last executing test programs:

3m46.74054172s ago: executing program 1 (id=20):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d0000008500000023"], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
clock_nanosleep(0xfffffff2, 0xca9a3b, 0x0, 0xfffffffffffffffe)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
write(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000734000/0x4000)=nil, 0x4000, 0x0, 0xbc32038f2d035af6, 0xffffffffffffffff, 0x2882c000)
r5 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
lseek(r5, 0x2004, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
dup(0xffffffffffffffff)

3m45.555621557s ago: executing program 1 (id=28):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001a0001002bbd7000030000000a000000", @ANYRES32=0x0, @ANYBLOB="0400000414000300070000000400000000000000000000001400010000000000000000000087"], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x40000)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfa, 0x1, 0x7ffc9ffe}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
sync_file_range(0xffffffffffffffff, 0x6, 0x10000000000000, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000380)={0x8, 0x3, 0x9, 0x6, 0xe0})
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x1}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000340)={0x43, 0x4, 0x2}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
signalfd(r3, &(0x7f0000000080)={[0x8]}, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r4}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200000000140001"], 0xfc}}, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000040000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000850000005000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0)
r7 = dup3(r2, r3, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r7, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r7, 0x10f, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x1)
set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

3m44.940420526s ago: executing program 1 (id=32):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYRES32=0x0], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000004840), 0x341000, 0x0)
timerfd_gettime(r5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xf, 0x13, &(0x7f0000000240)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB="0000000000000000185300000c000000000000000000000095000000000000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x400, 0x1f, &(0x7f0000000b40)=""/31, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x38, r5, 0x8, &(0x7f0000000800)={0x6, 0x2003}, 0x8, 0x10, &(0x7f0000000840)={0x2, 0xd, 0x2, 0x7}, 0x10, 0x0, r4, 0x1, &(0x7f0000000ac0)=[r1], &(0x7f0000000b00)=[{0x2, 0x2, 0x9, 0x3}], 0x10, 0x8}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800"], 0x110}}, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$l2tp(r6, &(0x7f0000000080)={0x2, 0x0, @broadcast, 0x2}, 0x10)

3m43.99839327s ago: executing program 1 (id=37):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x2424, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x122c0c0, &(0x7f0000000940)=ANY=[@ANYRES16=r0, @ANYRESOCT=r2, @ANYRES32, @ANYRES8], 0xfd, 0x1d1, &(0x7f00000002c0)="$eJzs3U9r02AcB/Bfu7l2nnYTRCGwi6ehvoKJTBADgtKDnhSml1UEd4letpfh6xNfgOzUi0RissXFHdJCklI+n0ufp9/8kqcP/Xfpr+/ufTo5/nz68eed7zGdjmJ8GIexGMVejOPSeQAAm2SR5/ErLy1Tt/+juzUBAN1q8fn/u+clAQAde/3m7YsnaXr0KkmmERfn2Syblbdl/ux5evQw+WuvrrrIstnWVf4oaX53KPJbcbvKH5f1yfV8Jx7sl3mRPX2ZFvlWnU/iuJxMOt4CAAAAAAAAAAAAAAAAAAAAAADo3f1ILt3Y3+fgoJnvVnk5+6c/UKO/z3bc3a6mdXug/Cx09AEAAAAAAAAAAAAAAAAAAICm06/fTt7P5x++1INJRFy/Z5nBqDrxiuV9D8YxyNV3ql1aj03YuEGyHsuYr/gqKJ4dS1eN2x28yPO81Qnr9wjtOgAAAAAAAAAAAAAAAAAAoB/1j37/z6ZDLAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABlD///8Kg7OIaHHw1cV2B32oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbLA/AQAA//9kdTMe")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000640)={[{@grpjquota}, {@auto_da_alloc_val}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@oldalloc}, {@nodelalloc}, {@usrquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x53}}]}, 0xfa, 0x568, &(0x7f0000000f00)="$eJzs3d9rW1UcAPDvTZPup66DMdAHKezByVy6tv6Y4MN8FB0O9MmXGdqsjKbLaNKx1oHbg3vxRYYg4kD8A3z3cfgP+FcMdDBkFH3wJXLTmy5dk/5YszY2nw/c9px7b3LOybnfw7k5CQlgYI2mf3IRr0TEt0nEsbZj+cgOjq6ct/zk1lS6JdFofPpXEkm2r3V+kv0/0srkI377OuJMbn25tcWl2VKlUp7P8mP1uetjtcWls1fnSjPlmfK1icnJ829PTrz37js9a+sbl/754ZMHH57/5tTy9788On4viQtxNDvW3o4duN2eGY3R7DUpxIVnThzvQWH9JFmbfXmv6sH2DGVxXoh0DDgWQ1nUA/vfVxHRAAZUIv5hQLXmAa17+873wYXPd3lasmsef7ByA7S+/fmV90biYPPe6PBysubOKL3fHelB+WkZv/55/166Re/ehwDY1O07EXEun18//iXZ+Pf8zm3hnGfLMP7B7nmQzn/e7DT/ya3Of6LD/OdIh9h9HpvHf+5RD4rpKp3/vd9x/ru6aDUylOVeas75CsmVq5XyuWyR43QUDqT5jdZzzi8/bHQ71j7/S7e0/NZcMKvHo/yBtY+ZLtVLO2lzu8d3Il7tOP9NVvs/6dD/6etxae1TNQ50KeNk+f5r3crfvP0vVuPniNc79v/TFa1k4/XJseb1MNa6Ktb7++7J37uVv9ftT/v/8MbtH0na12tr2y/jp4P/lrsde97rfzj5rJkezvbdLNXr8+MRw8nH6/dPPH1sK986P23/6VMbj3+drv9DEfHFFtt/98Tdrqf2Q/9Px/A2+n/7iYcfffljt/K31v9vNVOnsz1bGf+2WsGdvHYAAAAAAADQb3IRcTSSXHE1ncsViyuf7zgRh3OVaq1+5kp14dp0NL8rOxKFXGul+1jb5yHGs8/DtvITz+QnI+J4RHw3dKiZL05VK9N73XgAAAAAAAAAAAAAAAAAAADoE0e6fP8/9cfQXtcOeOHW/OR3snf1AHbfpj/534tfegL60qbxD+xb4h8Gl/iHwSX+YXCJfxhc4h8Gl/iHwSX+AQAAAAAAAAAAAAAAAAAAAAAAAAAAoKcuXbyYbo3lJ7em0vz0jcWF2eqNs9Pl2mxxbmGqOFWdv16cqVZnKuXiVHVus+erVKvXxydi4eZYvVyrj9UWly7PVReu1S9fnSvNlC+XC7vSKgAAAAAAAAAAAAAAAAAAAPh/qS0uzZYqlfL8vk4MZa3tl/rsp0S+P6oh0ePEHg9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDmvwAAAP//mmY2oA==")
process_vm_readv(0x0, &(0x7f0000000240)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000240)=ANY=[])
mkdir(&(0x7f0000000040)='.\x02\x00', 0xe88022b11028290f)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x74, 0x6}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_open_dev$sg(0x0, 0x0, 0x401)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$sock_int(r7, 0x1, 0x29, &(0x7f0000000140)=0x7fff, 0x4)
socket$inet(0x2, 0x4000000000000001, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
flistxattr(r8, &(0x7f0000000840)=""/196, 0xc4)
sendmmsg$inet(r5, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

3m43.536227947s ago: executing program 1 (id=40):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket(0x28, 0x5, 0x0)
getpeername$l2tp(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x20008844)

3m43.28790094s ago: executing program 1 (id=44):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB], 0x118}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfd, 0x0, 0x7ffc9ffb}]})
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x8004587d, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4})
chdir(&(0x7f0000000240)='./file0\x00')
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x1b, 0x8, &(0x7f0000000180)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd}, 0x94)
remap_file_pages(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r5, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000000)=0x1, 0x4)
close_range(r6, r6, 0x0)

3m43.28734434s ago: executing program 32 (id=44):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB], 0x118}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfd, 0x0, 0x7ffc9ffb}]})
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x8004587d, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4})
chdir(&(0x7f0000000240)='./file0\x00')
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x1b, 0x8, &(0x7f0000000180)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd}, 0x94)
remap_file_pages(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r5, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000000)=0x1, 0x4)
close_range(r6, r6, 0x0)

1m56.700651331s ago: executing program 0 (id=1742):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r2, 0x1, 0x0, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x24}}, 0x10800)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r4}, 0x10)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40409, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))

1m56.603620722s ago: executing program 0 (id=1743):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdde, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000012000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000200000000002604fdffff02000014010000033800000f130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000000c0)={0x30, r2, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x4}]}, 0x30}}, 0x0)

1m56.591274912s ago: executing program 0 (id=1744):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x2424, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x122c0c0, &(0x7f0000000940)=ANY=[@ANYRES16=r0, @ANYRESOCT=r2, @ANYRES32, @ANYRES8], 0xfd, 0x1d1, &(0x7f00000002c0)="$eJzs3U9r02AcB/Bfu7l2nnYTRCGwi6ehvoKJTBADgtKDnhSml1UEd4letpfh6xNfgOzUi0RissXFHdJCklI+n0ufp9/8kqcP/Xfpr+/ufTo5/nz68eed7zGdjmJ8GIexGMVejOPSeQAAm2SR5/ErLy1Tt/+juzUBAN1q8fn/u+clAQAde/3m7YsnaXr0KkmmERfn2Syblbdl/ux5evQw+WuvrrrIstnWVf4oaX53KPJbcbvKH5f1yfV8Jx7sl3mRPX2ZFvlWnU/iuJxMOt4CAAAAAAAAAAAAAAAAAAAAAADo3f1ILt3Y3+fgoJnvVnk5+6c/UKO/z3bc3a6mdXug/Cx09AEAAAAAAAAAAAAAAAAAAICm06/fTt7P5x++1INJRFy/Z5nBqDrxiuV9D8YxyNV3ql1aj03YuEGyHsuYr/gqKJ4dS1eN2x28yPO81Qnr9wjtOgAAAAAAAAAAAAAAAAAAoB/1j37/z6ZDLAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABlD///8Kg7OIaHHw1cV2B32oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbLA/AQAA//9kdTMe")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000640)={[{@grpjquota}, {@auto_da_alloc_val}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@oldalloc}, {@nodelalloc}, {@usrquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x53}}]}, 0xfa, 0x568, &(0x7f0000000f00)="$eJzs3d9rW1UcAPDvTZPup66DMdAHKezByVy6tv6Y4MN8FB0O9MmXGdqsjKbLaNKx1oHbg3vxRYYg4kD8A3z3cfgP+FcMdDBkFH3wJXLTmy5dk/5YszY2nw/c9px7b3LOybnfw7k5CQlgYI2mf3IRr0TEt0nEsbZj+cgOjq6ct/zk1lS6JdFofPpXEkm2r3V+kv0/0srkI377OuJMbn25tcWl2VKlUp7P8mP1uetjtcWls1fnSjPlmfK1icnJ829PTrz37js9a+sbl/754ZMHH57/5tTy9788On4viQtxNDvW3o4duN2eGY3R7DUpxIVnThzvQWH9JFmbfXmv6sH2DGVxXoh0DDgWQ1nUA/vfVxHRAAZUIv5hQLXmAa17+873wYXPd3lasmsef7ByA7S+/fmV90biYPPe6PBysubOKL3fHelB+WkZv/55/166Re/ehwDY1O07EXEun18//iXZ+Pf8zm3hnGfLMP7B7nmQzn/e7DT/ya3Of6LD/OdIh9h9HpvHf+5RD4rpKp3/vd9x/ru6aDUylOVeas75CsmVq5XyuWyR43QUDqT5jdZzzi8/bHQ71j7/S7e0/NZcMKvHo/yBtY+ZLtVLO2lzu8d3Il7tOP9NVvs/6dD/6etxae1TNQ50KeNk+f5r3crfvP0vVuPniNc79v/TFa1k4/XJseb1MNa6Ktb7++7J37uVv9ftT/v/8MbtH0na12tr2y/jp4P/lrsde97rfzj5rJkezvbdLNXr8+MRw8nH6/dPPH1sK986P23/6VMbj3+drv9DEfHFFtt/98Tdrqf2Q/9Px/A2+n/7iYcfffljt/K31v9vNVOnsz1bGf+2WsGdvHYAAAAAAADQb3IRcTSSXHE1ncsViyuf7zgRh3OVaq1+5kp14dp0NL8rOxKFXGul+1jb5yHGs8/DtvITz+QnI+J4RHw3dKiZL05VK9N73XgAAAAAAAAAAAAAAAAAAADoE0e6fP8/9cfQXtcOeOHW/OR3snf1AHbfpj/534tfegL60qbxD+xb4h8Gl/iHwSX+YXCJfxhc4h8Gl/iHwSX+AQAAAAAAAAAAAAAAAAAAAAAAAAAAoKcuXbyYbo3lJ7em0vz0jcWF2eqNs9Pl2mxxbmGqOFWdv16cqVZnKuXiVHVus+erVKvXxydi4eZYvVyrj9UWly7PVReu1S9fnSvNlC+XC7vSKgAAAAAAAAAAAAAAAAAAAPh/qS0uzZYqlfL8vk4MZa3tl/rsp0S+P6oh0ePEHg9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDmvwAAAP//mmY2oA==")
process_vm_readv(0x0, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000600)=""/166, 0xa6}], 0x2, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000240)=ANY=[])
mkdir(&(0x7f0000000040)='.\x02\x00', 0xe88022b11028290f)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x74, 0x6}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_open_dev$sg(0x0, 0x0, 0x401)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r6, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
flistxattr(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

1m56.452969435s ago: executing program 0 (id=1748):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x3c, 0x2)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x104080, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x18, 0x2, 0x7, 0x201, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFACCT_FILTER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x400c840}, 0x20020080)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)

1m56.252018388s ago: executing program 0 (id=1751):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open$cgroup(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0xfffffffffffffffa)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x2040400)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000480)={r2, 0x0, 0x0}, 0x20)
perf_event_open(&(0x7f0000000500)={0x3, 0x80, 0x55, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x19923, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x257, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1804000000020000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
r7 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe20, 0x0, @mcast2}, 0x1c)
sendto$inet6(r7, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
setsockopt$inet6_mtu(r7, 0x29, 0x17, &(0x7f0000000640)=0x3, 0x4)
setsockopt$inet6_udp_int(r7, 0x88, 0x1, &(0x7f0000000080), 0x4)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8982, &(0x7f0000000180)={0x7, 'nicvf0\x00', {0xfff}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8, 0x0, 0xfffffffffffffffc}, 0x18)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00', 0x1, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)

1m56.211980788s ago: executing program 0 (id=1752):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={0x0, 0x0}, 0x28)
socket$kcm(0x10, 0x3, 0x10)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x4}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) (fail_nth: 6)

1m41.118750699s ago: executing program 33 (id=1752):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={0x0, 0x0}, 0x28)
socket$kcm(0x10, 0x3, 0x10)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x4}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) (fail_nth: 6)

36.020121472s ago: executing program 3 (id=2996):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000600)={[{@auto_da_alloc_val}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@grpjquota}, {@nomblk_io_submit}, {@jqfmt_vfsold}]}, 0x3, 0x4c5, &(0x7f0000001cc0)="$eJzs3U1rW1caAOD3ynbiJM7YmZlFJjCZMJPBCTOR7HiSmFlkPFDaVaBpunddWzbGsmUsOYlNKA79AYXSL9pVV90Uui6Fkp9QCoF2X0ppCW2SLrpoqyL5qkld+YtYVmI9Dxzfcz+k9z0W90hH56IbQNs6EREjEdEREacjojfdnklLrKyW6nH37t4Yr5YkKpUr3yaRpNvqz5Wky0Ppw7oj4rlnIl5Mfh+3tLQ8M1Yo5BfS9Vx5dj5XWlo+Mz07NpWfys+NDA2eH74wfG54YMfaevGpr9545b2nL37872tfjH5z6qVqWj3pvofbsRUrWzxuteldtf9FXWdELGwn2GOsI21PV6sTAQBgS6qf8f8YEX+PiPtvtzobAAAAoBkq/+uJH5OICgAAALBnZWrXwCaZbHotQE9kMtns6jW8f46DmUKxVP7XZHFxbmL1Wtm+6MpMThfyA+m1wn3RlVTXB2v1B+tn16wPRcSRiHit90BtPTteLEy0+ssPAAAAaBOH1oz/v+9dHf8DAAAAe0xfqxMAAAAAms74HwAAAPa+dcf/SefuJgIAAAA0w7OXLlVLpX7/64mrS4szxatnJvKlmezs4nh2vLgwn50qFqdqv9k3u9nzFYrF+f/E3OL1XDlfKudKS8ujs8XFufJo7b7eo3n3iQYAAIDdd+Rvtz5PImLlvwdqpWpfum8LY/WR5mYHNFNme4cnzcoD2H0drU4AaBkX+EL7Mh8PbDKwf33N+ja/NgAAAB4H/X95pPl/84HwBDOQh/Zl/h/al/l/aF/m/6HN7d/8kO71dnyyw7kAAABN01MrSSabzgX2RCaTzUYcrt0WoCuZnC7kByLiDxHxWW/X/ur6YKuTBgAAAAAAAAAAAAAAAAAAAAAAAIAnTKWSRAUAAADY0yIyXyfpjfz7e0/2rP1+YF/yQ29tGRHX3rny5vWxcnlhsLr9u1+3l99Kt5+tbwEAAABaqT5Or4/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAn3bt7Y7xedjPunf9HRF+j+J3RXVt2f9gbEQfvJ9H50OOSiOjYgfgrNyPiaKP4STWt6EuzWBs/ExEHWhz/0A7Eh3Z2q9r/jFTPv641518mTtSWjc+/zrQ8qjsn1uv/MvX+r9bPNer/Dm/81N31yrHbH+TWjX8z4lhn4/6nHj95xP73heeXl9fbV3k3on+T959qrFx5dj5XWlo+Mz07NpWfys8NDQ2eH74wfG54IDc5XcinfxvGePWvH/28UfsPNoy/2v9u1P6TW2z/T7ev3/3TBvFP/aPx6390g/jV//0/0/eB6v7+en1ltf6w4+9/enyj9k+s0/7NXv9TW2z/6csvf7nFQwGAXVBaWp4ZKxTyCyoqKnuvcjk90bf98BZ3TAAAwI578KG/1ZkAAAAAAAAAAAAAAAAAAABA+2r6j5Dt/+0vC3S3rqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABv6JQAA///dfdKW")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0c00000004000000040000000100000000000000", @ANYRES32=r1, @ANYBLOB="f6ffff862b7138c7602fc5700b00d938070d4500", @ANYBLOB="13885cd5b7cd0647933a986c993c4462be6bd38e6829814fbc28d78351c61e867e7ed236eb5d17f57063802ca3f6aa93bce78ea5345da4", @ANYRES32, @ANYRES16=r0], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r5 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000240)="99f05ac1cd", 0x5}, {0x0}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1b, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6}]})

35.154008095s ago: executing program 3 (id=3012):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x14, r2, 0x1, 0x0, 0x10}, 0x14}}, 0x0)

35.112965035s ago: executing program 3 (id=3014):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x9)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r0)

35.060842436s ago: executing program 3 (id=3016):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
syz_emit_ethernet(0xfdef, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xfde1, 0x300, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x4d, 0x0, @wg=@data}}}}}, 0x0)

35.000783557s ago: executing program 3 (id=3017):
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="8fcc2ee06d4b2732be39757d997e1c9b9445957b340a619962119c037ee11171f4f80c9b42aac1e948f4aa46556d9002d40c88dcb50ee49ae6b6074b9e85824711c0ef110eb999c5415dc987a21ca94515b61806bf1e5a6e203676d0ea62b36001591260bb71b41ab7cff22e19c0b5ef11c80d5d15b1e1d8487c548c312ea3a2f6f52e1c617d5d02c3563d4d03cb901336678e5dab26eb3bba0e99253a559114805f05c8cc183b2f0dbf077dce25", 0xae}], 0x1)

34.960760507s ago: executing program 3 (id=3018):
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000000c0)={0x0, 0x9, 0x3, 0x7de0, 0x8e, 0xfff, 0xb92, 0x7fff, {0x0, @in6={{0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0x17}, 0xf96}}, 0xf247, 0x401, 0x82e7f8, 0x800, 0x6}}, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000000200000f"], &(0x7f0000000040)=""/249, 0x46, 0xf9, 0x9}, 0x28) (async)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) (async)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x15a4f385a655cb12, 0x18, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
creat(&(0x7f0000000080)='./file0\x00', 0xa) (async)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000340)={0x1d, r6, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) (async)
setsockopt$SO_J1939_FILTER(r5, 0x6b, 0x1, &(0x7f0000000a00)=[{0x0, 0x0, {0x1, 0xf0}, {0x2, 0x0, 0x2}, 0xff, 0x2}, {0x1, 0x3, {0x2, 0x1, 0x4}, {0x0, 0x1, 0x4}, 0x1, 0xfe}, {0x1, 0x0, {0x1, 0x1, 0x7}, {0x2, 0xff}, 0x2, 0xfe}], 0x60) (async)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850) (async)
r7 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r7, @ANYRESDEC], 0x52) (async)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="707f000000000000007266646e6f3d5da2a73cfac45657b40304ca08f0b0c2b1864e44a9ac6a63118a33af05dbd22544ed1b0ec2e0704d821308e0b0c4d8cebba284a3529f19776bb213b2c204545a031834f418791f957ac0959da12dcf9d0f81e12d6745e0c806fd01fca7db84e8e48a914ef4751815d11c68a4780a00002133a1238aa428f095439b615f6dc28f86b804ccc781df89", @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',loose,\x00']) (async)
dup(0xffffffffffffffff) (async)
socket$inet6_sctp(0xa, 0x801, 0x84)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r9=>0x0}) (async)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000001c0)={@mcast2, @local, @private0, 0xfffffffe, 0x1, 0x2, 0x900, 0x0, 0x802a0, r6}) (async)
getresuid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)=<r10=>0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@private=0xa010100, @in=@remote, 0x4e20, 0x0, 0x4e24, 0x80, 0xa, 0x40, 0x0, 0x89, r9, r10}, {0x3, 0x7, 0x4, 0x169, 0xffffffffffff9e55, 0x6, 0xe, 0x3}, {0x6, 0x4a6, 0x0, 0x9}, 0x8, 0x6e6bbc, 0x2, 0x1, 0x1, 0x3}, {{@in=@local, 0x4d6, 0x2b}, 0x2, @in6=@private0, 0x0, 0x5, 0x2, 0xff, 0xffffde21, 0x1, 0x564}}, 0xe8)

19.923398378s ago: executing program 34 (id=3018):
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000000c0)={0x0, 0x9, 0x3, 0x7de0, 0x8e, 0xfff, 0xb92, 0x7fff, {0x0, @in6={{0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0x17}, 0xf96}}, 0xf247, 0x401, 0x82e7f8, 0x800, 0x6}}, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000000200000f"], &(0x7f0000000040)=""/249, 0x46, 0xf9, 0x9}, 0x28) (async)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) (async)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x15a4f385a655cb12, 0x18, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
creat(&(0x7f0000000080)='./file0\x00', 0xa) (async)
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000340)={0x1d, r6, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) (async)
setsockopt$SO_J1939_FILTER(r5, 0x6b, 0x1, &(0x7f0000000a00)=[{0x0, 0x0, {0x1, 0xf0}, {0x2, 0x0, 0x2}, 0xff, 0x2}, {0x1, 0x3, {0x2, 0x1, 0x4}, {0x0, 0x1, 0x4}, 0x1, 0xfe}, {0x1, 0x0, {0x1, 0x1, 0x7}, {0x2, 0xff}, 0x2, 0xfe}], 0x60) (async)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850) (async)
r7 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r7, @ANYRESDEC], 0x52) (async)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="707f000000000000007266646e6f3d5da2a73cfac45657b40304ca08f0b0c2b1864e44a9ac6a63118a33af05dbd22544ed1b0ec2e0704d821308e0b0c4d8cebba284a3529f19776bb213b2c204545a031834f418791f957ac0959da12dcf9d0f81e12d6745e0c806fd01fca7db84e8e48a914ef4751815d11c68a4780a00002133a1238aa428f095439b615f6dc28f86b804ccc781df89", @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',loose,\x00']) (async)
dup(0xffffffffffffffff) (async)
socket$inet6_sctp(0xa, 0x801, 0x84)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r9=>0x0}) (async)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000001c0)={@mcast2, @local, @private0, 0xfffffffe, 0x1, 0x2, 0x900, 0x0, 0x802a0, r6}) (async)
getresuid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)=<r10=>0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@private=0xa010100, @in=@remote, 0x4e20, 0x0, 0x4e24, 0x80, 0xa, 0x40, 0x0, 0x89, r9, r10}, {0x3, 0x7, 0x4, 0x169, 0xffffffffffff9e55, 0x6, 0xe, 0x3}, {0x6, 0x4a6, 0x0, 0x9}, 0x8, 0x6e6bbc, 0x2, 0x1, 0x1, 0x3}, {{@in=@local, 0x4d6, 0x2b}, 0x2, @in6=@private0, 0x0, 0x5, 0x2, 0xff, 0xffffde21, 0x1, 0x564}}, 0xe8)

2.551983392s ago: executing program 4 (id=3675):
socket$inet6(0xa, 0x2, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='pagemap\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0xba0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYRESDEC=r0, @ANYRES8=r1], &(0x7f0000000200)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
prlimit64(0x0, 0xb, &(0x7f0000000000)={0x0, 0x5}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))

2.405200654s ago: executing program 4 (id=3676):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x78, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x2a, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000040)={0x1d, r3, 0x3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000020100)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0x1, 0x27c, &(0x7f0000000600)="$eJzs281qE1EYxvGnH9ov20Sr1VbEF93oZmjjFYTSghhQaiN+gDC1Ew2ZJiUTKhGx3bn1LoTi0p0g3kA3XoELd9247EIc6UxskzaiFXRs8/9tzhvOPOGcnDPhLGY2775aKhUCp+DW1N1l6pX6tSWl1a0exboabXdUH1ezNV0dzX26cPve/RvZXG5mzmw2O38tY2YjF98/ff7m0ofa0J23I+/6tJF+uPkl83ljbGN889v8k2JgxcDKlZq5tlCp1NwF37PFYlByzG75nht4ViwHXrWlv+BXlpfr5pYXhweXq14QmFuuW8mrW61itWrd3MdusWyO49jwoPAr+fW5OTeb9Cjwd1WrWXda0sS+nvx6IgMCAACJanP+X+P83yk4/3eC7fP/g8b924rzPwAAAAAAAAAAAAAAAAAAAAAAh8FWGKbCMEz9aI9J0Rs+YePzgKRBSUOSTkgaljQiKSUpLemkpFOSRiWdlnRG0piks5LOSRpv+q6k54r9kln/gSSnjCbc/52N9e9sTS/u9ktLL1fyK/m4jfuzBRXly9OkUvoarWVDXM9ez81MWiSt80urjfzqSr6nNT+l1PaGaZefivPWmu+L9t1OPqPU9gZrl8+0zffryuWmvKOUPj5SRb4Woz25m38xZTZ9M7cnPxFdd9Q5tqPt+jnOz/rj/AH2x57ft1cTvcnOHVJQf1Zyfd+rUlAcheK1/othHP4i6X8m/Au7i570SAAAAAAAAAAAAAAAAAAAB/GnTwiGq3H+dy5Oeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOz1PQAA//+5gF2o")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x84042, 0x1fb)
write$P9_RUNLINKAT(r4, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x3, 0x0, &(0x7f0000000000)=<r6=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
timer_settime(r6, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x3938700}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r5}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r5})
socket(0x10, 0x3, 0x9)
setreuid(0xffffffffffffffff, 0xee01)
socket$inet_udp(0x2, 0x2, 0x0)
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000240), 0x82, 0x0)
r8 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r8, 0x114, 0x8, &(0x7f00000008c0), 0x4)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r7, 0xc018937e, &(0x7f0000000280)={{0x1, 0x1, 0x18, r8, {0x4}}, './file1\x00'})

1.496734037s ago: executing program 4 (id=3698):
socket$inet6(0xa, 0x2, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='pagemap\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0xba0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xb, &(0x7f0000000000)={0x0, 0x5}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))

1.435718318s ago: executing program 4 (id=3699):
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3011, 0x17)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x15)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000100)={0xe, 0x9, 0xc})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = getpid()
sched_rr_get_interval(r1, &(0x7f0000000080))
madvise(&(0x7f0000a3a000/0x4000)=nil, 0x4000, 0x14)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1}]})
lchown(0x0, 0x0, 0xee00)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)

1.172858752s ago: executing program 7 (id=3711):
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
r0 = gettid()
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3011, 0x17)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x15)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000100)={0xe, 0x9, 0xc})
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
getpid()
lchown(0x0, 0x0, 0xee00)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x24, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)

669.61696ms ago: executing program 5 (id=3720):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0xd, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfe3d}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000020000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0xf)
r4 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$NFT_BATCH(r3, &(0x7f00000074c0)={0x0, 0x0, &(0x7f0000007480)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000080a010300000000ab0000000200000a14000000000a010200000000000000000a00001714000000110001"], 0x50}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

616.44089ms ago: executing program 5 (id=3724):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
lsetxattr$security_selinux(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000200), &(0x7f0000000180)='system_u:object_r:tzdata_exec_t:s0\x00', 0x23, 0x3)

602.41573ms ago: executing program 2 (id=3725):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000800)=[{&(0x7f0000000380)=""/32, 0x20}, {&(0x7f00000003c0)=""/99, 0x63}, {&(0x7f0000000600)=""/58, 0x3a}, {&(0x7f0000000640)=""/70, 0x46}, {&(0x7f0000000700)=""/223, 0xdf}], 0x5, &(0x7f0000121000)=[{&(0x7f00000004c0)=""/231, 0xe7}], 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x50d02, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x6, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000001, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x29}, @map_val={0x18, 0x7, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x2b00c80b}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffeee)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x30101c4, &(0x7f00000000c0), 0x2, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
socket$pppoe(0x18, 0x1, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x1d00c15, 0x0, 0x6, 0x0, &(0x7f0000000000))
r3 = open(&(0x7f0000000000)='./bus\x00', 0x40000, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00'/10)
getdents(r3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x4010, r1, 0xb6fd5000)
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

599.268901ms ago: executing program 5 (id=3726):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x8882, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0x7040, 0x0) (fail_nth: 1)

536.894582ms ago: executing program 4 (id=3727):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x78, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x84042, 0x1fb)
write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7)
r1 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x64841}, 0x40000)

535.990091ms ago: executing program 5 (id=3728):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010011"], 0x1c}}, 0x800)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x44, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x1}, 0x100008, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0xfffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd502000000090001008b797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000000d08000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRESHEX=0x0], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x3f, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000680)="359cb6c47e34f318495db1dc93e9f39e9953ce750cf6817c5546781a149128d0fc9a5b5c0caf7583b2baa7f78dc3acd8d7c96f2ea9dc716a1b1e9a162bf3eed11262bf", 0x43}], 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c000400"/39, @ANYRES32=0x0], 0x30}], 0x1, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000e80), 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x5a, 0x24008841, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x2, 0x5, &(0x7f00000000c0)=ANY=[@ANYRESOCT], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x61e5cc96, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffef}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/13], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x7, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000711285000000000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x2a, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000880)="f47c49e889a3e27cc93ec90fe798", 0x0, 0x2500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000001300)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

531.328711ms ago: executing program 5 (id=3729):
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="8fcc2ee06d4b2732be39757d997e1c9b9445957b340a619962119c037ee11171f4f80c9b42aac1e948f4aa46556d9002d40c88dcb50ee49ae6b6074b9e85824711c0ef110eb999c5415dc987a21ca94515b61806bf1e5a6e203676d0ea62b36001591260bb71b41ab7cff22e19c0b5ef11c80d5d15b1e1d8487c548c312ea3a2f6f52e1c617d5d02c3563d4d03cb901336678e5dab26eb3bba0e99253a559114805f05c8cc183b2f0dbf077dce25", 0xae}], 0x1)

530.327011ms ago: executing program 2 (id=3730):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r3, 0x0, 0x8}, 0x18)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r4, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local'])

504.280422ms ago: executing program 2 (id=3731):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000000)={0x0, 0xf62c, 0x800, 0x4, 0x37d}, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x401a1, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000300)=0xfffffffb, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r4, 0x0, 0x0})
io_uring_enter(r1, 0x767f, 0x0, 0x1, 0x0, 0x0)
gettid()
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40000)
setreuid(0x0, 0xee00)
ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611)
ioctl$BTRFS_IOC_BALANCE_CTL(r4, 0x40049421, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r5])
fgetxattr(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="73797374656d2e00a9625f466b614ebe62"], 0x0, 0x0)
r6 = fcntl$dupfd(r4, 0x406, r4)
ioctl$EVIOCGMASK(r6, 0x80104592, &(0x7f0000000140)={0x4, 0x4a, &(0x7f0000000340)="6516c015ae80aa5ff0bd9691eb3bee1f3686e8a23f1bcb982bf566e1134bc63cb263cd752ce73da4b29498763e0d3e00a416007705d9a17b6b83ebd768733f02676ac73997ba8e373f07"})

498.524162ms ago: executing program 5 (id=3732):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x518, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x9001, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
r0 = io_uring_setup(0x2a59, &(0x7f0000000080)={0x0, 0x69bd, 0x400})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000003c0)={0x2, 0x0, &(0x7f0000000380)=[{&(0x7f0000000600)=""/4096, 0x1000}], 0x0, 0x1}, 0x20)
unshare(0x22020600)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x1100, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x8, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f0000000080)=ANY=[])
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0xc, 0x20005, 0x2b, 0x0, 0x1, 0x0, 0xffffffffffffff7f}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r2}, 0x18)
connect$can_bcm(0xffffffffffffffff, &(0x7f00000005c0), 0x34)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030d000000000700000000000004000900a0000000e9255bb992464e73a02159d3720df19f7a1dfec300000000030006000000000002000000000000000000000000000000030005000000000002000000ac1414000000000000000000"], 0x60}, 0x1, 0x7}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="880000000008010300000000000000000a00000206000240001c000006000240655800000900010073797a300004fd9cb9c5149d43000000050003002100000006000240001500001400048008000140000000070800014000001e0b2c00048008000240024000000800044000000000080001400000000408000740009d32d33f00054000000b81"], 0x88}}, 0x8010)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r5)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0xe41, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
mount(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x21a8f5, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000180)='IH>', 0x3}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
ptrace(0x10, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)

466.015943ms ago: executing program 6 (id=3733):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='mmap_lock_acquire_returned\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)

439.436583ms ago: executing program 6 (id=3734):
socket$inet6(0xa, 0x2, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000000)={0x0, 0x5}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))

340.990964ms ago: executing program 6 (id=3735):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = timerfd_create(0x7, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0)
readv(r2, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/52, 0x34}], 0x1)

338.582865ms ago: executing program 6 (id=3736):
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

314.921485ms ago: executing program 7 (id=3737):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
setxattr$security_selinux(&(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0, 0x0, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x18)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4, 0x0, @loopback, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x2, &(0x7f0000000140)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb5352776725e104757e7dc25c6519a85efb17b5508000018bb00", "0900b43f"}, 0x38)
ioctl$PIO_UNIMAPCLR(r4, 0x4b68, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffff8acc}]}}, @common=@hl={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private, 'veth1_macvtap\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

249.815966ms ago: executing program 6 (id=3738):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
getpgrp(r1)
futex_waitv(&(0x7f0000000ec0)=[{0x0, &(0x7f0000000040), 0x2}], 0x1, 0x0, &(0x7f0000000000)={0x77359400}, 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000100)={@val={0x800e, 0x6005}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @empty}, {0x4e22, 0x0, 0x15, 0x0, @gue={{0x2, 0x0, 0x0, 0x4, 0x100}, "59cbddf893"}}}}}}}, 0x3b)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$binfmt_register(r4, &(0x7f0000000340)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7868b77f, 0x3a, '[\x1e', 0x3a, 'z[&\x11k\xfc\xb24\\\xda\x16M\xb7\xf2\xc0\x8e\x1b\xcf\x9b\f\x88\b(\xfc\xee\nb\x958\x1b\xcfuT\x8d`\xbb\xbcJ\xe4\x8a\xc4\x13v\xa90P\x8a\xf2h\x8dI\x93\xcbu8^\x9e\xe7OT\xb6\xcc\xc7\x13\x7f\xe3\xa4\x062\'w\a\xf0\x8d\xe5Z\xfdl\xe7x\xf0\xe9\xbe', 0x3a, './file0'}, 0x7c)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)=ANY=[@ANYBLOB="4400000002060500f10de2cd44057eeb000000000c000300686173683a69700005000400000000000900020073797a310000000005000500020000000500010006"], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007800c00018008000140e00000020c00028008000140e0004001"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
r7 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000001c0)=@keyring)

211.057866ms ago: executing program 2 (id=3739):
bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[], 0x50)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x13, 0xa01, 0x0, 0x0, {0x7}}, 0x14}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00'}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(0x0, 0x800)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x25, 0x2000, @fd, 0xb, 0x5, 0x8020, 0x7, 0x0, {0x2}})
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000009c0))
creat(&(0x7f00000000c0)='./file0\x00', 0x9c)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xa8, 0xf0, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x528)

147.661507ms ago: executing program 2 (id=3740):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
setxattr$security_selinux(&(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0, 0x0, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x18)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4, 0x0, @loopback, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x2, &(0x7f0000000140)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb5352776725e104757e7dc25c6519a85efb17b5508000018bb00", "0900b43f"}, 0x38)
ioctl$PIO_UNIMAPCLR(r4, 0x4b68, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffff8acc}]}}, @common=@hl={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private, 'veth1_macvtap\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

113.148618ms ago: executing program 7 (id=3741):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
unshare(0x22020400)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

96.335628ms ago: executing program 4 (id=3742):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
lsetxattr$security_selinux(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000200), &(0x7f0000000180)='system_u:object_r:tzdata_exec_t:s0\x00', 0x23, 0x3)

95.700378ms ago: executing program 2 (id=3743):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
getpgrp(r1)
futex_waitv(&(0x7f0000000ec0)=[{0x0, &(0x7f0000000040), 0x2}], 0x1, 0x0, &(0x7f0000000000)={0x77359400}, 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000100)={@val={0x800e, 0x6005}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @empty}, {0x4e22, 0x0, 0x15, 0x0, @gue={{0x2, 0x0, 0x0, 0x4, 0x100}, "59cbddf893"}}}}}}}, 0x3b)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000001c0)=@keyring)

71.071708ms ago: executing program 7 (id=3744):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='mmap_lock_acquire_returned\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)

47.838399ms ago: executing program 7 (id=3745):
bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[], 0x50)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x13, 0xa01, 0x0, 0x0, {0x7}}, 0x14}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00'}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(0x0, 0x800)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x25, 0x2000, @fd, 0xb, 0x5, 0x8020, 0x7, 0x0, {0x2}})
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000009c0))
creat(&(0x7f00000000c0)='./file0\x00', 0x9c)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xa8, 0xf0, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x528)

27.812029ms ago: executing program 7 (id=3746):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000800)=[{&(0x7f0000000380)=""/32, 0x20}, {&(0x7f00000003c0)=""/99, 0x63}, {&(0x7f0000000600)=""/58, 0x3a}, {&(0x7f0000000640)=""/70, 0x46}, {&(0x7f0000000700)=""/223, 0xdf}], 0x5, &(0x7f0000121000)=[{&(0x7f00000004c0)=""/231, 0xe7}], 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x50d02, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x6, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000001, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x29}, @map_val={0x18, 0x7, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x2b00c80b}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffeee)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x30101c4, &(0x7f00000000c0), 0x2, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
socket$pppoe(0x18, 0x1, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x1d00c15, 0x0, 0x6, 0x0, &(0x7f0000000000))
r3 = open(&(0x7f0000000000)='./bus\x00', 0x40000, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00'/10)
getdents(r3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x4010, r1, 0xb6fd5000)
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

0s ago: executing program 6 (id=3747):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0xd, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfe3d}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$NFT_BATCH(r1, &(0x7f00000074c0)={0x0, 0x0, &(0x7f0000007480)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000080a010300000000ab0000000200000a14000000000a010200000000000000000a00001714000000110001"], 0x50}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

kernel console output (not intermixed with test programs):

1.544994][T12390] 8021q: adding VLAN 0 to HW filter on device team0
[  231.551829][T12536] loop6: detected capacity change from 0 to 1024
[  231.562781][T12536] EXT4-fs: inline encryption not supported
[  231.567585][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.571862][T12536] EXT4-fs: Ignoring removed bh option
[  231.575851][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.590700][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.591842][T12536] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.597808][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.654650][T12536] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2988'.
[  231.698022][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.748838][T12390] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.756484][T12551] sd 0:0:1:0: device reset
[  231.785285][T12554] loop6: detected capacity change from 0 to 128
[  231.868518][T12390] veth0_vlan: entered promiscuous mode
[  231.881844][T12390] veth1_vlan: entered promiscuous mode
[  231.917270][T12390] veth0_macvtap: entered promiscuous mode
[  231.933243][T12566] program syz.6.2995 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  231.933771][T12390] veth1_macvtap: entered promiscuous mode
[  231.956070][T12390] batman_adv: batadv0: Interface activated: batadv_slave_0
[  231.969466][T12390] batman_adv: batadv0: Interface activated: batadv_slave_1
[  231.979301][T12390] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.988232][T12390] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.997047][T12390] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.005929][T12390] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.120732][T12580] loop4: detected capacity change from 0 to 512
[  232.139859][T12580] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.153544][T12580] ext4 filesystem being mounted at /558/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  232.197557][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.243750][T12589] xt_HMARK: proto mask must be zero with L3 mode
[  232.397483][T12599] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12599 comm=syz.5.3006
[  232.872409][T12619] loop4: detected capacity change from 0 to 128
[  232.918343][T12619] bio_check_eod: 18 callbacks suppressed
[  232.918359][T12619] wÞ£ÿ: attempt to access beyond end of device
[  232.918359][T12619] loop4: rw=2049, sector=132, nr_sectors = 8 limit=128
[  232.960116][T12619] wÞ£ÿ: attempt to access beyond end of device
[  232.960116][T12619] loop4: rw=2049, sector=148, nr_sectors = 8 limit=128
[  232.994475][T12619] wÞ£ÿ: attempt to access beyond end of device
[  232.994475][T12619] loop4: rw=2049, sector=142, nr_sectors = 1 limit=128
[  233.007731][T12619] buffer_io_error: 14 callbacks suppressed
[  233.007750][T12619] Buffer I/O error on dev loop4, logical block 142, lost async page write
[  233.018493][T12627] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3018'.
[  233.074316][T12619] wÞ£ÿ: attempt to access beyond end of device
[  233.074316][T12619] loop4: rw=2049, sector=143, nr_sectors = 1 limit=128
[  233.087483][T12619] Buffer I/O error on dev loop4, logical block 143, lost async page write
[  233.099031][T12619] wÞ£ÿ: attempt to access beyond end of device
[  233.099031][T12619] loop4: rw=2049, sector=144, nr_sectors = 1 limit=128
[  233.112209][T12619] Buffer I/O error on dev loop4, logical block 144, lost async page write
[  233.124039][T12619] wÞ£ÿ: attempt to access beyond end of device
[  233.124039][T12619] loop4: rw=2049, sector=145, nr_sectors = 1 limit=128
[  233.137398][T12619] Buffer I/O error on dev loop4, logical block 145, lost async page write
[  233.149318][T12619] wÞ£ÿ: attempt to access beyond end of device
[  233.149318][T12619] loop4: rw=2049, sector=146, nr_sectors = 1 limit=128
[  233.162496][T12619] Buffer I/O error on dev loop4, logical block 146, lost async page write
[  233.185271][T12619] wÞ£ÿ: attempt to access beyond end of device
[  233.185271][T12619] loop4: rw=2049, sector=147, nr_sectors = 1 limit=128
[  233.198492][T12619] Buffer I/O error on dev loop4, logical block 147, lost async page write
[  233.210703][T12619] wÞ£ÿ: attempt to access beyond end of device
[  233.210703][T12619] loop4: rw=2049, sector=156, nr_sectors = 1 limit=128
[  233.223879][T12619] Buffer I/O error on dev loop4, logical block 156, lost async page write
[  233.233854][T12619] wÞ£ÿ: attempt to access beyond end of device
[  233.233854][T12619] loop4: rw=2049, sector=157, nr_sectors = 1 limit=128
[  233.246992][T12619] Buffer I/O error on dev loop4, logical block 157, lost async page write
[  233.256900][T12619] Buffer I/O error on dev loop4, logical block 160, lost async page write
[  233.268065][T12619] Buffer I/O error on dev loop4, logical block 161, lost async page write
[  233.366029][T12637] FAULT_INJECTION: forcing a failure.
[  233.366029][T12637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.379340][T12637] CPU: 1 UID: 0 PID: 12637 Comm: syz.6.3021 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  233.379480][T12637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  233.379494][T12637] Call Trace:
[  233.379502][T12637]  <TASK>
[  233.379512][T12637]  __dump_stack+0x1d/0x30
[  233.379538][T12637]  dump_stack_lvl+0xe8/0x140
[  233.379564][T12637]  dump_stack+0x15/0x1b
[  233.379585][T12637]  should_fail_ex+0x265/0x280
[  233.379636][T12637]  should_fail+0xb/0x20
[  233.379661][T12637]  should_fail_usercopy+0x1a/0x20
[  233.379697][T12637]  _copy_to_user+0x20/0xa0
[  233.379716][T12637]  simple_read_from_buffer+0xb5/0x130
[  233.379778][T12637]  proc_fail_nth_read+0x100/0x140
[  233.379876][T12637]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  233.379973][T12637]  vfs_read+0x19d/0x6f0
[  233.380071][T12637]  ? __rcu_read_unlock+0x4f/0x70
[  233.380099][T12637]  ? __fget_files+0x184/0x1c0
[  233.380126][T12637]  ksys_read+0xda/0x1a0
[  233.380181][T12637]  __x64_sys_read+0x40/0x50
[  233.380219][T12637]  x64_sys_call+0x2d77/0x2fb0
[  233.380331][T12637]  do_syscall_64+0xd2/0x200
[  233.380352][T12637]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  233.380406][T12637]  ? clear_bhb_loop+0x40/0x90
[  233.380427][T12637]  ? clear_bhb_loop+0x40/0x90
[  233.380460][T12637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.380486][T12637] RIP: 0033:0x7f3a2cd0d33c
[  233.380505][T12637] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  233.380555][T12637] RSP: 002b:00007f3a2b377030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  233.380578][T12637] RAX: ffffffffffffffda RBX: 00007f3a2cf35fa0 RCX: 00007f3a2cd0d33c
[  233.380592][T12637] RDX: 000000000000000f RSI: 00007f3a2b3770a0 RDI: 0000000000000004
[  233.380605][T12637] RBP: 00007f3a2b377090 R08: 0000000000000000 R09: 0000000000000000
[  233.380617][T12637] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  233.380630][T12637] R13: 0000000000000000 R14: 00007f3a2cf35fa0 R15: 00007ffdcd3481a8
[  233.380655][T12637]  </TASK>
[  233.635305][T12640] loop6: detected capacity change from 0 to 512
[  233.654672][   T29] kauditd_printk_skb: 257 callbacks suppressed
[  233.654686][   T29] audit: type=1326 audit(1752459371.430:30847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.689320][   T29] audit: type=1326 audit(1752459371.470:30848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.713011][   T29] audit: type=1326 audit(1752459371.470:30849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.728676][T12640] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.736688][   T29] audit: type=1326 audit(1752459371.470:30850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.751428][T12640] ext4 filesystem being mounted at /210/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  233.772737][   T29] audit: type=1326 audit(1752459371.470:30851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.772777][   T29] audit: type=1326 audit(1752459371.470:30852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.830403][   T29] audit: type=1326 audit(1752459371.470:30853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.854025][   T29] audit: type=1326 audit(1752459371.470:30854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.877614][   T29] audit: type=1326 audit(1752459371.470:30855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.901330][   T29] audit: type=1326 audit(1752459371.470:30856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12643 comm="syz.2.3023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  233.970222][T12656] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  233.978834][T12656] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.028853][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.045496][T12659] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12659 comm=syz.4.3029
[  234.185993][T12666] program syz.6.3032 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  234.501537][T12675] netlink: 'syz.2.3035': attribute type 1 has an invalid length.
[  234.509573][T12676] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=12676 comm=syz.2.3035
[  234.571222][T12686] loop5: detected capacity change from 0 to 1024
[  234.587503][T12686] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.599919][T12686] ext4 filesystem being mounted at /590/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.608313][T12688] vhci_hcd: invalid port number 96
[  234.615595][T12688] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  234.633778][T12686] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 3: comm syz.5.3040: lblock 3 mapped to illegal pblock 3 (length 1)
[  234.650714][T12686] EXT4-fs (loop5): Remounting filesystem read-only
[  234.669640][T12694] netlink: 'syz.2.3043': attribute type 4 has an invalid length.
[  234.678210][ T3655] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.681957][T12694] netlink: 'syz.2.3043': attribute type 4 has an invalid length.
[  235.152198][T12717] loop6: detected capacity change from 0 to 512
[  235.172368][T12717] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.190455][T12717] ext4 filesystem being mounted at /216/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  235.267365][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.338415][T12733] siw: device registration error -23
[  235.645134][T12739] program syz.5.3063 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  235.720710][T12741] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3064'.
[  235.804407][T12741] loop5: detected capacity change from 0 to 512
[  235.822184][T12741] EXT4-fs (loop5): orphan cleanup on readonly fs
[  235.832949][T12741] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.3064: bad orphan inode 13
[  235.864936][T12741] ext4_test_bit(bit=12, block=18) = 1
[  235.870482][T12741] is_bad_inode(inode)=0
[  235.874679][T12741] NEXT_ORPHAN(inode)=2130706432
[  235.879612][T12741] max_ino=32
[  235.882844][T12741] i_nlink=1
[  235.923118][T12741] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  235.997547][ T3655] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.143868][T12746] loop5: detected capacity change from 0 to 8192
[  236.205660][T12753] FAULT_INJECTION: forcing a failure.
[  236.205660][T12753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.218825][T12753] CPU: 1 UID: 0 PID: 12753 Comm: syz.4.3067 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  236.218863][T12753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.218879][T12753] Call Trace:
[  236.218915][T12753]  <TASK>
[  236.218924][T12753]  __dump_stack+0x1d/0x30
[  236.218950][T12753]  dump_stack_lvl+0xe8/0x140
[  236.218974][T12753]  dump_stack+0x15/0x1b
[  236.218995][T12753]  should_fail_ex+0x265/0x280
[  236.219092][T12753]  should_fail+0xb/0x20
[  236.219134][T12753]  should_fail_usercopy+0x1a/0x20
[  236.219247][T12753]  _copy_from_user+0x1c/0xb0
[  236.219273][T12753]  ___sys_sendmsg+0xc1/0x1d0
[  236.219353][T12753]  __sys_sendmmsg+0x178/0x300
[  236.219429][T12753]  __x64_sys_sendmmsg+0x57/0x70
[  236.219522][T12753]  x64_sys_call+0x2f2f/0x2fb0
[  236.219549][T12753]  do_syscall_64+0xd2/0x200
[  236.219571][T12753]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  236.219666][T12753]  ? clear_bhb_loop+0x40/0x90
[  236.219705][T12753]  ? clear_bhb_loop+0x40/0x90
[  236.219733][T12753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.219758][T12753] RIP: 0033:0x7ffbc9dce929
[  236.219777][T12753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.219800][T12753] RSP: 002b:00007ffbc8437038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  236.219824][T12753] RAX: ffffffffffffffda RBX: 00007ffbc9ff5fa0 RCX: 00007ffbc9dce929
[  236.219915][T12753] RDX: 0000000000000002 RSI: 0000200000000ec0 RDI: 0000000000000003
[  236.219931][T12753] RBP: 00007ffbc8437090 R08: 0000000000000000 R09: 0000000000000000
[  236.219988][T12753] R10: 000000004400c800 R11: 0000000000000246 R12: 0000000000000001
[  236.220005][T12753] R13: 0000000000000000 R14: 00007ffbc9ff5fa0 R15: 00007ffe620cdb68
[  236.220030][T12753]  </TASK>
[  236.438263][T12760] siw: device registration error -23
[  236.464805][T12762] loop6: detected capacity change from 0 to 1024
[  236.466407][T12764] loop4: detected capacity change from 0 to 128
[  236.478273][T12762] EXT4-fs: inline encryption not supported
[  236.484197][T12762] EXT4-fs: Ignoring removed bh option
[  236.525670][T12762] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.575753][T12775] loop4: detected capacity change from 0 to 2048
[  236.603832][T12751] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.3068'.
[  236.608142][T12775] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  236.626284][T12778] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3072'.
[  236.659844][T12777] loop5: detected capacity change from 0 to 8192
[  236.679399][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.763505][T12795] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12795 comm=syz.5.3081
[  236.793458][T12797] siw: device registration error -23
[  236.912958][T12802] $Hÿ: renamed from bond0 (while UP)
[  236.924806][T12802] $Hÿ: entered promiscuous mode
[  236.929952][T12802] bond_slave_0: entered promiscuous mode
[  236.935701][T12802] bond_slave_1: entered promiscuous mode
[  237.150456][T11811] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.199810][T11811] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.238445][T11811] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.290695][T11811] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.309745][T12806] lo speed is unknown, defaulting to 1000
[  237.396809][T11811] bond0 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  237.417845][T11811] bond0 (unregistering): (slave ip6gretap1): Releasing backup interface
[  237.426389][T11811] bond0 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - da:84:4b:5d:59:c7 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  237.460340][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  237.514595][T11811] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  237.523705][T11811] bond_slave_0: left promiscuous mode
[  237.530647][T11811] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  237.539868][T11811] bond_slave_1: left promiscuous mode
[  237.546345][T11811] $Hÿ (unregistering): Released all slaves
[  237.576838][T11811] bond0 (unregistering): (slave veth5): Releasing backup interface
[  237.587055][T11811] bond0 (unregistering): Released all slaves
[  237.610254][T12821] batadv_slave_0: entered promiscuous mode
[  237.625123][T11811] tipc: Left network mode
[  237.626806][T12826] loop6: detected capacity change from 0 to 1024
[  237.646783][T12806] chnl_net:caif_netlink_parms(): no params data found
[  237.654066][T12826] EXT4-fs: inline encryption not supported
[  237.660398][T12826] EXT4-fs: Ignoring removed bh option
[  237.667365][T11811] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  237.674796][T11811] batman_adv: batadv0: Removing interface: batadv_slave_0
[  237.683473][T11811] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  237.686695][T12821] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3089'.
[  237.691026][T11811] batman_adv: batadv0: Removing interface: batadv_slave_1
[  237.702408][T12826] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.722751][T11811] veth1_macvtap: left promiscuous mode
[  237.728422][T11811] veth0_macvtap: left promiscuous mode
[  237.734226][T11811] veth1_vlan: left promiscuous mode
[  237.739543][T11811] veth0_vlan: left promiscuous mode
[  237.750773][T12826] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3091'.
[  237.801769][T12830] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3091'.
[  237.811646][T11811] team0 (unregistering): Port device team_slave_1 removed
[  237.821208][T11811] team0 (unregistering): Port device team_slave_0 removed
[  237.864589][T12821] hsr_slave_0: left promiscuous mode
[  237.871286][T12821] hsr_slave_1: left promiscuous mode
[  237.913211][    T9] infiniband syz1: ib_query_port failed (-19)
[  237.919594][   T10] lo speed is unknown, defaulting to 1000
[  237.925412][   T10] infiniband syz0: ib_query_port failed (-19)
[  237.966644][T12820] batadv_slave_0: left promiscuous mode
[  237.985080][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.021445][T12806] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.028692][T12806] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.037971][T12806] bridge_slave_0: entered allmulticast mode
[  238.044593][T12806] bridge_slave_0: entered promiscuous mode
[  238.046182][T12844] FAULT_INJECTION: forcing a failure.
[  238.046182][T12844] name failslab, interval 1, probability 0, space 0, times 0
[  238.051770][T12806] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.063249][T12844] CPU: 1 UID: 0 PID: 12844 Comm: syz.6.3094 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  238.063343][T12844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.063434][T12844] Call Trace:
[  238.063443][T12844]  <TASK>
[  238.063454][T12844]  __dump_stack+0x1d/0x30
[  238.063483][T12844]  dump_stack_lvl+0xe8/0x140
[  238.063510][T12844]  dump_stack+0x15/0x1b
[  238.063534][T12844]  should_fail_ex+0x265/0x280
[  238.063637][T12844]  should_failslab+0x8c/0xb0
[  238.063668][T12844]  kmem_cache_alloc_node_noprof+0x57/0x320
[  238.063705][T12844]  ? __alloc_skb+0x101/0x320
[  238.063797][T12844]  __alloc_skb+0x101/0x320
[  238.063833][T12844]  ? audit_log_start+0x365/0x6c0
[  238.063877][T12844]  audit_log_start+0x380/0x6c0
[  238.063931][T12844]  audit_seccomp+0x48/0x100
[  238.063963][T12844]  ? __seccomp_filter+0x68c/0x10d0
[  238.064070][T12844]  __seccomp_filter+0x69d/0x10d0
[  238.064097][T12844]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  238.064178][T12844]  ? vfs_write+0x75e/0x8e0
[  238.064237][T12844]  ? __rcu_read_unlock+0x4f/0x70
[  238.064268][T12844]  ? __fget_files+0x184/0x1c0
[  238.064308][T12844]  __secure_computing+0x82/0x150
[  238.064339][T12844]  syscall_trace_enter+0xcf/0x1e0
[  238.064371][T12844]  do_syscall_64+0xac/0x200
[  238.064396][T12844]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  238.064465][T12844]  ? clear_bhb_loop+0x40/0x90
[  238.064518][T12844]  ? clear_bhb_loop+0x40/0x90
[  238.064550][T12844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.064641][T12844] RIP: 0033:0x7f3a2cd0e929
[  238.064664][T12844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.064690][T12844] RSP: 002b:00007f3a2b377038 EFLAGS: 00000246 ORIG_RAX: 000000000000000d
[  238.064752][T12844] RAX: ffffffffffffffda RBX: 00007f3a2cf35fa0 RCX: 00007f3a2cd0e929
[  238.064770][T12844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000019
[  238.064788][T12844] RBP: 00007f3a2b377090 R08: 0000000000000000 R09: 0000000000000000
[  238.064805][T12844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.064895][T12844] R13: 0000000000000000 R14: 00007f3a2cf35fa0 R15: 00007ffdcd3481a8
[  238.064920][T12844]  </TASK>
[  238.283790][T12847] loop6: detected capacity change from 0 to 512
[  238.290070][T12806] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.308883][T12806] bridge_slave_1: entered allmulticast mode
[  238.315444][T12806] bridge_slave_1: entered promiscuous mode
[  238.322074][T12841] lo speed is unknown, defaulting to 1000
[  238.334602][T12841] lo speed is unknown, defaulting to 1000
[  238.343130][T12847] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.345709][T12806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  238.366041][T12806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  238.376999][T12847] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  238.388723][T12841] lo speed is unknown, defaulting to 1000
[  238.394720][T12847] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.3096: corrupted inode contents
[  238.408348][T12847] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #2: comm syz.6.3096: mark_inode_dirty error
[  238.410973][T12841] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  238.429170][T12806] team0: Port device team_slave_0 added
[  238.432780][T12847] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.3096: corrupted inode contents
[  238.436788][T12806] team0: Port device team_slave_1 added
[  238.458149][T12847] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.3096: mark_inode_dirty error
[  238.480230][T12841] lo speed is unknown, defaulting to 1000
[  238.487653][T12806] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.494720][T12806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.520671][T12806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.533023][T12841] lo speed is unknown, defaulting to 1000
[  238.539242][T12841] lo speed is unknown, defaulting to 1000
[  238.545415][T12841] lo speed is unknown, defaulting to 1000
[  238.553825][T12841] lo speed is unknown, defaulting to 1000
[  238.564317][T12806] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.571362][T12806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.597545][T12806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.657821][T12806] hsr_slave_0: entered promiscuous mode
[  238.664097][T12806] hsr_slave_1: entered promiscuous mode
[  238.679935][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.690110][T12806] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.701252][T12806] Cannot create hsr debugfs directory
[  238.737581][   T29] kauditd_printk_skb: 94 callbacks suppressed
[  238.737618][   T29] audit: type=1326 audit(1752459376.520:30949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2cd0e929 code=0x7ffc0000
[  238.784399][   T29] audit: type=1326 audit(1752459376.550:30950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a2cd0e929 code=0x7ffc0000
[  238.808294][   T29] audit: type=1326 audit(1752459376.550:30951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2cd0e929 code=0x7ffc0000
[  238.832193][   T29] audit: type=1326 audit(1752459376.550:30952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3a2cd0e929 code=0x7ffc0000
[  238.855926][   T29] audit: type=1326 audit(1752459376.550:30953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3a2cd0e963 code=0x7ffc0000
[  238.886844][   T29] audit: type=1326 audit(1752459376.670:30954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3a2cd0d3df code=0x7ffc0000
[  238.919264][   T29] audit: type=1326 audit(1752459376.700:30955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3a2cd0e9b7 code=0x7ffc0000
[  238.945146][T12856] loop6: detected capacity change from 0 to 8192
[  238.972083][   T29] audit: type=1326 audit(1752459376.730:30956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a2cd0d290 code=0x7ffc0000
[  238.995889][   T29] audit: type=1326 audit(1752459376.730:30957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a2cd0e52b code=0x7ffc0000
[  239.019532][   T29] audit: type=1326 audit(1752459376.740:30958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12854 comm="syz.6.3098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3a2cd0d58a code=0x7ffc0000
[  239.128972][T12866] lo speed is unknown, defaulting to 1000
[  239.191832][T12866] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  239.209248][T12806] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  239.235552][T12806] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  239.247361][T12879] loop6: detected capacity change from 0 to 1024
[  239.257622][T12806] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  239.276657][T12806] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  239.287033][T12879] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.301734][T12879] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.354961][T12892] loop4: detected capacity change from 0 to 512
[  239.365707][T12879] EXT4-fs error (device loop6): ext4_map_blocks:816: inode #15: block 3: comm syz.6.3107: lblock 3 mapped to illegal pblock 3 (length 1)
[  239.376776][T12806] 8021q: adding VLAN 0 to HW filter on device bond0
[  239.388001][T12892] EXT4-fs: Ignoring removed nomblk_io_submit option
[  239.393213][T12806] 8021q: adding VLAN 0 to HW filter on device team0
[  239.405602][T12892] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  239.415348][T12879] EXT4-fs (loop6): Remounting filesystem read-only
[  239.415361][T11811] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.429054][T11811] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.453611][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.455068][T12806] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  239.473196][T12806] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  239.495492][T12892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.511297][T11811] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.518455][T11811] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.529653][T12892] ext4 filesystem being mounted at /589/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.649932][T12806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  239.657142][T12902] loop6: detected capacity change from 0 to 8192
[  239.854230][T12927] loop6: detected capacity change from 0 to 2048
[  239.860727][T12806] veth0_vlan: entered promiscuous mode
[  239.871364][T12806] veth1_vlan: entered promiscuous mode
[  239.889576][T12927] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  239.903060][T12806] veth0_macvtap: entered promiscuous mode
[  239.913989][T12806] veth1_macvtap: entered promiscuous mode
[  239.926112][T12806] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.938529][T12806] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.947460][T12806] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.956345][T12806] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.965192][T12806] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.974046][T12806] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.049909][T12951] FAULT_INJECTION: forcing a failure.
[  240.049909][T12951] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.063096][T12951] CPU: 1 UID: 0 PID: 12951 Comm: syz.5.3121 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  240.063132][T12951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  240.063149][T12951] Call Trace:
[  240.063201][T12951]  <TASK>
[  240.063211][T12951]  __dump_stack+0x1d/0x30
[  240.063305][T12951]  dump_stack_lvl+0xe8/0x140
[  240.063330][T12951]  dump_stack+0x15/0x1b
[  240.063351][T12951]  should_fail_ex+0x265/0x280
[  240.063385][T12951]  should_fail+0xb/0x20
[  240.063417][T12951]  should_fail_usercopy+0x1a/0x20
[  240.063490][T12951]  _copy_from_user+0x1c/0xb0
[  240.063516][T12951]  ___sys_recvmsg+0xaa/0x370
[  240.063539][T12951]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  240.063598][T12951]  do_recvmmsg+0x1ef/0x540
[  240.063634][T12951]  __x64_sys_recvmmsg+0xe5/0x170
[  240.063660][T12951]  x64_sys_call+0x1c6a/0x2fb0
[  240.063699][T12951]  do_syscall_64+0xd2/0x200
[  240.063716][T12951]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  240.063740][T12951]  ? clear_bhb_loop+0x40/0x90
[  240.063812][T12951]  ? clear_bhb_loop+0x40/0x90
[  240.063902][T12951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.063929][T12951] RIP: 0033:0x7fe9b673e929
[  240.063949][T12951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.063973][T12951] RSP: 002b:00007fe9b4da7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  240.064006][T12951] RAX: ffffffffffffffda RBX: 00007fe9b6965fa0 RCX: 00007fe9b673e929
[  240.064022][T12951] RDX: 0000000000001800 RSI: 0000200000001dc0 RDI: 0000000000000007
[  240.064105][T12951] RBP: 00007fe9b4da7090 R08: 0000000000000000 R09: 0000000000000000
[  240.064118][T12951] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000001
[  240.064137][T12951] R13: 0000000000000000 R14: 00007fe9b6965fa0 R15: 00007ffc2795cad8
[  240.064162][T12951]  </TASK>
[  240.284214][T12956] loop4: detected capacity change from 0 to 1024
[  240.291116][T12956] EXT4-fs: inline encryption not supported
[  240.297209][T12956] EXT4-fs: Ignoring removed bh option
[  240.325120][T12956] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3123'.
[  240.344526][T12956] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3123'.
[  240.356575][T12962] loop5: detected capacity change from 0 to 1024
[  240.366935][T12963] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12963 comm=syz.2.3124
[  240.409201][T12962] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.436991][T12962] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 3: comm syz.5.3125: lblock 3 mapped to illegal pblock 3 (length 1)
[  240.453476][T12962] EXT4-fs (loop5): Remounting filesystem read-only
[  240.511069][T12970] bridge_slave_0: left allmulticast mode
[  240.516867][T12970] bridge_slave_0: left promiscuous mode
[  240.522637][T12970] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.531575][T12970] bridge_slave_1: left allmulticast mode
[  240.537339][T12970] bridge_slave_1: left promiscuous mode
[  240.543111][T12970] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.568889][T12970] bond0: (slave bond_slave_0): Releasing backup interface
[  240.572384][T12973] loop4: detected capacity change from 0 to 512
[  240.586478][T12973] EXT4-fs: Ignoring removed nomblk_io_submit option
[  240.593602][T12973] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  240.605496][T12970] bond0: (slave bond_slave_1): Releasing backup interface
[  240.614958][T12973] ext4 filesystem being mounted at /592/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.626862][T12970] team0: Port device team_slave_0 removed
[  240.635481][T12970] team0: Port device team_slave_1 removed
[  240.643117][T12970] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.650637][T12970] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.660699][T12970] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  240.668321][T12970] batman_adv: batadv0: Removing interface: batadv_slave_1
[  240.781764][T12999] loop6: detected capacity change from 0 to 1024
[  240.791143][T12997] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3134'.
[  240.827897][T13003] loop5: detected capacity change from 0 to 1024
[  240.833681][T12999] hub 9-0:1.0: USB hub found
[  240.839122][T12999] hub 9-0:1.0: 8 ports detected
[  240.847917][T13003] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.862530][T13003] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 3: comm syz.5.3137: lblock 3 mapped to illegal pblock 3 (length 1)
[  240.889840][T13003] EXT4-fs (loop5): Remounting filesystem read-only
[  240.930892][T13013] FAULT_INJECTION: forcing a failure.
[  240.930892][T13013] name failslab, interval 1, probability 0, space 0, times 0
[  240.943634][T13013] CPU: 1 UID: 0 PID: 13013 Comm: syz.6.3140 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  240.943689][T13013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  240.943704][T13013] Call Trace:
[  240.943709][T13013]  <TASK>
[  240.943717][T13013]  __dump_stack+0x1d/0x30
[  240.943742][T13013]  dump_stack_lvl+0xe8/0x140
[  240.943765][T13013]  dump_stack+0x15/0x1b
[  240.943827][T13013]  should_fail_ex+0x265/0x280
[  240.943924][T13013]  should_failslab+0x8c/0xb0
[  240.943953][T13013]  kmem_cache_alloc_noprof+0x50/0x310
[  240.944019][T13013]  ? dst_alloc+0xbd/0x100
[  240.944110][T13013]  dst_alloc+0xbd/0x100
[  240.944171][T13013]  ? __ip_select_ident+0xf2/0x1a0
[  240.944219][T13013]  ip_route_output_key_hash_rcu+0xf16/0x1440
[  240.944247][T13013]  ? ip_route_output_key_hash_rcu+0xde1/0x1440
[  240.944277][T13013]  ip_route_output_key_hash+0x7a/0xb0
[  240.944368][T13013]  tcp_v4_connect+0x3d5/0xac0
[  240.944397][T13013]  __inet_stream_connect+0x166/0x7e0
[  240.944554][T13013]  ? _raw_spin_unlock_bh+0x36/0x40
[  240.944578][T13013]  ? release_sock+0x116/0x150
[  240.944604][T13013]  ? _raw_spin_unlock_bh+0x36/0x40
[  240.944709][T13013]  ? lock_sock_nested+0x112/0x140
[  240.944732][T13013]  ? selinux_netlbl_socket_connect+0x115/0x130
[  240.944771][T13013]  inet_stream_connect+0x44/0x70
[  240.944873][T13013]  ? __pfx_inet_stream_connect+0x10/0x10
[  240.944906][T13013]  __sys_connect+0x1ef/0x2b0
[  240.944940][T13013]  __x64_sys_connect+0x3f/0x50
[  240.945006][T13013]  x64_sys_call+0x1daa/0x2fb0
[  240.945028][T13013]  do_syscall_64+0xd2/0x200
[  240.945045][T13013]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  240.945073][T13013]  ? clear_bhb_loop+0x40/0x90
[  240.945094][T13013]  ? clear_bhb_loop+0x40/0x90
[  240.945139][T13013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.945160][T13013] RIP: 0033:0x7f3a2cd0e929
[  240.945176][T13013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.945207][T13013] RSP: 002b:00007f3a2b377038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  240.945226][T13013] RAX: ffffffffffffffda RBX: 00007f3a2cf35fa0 RCX: 00007f3a2cd0e929
[  240.945239][T13013] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000003
[  240.945303][T13013] RBP: 00007f3a2b377090 R08: 0000000000000000 R09: 0000000000000000
[  240.945321][T13013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.945337][T13013] R13: 0000000000000000 R14: 00007f3a2cf35fa0 R15: 00007ffdcd3481a8
[  240.945382][T13013]  </TASK>
[  241.219616][T13019] siw: device registration error -23
[  241.271247][T13024] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13024 comm=syz.5.3141
[  241.421246][T13037] loop6: detected capacity change from 0 to 128
[  241.444638][T13039] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3147'.
[  241.455094][T13037] bio_check_eod: 4 callbacks suppressed
[  241.455211][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.455211][T13037] loop6: rw=2049, sector=132, nr_sectors = 8 limit=128
[  241.475582][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.475582][T13037] loop6: rw=2049, sector=148, nr_sectors = 8 limit=128
[  241.490481][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.490481][T13037] loop6: rw=2049, sector=142, nr_sectors = 1 limit=128
[  241.503679][T13037] buffer_io_error: 2 callbacks suppressed
[  241.503691][T13037] Buffer I/O error on dev loop6, logical block 142, lost async page write
[  241.519919][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.519919][T13037] loop6: rw=2049, sector=143, nr_sectors = 1 limit=128
[  241.533217][T13037] Buffer I/O error on dev loop6, logical block 143, lost async page write
[  241.542925][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.542925][T13037] loop6: rw=2049, sector=144, nr_sectors = 1 limit=128
[  241.556228][T13037] Buffer I/O error on dev loop6, logical block 144, lost async page write
[  241.566949][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.566949][T13037] loop6: rw=2049, sector=145, nr_sectors = 1 limit=128
[  241.580074][T13037] Buffer I/O error on dev loop6, logical block 145, lost async page write
[  241.580815][T13045] loop4: detected capacity change from 0 to 1024
[  241.588974][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.588974][T13037] loop6: rw=2049, sector=146, nr_sectors = 1 limit=128
[  241.608295][T13037] Buffer I/O error on dev loop6, logical block 146, lost async page write
[  241.613276][T13046] lo speed is unknown, defaulting to 1000
[  241.631313][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.631313][T13037] loop6: rw=2049, sector=147, nr_sectors = 1 limit=128
[  241.644515][T13037] Buffer I/O error on dev loop6, logical block 147, lost async page write
[  241.653299][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.653299][T13037] loop6: rw=2049, sector=156, nr_sectors = 1 limit=128
[  241.666529][T13037] Buffer I/O error on dev loop6, logical block 156, lost async page write
[  241.675263][T13037] wÞ£ÿ: attempt to access beyond end of device
[  241.675263][T13037] loop6: rw=2049, sector=157, nr_sectors = 1 limit=128
[  241.676530][T13045] ext4 filesystem being mounted at /595/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.688466][T13037] Buffer I/O error on dev loop6, logical block 157, lost async page write
[  241.689420][T13037] Buffer I/O error on dev loop6, logical block 160, lost async page write
[  241.716404][T13037] Buffer I/O error on dev loop6, logical block 161, lost async page write
[  241.750714][T13045] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 3: comm syz.4.3150: lblock 3 mapped to illegal pblock 3 (length 1)
[  241.766213][T13045] EXT4-fs (loop4): Remounting filesystem read-only
[  241.847987][T13053] vxcan1: tx address claim with dest, not broadcast
[  241.920568][T13065] loop5: detected capacity change from 0 to 1024
[  241.945378][T13065] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  241.959021][T13065] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  241.988155][T13065] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[  241.996643][T13068] loop4: detected capacity change from 0 to 8192
[  242.001376][T13065] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 2: comm syz.5.3158: lblock 2 mapped to illegal pblock 2 (length 1)
[  242.040548][T13065] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 48: comm syz.5.3158: lblock 0 mapped to illegal pblock 48 (length 1)
[  242.055089][T13065] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3158: Failed to acquire dquot type 0
[  242.067734][T13065] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  242.077611][T13065] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.3158: mark_inode_dirty error
[  242.089977][T13065] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  242.100588][T13065] EXT4-fs (loop5): 1 orphan inode deleted
[  242.111096][ T4152] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:34: lblock 1 mapped to illegal pblock 1 (length 1)
[  242.129146][ T4152] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:34: Failed to release dquot type 0
[  242.155126][T13065] EXT4-fs error (device loop5): __ext4_get_inode_loc:4792: comm syz.5.3158: Invalid inode table block 1 in block_group 0
[  242.177972][ T3306] syz_tun (unregistering): left allmulticast mode
[  242.189175][T13065] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  242.202191][T13065] EXT4-fs error (device loop5): ext4_quota_off:7217: inode #3: comm syz.5.3158: mark_inode_dirty error
[  242.224536][T13065] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3158'.
[  242.310936][T13080] lo speed is unknown, defaulting to 1000
[  242.322196][T13097] loop5: detected capacity change from 0 to 512
[  242.333838][ T1788] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.361291][T13097] ext4 filesystem being mounted at /17/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  242.400050][ T1788] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.424845][T13080] chnl_net:caif_netlink_parms(): no params data found
[  242.474651][ T1788] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.492566][T13080] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.492650][T13080] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.492722][T13080] bridge_slave_0: entered allmulticast mode
[  242.493430][T13080] bridge_slave_0: entered promiscuous mode
[  242.520887][T13080] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.520926][T13080] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.521032][T13080] bridge_slave_1: entered allmulticast mode
[  242.521497][T13080] bridge_slave_1: entered promiscuous mode
[  242.563112][ T1788] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.576646][T13080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.578141][T13080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.597574][T13112] loop6: detected capacity change from 0 to 164
[  242.604866][T13112] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  242.614361][T13112] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  242.622768][T13112] Symlink component flag not implemented
[  242.622779][T13112] Symlink component flag not implemented
[  242.623065][T13112] Symlink component flag not implemented (7)
[  242.623077][T13112] Symlink component flag not implemented (116)
[  242.658759][T13080] team0: Port device team_slave_0 added
[  242.659875][T13080] team0: Port device team_slave_1 added
[  242.670671][ T1788] bridge_slave_1: left allmulticast mode
[  242.670687][ T1788] bridge_slave_1: left promiscuous mode
[  242.670894][ T1788] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.671606][ T1788] bridge_slave_0: left allmulticast mode
[  242.695639][ T1788] bridge_slave_0: left promiscuous mode
[  242.695742][ T1788] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.079515][ T1788] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  243.079647][ T1788] bond_slave_0: left promiscuous mode
[  243.095016][ T1788] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  243.095280][ T1788] bond_slave_1: left promiscuous mode
[  243.098714][ T1788] $Hÿ (unregistering): Released all slaves
[  243.132459][T13080] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.139686][T13080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.165770][T13080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.166982][T13080] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.166994][T13080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.167106][T13080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.224517][ T1788] tipc: Left network mode
[  243.236636][T13080] hsr_slave_0: entered promiscuous mode
[  243.243554][T13080] hsr_slave_1: entered promiscuous mode
[  243.250983][T13080] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.258708][T13080] Cannot create hsr debugfs directory
[  243.278958][ T1788] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.286794][ T1788] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.301498][ T1788] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.309075][ T1788] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.322440][ T1788] veth1_macvtap: left promiscuous mode
[  243.328045][ T1788] veth0_macvtap: left promiscuous mode
[  243.333720][ T1788] veth1_vlan: left promiscuous mode
[  243.340413][ T1788] veth0_vlan: left promiscuous mode
[  243.437881][ T1788] team0 (unregistering): Port device team_slave_1 removed
[  243.450121][ T1788] team0 (unregistering): Port device team_slave_0 removed
[  243.494507][   T23] lo speed is unknown, defaulting to 1000
[  243.500333][   T23] infiniband syz0: ib_query_port failed (-19)
[  243.619069][T13127] loop6: detected capacity change from 0 to 128
[  243.843068][T13080] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  243.853415][T13080] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  243.862780][T13080] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  243.871368][T13137] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13137 comm=syz.2.3180
[  243.878276][T13080] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  243.884503][   T29] kauditd_printk_skb: 199 callbacks suppressed
[  243.884521][   T29] audit: type=1107 audit(1752459381.660:31155): pid=13135 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  243.944320][T13080] 8021q: adding VLAN 0 to HW filter on device bond0
[  243.959299][T13080] 8021q: adding VLAN 0 to HW filter on device team0
[  243.969580][ T4152] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.976767][ T4152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.990073][ T4152] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.997309][ T4152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.020519][T13080] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  244.031025][T13080] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  244.104526][T13080] 8021q: adding VLAN 0 to HW filter on device batadv0
[  244.220365][T13159] loop5: detected capacity change from 0 to 8192
[  244.228978][T13164] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3185'.
[  244.238919][T13164] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3185'.
[  244.274750][T13080] veth0_vlan: entered promiscuous mode
[  244.293699][T13080] veth1_vlan: entered promiscuous mode
[  244.313507][T13080] veth0_macvtap: entered promiscuous mode
[  244.319466][T13175] loop5: detected capacity change from 0 to 128
[  244.321684][T13080] veth1_macvtap: entered promiscuous mode
[  244.337376][T13175] $Hÿ: renamed from bond0 (while UP)
[  244.344624][T13175] $Hÿ: entered promiscuous mode
[  244.353812][T13080] batman_adv: batadv0: Interface activated: batadv_slave_0
[  244.366009][T13080] batman_adv: batadv0: Interface activated: batadv_slave_1
[  244.376227][T13080] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  244.384992][T13080] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  244.393798][T13080] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  244.402684][T13080] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  244.433888][   T29] audit: type=1326 audit(1752459382.210:31156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13178 comm="syz.5.3190" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe9b673e929 code=0x0
[  244.488862][T13184] loop4: detected capacity change from 0 to 1024
[  244.508384][T13184] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.528648][T13184] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 3: comm syz.4.3191: lblock 3 mapped to illegal pblock 3 (length 1)
[  244.543455][T13184] EXT4-fs (loop4): Remounting filesystem read-only
[  244.569979][T13186] loop6: detected capacity change from 0 to 512
[  244.579767][T13186] ext4: Unknown parameter 'delalloc.dioread_nolock'
[  244.580022][T13191] FAULT_INJECTION: forcing a failure.
[  244.580022][T13191] name failslab, interval 1, probability 0, space 0, times 0
[  244.587434][   T29] audit: type=1326 audit(1752459382.360:31157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13190 comm="syz.4.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d661e929 code=0x7ffc0000
[  244.599258][T13191] CPU: 0 UID: 0 PID: 13191 Comm: syz.4.3193 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  244.599347][T13191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.599377][T13191] Call Trace:
[  244.599396][T13191]  <TASK>
[  244.599406][T13191]  __dump_stack+0x1d/0x30
[  244.599437][T13191]  dump_stack_lvl+0xe8/0x140
[  244.599465][T13191]  dump_stack+0x15/0x1b
[  244.599487][T13191]  should_fail_ex+0x265/0x280
[  244.599531][T13191]  should_failslab+0x8c/0xb0
[  244.599636][T13191]  kmem_cache_alloc_node_noprof+0x57/0x320
[  244.599673][T13191]  ? __alloc_skb+0x101/0x320
[  244.599713][T13191]  __alloc_skb+0x101/0x320
[  244.599810][T13191]  ? audit_log_start+0x365/0x6c0
[  244.599854][T13191]  audit_log_start+0x380/0x6c0
[  244.599903][T13191]  audit_seccomp+0x48/0x100
[  244.599989][T13191]  ? __seccomp_filter+0x68c/0x10d0
[  244.600020][T13191]  __seccomp_filter+0x69d/0x10d0
[  244.600056][T13191]  ? user_path_at+0x59/0x130
[  244.600101][T13191]  __secure_computing+0x82/0x150
[  244.600130][T13191]  syscall_trace_enter+0xcf/0x1e0
[  244.600164][T13191]  do_syscall_64+0xac/0x200
[  244.600187][T13191]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  244.600290][T13191]  ? clear_bhb_loop+0x40/0x90
[  244.600319][T13191]  ? clear_bhb_loop+0x40/0x90
[  244.600349][T13191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.600378][T13191] RIP: 0033:0x7fe5d661d33c
[  244.600399][T13191] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  244.600424][T13191] RSP: 002b:00007fe5d4c87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  244.600479][T13191] RAX: ffffffffffffffda RBX: 00007fe5d6845fa0 RCX: 00007fe5d661d33c
[  244.600497][T13191] RDX: 000000000000000f RSI: 00007fe5d4c870a0 RDI: 0000000000000003
[  244.600515][T13191] RBP: 00007fe5d4c87090 R08: 0000000000000000 R09: 0000000000000000
[  244.600537][T13191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.600553][T13191] R13: 0000000000000000 R14: 00007fe5d6845fa0 R15: 00007ffd18455ac8
[  244.600610][T13191]  </TASK>
[  244.600626][T13191] audit: audit_lost=9 audit_rate_limit=0 audit_backlog_limit=64
[  244.622824][   T29] audit: type=1326 audit(1752459382.360:31158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13190 comm="syz.4.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d661e929 code=0x7ffc0000
[  244.635406][T13191] audit: out of memory in audit_log_start
[  244.741769][T13186] vxcan1: tx address claim with dest, not broadcast
[  244.743943][   T29] audit: type=1326 audit(1752459382.360:31159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13190 comm="syz.4.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe5d661d290 code=0x7ffc0000
[  244.744052][   T29] audit: type=1326 audit(1752459382.360:31160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13190 comm="syz.4.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe5d661d3df code=0x7ffc0000
[  244.744086][   T29] audit: type=1326 audit(1752459382.360:31161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13190 comm="syz.4.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7fe5d661e929 code=0x7ffc0000
[  244.744610][   T29] audit: type=1326 audit(1752459382.420:31162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13190 comm="syz.4.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe5d661d3df code=0x7ffc0000
[  244.773041][T13195] loop4: detected capacity change from 0 to 2048
[  245.072307][T13208] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3198'.
[  245.081412][T13208] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3198'.
[  245.090402][T13208] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3198'.
[  245.099783][T13208] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3198'.
[  245.102348][T13201] loop4: detected capacity change from 0 to 8192
[  245.109061][T13208] netlink: 'syz.6.3198': attribute type 6 has an invalid length.
[  245.110718][T13208] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3198'.
[  245.172508][T13211] loop4: detected capacity change from 0 to 1024
[  245.183219][T13211] EXT4-fs: inline encryption not supported
[  245.189763][T13211] EXT4-fs: Ignoring removed bh option
[  245.219969][T13211] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3199'.
[  245.231144][T13211] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3199'.
[  245.471640][T13237] smc: net device bond0 applied user defined pnetid SYZ2
[  245.486564][T13243] loop4: detected capacity change from 0 to 1024
[  245.497395][T13243] EXT4-fs: inline encryption not supported
[  245.503592][T13243] EXT4-fs: Ignoring removed bh option
[  245.574163][T13252] loop5: detected capacity change from 0 to 8192
[  245.623180][T13260] xt_HMARK: proto mask must be zero with L3 mode
[  245.633480][T13262] loop5: detected capacity change from 0 to 128
[  245.643407][T13264] netlink: 'syz.4.3220': attribute type 21 has an invalid length.
[  245.644390][T13262] ext4 filesystem being mounted at /30/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  245.651335][T13264] netlink: 'syz.4.3220': attribute type 4 has an invalid length.
[  245.758196][T13272] loop5: detected capacity change from 0 to 8192
[  245.796263][T13274] loop4: detected capacity change from 0 to 8192
[  245.848107][T13286] FAULT_INJECTION: forcing a failure.
[  245.848107][T13286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.861384][T13286] CPU: 1 UID: 0 PID: 13286 Comm: syz.4.3228 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  245.861431][T13286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  245.861448][T13286] Call Trace:
[  245.861456][T13286]  <TASK>
[  245.861465][T13286]  __dump_stack+0x1d/0x30
[  245.861492][T13286]  dump_stack_lvl+0xe8/0x140
[  245.861550][T13286]  dump_stack+0x15/0x1b
[  245.861574][T13286]  should_fail_ex+0x265/0x280
[  245.861698][T13286]  should_fail+0xb/0x20
[  245.861733][T13286]  should_fail_usercopy+0x1a/0x20
[  245.861821][T13286]  _copy_from_user+0x1c/0xb0
[  245.861847][T13286]  __se_sys_mount+0x10d/0x2e0
[  245.861944][T13286]  ? fput+0x8f/0xc0
[  245.861975][T13286]  ? ksys_write+0x192/0x1a0
[  245.862017][T13286]  __x64_sys_mount+0x67/0x80
[  245.862138][T13286]  x64_sys_call+0xd36/0x2fb0
[  245.862204][T13286]  do_syscall_64+0xd2/0x200
[  245.862229][T13286]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  245.862262][T13286]  ? clear_bhb_loop+0x40/0x90
[  245.862329][T13286]  ? clear_bhb_loop+0x40/0x90
[  245.862358][T13286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.862416][T13286] RIP: 0033:0x7fe5d661e929
[  245.862456][T13286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.862475][T13286] RSP: 002b:00007fe5d4c87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  245.862498][T13286] RAX: ffffffffffffffda RBX: 00007fe5d6845fa0 RCX: 00007fe5d661e929
[  245.862515][T13286] RDX: 0000200000000280 RSI: 0000200000000300 RDI: 0000000000000000
[  245.862608][T13286] RBP: 00007fe5d4c87090 R08: 0000200000000600 R09: 0000000000000000
[  245.862625][T13286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.862708][T13286] R13: 0000000000000000 R14: 00007fe5d6845fa0 R15: 00007ffd18455ac8
[  245.862734][T13286]  </TASK>
[  246.081363][T13297] loop5: detected capacity change from 0 to 1024
[  246.097207][T13297] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.122916][T13297] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 3: comm syz.5.3230: lblock 3 mapped to illegal pblock 3 (length 1)
[  246.138511][T13297] EXT4-fs (loop5): Remounting filesystem read-only
[  246.227890][T13308] loop4: detected capacity change from 0 to 128
[  246.236979][T13310] x_tables: ip6_tables: mh match: only valid for protocol 135
[  246.296932][T13311] FAULT_INJECTION: forcing a failure.
[  246.296932][T13311] name failslab, interval 1, probability 0, space 0, times 0
[  246.309654][T13311] CPU: 1 UID: 0 PID: 13311 Comm: syz.5.3235 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  246.309759][T13311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.309781][T13311] Call Trace:
[  246.309791][T13311]  <TASK>
[  246.309801][T13311]  __dump_stack+0x1d/0x30
[  246.309828][T13311]  dump_stack_lvl+0xe8/0x140
[  246.309846][T13311]  dump_stack+0x15/0x1b
[  246.309862][T13311]  should_fail_ex+0x265/0x280
[  246.309930][T13311]  should_failslab+0x8c/0xb0
[  246.310021][T13311]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  246.310054][T13311]  ? alloc_inode+0x9a/0x170
[  246.310112][T13311]  ? __rcu_read_unlock+0x4f/0x70
[  246.310210][T13311]  alloc_inode+0x9a/0x170
[  246.310288][T13311]  iget_locked+0xf4/0x5c0
[  246.310320][T13311]  ? kmem_cache_alloc_lru_noprof+0x298/0x310
[  246.310352][T13311]  ? __d_alloc+0x3d/0x350
[  246.310387][T13311]  ? strlen+0x19/0x40
[  246.310413][T13311]  kernfs_get_inode+0x2e/0x350
[  246.310486][T13311]  kernfs_iop_lookup+0x130/0x1c0
[  246.310510][T13311]  lookup_one_qstr_excl_raw+0xc7/0x1b0
[  246.310541][T13311]  filename_create+0x14a/0x290
[  246.310570][T13311]  do_mkdirat+0x52/0x3f0
[  246.310669][T13311]  __x64_sys_mkdirat+0x4c/0x60
[  246.310703][T13311]  x64_sys_call+0x2be0/0x2fb0
[  246.310723][T13311]  do_syscall_64+0xd2/0x200
[  246.310752][T13311]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  246.310785][T13311]  ? clear_bhb_loop+0x40/0x90
[  246.310845][T13311]  ? clear_bhb_loop+0x40/0x90
[  246.310870][T13311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.310891][T13311] RIP: 0033:0x7fe9b673e929
[  246.310905][T13311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.310943][T13311] RSP: 002b:00007fe9b4d86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  246.311043][T13311] RAX: ffffffffffffffda RBX: 00007fe9b6966080 RCX: 00007fe9b673e929
[  246.311060][T13311] RDX: 00000000000001ff RSI: 0000200000000000 RDI: ffffffffffffff9c
[  246.311076][T13311] RBP: 00007fe9b4d86090 R08: 0000000000000000 R09: 0000000000000000
[  246.311092][T13311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.311224][T13311] R13: 0000000000000001 R14: 00007fe9b6966080 R15: 00007ffc2795cad8
[  246.311251][T13311]  </TASK>
[  246.607654][T13318] loop6: detected capacity change from 0 to 8192
[  246.688840][T13324] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8217 sclass=netlink_route_socket pid=13324 comm=syz.2.3241
[  246.922727][T13336] Cannot find add_set index 0 as target
[  247.084891][T13345] FAULT_INJECTION: forcing a failure.
[  247.084891][T13345] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.098110][T13345] CPU: 1 UID: 0 PID: 13345 Comm: syz.4.3250 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  247.098141][T13345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  247.098154][T13345] Call Trace:
[  247.098162][T13345]  <TASK>
[  247.098248][T13345]  __dump_stack+0x1d/0x30
[  247.098284][T13345]  dump_stack_lvl+0xe8/0x140
[  247.098310][T13345]  dump_stack+0x15/0x1b
[  247.098326][T13345]  should_fail_ex+0x265/0x280
[  247.098356][T13345]  should_fail+0xb/0x20
[  247.098395][T13345]  should_fail_usercopy+0x1a/0x20
[  247.098429][T13345]  _copy_from_iter+0xcf/0xe40
[  247.098485][T13345]  ? __build_skb_around+0x1a0/0x200
[  247.098525][T13345]  ? __alloc_skb+0x223/0x320
[  247.098600][T13345]  netlink_sendmsg+0x471/0x6b0
[  247.098683][T13345]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.098702][T13345]  __sock_sendmsg+0x145/0x180
[  247.098732][T13345]  ____sys_sendmsg+0x31e/0x4e0
[  247.098773][T13345]  ___sys_sendmsg+0x17b/0x1d0
[  247.098848][T13345]  __x64_sys_sendmsg+0xd4/0x160
[  247.098922][T13345]  x64_sys_call+0x2999/0x2fb0
[  247.098946][T13345]  do_syscall_64+0xd2/0x200
[  247.099053][T13345]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  247.099093][T13345]  ? clear_bhb_loop+0x40/0x90
[  247.099124][T13345]  ? clear_bhb_loop+0x40/0x90
[  247.099158][T13345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.099197][T13345] RIP: 0033:0x7fe5d661e929
[  247.099217][T13345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.099235][T13345] RSP: 002b:00007fe5d4c87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.099258][T13345] RAX: ffffffffffffffda RBX: 00007fe5d6845fa0 RCX: 00007fe5d661e929
[  247.099273][T13345] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  247.099311][T13345] RBP: 00007fe5d4c87090 R08: 0000000000000000 R09: 0000000000000000
[  247.099327][T13345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.099343][T13345] R13: 0000000000000000 R14: 00007fe5d6845fa0 R15: 00007ffd18455ac8
[  247.099370][T13345]  </TASK>
[  247.328424][T13349] xt_HMARK: proto mask must be zero with L3 mode
[  247.489888][T13369] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13369 comm=syz.6.3259
[  247.903966][T13374] loop5: detected capacity change from 0 to 8192
[  247.920680][T13376] __nla_validate_parse: 3 callbacks suppressed
[  247.920743][T13376] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.3262'.
[  247.986662][T13378] Invalid logical block size (2)
[  248.213210][T13384] chnl_net:caif_netlink_parms(): no params data found
[  248.310127][T13401] SELinux: failed to load policy
[  248.324942][T13384] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.332441][T13384] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.340869][T13384] bridge_slave_0: entered allmulticast mode
[  248.348568][T13384] bridge_slave_0: entered promiscuous mode
[  248.359051][T13384] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.364495][T13408] FAULT_INJECTION: forcing a failure.
[  248.364495][T13408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.366399][T13384] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.379404][T13408] CPU: 1 UID: 0 PID: 13408 Comm: syz.6.3267 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  248.379443][T13408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  248.379463][T13408] Call Trace:
[  248.379470][T13408]  <TASK>
[  248.379482][T13408]  __dump_stack+0x1d/0x30
[  248.379562][T13408]  dump_stack_lvl+0xe8/0x140
[  248.379591][T13408]  dump_stack+0x15/0x1b
[  248.379695][T13408]  should_fail_ex+0x265/0x280
[  248.379738][T13408]  should_fail+0xb/0x20
[  248.379850][T13408]  should_fail_usercopy+0x1a/0x20
[  248.379927][T13408]  _copy_from_user+0x1c/0xb0
[  248.379947][T13408]  copy_from_sockptr_offset+0x66/0xa0
[  248.379976][T13408]  do_ip6t_set_ctl+0x5d1/0x840
[  248.380010][T13408]  ? kstrtoull+0x111/0x140
[  248.380085][T13408]  ? __rcu_read_unlock+0x4f/0x70
[  248.380123][T13408]  nf_setsockopt+0x196/0x1b0
[  248.380153][T13408]  ipv6_setsockopt+0x11a/0x130
[  248.380185][T13408]  tcp_setsockopt+0x95/0xb0
[  248.380267][T13408]  sock_common_setsockopt+0x69/0x80
[  248.380303][T13408]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  248.380342][T13408]  __sys_setsockopt+0x184/0x200
[  248.380448][T13408]  __x64_sys_setsockopt+0x64/0x80
[  248.380531][T13408]  x64_sys_call+0x2bd5/0x2fb0
[  248.380561][T13408]  do_syscall_64+0xd2/0x200
[  248.380586][T13408]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  248.380622][T13408]  ? clear_bhb_loop+0x40/0x90
[  248.380724][T13408]  ? clear_bhb_loop+0x40/0x90
[  248.380754][T13408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.380783][T13408] RIP: 0033:0x7f3a2cd0e929
[  248.380860][T13408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.380886][T13408] RSP: 002b:00007f3a2b377038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  248.380919][T13408] RAX: ffffffffffffffda RBX: 00007f3a2cf35fa0 RCX: 00007f3a2cd0e929
[  248.380937][T13408] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006
[  248.380950][T13408] RBP: 00007f3a2b377090 R08: 00000000000004b8 R09: 0000000000000000
[  248.380966][T13408] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000001
[  248.381038][T13408] R13: 0000000000000000 R14: 00007f3a2cf35fa0 R15: 00007ffdcd3481a8
[  248.381065][T13408]  </TASK>
[  248.464947][T13412] FAULT_INJECTION: forcing a failure.
[  248.464947][T13412] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.469989][T13384] bridge_slave_1: entered allmulticast mode
[  248.474182][T13412] CPU: 1 UID: 0 PID: 13412 Comm: syz.2.3269 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  248.474286][T13412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  248.474304][T13412] Call Trace:
[  248.474313][T13412]  <TASK>
[  248.474324][T13412]  __dump_stack+0x1d/0x30
[  248.474355][T13412]  dump_stack_lvl+0xe8/0x140
[  248.474377][T13412]  dump_stack+0x15/0x1b
[  248.474447][T13412]  should_fail_ex+0x265/0x280
[  248.474492][T13412]  should_fail+0xb/0x20
[  248.474529][T13412]  should_fail_usercopy+0x1a/0x20
[  248.474639][T13412]  strncpy_from_user+0x25/0x230
[  248.474671][T13412]  ? __kmalloc_cache_noprof+0x189/0x320
[  248.474716][T13412]  __se_sys_memfd_create+0x1ff/0x590
[  248.474857][T13412]  __x64_sys_memfd_create+0x31/0x40
[  248.474897][T13412]  x64_sys_call+0x122f/0x2fb0
[  248.474939][T13412]  do_syscall_64+0xd2/0x200
[  248.474964][T13412]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  248.475013][T13412]  ? clear_bhb_loop+0x40/0x90
[  248.475118][T13412]  ? clear_bhb_loop+0x40/0x90
[  248.475148][T13412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.475177][T13412] RIP: 0033:0x7f7d962ee929
[  248.475198][T13412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.475232][T13412] RSP: 002b:00007f7d94935e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  248.475259][T13412] RAX: ffffffffffffffda RBX: 00000000000005fc RCX: 00007f7d962ee929
[  248.475277][T13412] RDX: 00007f7d94935ef0 RSI: 0000000000000000 RDI: 00007f7d963714cc
[  248.475294][T13412] RBP: 0000200000000600 R08: 00007f7d94935bb7 R09: 00007f7d94935e40
[  248.475347][T13412] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[  248.475365][T13412] R13: 00007f7d94935ef0 R14: 00007f7d94935eb0 R15: 0000200000000380
[  248.475392][T13412]  </TASK>
[  248.584505][T13414] loop6: detected capacity change from 0 to 512
[  248.588634][T13384] bridge_slave_1: entered promiscuous mode
[  248.608429][T13414] ext4 filesystem being mounted at /273/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  248.862210][T13384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.881844][T13384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.917408][T13384] team0: Port device team_slave_0 added
[  248.926139][T13384] team0: Port device team_slave_1 added
[  248.946195][T13428] FAULT_INJECTION: forcing a failure.
[  248.946195][T13428] name failslab, interval 1, probability 0, space 0, times 0
[  248.959052][T13428] CPU: 1 UID: 0 PID: 13428 Comm: syz.6.3275 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  248.959131][T13428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  248.959154][T13428] Call Trace:
[  248.959163][T13428]  <TASK>
[  248.959174][T13428]  __dump_stack+0x1d/0x30
[  248.959199][T13428]  dump_stack_lvl+0xe8/0x140
[  248.959222][T13428]  dump_stack+0x15/0x1b
[  248.959264][T13428]  should_fail_ex+0x265/0x280
[  248.959300][T13428]  should_failslab+0x8c/0xb0
[  248.959392][T13428]  kmem_cache_alloc_noprof+0x50/0x310
[  248.959470][T13428]  ? alloc_empty_file+0x76/0x200
[  248.959500][T13428]  alloc_empty_file+0x76/0x200
[  248.959573][T13428]  dentry_open+0x2d/0x90
[  248.959622][T13428]  do_mq_open+0x3c7/0x4f0
[  248.959667][T13428]  __x64_sys_mq_open+0xcb/0x100
[  248.959736][T13428]  x64_sys_call+0x27d6/0x2fb0
[  248.959757][T13428]  do_syscall_64+0xd2/0x200
[  248.959847][T13428]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  248.959879][T13428]  ? clear_bhb_loop+0x40/0x90
[  248.959899][T13428]  ? clear_bhb_loop+0x40/0x90
[  248.959986][T13428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.960006][T13428] RIP: 0033:0x7f3a2cd0e929
[  248.960025][T13428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.960043][T13428] RSP: 002b:00007f3a2b377038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  248.960062][T13428] RAX: ffffffffffffffda RBX: 00007f3a2cf35fa0 RCX: 00007f3a2cd0e929
[  248.960078][T13428] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000b40
[  248.960094][T13428] RBP: 00007f3a2b377090 R08: 0000000000000000 R09: 0000000000000000
[  248.960189][T13428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.960200][T13428] R13: 0000000000000000 R14: 00007f3a2cf35fa0 R15: 00007ffdcd3481a8
[  248.960219][T13428]  </TASK>
[  248.961602][T13384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.114603][T13434] loop4: detected capacity change from 0 to 1024
[  249.122118][T13384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.150405][T13434] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.156243][T13384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.212882][T13434] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 3: comm syz.4.3277: lblock 3 mapped to illegal pblock 3 (length 1)
[  249.220877][T13384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.231467][T13434] EXT4-fs (loop4): Remounting filesystem read-only
[  249.233922][T13384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.266557][T13384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.293144][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  249.293165][   T29] audit: type=1326 audit(1752459387.070:31244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13439 comm="syz.2.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  249.323386][   T29] audit: type=1326 audit(1752459387.070:31245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13439 comm="syz.2.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  249.347538][   T29] audit: type=1326 audit(1752459387.070:31246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13439 comm="syz.2.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  249.371634][   T29] audit: type=1326 audit(1752459387.070:31247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13439 comm="syz.2.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  249.382553][T13442] SELinux:  Context system_u:object_r:tzdata_exec_t:s0 is not valid (left unmapped).
[  249.404774][   T29] audit: type=1326 audit(1752459387.110:31248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13439 comm="syz.2.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  249.428800][   T29] audit: type=1326 audit(1752459387.110:31249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13439 comm="syz.2.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7d962ee963 code=0x7ffc0000
[  249.452526][   T29] audit: type=1326 audit(1752459387.110:31250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13439 comm="syz.2.3279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7d962ed3df code=0x7ffc0000
[  249.475994][   T29] audit: type=1400 audit(1752459387.160:31251): avc:  denied  { mac_admin } for  pid=13441 comm="syz.6.3280" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  249.500597][   T29] audit: type=1400 audit(1752459387.180:31252): avc:  denied  { relabelto } for  pid=13441 comm="syz.6.3280" name="cgroup.procs" dev="cgroup" ino=396 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:tzdata_exec_t:s0"
[  249.528386][   T29] audit: type=1400 audit(1752459387.180:31253): avc:  denied  { associate } for  pid=13441 comm="syz.6.3280" name="cgroup.procs" dev="cgroup" ino=396 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:tzdata_exec_t:s0"
[  249.578219][T13446] sch_fq: defrate 4294967295 ignored.
[  249.586805][T13384] hsr_slave_0: entered promiscuous mode
[  249.593339][T13384] hsr_slave_1: entered promiscuous mode
[  249.599747][T13384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  249.599995][T13446] FAULT_INJECTION: forcing a failure.
[  249.599995][T13446] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.611749][T13384] Cannot create hsr debugfs directory
[  249.620443][T13446] CPU: 0 UID: 0 PID: 13446 Comm: syz.2.3282 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  249.620497][T13446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  249.620513][T13446] Call Trace:
[  249.620523][T13446]  <TASK>
[  249.620536][T13446]  __dump_stack+0x1d/0x30
[  249.620567][T13446]  dump_stack_lvl+0xe8/0x140
[  249.620637][T13446]  dump_stack+0x15/0x1b
[  249.620661][T13446]  should_fail_ex+0x265/0x280
[  249.620753][T13446]  should_fail+0xb/0x20
[  249.620790][T13446]  should_fail_usercopy+0x1a/0x20
[  249.620834][T13446]  _copy_from_user+0x1c/0xb0
[  249.620862][T13446]  __copy_msghdr+0x244/0x300
[  249.620947][T13446]  ___sys_sendmsg+0x109/0x1d0
[  249.621072][T13446]  __x64_sys_sendmsg+0xd4/0x160
[  249.621124][T13446]  x64_sys_call+0x2999/0x2fb0
[  249.621153][T13446]  do_syscall_64+0xd2/0x200
[  249.621178][T13446]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  249.621232][T13446]  ? clear_bhb_loop+0x40/0x90
[  249.621261][T13446]  ? clear_bhb_loop+0x40/0x90
[  249.621293][T13446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.621321][T13446] RIP: 0033:0x7f7d962ee929
[  249.621342][T13446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.621368][T13446] RSP: 002b:00007f7d94957038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  249.621401][T13446] RAX: ffffffffffffffda RBX: 00007f7d96515fa0 RCX: 00007f7d962ee929
[  249.621419][T13446] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  249.621448][T13446] RBP: 00007f7d94957090 R08: 0000000000000000 R09: 0000000000000000
[  249.621465][T13446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.621482][T13446] R13: 0000000000000000 R14: 00007f7d96515fa0 R15: 00007ffde5c3c848
[  249.621510][T13446]  </TASK>
[  249.914321][T13464] loop5: detected capacity change from 0 to 512
[  249.936923][T13384] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  249.950248][T13384] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  249.959395][T13464] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  249.971496][T13384] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  249.988236][T13384] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  250.008469][T13472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3291'.
[  250.018679][T13472] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3291'.
[  250.086917][T13384] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.105990][T13384] 8021q: adding VLAN 0 to HW filter on device team0
[  250.116732][T13480] loop5: detected capacity change from 0 to 8192
[  250.129773][ T4157] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.136926][ T4157] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.165910][ T4157] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.173046][ T4157] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.305772][T13384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.422755][T13499] sch_fq: defrate 4294967295 ignored.
[  250.493957][T13509] loop5: detected capacity change from 0 to 128
[  250.622279][T13384] veth0_vlan: entered promiscuous mode
[  250.634111][T13384] veth1_vlan: entered promiscuous mode
[  250.656409][T13384] veth0_macvtap: entered promiscuous mode
[  250.669197][T13384] veth1_macvtap: entered promiscuous mode
[  250.688158][T13384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.704162][T13384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.736822][T13384] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.745744][T13384] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.754532][T13384] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.763463][T13384] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.903101][T13528] loop6: detected capacity change from 0 to 8192
[  251.049076][T13532] loop7: detected capacity change from 0 to 8192
[  251.189691][T13538] 9p: Unknown access argument 18446744073709551615: -34
[  251.241046][T13542] netlink: 'syz.2.3309': attribute type 1 has an invalid length.
[  251.260379][T13542] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3309'.
[  251.268973][T13546] loop7: detected capacity change from 0 to 128
[  251.321598][T13546] $Hÿ: renamed from bond0 (while UP)
[  251.329687][T13546] $Hÿ: entered promiscuous mode
[  251.334778][T13546] bond_slave_0: entered promiscuous mode
[  251.340674][T13546] bond_slave_1: entered promiscuous mode
[  251.422296][T13570] sch_fq: defrate 4294967295 ignored.
[  251.426995][T13568] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3319'.
[  251.438064][T13568] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3319'.
[  251.540859][T13578] loop7: detected capacity change from 0 to 8192
[  251.548860][T13576] loop4: detected capacity change from 0 to 128
[  251.622617][T13592] bio_check_eod: 32 callbacks suppressed
[  251.622634][T13592] syz.4.3320: attempt to access beyond end of device
[  251.622634][T13592] loop4: rw=2049, sector=145, nr_sectors = 224 limit=128
[  251.643193][T13589] loop6: detected capacity change from 0 to 8192
[  251.643265][T13592] syz.4.3320: attempt to access beyond end of device
[  251.643265][T13592] loop4: rw=2049, sector=377, nr_sectors = 8 limit=128
[  251.671802][T13592] syz.4.3320: attempt to access beyond end of device
[  251.671802][T13592] loop4: rw=2049, sector=393, nr_sectors = 8 limit=128
[  251.695849][T13592] syz.4.3320: attempt to access beyond end of device
[  251.695849][T13592] loop4: rw=2049, sector=409, nr_sectors = 8 limit=128
[  251.724278][T13592] syz.4.3320: attempt to access beyond end of device
[  251.724278][T13592] loop4: rw=2049, sector=425, nr_sectors = 8 limit=128
[  251.757787][T13597] xt_HMARK: proto mask must be zero with L3 mode
[  251.802421][T13606] lo speed is unknown, defaulting to 1000
[  251.810078][T13606] lo speed is unknown, defaulting to 1000
[  251.816423][T13606] lo speed is unknown, defaulting to 1000
[  251.832809][T13606] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  251.851476][T13606] lo speed is unknown, defaulting to 1000
[  251.858953][T13616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3334'.
[  251.863344][T13606] lo speed is unknown, defaulting to 1000
[  251.868794][T13616] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3334'.
[  251.888832][T13606] lo speed is unknown, defaulting to 1000
[  251.894990][T13606] lo speed is unknown, defaulting to 1000
[  251.902397][T13606] lo speed is unknown, defaulting to 1000
[  251.920314][T13606] lo speed is unknown, defaulting to 1000
[  252.041734][T13633] loop7: detected capacity change from 0 to 128
[  252.144575][T13641] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.212896][T13650] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13650 comm=syz.6.3347
[  252.257726][T13641] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.309601][T13641] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.358028][T13659] loop4: detected capacity change from 0 to 128
[  252.397022][T13641] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.462534][T13673] loop5: detected capacity change from 0 to 512
[  252.465406][T13641] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.480996][T13641] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.485089][T13671] loop6: detected capacity change from 0 to 1024
[  252.493883][T13641] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.507128][T13673] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  252.507958][T13641] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.515489][T13673] EXT4-fs (loop5): orphan cleanup on readonly fs
[  252.538785][T13673] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  252.558760][T13673] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  252.566826][T13673] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3359: bg 0: block 40: padding at end of block bitmap is not set
[  252.582509][T13673] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  252.583464][T13671] EXT4-fs mount: 36 callbacks suppressed
[  252.583483][T13671] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.591702][T13673] EXT4-fs (loop5): 1 truncate cleaned up
[  252.597665][T13671] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.611835][T13673] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.660382][T12806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.670560][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.737728][T13690] loop5: detected capacity change from 0 to 512
[  252.744732][T13690] EXT4-fs: Ignoring removed nomblk_io_submit option
[  252.754623][T13688] sch_fq: defrate 4294967295 ignored.
[  252.783217][T13690] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  252.799193][T13702] sd 0:0:1:0: device reset
[  252.799694][T13690] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.837134][T13690] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.852072][T13708] sd 0:0:1:0: device reset
[  252.891191][T13712] loop7: detected capacity change from 0 to 1024
[  252.908518][T13712] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.921689][T13712] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.948773][T13384] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.057625][T13725] program syz.7.3375 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  253.122334][T13729] sch_fq: defrate 4294967295 ignored.
[  253.136999][T13730] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3376'.
[  253.153916][T13730] veth1_macvtap: left promiscuous mode
[  253.183253][T13734] sd 0:0:1:0: device reset
[  253.264968][T13744] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3382'.
[  253.275075][T13744] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3382'.
[  253.280330][T13743] loop4: detected capacity change from 0 to 1024
[  253.299668][T13743] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.314502][T13743] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.339848][T13743] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 3: comm syz.4.3383: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.356453][T13743] EXT4-fs (loop4): Remounting filesystem read-only
[  253.363378][T13741] hub 9-0:1.0: USB hub found
[  253.382812][T13741] hub 9-0:1.0: 8 ports detected
[  253.383630][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.401500][T13749] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13749 comm=syz.7.3384
[  253.579953][T12806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.694067][T13766] program syz.7.3389 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  253.729452][T13768] sd 0:0:1:0: device reset
[  253.754046][T13770] sch_fq: defrate 4294967295 ignored.
[  253.857626][T13773] sch_fq: defrate 4294967295 ignored.
[  253.876834][T13724] 9pnet_fd: p9_fd_create_tcp (13724): problem connecting socket to 127.0.0.1
[  253.936751][T13786] hub 9-0:1.0: USB hub found
[  253.963427][T13787] loop6: detected capacity change from 0 to 1024
[  253.971698][T13786] hub 9-0:1.0: 8 ports detected
[  253.986226][T13787] EXT4-fs: inline encryption not supported
[  253.992179][T13787] EXT4-fs: Ignoring removed bh option
[  254.030642][T13787] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.057030][T13794] loop5: detected capacity change from 0 to 2048
[  254.081544][T13787] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3398'.
[  254.093740][T13795] loop7: detected capacity change from 0 to 8192
[  254.106151][T13787] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3398'.
[  254.129324][T13794] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.169127][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.190961][T13794] EXT4-fs (loop5): shut down requested (0)
[  254.202237][T13794] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  254.211902][T13794] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  254.230781][T13803] loop4: detected capacity change from 0 to 1024
[  254.249473][T13803] EXT4-fs: inline encryption not supported
[  254.260939][T13807] sd 0:0:1:0: device reset
[  254.265567][T13803] EXT4-fs: Ignoring removed bh option
[  254.280747][T13809] loop7: detected capacity change from 0 to 128
[  254.298158][T13803] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.338665][T13803] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3404'.
[  254.352555][T13803] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3404'.
[  254.372697][T13822] hub 9-0:1.0: USB hub found
[  254.385239][T13822] hub 9-0:1.0: 8 ports detected
[  254.402712][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.484554][T13840] sd 0:0:1:0: device reset
[  254.593434][T13846] loop4: detected capacity change from 0 to 128
[  254.620885][T13846] $Hÿ: renamed from bond0 (while UP)
[  254.649640][T13846] $Hÿ: entered promiscuous mode
[  254.654743][T13846] bond_slave_0: entered promiscuous mode
[  254.660729][T13846] bond_slave_1: entered promiscuous mode
[  254.714890][T13853] loop6: detected capacity change from 0 to 512
[  254.747649][T13853] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  254.757613][T13853] EXT4-fs (loop6): orphan cleanup on readonly fs
[  254.759585][T13864] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3426'.
[  254.764352][T13853] __quota_error: 408 callbacks suppressed
[  254.764373][T13853] Quota error (device loop6): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  254.789600][T13853] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  254.807598][T13853] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  254.827003][T13853] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3425: bg 0: block 40: padding at end of block bitmap is not set
[  254.842494][T13864] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3426'.
[  254.854044][T13853] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  254.870712][T13853] EXT4-fs (loop6): 1 truncate cleaned up
[  254.877039][T13853] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  254.913626][T13874] loop7: detected capacity change from 0 to 1024
[  254.922381][T12806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.932086][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.944203][T13874] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.957271][T13874] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.997186][T13874] EXT4-fs error (device loop7): ext4_map_blocks:816: inode #15: block 3: comm syz.7.3429: lblock 3 mapped to illegal pblock 3 (length 1)
[  255.052551][T13874] EXT4-fs (loop7): Remounting filesystem read-only
[  255.092437][T13384] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.121302][T13895] sd 0:0:1:0: device reset
[  255.251492][   T29] audit: type=1326 audit(1752459393.030:31661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1742e929 code=0x7ffc0000
[  255.284399][T13908] loop7: detected capacity change from 0 to 2048
[  255.289982][   T29] audit: type=1326 audit(1752459393.030:31662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdb1742e929 code=0x7ffc0000
[  255.314461][   T29] audit: type=1326 audit(1752459393.030:31663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdb1742e963 code=0x7ffc0000
[  255.337986][   T29] audit: type=1326 audit(1752459393.030:31664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdb1742d3df code=0x7ffc0000
[  255.361443][   T29] audit: type=1326 audit(1752459393.030:31665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdb1742e9b7 code=0x7ffc0000
[  255.385096][   T29] audit: type=1326 audit(1752459393.060:31666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb1742d290 code=0x7ffc0000
[  255.408772][   T29] audit: type=1326 audit(1752459393.060:31667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb1742e52b code=0x7ffc0000
[  255.458004][T13908] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.500897][T13908] EXT4-fs (loop7): shut down requested (0)
[  255.522219][   T29] audit: type=1326 audit(1752459393.100:31668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdb1742d58a code=0x7ffc0000
[  255.546029][   T29] audit: type=1326 audit(1752459393.100:31669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.7.3441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdb1742d58a code=0x7ffc0000
[  255.587860][T13924] loop5: detected capacity change from 0 to 2048
[  255.612639][T13924] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.675663][T13924] EXT4-fs (loop5): shut down requested (0)
[  255.676366][T13936] sd 0:0:1:0: device reset
[  255.697452][T13924] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  255.715492][T13924] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  255.742248][T13942] sch_fq: defrate 4294967295 ignored.
[  255.782968][T13949] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13949 comm=syz.2.3452
[  255.909832][T13965] sch_fq: defrate 4294967295 ignored.
[  256.002578][T13977] loop6: detected capacity change from 0 to 128
[  256.076034][T13983] loop6: detected capacity change from 0 to 512
[  256.097819][T13983] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  256.109407][T13384] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.118933][T13983] EXT4-fs (loop6): orphan cleanup on readonly fs
[  256.134941][T13983] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  256.160351][T13983] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  256.167758][T13983] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3468: bg 0: block 40: padding at end of block bitmap is not set
[  256.186524][T13983] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  256.199576][T13983] EXT4-fs (loop6): 1 truncate cleaned up
[  256.207749][T13983] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  256.237821][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.334488][T14006] loop6: detected capacity change from 0 to 1024
[  256.347275][T14006] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.373965][T14006] hub 9-0:1.0: USB hub found
[  256.378914][T14006] hub 9-0:1.0: 8 ports detected
[  256.402285][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.431289][T12806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.443369][T14014] sch_fq: defrate 4294967295 ignored.
[  256.536770][T14022] loop5: detected capacity change from 0 to 128
[  256.661759][T14030] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3483'.
[  257.159090][T14051] program syz.2.3490 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  257.495911][T14072] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14072 comm=syz.2.3494
[  257.611280][T14081] loop6: detected capacity change from 0 to 512
[  257.656980][T14081] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  257.674545][T14081] EXT4-fs (loop6): orphan cleanup on readonly fs
[  257.683694][T14081] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  257.699238][T14081] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  257.708100][T14081] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3499: bg 0: block 40: padding at end of block bitmap is not set
[  257.722621][T14081] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  257.733260][T14081] EXT4-fs (loop6): 1 truncate cleaned up
[  257.739557][T14081] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  257.790382][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.837892][T14097] loop4: detected capacity change from 0 to 1024
[  257.878833][T14097] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.941818][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.029999][T14117] sch_fq: defrate 4294967295 ignored.
[  258.196508][T14123] loop4: detected capacity change from 0 to 2048
[  258.217383][T14123] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  258.371375][T14143] loop6: detected capacity change from 0 to 2048
[  258.392785][T14143] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  258.663607][T14169] xt_HMARK: proto mask must be zero with L3 mode
[  258.721555][T14177] __nla_validate_parse: 3 callbacks suppressed
[  258.721575][T14177] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3536'.
[  258.738104][T14177] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3536'.
[  258.775439][T14183] loop5: detected capacity change from 0 to 1024
[  258.787733][T14183] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.839693][T12806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.056180][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  259.071975][T14215] xt_HMARK: proto mask must be zero with L3 mode
[  259.256611][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  260.277385][   T29] kauditd_printk_skb: 265 callbacks suppressed
[  260.277404][   T29] audit: type=1326 audit(1752459398.060:31933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b673e929 code=0x7ffc0000
[  260.342408][   T29] audit: type=1326 audit(1752459398.060:31934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9b673e929 code=0x7ffc0000
[  260.366163][   T29] audit: type=1326 audit(1752459398.060:31935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b673e929 code=0x7ffc0000
[  260.390470][   T29] audit: type=1326 audit(1752459398.060:31936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe9b673e929 code=0x7ffc0000
[  260.414261][   T29] audit: type=1326 audit(1752459398.060:31937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe9b673e963 code=0x7ffc0000
[  260.437760][   T29] audit: type=1326 audit(1752459398.100:31938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe9b673d3df code=0x7ffc0000
[  260.438195][T14254] loop5: detected capacity change from 0 to 8192
[  260.475242][   T29] audit: type=1326 audit(1752459398.170:31939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe9b673e9b7 code=0x7ffc0000
[  260.499157][   T29] audit: type=1326 audit(1752459398.220:31940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe9b673d290 code=0x7ffc0000
[  260.522982][   T29] audit: type=1326 audit(1752459398.220:31941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe9b673e52b code=0x7ffc0000
[  260.527126][T14263] netlink: 'syz.6.3572': attribute type 27 has an invalid length.
[  260.606947][   T29] audit: type=1326 audit(1752459398.290:31942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14253 comm="syz.5.3568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe9b673d58a code=0x7ffc0000
[  260.655547][T14263] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.663047][T14263] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.674581][T14263] $Hÿ: left promiscuous mode
[  260.679644][T14263] bond_slave_0: left promiscuous mode
[  260.685451][T14263] bond_slave_1: left promiscuous mode
[  260.691142][T14263] dummy0: left promiscuous mode
[  260.757624][T14278] program syz.2.3574 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  260.769536][T14276] loop4: detected capacity change from 0 to 2048
[  260.774084][T14263] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.800332][T14263] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  260.804254][T14276] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  260.864699][T14263] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  260.873784][T14263] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  260.882803][T14263] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  260.891792][T14263] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  261.089656][T14315] xt_HMARK: proto mask must be zero with L3 mode
[  261.098503][T14315] FAULT_INJECTION: forcing a failure.
[  261.098503][T14315] name failslab, interval 1, probability 0, space 0, times 0
[  261.111341][T14315] CPU: 0 UID: 0 PID: 14315 Comm: syz.2.3584 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  261.111377][T14315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  261.111412][T14315] Call Trace:
[  261.111419][T14315]  <TASK>
[  261.111427][T14315]  __dump_stack+0x1d/0x30
[  261.111451][T14315]  dump_stack_lvl+0xe8/0x140
[  261.111473][T14315]  dump_stack+0x15/0x1b
[  261.111510][T14315]  should_fail_ex+0x265/0x280
[  261.111646][T14315]  should_failslab+0x8c/0xb0
[  261.111668][T14315]  kmem_cache_alloc_noprof+0x50/0x310
[  261.111742][T14315]  ? getname_kernel+0x3c/0x1f0
[  261.111772][T14315]  getname_kernel+0x3c/0x1f0
[  261.111794][T14315]  do_file_open_root+0xc6/0x3f0
[  261.111882][T14315]  file_open_root+0xfd/0x130
[  261.111917][T14315]  do_handle_open+0x5d0/0x650
[  261.111956][T14315]  __x64_sys_open_by_handle_at+0x44/0x50
[  261.112043][T14315]  x64_sys_call+0xaa0/0x2fb0
[  261.112063][T14315]  do_syscall_64+0xd2/0x200
[  261.112153][T14315]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  261.112189][T14315]  ? clear_bhb_loop+0x40/0x90
[  261.112213][T14315]  ? clear_bhb_loop+0x40/0x90
[  261.112234][T14315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.112254][T14315] RIP: 0033:0x7f7d962ee929
[  261.112336][T14315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.112353][T14315] RSP: 002b:00007f7d94957038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  261.112371][T14315] RAX: ffffffffffffffda RBX: 00007f7d96515fa0 RCX: 00007f7d962ee929
[  261.112383][T14315] RDX: 0200000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  261.112443][T14315] RBP: 00007f7d94957090 R08: 0000000000000000 R09: 0000000000000000
[  261.112459][T14315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.112471][T14315] R13: 0000000000000000 R14: 00007f7d96515fa0 R15: 00007ffde5c3c848
[  261.112491][T14315]  </TASK>
[  261.308052][T14313] loop6: detected capacity change from 0 to 8192
[  261.507867][T14325] loop5: detected capacity change from 0 to 128
[  261.550200][T14327] netlink: 'syz.6.3588': attribute type 16 has an invalid length.
[  261.558567][T14327] netlink: 64138 bytes leftover after parsing attributes in process `syz.6.3588'.
[  261.588436][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  261.702493][T14353] program syz.5.3590 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  261.723986][T14356] sch_fq: defrate 4294967295 ignored.
[  261.759987][T14358] loop6: detected capacity change from 0 to 128
[  261.791696][T14358] wÞ£ÿ: attempt to access beyond end of device
[  261.791696][T14358] loop6: rw=2049, sector=132, nr_sectors = 8 limit=128
[  261.812199][T14362] loop7: detected capacity change from 0 to 2048
[  261.818690][T14358] wÞ£ÿ: attempt to access beyond end of device
[  261.818690][T14358] loop6: rw=2049, sector=148, nr_sectors = 8 limit=128
[  261.852438][T14358] wÞ£ÿ: attempt to access beyond end of device
[  261.852438][T14358] loop6: rw=2049, sector=142, nr_sectors = 1 limit=128
[  261.865728][T14358] buffer_io_error: 26 callbacks suppressed
[  261.865743][T14358] Buffer I/O error on dev loop6, logical block 142, lost async page write
[  261.880607][T14358] wÞ£ÿ: attempt to access beyond end of device
[  261.880607][T14358] loop6: rw=2049, sector=143, nr_sectors = 1 limit=128
[  261.886164][T14362] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.893754][T14358] Buffer I/O error on dev loop6, logical block 143, lost async page write
[  261.912483][T14369] loop5: detected capacity change from 0 to 128
[  261.924919][T14358] wÞ£ÿ: attempt to access beyond end of device
[  261.924919][T14358] loop6: rw=2049, sector=144, nr_sectors = 1 limit=128
[  261.928356][T14362] EXT4-fs (loop7): shut down requested (0)
[  261.938096][T14358] Buffer I/O error on dev loop6, logical block 144, lost async page write
[  261.938343][T14358] wÞ£ÿ: attempt to access beyond end of device
[  261.938343][T14358] loop6: rw=2049, sector=145, nr_sectors = 1 limit=128
[  261.966064][T14358] Buffer I/O error on dev loop6, logical block 145, lost async page write
[  261.976658][T14358] wÞ£ÿ: attempt to access beyond end of device
[  261.976658][T14358] loop6: rw=2049, sector=146, nr_sectors = 1 limit=128
[  261.989848][T14358] Buffer I/O error on dev loop6, logical block 146, lost async page write
[  261.993334][T14362] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop7 ino=12
[  261.998523][T14358] wÞ£ÿ: attempt to access beyond end of device
[  261.998523][T14358] loop6: rw=2049, sector=147, nr_sectors = 1 limit=128
[  262.020476][T14358] Buffer I/O error on dev loop6, logical block 147, lost async page write
[  262.029173][T14358] wÞ£ÿ: attempt to access beyond end of device
[  262.029173][T14358] loop6: rw=2049, sector=156, nr_sectors = 1 limit=128
[  262.030580][T14362] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop7 ino=12
[  262.042247][T14358] Buffer I/O error on dev loop6, logical block 156, lost async page write
[  262.042295][T14358] wÞ£ÿ: attempt to access beyond end of device
[  262.042295][T14358] loop6: rw=2049, sector=157, nr_sectors = 1 limit=128
[  262.072859][T14358] Buffer I/O error on dev loop6, logical block 157, lost async page write
[  262.080364][T14372] netlink: 'syz.2.3601': attribute type 6 has an invalid length.
[  262.095671][T14374] loop4: detected capacity change from 0 to 2048
[  262.107898][T14358] Buffer I/O error on dev loop6, logical block 160, lost async page write
[  262.116952][T14358] Buffer I/O error on dev loop6, logical block 161, lost async page write
[  262.138433][T14374] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  262.154640][T13384] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.297355][T14402] sch_fq: defrate 4294967295 ignored.
[  262.321892][T14404] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3609'.
[  262.331550][T14404] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3609'.
[  262.960743][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  263.018683][T14423] lo speed is unknown, defaulting to 1000
[  263.111138][T14432] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3620'.
[  263.122383][T14432] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3620'.
[  263.180756][T14440] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14440 comm=wÞ£ÿ
[  263.251786][T14445] loop4: detected capacity change from 0 to 1024
[  263.276695][T14443] lo speed is unknown, defaulting to 1000
[  263.314614][T14445] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.459821][T14445] hub 9-0:1.0: USB hub found
[  263.464747][T14445] hub 9-0:1.0: 8 ports detected
[  263.493074][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.763516][T14455] sd 0:0:1:0: device reset
[  264.189204][T14469] loop4: detected capacity change from 0 to 128
[  264.339549][T14480] sch_fq: defrate 4294967295 ignored.
[  264.401964][T14488] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3638'.
[  264.426259][T14487] loop4: detected capacity change from 0 to 1024
[  264.465808][T14486] $Hÿ: left promiscuous mode
[  264.487172][T14487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.493312][T14478] loop6: detected capacity change from 0 to 8192
[  264.536524][T14486] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[  264.614267][T14486] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  264.630681][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.716863][T14492] lo speed is unknown, defaulting to 1000
[  264.838490][T14517] loop6: detected capacity change from 0 to 8192
[  264.949005][T14523] loop6: detected capacity change from 0 to 1024
[  264.980680][T14523] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.047673][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.171370][T14551] loop6: detected capacity change from 0 to 8192
[  265.201289][T14555] siw: device registration error -23
[  265.227929][T14558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.254507][T14558] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.304487][T14571] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3672'.
[  265.319345][T14571] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3672'.
[  265.330830][   T29] kauditd_printk_skb: 309 callbacks suppressed
[  265.330847][   T29] audit: type=1326 audit(1752459403.110:32252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  265.360900][   T29] audit: type=1326 audit(1752459403.110:32253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  265.393641][   T29] audit: type=1326 audit(1752459403.140:32254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  265.417373][   T29] audit: type=1326 audit(1752459403.140:32255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  265.441380][   T29] audit: type=1326 audit(1752459403.140:32256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  265.465359][   T29] audit: type=1326 audit(1752459403.140:32257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7d962ee929 code=0x7ffc0000
[  265.489001][   T29] audit: type=1326 audit(1752459403.140:32258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7d962ee963 code=0x7ffc0000
[  265.512744][   T29] audit: type=1326 audit(1752459403.160:32259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7d962ed3df code=0x7ffc0000
[  265.539085][   T29] audit: type=1326 audit(1752459403.210:32260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f7d962ee9b7 code=0x7ffc0000
[  265.565517][   T29] audit: type=1326 audit(1752459403.220:32261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14570 comm="syz.2.3673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7d962ed290 code=0x7ffc0000
[  265.594120][T14580] loop4: detected capacity change from 0 to 128
[  265.953475][T14614] loop5: detected capacity change from 0 to 1024
[  265.978886][T14614] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.000022][T14614] hub 9-0:1.0: USB hub found
[  266.005084][T14614] hub 9-0:1.0: 8 ports detected
[  266.123993][T12806] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.530978][T14645] loop6: detected capacity change from 0 to 1024
[  266.533170][T14637] program syz.7.3697 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  266.540837][T14643] loop4: detected capacity change from 0 to 2048
[  266.569154][T14645] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.587142][T14643] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  266.608904][T14653] sd 0:0:1:0: device reset
[  266.635869][T14645] hub 9-0:1.0: USB hub found
[  266.640943][T14645] hub 9-0:1.0: 8 ports detected
[  266.649740][T14655] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3703'.
[  266.661786][T14655] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3703'.
[  266.703905][ T9195] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.797297][T14673] loop7: detected capacity change from 0 to 2048
[  266.825150][T14669] loop5: detected capacity change from 0 to 8192
[  266.833774][T14673] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  266.853697][T14681] FAULT_INJECTION: forcing a failure.
[  266.853697][T14681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.866846][T14681] CPU: 0 UID: 0 PID: 14681 Comm: syz.2.3713 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  266.866927][T14681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  266.866943][T14681] Call Trace:
[  266.866950][T14681]  <TASK>
[  266.866959][T14681]  __dump_stack+0x1d/0x30
[  266.866984][T14681]  dump_stack_lvl+0xe8/0x140
[  266.867058][T14681]  dump_stack+0x15/0x1b
[  266.867079][T14681]  should_fail_ex+0x265/0x280
[  266.867199][T14681]  should_fail+0xb/0x20
[  266.867239][T14681]  should_fail_usercopy+0x1a/0x20
[  266.867291][T14681]  _copy_to_user+0x20/0xa0
[  266.867315][T14681]  simple_read_from_buffer+0xb5/0x130
[  266.867387][T14681]  proc_fail_nth_read+0x100/0x140
[  266.867428][T14681]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  266.867477][T14681]  vfs_read+0x19d/0x6f0
[  266.867525][T14681]  ? __rcu_read_unlock+0x4f/0x70
[  266.867545][T14681]  ? __rcu_read_unlock+0x4f/0x70
[  266.867571][T14681]  ? __fget_files+0x184/0x1c0
[  266.867622][T14681]  ksys_read+0xda/0x1a0
[  266.867662][T14681]  __x64_sys_read+0x40/0x50
[  266.867711][T14681]  x64_sys_call+0x2d77/0x2fb0
[  266.867731][T14681]  do_syscall_64+0xd2/0x200
[  266.867749][T14681]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  266.867781][T14681]  ? clear_bhb_loop+0x40/0x90
[  266.867830][T14681]  ? clear_bhb_loop+0x40/0x90
[  266.867857][T14681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.867876][T14681] RIP: 0033:0x7f7d962ed33c
[  266.867925][T14681] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  266.867948][T14681] RSP: 002b:00007f7d94957030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  266.867973][T14681] RAX: ffffffffffffffda RBX: 00007f7d96515fa0 RCX: 00007f7d962ed33c
[  266.867987][T14681] RDX: 000000000000000f RSI: 00007f7d949570a0 RDI: 0000000000000004
[  266.868003][T14681] RBP: 00007f7d94957090 R08: 0000000000000000 R09: 0000000000000000
[  266.868082][T14681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.868098][T14681] R13: 0000000000000000 R14: 00007f7d96515fa0 R15: 00007ffde5c3c848
[  266.868179][T14681]  </TASK>
[  267.219223][T14691] program syz.5.3714 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  267.362516][T13080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  267.381097][T14712] hub 9-0:1.0: USB hub found
[  267.386419][T14712] hub 9-0:1.0: 8 ports detected
[  267.524110][T14724] 9pnet_virtio: no channels available for device 127.0.0.1
[  267.543175][T14724] netlink: 88 bytes leftover after parsing attributes in process `syz.5.3732'.
[  267.574404][T14722] program syz.2.3731 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  267.631380][T13384] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  267.926022][T14767] loop7: detected capacity change from 0 to 1024
[  267.937620][T14759] ==================================================================
[  267.945770][T14759] BUG: KCSAN: data-race in memcpy_and_pad / release_task
[  267.952827][T14759] 
[  267.955161][T14759] write to 0xffff88810327d608 of 8 bytes by task 9195 on cpu 0:
[  267.962801][T14759]  release_task+0x6f9/0xb60
[  267.967329][T14759]  wait_consider_task+0x113f/0x1650
[  267.972558][T14759]  __do_wait+0xfa/0x510
[  267.976787][T14759]  do_wait+0xb7/0x260
[  267.980796][T14759]  kernel_wait4+0x16b/0x1e0
[  267.985331][T14759]  __x64_sys_wait4+0x91/0x120
[  267.990037][T14759]  x64_sys_call+0x26c8/0x2fb0
[  267.994743][T14759]  do_syscall_64+0xd2/0x200
[  267.999276][T14759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.005201][T14759] 
[  268.007538][T14759] read to 0xffff88810327d140 of 3200 bytes by task 14759 on cpu 1:
[  268.015453][T14759]  memcpy_and_pad+0x48/0x80
[  268.019981][T14759]  arch_dup_task_struct+0x2c/0x40
[  268.025030][T14759]  dup_task_struct+0x83/0x6a0
[  268.029727][T14759]  copy_process+0x399/0x1f90
[  268.034335][T14759]  kernel_clone+0x16c/0x5b0
[  268.038860][T14759]  __se_sys_clone3+0x1c2/0x200
[  268.043649][T14759]  __x64_sys_clone3+0x31/0x40
[  268.048353][T14759]  x64_sys_call+0x10c9/0x2fb0
[  268.053046][T14759]  do_syscall_64+0xd2/0x200
[  268.057575][T14759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.063500][T14759] 
[  268.065840][T14759] Reported by Kernel Concurrency Sanitizer on:
[  268.072000][T14759] CPU: 1 UID: 0 PID: 14759 Comm: syz.2.3743 Not tainted 6.16.0-rc5-syzkaller-00276-g5d5d62298b8b #0 PREEMPT(voluntary) 
[  268.084520][T14759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  268.094588][T14759] ==================================================================
[  268.112625][T14767] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.149409][T13384] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.