089f2 RDI: 0000000000000006
[  259.019097][T15604] RBP: 00007fe29b8d1090 R08: 0000000000000000 R09: 0000000000000000
[  259.019112][T15604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.019126][T15604] R13: 0000000000000000 R14: 00007fe29d485fa0 R15: 00007ffcc176aea8
[  259.019150][T15604]  </TASK>
[  259.436513][T15620] loop2: detected capacity change from 0 to 512
[  259.445702][T15620] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  259.474598][T15620] EXT4-fs (loop2): 1 truncate cleaned up
[  259.480923][T15620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.511711][T15625] loop5: detected capacity change from 0 to 2048
[  259.532188][T12653] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.544259][T15625] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.557716][T15625] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.577199][T15625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.585921][T15625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  259.613844][T15631] netlink: 'syz.2.3797': attribute type 21 has an invalid length.
[  259.621803][T15631] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3797'.
[  259.631246][T15631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3797'.
[  259.684181][T15633] loop2: detected capacity change from 0 to 1024
[  259.692630][T15633] EXT4-fs: Ignoring removed nobh option
[  259.698345][T15633] EXT4-fs: Ignoring removed bh option
[  259.711008][T15633] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.739977][T12653] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.790800][T15643] loop2: detected capacity change from 0 to 2048
[  259.806216][T15643] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.818612][T15643] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.838647][T15643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.847762][T15643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.143098][T14944] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.243964][T15658] netlink: 'syz.5.3808': attribute type 21 has an invalid length.
[  260.251845][T15658] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3808'.
[  260.261082][T15658] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3808'.
[  260.289652][T15662] loop5: detected capacity change from 0 to 764
[  260.412298][T12653] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.421836][T15670] loop5: detected capacity change from 0 to 2048
[  260.449730][T15670] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.463154][T15670] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.471448][T15676] usb usb8: usbfs: process 15676 (syz.2.3816) did not claim interface 0 before use
[  260.483204][T15676] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  260.491150][T15670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.512139][T15670] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.512690][T15678] loop2: detected capacity change from 0 to 764
[  261.071602][T14944] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.181924][T15700] netlink: 'syz.4.3827': attribute type 21 has an invalid length.
[  261.190393][T15700] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3827'.
[  261.199601][T15700] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3827'.
[  261.293490][T15710] loop4: detected capacity change from 0 to 512
[  261.327011][T15710] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  261.348545][T15710] EXT4-fs (loop4): 1 truncate cleaned up
[  261.355928][T15710] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.399227][T13893] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.456698][T15720] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15720 comm=syz.5.3836
[  261.469385][T15720] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15720 comm=syz.5.3836
[  261.500936][T15720] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3836'.
[  261.536851][T15728] SET target dimension over the limit!
[  261.543937][T15728] loop4: detected capacity change from 0 to 256
[  261.703514][T15742] FAULT_INJECTION: forcing a failure.
[  261.703514][T15742] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.716750][T15742] CPU: 1 UID: 0 PID: 15742 Comm: syz.4.3844 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  261.716857][T15742] Tainted: [W]=WARN
[  261.716863][T15742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  261.716874][T15742] Call Trace:
[  261.716880][T15742]  <TASK>
[  261.716887][T15742]  dump_stack_lvl+0xf2/0x150
[  261.716913][T15742]  dump_stack+0x15/0x1a
[  261.716999][T15742]  should_fail_ex+0x24a/0x260
[  261.717052][T15742]  should_fail+0xb/0x10
[  261.717075][T15742]  should_fail_usercopy+0x1a/0x20
[  261.717103][T15742]  _copy_from_user+0x1c/0xa0
[  261.717184][T15742]  bpf_test_init+0xe4/0x140
[  261.717212][T15742]  bpf_prog_test_run_skb+0x153/0xc00
[  261.717244][T15742]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  261.717343][T15742]  bpf_prog_test_run+0x20f/0x3a0
[  261.717374][T15742]  __sys_bpf+0x400/0x7a0
[  261.717408][T15742]  __x64_sys_bpf+0x43/0x50
[  261.717474][T15742]  x64_sys_call+0x2914/0x2dc0
[  261.717496][T15742]  do_syscall_64+0xc9/0x1c0
[  261.717526][T15742]  ? clear_bhb_loop+0x55/0xb0
[  261.717549][T15742]  ? clear_bhb_loop+0x55/0xb0
[  261.717577][T15742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.717602][T15742] RIP: 0033:0x7f0196edd169
[  261.717664][T15742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.717685][T15742] RSP: 002b:00007f0195547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  261.717707][T15742] RAX: ffffffffffffffda RBX: 00007f01970f5fa0 RCX: 00007f0196edd169
[  261.717723][T15742] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  261.717783][T15742] RBP: 00007f0195547090 R08: 0000000000000000 R09: 0000000000000000
[  261.717798][T15742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.717811][T15742] R13: 0000000000000000 R14: 00007f01970f5fa0 R15: 00007ffdd19e5b98
[  261.717908][T15742]  </TASK>
[  262.130262][T15763] loop7: detected capacity change from 0 to 512
[  262.138954][T15763] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  262.150704][T15763] EXT4-fs (loop7): 1 truncate cleaned up
[  262.156963][T15763] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.195089][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.222983][T15774] loop7: detected capacity change from 0 to 1024
[  262.232651][T15774] EXT4-fs error (device loop7): ext4_orphan_get:1415: comm syz.7.3858: bad orphan inode 2304
[  262.243925][T15774] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.169423][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.229758][T15823] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  263.293244][T15827] loop4: detected capacity change from 0 to 1024
[  263.304878][T15834] loop5: detected capacity change from 0 to 512
[  263.313193][T15833] netlink: 'syz.2.3885': attribute type 4 has an invalid length.
[  263.322533][T15827] EXT4-fs: Ignoring removed nobh option
[  263.328156][T15827] EXT4-fs: Ignoring removed bh option
[  263.333958][T15834] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  263.352414][T15834] EXT4-fs (loop5): 1 truncate cleaned up
[  263.358882][T15834] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.379313][T15827] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.421188][T13893] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.437477][T14944] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.527408][T15851] loop7: detected capacity change from 0 to 2048
[  263.555782][T15851] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.578572][T15851] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.599150][T15851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.608194][T15851] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.620926][T15857] loop5: detected capacity change from 0 to 1024
[  263.644448][T15857] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.715581][T15870] netlink: 'syz.1.3897': attribute type 4 has an invalid length.
[  263.788777][   T29] kauditd_printk_skb: 396 callbacks suppressed
[  263.788903][   T29] audit: type=1326 audit(1742738914.971:13925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  263.819348][   T29] audit: type=1326 audit(1742738914.971:13926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  263.843219][   T29] audit: type=1326 audit(1742738914.971:13927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  263.867244][   T29] audit: type=1326 audit(1742738914.971:13928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  263.890949][   T29] audit: type=1326 audit(1742738914.971:13929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  263.914548][   T29] audit: type=1326 audit(1742738914.971:13930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  263.938693][   T29] audit: type=1326 audit(1742738914.971:13931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  263.962380][   T29] audit: type=1326 audit(1742738914.971:13932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  263.986205][   T29] audit: type=1326 audit(1742738914.971:13933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  264.009710][   T29] audit: type=1326 audit(1742738914.971:13934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15873 comm="syz.1.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686167d169 code=0x7ffc0000
[  264.044611][T14944] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.064142][T15879] usb usb8: usbfs: process 15879 (syz.5.3901) did not claim interface 0 before use
[  264.073816][T15879] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  264.164023][T10560] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.228361][T15889] loop5: detected capacity change from 0 to 1024
[  264.237159][T15889] EXT4-fs error (device loop5): ext4_orphan_get:1415: comm syz.5.3906: bad orphan inode 2304
[  264.247942][T15889] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.335149][T15893] usb usb8: usbfs: process 15893 (syz.1.3907) did not claim interface 0 before use
[  264.344755][T15893] vhci_hcd: default hub control req: 010b v0000 i0000 l0
[  264.373074][T15895] netlink: 'syz.1.3908': attribute type 4 has an invalid length.
[  264.383180][T15891] ==================================================================
[  264.391340][T15891] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / redirty_tail_locked
[  264.400322][T15891] 
[  264.402657][T15891] read-write to 0xffff888131338638 of 4 bytes by task 15889 on cpu 1:
[  264.410834][T15891]  redirty_tail_locked+0x54/0x270
[  264.415894][T15891]  writeback_single_inode+0x221/0x3f0
[  264.421298][T15891]  sync_inode_metadata+0x5c/0x90
[  264.426268][T15891]  generic_buffers_fsync_noflush+0xd8/0x120
[  264.432202][T15891]  ext4_sync_file+0x1ff/0x6c0
[  264.436920][T15891]  vfs_fsync_range+0x116/0x130
[  264.441714][T15891]  ext4_buffered_write_iter+0x358/0x3c0
[  264.447294][T15891]  ext4_file_write_iter+0x383/0xf20
[  264.452541][T15891]  iter_file_splice_write+0x5f1/0x980
[  264.457984][T15891]  direct_splice_actor+0x160/0x2c0
[  264.463153][T15891]  splice_direct_to_actor+0x302/0x670
[  264.468578][T15891]  do_splice_direct+0xd7/0x150
[  264.473462][T15891]  do_sendfile+0x398/0x660
[  264.477996][T15891]  __x64_sys_sendfile64+0x110/0x150
[  264.483354][T15891]  x64_sys_call+0xfbd/0x2dc0
[  264.488068][T15891]  do_syscall_64+0xc9/0x1c0
[  264.492610][T15891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.498545][T15891] 
[  264.500875][T15891] read to 0xffff888131338638 of 4 bytes by task 15891 on cpu 0:
[  264.508522][T15891]  generic_buffers_fsync_noflush+0x83/0x120
[  264.514460][T15891]  ext4_sync_file+0x1ff/0x6c0
[  264.519197][T15891]  vfs_fsync_range+0x116/0x130
[  264.524001][T15891]  ext4_buffered_write_iter+0x358/0x3c0
[  264.529584][T15891]  ext4_file_write_iter+0x383/0xf20
[  264.534916][T15891]  iter_file_splice_write+0x5f1/0x980
[  264.540327][T15891]  direct_splice_actor+0x160/0x2c0
[  264.545476][T15891]  splice_direct_to_actor+0x302/0x670
[  264.550886][T15891]  do_splice_direct+0xd7/0x150
[  264.555699][T15891]  do_sendfile+0x398/0x660
[  264.560143][T15891]  __x64_sys_sendfile64+0x110/0x150
[  264.565403][T15891]  x64_sys_call+0xfbd/0x2dc0
[  264.570119][T15891]  do_syscall_64+0xc9/0x1c0
[  264.574687][T15891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.580604][T15891] 
[  264.582934][T15891] value changed: 0x0000003a -> 0x00000002
[  264.588667][T15891] 
[  264.590998][T15891] Reported by Kernel Concurrency Sanitizer on:
[  264.597170][T15891] CPU: 0 UID: 0 PID: 15891 Comm: syz.5.3906 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  264.609441][T15891] Tainted: [W]=WARN
[  264.613285][T15891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.623363][T15891] ==================================================================
[  265.207137][T14944] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.