last executing test programs:

39.966051338s ago: executing program 3 (id=51):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000000), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_ext_remove_space_done\x00', r2}, 0x10)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
recvfrom(r3, 0x0, 0x0, 0x40010160, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x18000, &(0x7f0000000000), 0x80, 0x62d, &(0x7f0000000c40)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS")
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f00000002c0)={0x3, &(0x7f0000000200)=[{0x7f, 0xe, 0x4, 0xbac2}, {0xf4, 0x0, 0x6, 0x6}, {0xd546, 0x2, 0x3, 0xfffffffa}]}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000005af82de2bb92f8afcd2648b2e42cb12e661e38d29b1a60e6a262b8857e70d75bfd2011ab45987a12690df52215c287e7802bffcd2c4eff9d3d76414e896af8c28e1a888a18b46593448044ed55950892389799535540fcbb8c06c1ead8b0e4e00d460c0b89ff8866a04a99d36672d98d2bdfbff4f40a92ea34fc9ba2dc584e468af83d4486bb7d26fab8"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
r7 = add_key$fscrypt_v1(&(0x7f00000001c0), &(0x7f0000000240)={'fscrypt:', @auto=[0x0, 0x31, 0x36, 0x61, 0x62, 0x62, 0x35, 0x35, 0x39, 0x63, 0x61, 0x63, 0xa18ae7399764a12a, 0x37, 0x65, 0x37]}, &(0x7f0000000340)={0x0, "42bc5f857c6e322144d32a577ac1266b4b58307296f197effc1802f3529ceae60a5e744c9fbd903ec4db6ab31282b25c02a8c696391f74cdb6232fbe5178c19c", 0x2f}, 0x48, 0xfffffffffffffffe)
r8 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$unlink(0x9, r7, r8)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0xffffffff, {0x60, 0x0, 0x0, r5, {0x0, 0xffe0}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r9 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r9, &(0x7f0000001fc0)=""/184, 0xb8)
syz_io_uring_setup(0x4b12, &(0x7f00000006c0)={0x0, 0x5ef4, 0x4, 0x1, 0x104, 0x0, r9}, &(0x7f0000000580), &(0x7f0000000740))
sendmsg$RDMA_NLDEV_CMD_RES_GET(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="a80000000914020027bd7000fcdbdf25080001000200000008000100010000000800010001000000"], 0x28}, 0x1, 0x0, 0x0, 0x891}, 0x40004)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
fsopen(&(0x7f0000000340)='sockfs\x00', 0x1)
getsockopt$MRT6(r0, 0x29, 0xd0, 0x0, 0x0)

39.544451999s ago: executing program 3 (id=57):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000380), &(0x7f00000003c0)=r4}, 0x20)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x24, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb0}}, 0x20050800)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x13, 0x0, 0x0, 0x400}, 0x8, 0x0, 0x0, 0x48000000, 0x20000, 0x6a, 0x0})

39.48050027s ago: executing program 3 (id=58):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r1}, &(0x7f0000000a00), &(0x7f0000000a40)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20)

39.422218579s ago: executing program 3 (id=60):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
rmdir(&(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000040000000000000000000000000000000000000000000000000000100"/103], 0xfc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc8910610700fa6fa26fa7088c60897d4a6148a1c1e43f00001bde605cbeacc7f1d8f8decb035865e362ead91b1979a5ae30705b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd21142525815b91076ccb7b37b41215c184e731fb13d100323b77f613af02b6f3259d6f3ac85da4fe304ecfca2be5f4a8b3910a8f0a88d082ac161c4a3c1132831a88f199f67aca8f4698996d076250b2b75cdc7776b8cab72716149f70efb190007832c6077da0df4c63a226284cd6a2e5ec5bb28f18dd44821065b9758fd159c490421901361244c01bfa0cddbc726f2b4ceace9f9309f507e6a7135b33f418af0a63bfb480c2feced947dae1d7dc19c4f1807b17c559c27be4d18b2e0a3cf26832d7fc97cea307de1852f90317b501bf66473eb6dac986d7b5682abc3a5ea1dabde56b9e3a56ba20a65dc0df39edd5f34ed22a8f0c6594a"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="8500000061000000350000000000000085000000230000009500000000000000f4670880271e3542dfa8ba6287066c5197fabc5f7010e81a15202164afe0b737126ea6f7dc39cd340101000000000000e22ff5dde54704d25c79949c23e20100000000000000c09cc28de194f40800000000b0d3712c7e93366796c7224a0c2c0213af2ecdf3c075e3d800000104f4b1fc30dc914bc16543d4baa2bb755af3d576090c4867a7b6393e366c6386d5ec7209d031f40f3012e95752003b2f7846c744ae6af3c037102124d8eb000000000000000000000000a46aac3abe6c4d7f47ef6d02bad9dddacecf7eaa4a9779f8555ed6aea768c1f28221c110ed050000000ee282ab76ef93d96bc46a7c04b8c5324812d992a4f8dc6fcba00b1b2da951667d0276a0327b56c0ebfb19b3426887b6f1b6070e0ce1f844ce32a9988ca042dca52fbb8c1452b651ebf942f7297f7b66254c567b7983f60f2744419a2f238f173d0000003cf4fbd775d9c07d8d591a4dac60ff00a629b3b200000000000000000000000009001d004e41ff9b4d00e07ff771cea08bea1fb4c4c43f74936f333e3ae44f7ddd2fb35d4c46392ae855531b1eaf40aee8c94fd812e40f14c519a264ff3c572eecd5f6ca98b55e78f8d94f57ed7e6a3ab5dd9a4adedbdf0e58f58eb2e83500000000000000934c92002eace9a8d6f3dd008acf8a5c0fb43367806001010000000000001d41f45d90a1e19795c995ff7d0020ecccf41d81c8c510cf773171407191872d0e3e62dd578d590e62ff74d667477ac69a806d4552084a87f74fdfc117d4975576c102976c1ef70ceac9ff714bab1f59f8ebd67f2aca41706c147e3e0d3e557de0349c5ca80f10361bedc4832ae62a2b745ef6587710a82c2e27bacc81877b996a708c3a9235bdbec2cde0cf7678205439b4fd312c7106000000000000000000000000df83e1a6c37e26d8f98d7e9419275bc3bba633b47d00"/721], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0xfffff000, 0xe40, 0x0, &(0x7f0000000880)="61df712bc884fed5722780b60800", 0x0, 0x8000, 0x0, 0xfffffffffffffeca, 0x0, &(0x7f0000000000), &(0x7f0000000800)="ffe200004e379b19393a41afde6b0b1235c1278ebf59a5d4d697bc199e060b675b46d4ff37c7f91ceaa6790cd8570f080b0d2375918cd7dfcf26aa90dc6a5617be488475b892958512c8e814c24d7efc26f9f2512dec8c759773c42a2fca2735984613809a78eb", 0x0, 0x2}, 0x28)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace(0x420f, r5)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000340), 0x208002, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r7, {0x9}}, './file0\x00'})
recvmsg(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x0)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r8}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10)
mkdir(0x0, 0x50)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000c80)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

38.556476113s ago: executing program 3 (id=64):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x90000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x6}, 0x8224, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r3, 0x4, 0x6000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
ftruncate(r4, 0xc17a)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x200, &(0x7f0000000140)=<r5=>0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
dup(0xffffffffffffffff)
r7 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r7, &(0x7f0000000080), 0x208e24b)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
io_submit(r5, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r3, &(0x7f0000000000), 0x77000}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)

38.347916054s ago: executing program 3 (id=70):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x90000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x6}, 0x8224, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r3 = creat(0x0, 0x0)
fcntl$setstatus(r3, 0x4, 0x6000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
ftruncate(r4, 0xc17a)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x200, &(0x7f0000000140)=<r5=>0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESDEC=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
dup(0xffffffffffffffff)
r7 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r7, &(0x7f0000000080), 0x208e24b)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
io_submit(r5, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r3, &(0x7f0000000000), 0x77000}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)

38.335537134s ago: executing program 32 (id=70):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x90000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x6}, 0x8224, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r3 = creat(0x0, 0x0)
fcntl$setstatus(r3, 0x4, 0x6000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
ftruncate(r4, 0xc17a)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x200, &(0x7f0000000140)=<r5=>0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESDEC=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
dup(0xffffffffffffffff)
r7 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r7, &(0x7f0000000080), 0x208e24b)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
io_submit(r5, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r3, &(0x7f0000000000), 0x77000}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)

3.364769636s ago: executing program 5 (id=807):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x60000006})
unshare(0x22040080)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x42)
sendfile(r1, r1, 0x0, 0x80000000)
r2 = syz_open_dev$vcsu(&(0x7f0000000000), 0x6, 0x2100)
fgetxattr(r2, &(0x7f0000000080)=@random={'system.', 'ext4\x00'}, &(0x7f00000000c0)=""/226, 0xe2)

3.213651117s ago: executing program 5 (id=815):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

3.211210367s ago: executing program 5 (id=816):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3e72, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000640)="a675a5af2114ba4b8d49f4b884dd3228faafb8", 0x13}], 0x2}, 0x80)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x7f7f, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close_range(r1, 0xffffffffffffffff, 0x0)

3.193659097s ago: executing program 5 (id=818):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x51fe, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2(&(0x7f0000000040), 0x84800)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x30, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0xffffffffffffffb6)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000002010000000900010073797a30000000003c0000009cb7010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f540000000c0a01080000000900020073797a32000000002800038024000080080003400000000218000b80140001800c000100636f756e74657200040002800900010073797a3000000000140000001000010000000000000014000000000afd2216faa0a69624129437d62b6943417719b70516c9db6f0a4dea7ce00bdf9d4ed690a19a10598e61e8ada5a1d2a17d722cb6b12e1ae84c48b263ce8643effed87b6ec9fd586b62787d117a2ffedba09db51409615b2818639535d5bb607c0b44161cc94a6a431eb4846b66860d8a8c7c6b5e5b6bd59fd0c7e3f35e79b6f851dc460d67c3336a7b9627fc523a599a33371bc892377311b6f9c5352ebd460f2c67"], 0xd8}}, 0x0)

3.091077557s ago: executing program 5 (id=821):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x2, 0x2, 0x1)
bind$unix(r1, &(0x7f0000000000)=@abs, 0x6e) (async)
r2 = socket(0x2, 0x2, 0x1)
bind$unix(r2, &(0x7f0000000000)=@abs, 0x6e) (async)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00') (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000000dfff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000100)='kfree\x00', r6, 0x0, 0x40000000009}, 0x18) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="8b37000000000000000005"], 0x38}}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000001e80), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r10, 0x1, 0x70bd29, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x20040}, 0x20008850) (async)
preadv(r3, &(0x7f0000000840)=[{&(0x7f0000000880)=""/183, 0xb7}], 0x1, 0x180, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)={0x20, 0x1, 0x2, 0x801, 0x0, 0x0, {0x3, 0x0, 0xa}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x101}, 0x4040000)

3.000176168s ago: executing program 5 (id=825):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x90000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x6}, 0x8224, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r3, 0x4, 0x6000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
ftruncate(r4, 0xc17a)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x200, &(0x7f0000000140)=<r5=>0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRESDEC=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
dup(0xffffffffffffffff)
r7 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r7, &(0x7f0000000080), 0x208e24b)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
io_submit(r5, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r3, &(0x7f0000000000), 0x77000}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)

2.117604201s ago: executing program 2 (id=854):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000340)=@usbdevfs_connect)

2.070657961s ago: executing program 2 (id=856):
r0 = io_uring_setup(0x319, &(0x7f0000000080)={0x0, 0xfcc, 0x0, 0x2, 0x3b9})
r1 = io_uring_setup(0x8fd, &(0x7f0000000000)={0x0, 0xd06f, 0x20, 0xffffffe5, 0x310, 0x0, r0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000280)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0x0, 0x296, &(0x7f0000000540)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
r5 = openat(r4, &(0x7f0000000000)='./file0\x00', 0x0, 0x14)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000a00)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
ioctl$VFAT_IOCTL_READDIR_BOTH(r5, 0x82307201, &(0x7f0000000f40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000040)=@mangle={'mangle\x00', 0x64, 0x6, 0x500, 0x0, 0x0, 0x0, 0xd0, 0x1a0, 0x578, 0x578, 0x578, 0x578, 0x578, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x3a010000}}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@private1, @loopback, [], [], 'sit0\x00', 'veth0_virt_wifi\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x300}}, {{@ipv6={@private0, @remote, [], [], 'veth0_to_team\x00', 'tunl0\x00', {}, {}, 0x0, 0x0, 0x5}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'syzkaller1\x00', 'veth0_to_batadv\x00', {}, {}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x560)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x8004}, 0x4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a0000000000fa82a3fa211411fa0008000a40000000000900020073797a310000000009000100"], 0x6c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340"], 0xec}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x4080)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYRES16=r8, @ANYRES32=r1, @ANYRES16=r3, @ANYRESOCT=r0], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r11}, &(0x7f0000000380), &(0x7f00000003c0)=r12}, 0x20)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r13}, 0x10)
setitimer(0x1, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c00fd00020305000000000000000000000000000800010001000000"], 0x1c}}, 0x0)

1.908151622s ago: executing program 2 (id=860):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000ac9e00"/20, @ANYRES32=0x0, @ANYRES32], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
sendmsg$rds(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f00000012c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {&(0x7f0000001080)=""/148, 0x94}, &(0x7f00000011c0)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xffffffff00000001}}], 0x48, 0x8004}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000002f00)={0x0, 0x10, &(0x7f0000002ec0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000002f40)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000000)=r6, 0x4)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000200)={&(0x7f00000003c0)=""/245, 0xf5, 0x2, 0x3})
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="680000001000030400"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e0030000280080001"], 0x68}}, 0x64000004)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r11}, 0x10)
syncfs(0xffffffffffffffff)
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x4, r9, 0x6}, 0xc)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x404, &(0x7f0000000340)={[{@noblock_validity}, {@resuid}, {@journal_checksum}, {@acl}, {@acl}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")

1.781813813s ago: executing program 0 (id=863):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000340)={0x0, 0x101, 0x1, 0x80})

1.709746333s ago: executing program 0 (id=864):
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="237132b222468545928f9923023f8794d4dd0000000000000000000000000400d100000034d952b4c91b51337601e9a565647a531606848462196cd078", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_pid(r2, &(0x7f0000000980), 0x12)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
ioctl$sock_bt_hci(r4, 0x800448d2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r6, 0x5)
r7 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1)
flock(r7, 0x2)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r8, 0x5)
r9 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x30)
flock(r9, 0x2)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/locks\x00', 0x0, 0x0)
preadv(r10, &(0x7f0000000180)=[{&(0x7f0000000000)=""/72, 0x48}], 0x1, 0x0, 0x0)
dup3(r7, r6, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x200000000000006c, &(0x7f00000000c0)})
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.018714946s ago: executing program 2 (id=873):
dup(0xffffffffffffffff)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = getpid()
perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x2, 0x2, 0x9, 0x4, 0x0, 0x2, 0x200, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x1, @perf_config_ext={0x1, 0x100}, 0x2000, 0x9, 0xa4, 0x2, 0x1, 0x5, 0x1, 0x0, 0x7, 0x0, 0x2}, r0, 0x3, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x840000000002, 0x3, 0xff)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r4)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bond_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r5, @ANYBLOB="000024000000000024001200140001006272696467655f736c617665800000000c000500080005"], 0x3}}, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r4, 0x10f, 0x81, &(0x7f0000000140), &(0x7f00000001c0)=0x4)
splice(r3, 0x0, r4, 0x0, 0x10500, 0x0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r2, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000500)=[{&(0x7f0000000000)="a9050000000096580a59e200000000001000cc4f", 0x14}], 0x1}}], 0x1, 0x0)

971.442536ms ago: executing program 1 (id=874):
rename(&(0x7f0000002800)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x6, &(0x7f0000000180)=[{0x7, 0x6, 0x14, 0xa}, {0xe, 0x7, 0x5}, {0x0, 0xc0, 0x0, 0x4000}, {0x1, 0x8, 0xd, 0x6}, {0x9, 0x40, 0x3, 0xffffff01}, {0x0, 0xfc, 0x1, 0x81}]})
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000005c0)={&(0x7f0000000180), 0x10, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[], 0x38}, 0x2}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

970.460936ms ago: executing program 1 (id=877):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8983, &(0x7f0000003c40)={0x8, 'rose0\x00', {'veth0\x00'}, 0x401})
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
process_vm_writev(r3, &(0x7f0000000300)=[{&(0x7f0000000480)=""/245, 0xf5}, {&(0x7f0000000200)=""/139, 0x8b}, {&(0x7f0000000580)=""/243, 0xf3}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/24, 0x18}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000000100)=""/50, 0x32}], 0x8, &(0x7f0000003bc0)=[{&(0x7f0000003680)=""/206, 0xce}, {&(0x7f0000000380)=""/19, 0x13}, {&(0x7f0000003780)=""/194, 0xc2}, {&(0x7f0000003880)=""/156, 0x9c}, {&(0x7f0000003940)=""/220, 0xdc}, {&(0x7f0000003a40)=""/70, 0x46}, {&(0x7f0000003ac0)=""/78, 0x4e}, {&(0x7f0000003b40)=""/74, 0x4a}], 0x8, 0x0)
sendmsg$key(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

919.252546ms ago: executing program 2 (id=878):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
pipe2(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r3, 0x0, r2, 0x0, 0x6, 0x0)
dup3(r1, r2, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000100)=0x3ff)
dup3(r3, r2, 0x0)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x14, 0x2, 0x6, 0x301}, 0x14}}, 0x0)

918.718886ms ago: executing program 1 (id=879):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="050053ef7d000000e47f00"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f00000001c0)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x7}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000002c0)=0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x20, r2, 0x100, 0x0, 0x0, {0x1c}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r0}, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
socket(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000040), &(0x7f0000000080)={0x1f}, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000740)={0xe, {0x3, 0x3, 0x4, 0x37, "000c2ad9f8b2e4fc71936baf8824f867ebcc95f2285fa82113fb56d89bef2bee53e6f6449bbe7c7ffe3501c65e75d9fc863e35e48a2cca"}}, 0x43)
vmsplice(r5, &(0x7f0000000700)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x0)
close(r5)
fcntl$setlease(r4, 0x400, 0x2)
setsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f0000000080)=0x7f, 0x1)
creat(&(0x7f0000000640)='./bus\x00', 0x171)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000600)={0x0, 0x8, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014000100626f6e64300000000000000000000000140001006970766c616e31"], 0x4b0}}, 0x0)

909.715836ms ago: executing program 1 (id=880):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000)
syz_emit_ethernet(0x5e, &(0x7f0000000200)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd60fff5a000283afffe8000000000000000000000000000aafffc"], 0x0)

893.138626ms ago: executing program 1 (id=882):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000001900), 0x1, 0x762, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9GxdNttQs8mW7KY0IaAighdBxYOgl579UW/exB9X/S88SEvVtFjxIJHZzKbbZrfJpkmWup8PTPt9M7N5892Zee/tzrATQM8aTf/JRRyOiA+TiOFsfhIRA/WoP+Lk2no3V5aL6ZTE6uqrfyT1dW6sLBej6TWpg1nh0Yj48b2II7mN9VYXl2YK5XJpPiuP12bPj1cXl46emy1Ml6ZLc8cnJiePnXjmxPGdy/WvX5YOXf3opSe/PvnPu49c/uCnJE7GoWxZcx47ZTRGs/dkIH0Lb/PiTlfWZUm3N4BtSU/NvrWzPA7HcPTVIwDg/+ytiFgFAHpMov8HgB7T+B7gxspysTF19xuJvXXthYjYv5Z/4/rm2pL+7Jrd/vp10KEbyW1XRpKIGNmB+kcj4vNvX/8ynWKXrkMCtPL2d1mwof1PNtyz0KmntrDO6B1l7R/sne/T8c+zrcZ/ufXxT7QY/wy2OHe3Y/PzP3dlB6ppKx3/Pd90b9vNpvwzI31Z6YH6mG8gOXuuXErbtgcjYiwGBtPyxF3qGLv+7/V2y5rHf39+/OYXaf3p/7fWyF3pH7z9NVOFWuFecm527Z2Ix/pb5Z+s7/+kzfj39BbrePm59z9rtyzNP823MW3Mf3etXop4ouX+v3VHW3LX+xPH64fDeOOgaOGbXz8dald/8/5Pp7T+xmeBvZDu/6G75z+SNN+vWe28jp8vDf/Qbtnm+bc+/vclr9Xjfdm8i4VabX4iYl/yysb5x269tlFurJ/mP/Z4Pf8D2Sob2r9Wx3/6mfCNzRLPNqL/6u9fbT//3ZXmP9XR/u88uHxzpq9d/Vvb/5P1aCybs5X2b6sbeC/vHQAAAAAAAAAAAAAAAAAAAAAAAABsVS4iDkWSy6/HuVw+v/YM74djKFeuVGtHzlYW5qai/qzskRjINX7qcrjp91Anst/Db5SP3VF+OiIeiohPBg/Uy/lipTzV7eQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHOwzfP/U78NdnvrAIBds7/bGwAA7Dn9PwD0nk77f+MFALj/6c8BoPfo/wGg9+j/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GWnT51Kp9W/V5aLaXnqwuLCTOXC0alSdSY/u1DMFyvz5/PTlcp0uZQvVmY3+3vlSuX8ZMwtXByvlaq18eri0pnZysJc7cy52cJ06UxpYE+yAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDOVBeXZgrlcmleIBAI1oNut0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94f/AgAA///tuiN0")
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1848026, &(0x7f0000000040)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@abort}, {@nobh}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@nobh}, {@block_validity}, {@orlov}, {@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x400}}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r4}, &(0x7f00000002c0), &(0x7f0000000600)}, 0x20)
r5 = open(0x0, 0x64842, 0x0)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0)
preadv2(r6, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x7)
ioctl(r3, 0x1, &(0x7f00000004c0)="6d6f9f08566d780d2d590886fcc0d109a9992ff43636c7b65bb8b03447d247d99dbcf458cb8cb99b9707ee126576330c90de8c4b097179b968e6c6e413fe68a25abc3fc4eb986d27baf0842271f4f01daac7be113732aa925e447e7196f9193030258f1d7e7908659c4ec5e712741ab15b5424c22af12a317432db41f84e84c3c1dd0d217a9780144c85691c92c47563dbb0d4f6ce31ad550820d44cf24b53c8e5fa1e456d912487fb4fc9eafdf8f09ffd09dd8c2df3e6a3226fb5e33415e93731cd14ee1b")
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, 0xffffffffffffffff, &(0x7f0000000080))
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000003b40)={0x0, 0x0, &(0x7f0000003b00)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}]}, {0x4}, {0xc, 0x3}, {0xc}}}]}]}, 0x60}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pause()
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = socket$tipc(0x1e, 0x2, 0x0)
sendto(r9, 0x0, 0x0, 0x801, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
flistxattr(0xffffffffffffffff, &(0x7f0000000300)=""/193, 0xc1)

840.846946ms ago: executing program 0 (id=884):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000640)="a675a5af2114ba4b8d49f4b884dd3228faafb8", 0x13}], 0x2}, 0x80)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x7f7f, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close_range(r2, 0xffffffffffffffff, 0x0)

839.538026ms ago: executing program 4 (id=885):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) (async)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) (async)
ftruncate(r1, 0x100030) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) (async, rerun: 64)
r2 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000080)={'wg2\x00'}) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010800000000000000000f0000000800390000000000050038000000000008000300", @ANYRES32=r5, @ANYBLOB="48c217b3cf069e2623df45186ee129035252364c8a2d1d02de3444"], 0x2c}}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000006800010000000000000000000a00000000000000060007000a00000008000500", @ANYRES64=r2, @ANYBLOB="0800088004"], 0x30}, 0x1, 0x0, 0x0, 0x8d4}, 0x0)

789.741527ms ago: executing program 2 (id=886):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000e80)=ANY=[@ANYBLOB="9feb0100180000000000000000000000000000000200000000009ae431783d75d40f849ce793e284d9832253c157c1cca90fb968f9bdf6da0224f2c99d4b8a51bf5973d7d30ba15e927896a8491733fd2254d6128bbe82bf63ae6275d7b192fe9d54f45680f0092b83390a3f6ea01d1ed673f67bfa28abdace853dcbb9c361d281b62e19f361e75d27b2a2ff92ef89e3dfaa31d511411bf742db0fba91e413fc82253ffab0cc8ef5dbc14d070e91ff0c9a97c3d5ac834e08313baac647214c3d225fb2015e26b0b3906cf91038ce790fbf6ab1e8e0946e27b72176f276be2817c398b4c91d3fb0f4b2c736df207fc9ced40258a56f1203e7b691cbbde47f0e329114c2d361dd804eaeb86ebd76ebe6ae1a000000"], 0x0, 0x1a, 0x0, 0x0, 0xb3, 0x10000, @value}, 0x28)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x4e00, 0x0, 0x0, 0xbdff, 0x0, "fdffffffffffffff"})
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x80000000000, 0x40001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4, 0x4, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendfile(r2, r2, 0x0, 0x80000000)
r3 = dup3(r1, r0, 0x0)
r4 = getpid()
r5 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r4, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x2400, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x17)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r7, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r7, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="c9", 0x1}], 0x300}}], 0x3, 0x240080e4)

789.516377ms ago: executing program 0 (id=887):
futex(&(0x7f000000cffc)=0xffffffff, 0x5, 0x2000, 0x0, &(0x7f0000048000), 0x800000)

756.802877ms ago: executing program 4 (id=888):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2, &(0x7f00000000c0)=ANY=[@ANYBLOB="850000000e0000009500df9f00000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000580)='neigh_update\x00', r0}, 0x10) (async)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) (async)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000c0000001800038014000380100001800400030008000100020000002000018008000300020000001400020076657468315f766972745f77696669"], 0x4c}}, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='qdisc_destroy\x00', r7}, 0x18) (async)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})

756.598607ms ago: executing program 0 (id=889):
syz_emit_ethernet(0x3e, &(0x7f0000000780)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x8, 0x0, 0x0, @private2, @local, {[@hopopts={0x3b}]}}}}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[], [{@smackfstransmute={'smackfstransmute', 0x3d, '#*'}}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
lsetxattr$system_posix_acl(0x0, &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1000000000"], 0x5c, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c100000000000224e0000", 0x58}], 0x1)
r0 = memfd_create(&(0x7f00000008c0)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x84\xcdN\xf7\xf6\b~\xed_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xadNaC\xa6\xf9\xa7>c\x84\xd8\xfa\xf1\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8g8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\xea\x82\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\x0f\x8eS\xaeX\x93\x7f\xd3\xb9a\xe4\xe0\xbd\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x84\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1#\xe7N\x89\xf8\xe8+\xa1\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)2\xe2\xd6\x81\x00b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|&k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc2Ru2Ht\re\xa1\xf6\xbd\xaa\xb0\x83}i\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xed\xc8\xccH\xd1=\x81\x00\x00\x00\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xd6\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\x86C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17U\xf0\x16K\xf9&@\xb1[\xe2j$F1n@\xde\n%t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5#\x7f\xa8\x1f\x14\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebk\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x850\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96\x87\xc0e\xab\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!\xec\xf7$\xc2\xbaU \x98\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\"k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xec\x01\'\t\x89(\xf9\x98B\xaf\xde*\x91\xd5k\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\xdfC\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xc9\xcfw\xf3\x02\x1b\xde\xc3\x86\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x13\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcdQ\xdf\x83\xbdjp,\xe8\xbb\xe6\xc6Db\xa7\xd6\xcd\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd4k7L\x8a\xa3Z\xf9%{\xfax\x9a\x04\'/\x90\xe6\xe2\xe9\xf1@o\x0ez\xb8\xce\xbeF\x0fkE\xf4ry\x92n\xff\xcb\xf8e\xf3j\xc5[wK\xb1\xdb\xf7-r\xd3\x1bx\x9b$\x91\x03q\x9e@\xd8R\x11\x05|\x8f\xb4\xc9\x16\x87C\xab\x96\xc4\xef\xea\xb9\r\xf5\xf3\xbe\x8a\t\xc7\x88\xc0sL;.\xcf\x1d\xc4^\xb0l\xbb\x97\xc5\xf6n\xca\x18M\xb0\x81\xff\xa9~\xf7\xa3\xa6\xd3\x15I\xecXG\x89\xa8\b\x8b\xcc\xe8\x88\xa07Z\x03\xa8.\x7f\x16qlk\xf1\xf1y\x8c\xde\xd6|\xa1(\xf4\x12O\xca3\xf8%1\x8d\xd7\a\xfeJ\xe6\x8bc\xb3\x1bKC.\xafB\x8d\xdd\xf9\x1e\x9d\xa7\x13\x00\x14\xc7\xa1\xf3\x1e\xcb\x19\x13z`\xac\xf3\xd1x\x1b#}\xfaYR\xc5#Zoag@\x18\xfa*\xb4\xc4\x04\x03V\x87\xc5\xe7\xb5\x9bJ\x85-\x7f\xfe\xc0\xb7g\xe8\'`\x96q\x88[\xf8\xe8L\x12\x85\xf5t\x99\x0e}\xd3H\xed\xda\xf3>\xd8\x12\x8cXc5%\x03\x8d`\xdayC\x9b\x9a\xd9c\xe9\xb4\v\x99\x87\xe4\x00\x8a\x8eS\x8e\f\x05YH\xa2\x0e\xbc\x9c\x95\b2Cf6\x9a\xe7\xb9\x86\xbe\xd0\xda\x91\xc1sl\x11PA\x93\xa5\x93\xc8\xf1w\x7fp6z\xbf\xe8[\'u\xb8\xd2$K\x12\rt\x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00r\xe2`\xdf\xd2\xb3\xaf\xe9\xc4!Z\xb4&\xa2\x12\xe2i\x91kC$A\xafR\xb3\xff\x1d=\xec\x10\xb4+\x13\'\x92>\x14\x00\a\xb6R\x8b\xdcz\xc3\xd1Y\xd6\xd9;s \xb0\x938\xb7D9\xdcN\xbd\xdbn\xe35\xa7\x02\x9c\xc1\xd9\x13?\xc9\xd7\xab\x9c\xf3\x82\xd1\xee^kk\xce\xdbn\x02\x1f\x80\t\xdbr\xa9\xcc\xf1\xcb\x9f@\x8c\xfc\x02W/p\x97\xb0\xbd\x8f\xdb|n2a\xee\x95u\x83\xca\x8a>}\xd3\xd0\xff6.pa\x17\xe3e\xd2\x7f\xf6\xbc\x9d\x112\x1b\x14<B\x91\xc0{{\x9d@\xb3a\xad\x14\xe9\xcc|\xd7\xa1\xc6\xb9F\x04\xce]\xb9Y\xbd\xbd\f\xa4F;q\xec\x83\x9bM\x93\xa4\x9c\xdd\x93\xa0\x82E\x02d\xd4RAI\xd9O\x17\xa6P#\xa35\a\xf6\xbb\t>p\xa1\xd6u\xefn\xb4\xa3\x05D\x8c\xc5l\xcc\b\xeb\xf42\xe9\xf15\xf3\xf2\xee\xd6\xed\t\xb3\xf7\x1a\x7f\xe6\xb4z\x19\xe1\xb4w\xf7\xa6\xd7\\\xfa\x96\xe2', 0x7)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0x300000d, 0x13, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x2c011, r1, 0x0)

675.245717ms ago: executing program 0 (id=890):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

675.116537ms ago: executing program 4 (id=891):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, 0x0, 0x0) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94) (rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) (async)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

645.123147ms ago: executing program 4 (id=892):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="050053ef7d000000e47f00"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f00000001c0)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x7}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000002c0)=0x14)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x20, r2, 0x100, 0x0, 0x0, {0x1c}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r0}, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
socket(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000040), &(0x7f0000000080)={0x1f}, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000740)={0xe, {0x3, 0x3, 0x4, 0x37, "000c2ad9f8b2e4fc71936baf8824f867ebcc95f2285fa82113fb56d89bef2bee53e6f6449bbe7c7ffe3501c65e75d9fc863e35e48a2cca"}}, 0x43)
vmsplice(r5, &(0x7f0000000700)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x0)
close(r5)
fcntl$setlease(r4, 0x400, 0x2)
setsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f0000000080)=0x7f, 0x1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000600)={0x0, 0x8, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014000100626f6e64300000000000000000000000140001006970766c616e31"], 0x4b0}}, 0x0)

627.189137ms ago: executing program 4 (id=893):
clock_gettime(0xfffffffffffffffb, 0x0)
r0 = socket$inet(0x2, 0x5, 0x9d1f)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080)="441f0803", 0x4)

571.284328ms ago: executing program 4 (id=894):
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setsig(r0, 0xa, 0x21)
fcntl$setlease(r0, 0x400, 0x1)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
creat(0x0, 0x0)

0s ago: executing program 1 (id=895):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b) (fail_nth: 2)

kernel console output (not intermixed with test programs):

m netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.712451][   T28] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.760245][   T28] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.775867][ T3718] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   38.784614][ T3718] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   38.793289][ T3718] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   38.802006][ T3718] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   38.813951][   T28] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   38.831070][ T3718] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.838133][ T3718] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.845470][ T3718] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.852509][ T3718] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.884730][ T3718] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.898347][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.906587][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.921098][ T3718] 8021q: adding VLAN 0 to HW filter on device team0
[   38.936964][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.944093][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.952985][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.960068][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.977797][   T28] bridge_slave_1: left allmulticast mode
[   38.983588][   T28] bridge_slave_1: left promiscuous mode
[   38.989323][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.997464][   T28] bridge_slave_0: left allmulticast mode
[   39.003183][   T28] bridge_slave_0: left promiscuous mode
[   39.008867][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.107307][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   39.117881][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   39.128395][   T28] bond0 (unregistering): Released all slaves
[   39.189411][   T28] hsr_slave_0: left promiscuous mode
[   39.195264][   T28] hsr_slave_1: left promiscuous mode
[   39.201144][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   39.208642][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[   39.217877][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   39.225348][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[   39.242798][   T28] veth1_macvtap: left promiscuous mode
[   39.248353][   T28] veth0_macvtap: left promiscuous mode
[   39.253876][   T28] veth1_vlan: left promiscuous mode
[   39.259174][   T28] veth0_vlan: left promiscuous mode
[   39.281272][ T3762] loop2: detected capacity change from 0 to 2048
[   39.297686][ T3762] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.313911][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.347585][ T3766] random: crng reseeded on system resumption
[   39.454110][   T28] team0 (unregistering): Port device team_slave_1 removed
[   39.464414][   T28] team0 (unregistering): Port device team_slave_0 removed
[   39.505062][ T3767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.78'.
[   39.513942][ T3767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.78'.
[   39.522705][ T3767] netlink: 4 bytes leftover after parsing attributes in process `syz.2.78'.
[   39.537496][ T3718] 8021q: adding VLAN 0 to HW filter on device batadv0
[   39.649383][ T3718] veth0_vlan: entered promiscuous mode
[   39.658010][ T3718] veth1_vlan: entered promiscuous mode
[   39.673463][ T3718] veth0_macvtap: entered promiscuous mode
[   39.681272][ T3718] veth1_macvtap: entered promiscuous mode
[   39.691089][ T3718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.701566][ T3718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.711438][ T3718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.721936][ T3718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.731893][ T3718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.742434][ T3718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.753424][ T3718] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.761824][ T3718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.772373][ T3718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.782285][ T3718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.792844][ T3718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.802684][ T3718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.813269][ T3718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.824037][ T3718] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.835505][ T3718] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.844227][ T3718] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.853010][ T3718] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.861827][ T3718] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.968760][ T3791] loop0: detected capacity change from 0 to 512
[   39.976317][ T3791] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   39.984462][ T3791] EXT4-fs (loop0): orphan cleanup on readonly fs
[   39.990930][ T3791] EXT4-fs error (device loop0): ext4_quota_enable:7049: comm syz.0.80: Bad quota inum: 1, type: 1
[   40.001927][ T3791] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=1). Please run e2fsck to fix.
[   40.017288][ T3791] EXT4-fs (loop0): Cannot turn on quotas: error -117
[   40.024355][ T3791] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   40.039242][ T3791] netlink: 12 bytes leftover after parsing attributes in process `syz.0.80'.
[   40.048364][ T3791] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   40.055786][ T3791] batman_adv: batadv0: Removing interface: batadv_slave_0
[   40.063645][ T3791] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   40.071134][ T3791] batman_adv: batadv0: Removing interface: batadv_slave_1
[   40.163246][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.173110][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.192224][ T3797] netlink: 324 bytes leftover after parsing attributes in process `syz.0.83'.
[   40.215928][ T3801] random: crng reseeded on system resumption
[   40.248284][ T3803] loop0: detected capacity change from 0 to 2048
[   40.278347][ T3803] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.385399][ T3818] netlink: 8 bytes leftover after parsing attributes in process `syz.0.85'.
[   40.394237][ T3818] netlink: 8 bytes leftover after parsing attributes in process `syz.0.85'.
[   40.461592][ T3826] random: crng reseeded on system resumption
[   40.559817][ T3831] random: crng reseeded on system resumption
[   40.677513][ T3838] loop2: detected capacity change from 0 to 256
[   40.787806][ T3846] loop5: detected capacity change from 0 to 512
[   40.795797][ T3846] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.103: Invalid inode bitmap blk 4 in block_group 0
[   40.809121][ T3846] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.840265][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.859581][ T3853] random: crng reseeded on system resumption
[   40.975162][ T3867] loop4: detected capacity change from 0 to 256
[   41.001913][ T3869] loop5: detected capacity change from 0 to 512
[   41.008562][ T3869] ext4: Unknown parameter 'norecovery"nobarrier'
[   41.019168][ T3869] loop5: detected capacity change from 0 to 512
[   41.025827][ T3869] EXT4-fs: Ignoring removed orlov option
[   41.031885][ T3869] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.051420][ T3869] EXT4-fs (loop5): orphan cleanup on readonly fs
[   41.058478][ T3869] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.124: bg 0: block 248: padding at end of block bitmap is not set
[   41.073924][ T3869] EXT4-fs error (device loop5): ext4_acquire_dquot:6879: comm syz.5.124: Failed to acquire dquot type 1
[   41.085716][ T3869] EXT4-fs (loop5): 1 truncate cleaned up
[   41.092163][ T3869] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.105716][ T3869] FAULT_INJECTION: forcing a failure.
[   41.105716][ T3869] name failslab, interval 1, probability 0, space 0, times 1
[   41.118562][ T3869] CPU: 0 UID: 0 PID: 3869 Comm: syz.5.124 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   41.129182][ T3869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   41.139364][ T3869] Call Trace:
[   41.142641][ T3869]  <TASK>
[   41.145625][ T3869]  dump_stack_lvl+0xf2/0x150
[   41.150302][ T3869]  dump_stack+0x15/0x20
[   41.154535][ T3869]  should_fail_ex+0x223/0x230
[   41.159310][ T3869]  ? getname_flags+0x81/0x3b0
[   41.163998][ T3869]  should_failslab+0x8f/0xb0
[   41.168661][ T3869]  kmem_cache_alloc_noprof+0x4c/0x290
[   41.174071][ T3869]  getname_flags+0x81/0x3b0
[   41.178671][ T3869]  __x64_sys_mkdirat+0x41/0x60
[   41.183467][ T3869]  x64_sys_call+0x2cd3/0x2d60
[   41.188252][ T3869]  do_syscall_64+0xc9/0x1c0
[   41.192817][ T3869]  ? clear_bhb_loop+0x55/0xb0
[   41.197494][ T3869]  ? clear_bhb_loop+0x55/0xb0
[   41.202199][ T3869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.208116][ T3869] RIP: 0033:0x7f86d466cfb7
[   41.212646][ T3869] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.232284][ T3869] RSP: 002b:00007f86d32e6e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   41.240717][ T3869] RAX: ffffffffffffffda RBX: 00007f86d32e6ef0 RCX: 00007f86d466cfb7
[   41.248763][ T3869] RDX: 00000000000001ff RSI: 0000000020000140 RDI: 00000000ffffff9c
[   41.256878][ T3869] RBP: 0000000020000f40 R08: 0000000020000000 R09: 0000000000000000
[   41.264897][ T3869] R10: 0000000020000f40 R11: 0000000000000246 R12: 0000000020000140
[   41.272887][ T3869] R13: 00007f86d32e6eb0 R14: 0000000000000000 R15: 00000000200008c0
[   41.280869][ T3869]  </TASK>
[   41.286106][ T3869] EXT4-fs: Ignoring removed orlov option
[   41.291846][ T3869] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.300566][ T3869] EXT4-fs error (device loop5): __ext4_remount:6522: comm syz.5.124: Abort forced by user
[   41.312295][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.321724][ T3869] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[   41.335366][ T3869] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   41.352166][ T3869] ext4 filesystem being remounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.373214][ T3869] syz.5.124 (3869) used greatest stack depth: 9344 bytes left
[   41.383716][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.439008][ T3889] loop0: detected capacity change from 0 to 1024
[   41.452410][ T3889] EXT4-fs: Ignoring removed orlov option
[   41.458263][ T3889] EXT4-fs: Ignoring removed nomblk_io_submit option
[   41.468852][ T3891] loop5: detected capacity change from 0 to 512
[   41.477885][ T3891] ext4: Unknown parameter 'norecovery"nobarrier'
[   41.492353][ T3891] loop5: detected capacity change from 0 to 512
[   41.499423][ T3891] EXT4-fs: Ignoring removed orlov option
[   41.505489][ T3891] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.525510][ T3891] EXT4-fs (loop5): orphan cleanup on readonly fs
[   41.527828][ T3896] random: crng reseeded on system resumption
[   41.532436][ T3889] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.551834][ T3891] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.120: bg 0: block 248: padding at end of block bitmap is not set
[   41.570855][ T3889] process 'syz.0.119' launched './file0/file0' with NULL argv: empty string added
[   41.613259][ T3891] EXT4-fs error (device loop5): ext4_acquire_dquot:6879: comm syz.5.120: Failed to acquire dquot type 1
[   41.627213][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.637183][ T3891] EXT4-fs (loop5): 1 truncate cleaned up
[   41.643660][ T3891] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.670960][ T3891] EXT4-fs: Ignoring removed orlov option
[   41.683676][ T3891] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.684153][ T3904] loop1: detected capacity change from 0 to 512
[   41.698900][ T3904] ext4: Unknown parameter 'norecovery"nobarrier'
[   41.707835][ T3891] EXT4-fs error (device loop5): __ext4_remount:6522: comm syz.5.120: Abort forced by user
[   41.710012][ T3904] loop1: detected capacity change from 0 to 512
[   41.724494][ T3904] EXT4-fs: Ignoring removed orlov option
[   41.730707][ T3891] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[   41.741620][ T3904] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.751685][ T3904] EXT4-fs (loop1): orphan cleanup on readonly fs
[   41.758711][ T3891] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   41.759143][ T3904] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.126: bg 0: block 248: padding at end of block bitmap is not set
[   41.769272][ T3891] ext4 filesystem being remounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.784439][ T3904] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.126: Failed to acquire dquot type 1
[   41.808282][ T3904] EXT4-fs (loop1): 1 truncate cleaned up
[   41.814720][ T3904] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.822996][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.832453][ T3904] EXT4-fs: Ignoring removed orlov option
[   41.842140][ T3904] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.850729][ T3904] EXT4-fs error (device loop1): __ext4_remount:6522: comm syz.1.126: Abort forced by user
[   41.862525][ T3904] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   41.878412][ T3922] bpf_get_probe_write_proto: 5 callbacks suppressed
[   41.878425][ T3922] syz.0.132[3922] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.879086][ T3904] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   41.885138][ T3922] syz.0.132[3922] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   41.897092][ T3904] ext4 filesystem being remounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.937919][ T3931] FAULT_INJECTION: forcing a failure.
[   41.937919][ T3931] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   41.951157][ T3931] CPU: 1 UID: 0 PID: 3931 Comm: syz.5.135 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   41.961778][ T3931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   41.971854][ T3931] Call Trace:
[   41.975180][ T3931]  <TASK>
[   41.978127][ T3931]  dump_stack_lvl+0xf2/0x150
[   41.982798][ T3931]  dump_stack+0x15/0x20
[   41.986976][ T3931]  should_fail_ex+0x223/0x230
[   41.991688][ T3931]  should_fail+0xb/0x10
[   41.995912][ T3931]  should_fail_usercopy+0x1a/0x20
[   42.001016][ T3931]  _copy_from_user+0x1e/0xb0
[   42.005691][ T3931]  kstrtouint_from_user+0x76/0xe0
[   42.010800][ T3931]  ? 0xffffffff81000000
[   42.014966][ T3931]  ? selinux_file_permission+0x22a/0x360
[   42.020625][ T3931]  proc_fail_nth_write+0x4f/0x150
[   42.022512][ T3923] loop4: detected capacity change from 0 to 128
[   42.025736][ T3931]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   42.025773][ T3931]  vfs_write+0x281/0x920
[   42.025857][ T3931]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   42.025891][ T3931]  ? __rcu_read_unlock+0x4e/0x70
[   42.026000][ T3931]  ? __fget_files+0x1d4/0x210
[   42.026078][ T3931]  ksys_write+0xeb/0x1b0
[   42.026139][ T3931]  __x64_sys_write+0x42/0x50
[   42.026178][ T3931]  x64_sys_call+0x27dd/0x2d60
[   42.026216][ T3931]  do_syscall_64+0xc9/0x1c0
[   42.026243][ T3931]  ? clear_bhb_loop+0x55/0xb0
[   42.026320][ T3931]  ? clear_bhb_loop+0x55/0xb0
[   42.026396][ T3931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.026437][ T3931] RIP: 0033:0x7f86d466d1ff
[   42.026457][ T3931] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[   42.026479][ T3931] RSP: 002b:00007f86d32e7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   42.026519][ T3931] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f86d466d1ff
[   42.026565][ T3931] RDX: 0000000000000001 RSI: 00007f86d32e70a0 RDI: 0000000000000004
[   42.026579][ T3931] RBP: 00007f86d32e7090 R08: 0000000000000000 R09: 0000000000000000
[   42.026594][ T3931] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   42.026610][ T3931] R13: 0000000000000000 R14: 00007f86d4825f80 R15: 00007ffdbafe1328
[   42.026630][ T3931]  </TASK>
[   42.048875][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.215944][ T3937] loop1: detected capacity change from 0 to 164
[   42.227674][ T3937] iso9660: Unknown parameter '00000000000000000000��������'
[   42.295878][ T3938] syz.4.133: attempt to access beyond end of device
[   42.295878][ T3938] loop4: rw=2049, sector=201, nr_sectors = 552 limit=128
[   42.310587][ T3938] syz.4.133: attempt to access beyond end of device
[   42.310587][ T3938] loop4: rw=2049, sector=809, nr_sectors = 232 limit=128
[   42.334004][ T3945] random: crng reseeded on system resumption
[   42.335022][ T3923] syz.4.133: attempt to access beyond end of device
[   42.335022][ T3923] loop4: rw=2049, sector=753, nr_sectors = 56 limit=128
[   42.384490][ T3938] syz.4.133: attempt to access beyond end of device
[   42.384490][ T3938] loop4: rw=2049, sector=201, nr_sectors = 840 limit=128
[   42.522409][ T3960] syz.2.147[3960] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.522460][ T3960] syz.2.147[3960] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.533793][ T3960] syz.2.147[3960] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   42.547184][ T3956] netlink: 'syz.5.146': attribute type 1 has an invalid length.
[   42.566212][ T3956] netlink: 'syz.5.146': attribute type 2 has an invalid length.
[   42.622832][ T3975] random: crng reseeded on system resumption
[   42.689304][ T3982] loop0: detected capacity change from 0 to 512
[   42.707320][ T3982] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.154: Invalid inode bitmap blk 4 in block_group 0
[   42.719577][ T3990] loop5: detected capacity change from 0 to 512
[   42.723876][ T3982] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.742714][   T29] kauditd_printk_skb: 207 callbacks suppressed
[   42.742730][   T29] audit: type=1326 audit(1731306095.409:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.750464][ T3982] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[   42.773999][   T29] audit: type=1326 audit(1731306095.409:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.810121][   T29] audit: type=1326 audit(1731306095.409:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.833584][   T29] audit: type=1326 audit(1731306095.409:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.835987][ T3990] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.157: Invalid inode bitmap blk 4 in block_group 0
[   42.856957][   T29] audit: type=1326 audit(1731306095.409:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.871629][ T3990] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.893047][   T29] audit: type=1326 audit(1731306095.409:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.928459][   T29] audit: type=1326 audit(1731306095.409:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.951758][   T29] audit: type=1326 audit(1731306095.409:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.975177][   T29] audit: type=1326 audit(1731306095.409:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   42.998454][   T29] audit: type=1326 audit(1731306095.409:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3980 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f22a509e719 code=0x7ffc0000
[   43.022898][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.033028][ T3990] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[   43.063968][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.066970][ T4003] syz.1.162[4003] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.073101][ T4003] syz.1.162[4003] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.085241][ T4003] syz.1.162[4003] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.150447][ T4008] loop1: detected capacity change from 0 to 512
[   43.176260][ T4008] EXT4-fs warning (device loop1): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   43.191215][ T4008] EXT4-fs (loop1): mount failed
[   43.204869][ T4015] syz.0.165 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   43.223411][ T4019] loop5: detected capacity change from 0 to 256
[   43.248260][ T4021] random: crng reseeded on system resumption
[   43.406749][ T4035] loop5: detected capacity change from 0 to 512
[   43.413837][ T4035] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   43.425535][ T4035] EXT4-fs (loop5): 1 orphan inode deleted
[   43.431303][ T4035] EXT4-fs (loop5): 1 truncate cleaned up
[   43.437694][ T4035] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.459108][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.476952][ T4038] syz.5.175[4038] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.477077][ T4038] syz.5.175[4038] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   43.638113][ T4046] random: crng reseeded on system resumption
[   43.745563][ T4048] netlink: 'syz.2.179': attribute type 1 has an invalid length.
[   43.753245][ T4048] netlink: 'syz.2.179': attribute type 2 has an invalid length.
[   43.781238][ T4060] loop5: detected capacity change from 0 to 512
[   43.800243][ T4060] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.184: Invalid inode bitmap blk 4 in block_group 0
[   43.813542][ T4060] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.834699][ T4060] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[   43.864380][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.993190][ T4077] netlink: 'syz.2.185': attribute type 10 has an invalid length.
[   44.003981][ T4077] batman_adv: batadv0: Adding interface: team0
[   44.010260][ T4077] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.035611][ T4077] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   44.173744][ T4082] random: crng reseeded on system resumption
[   44.264327][ T4085] __nla_validate_parse: 7 callbacks suppressed
[   44.264347][ T4085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.192'.
[   44.697120][ T4092] FAULT_INJECTION: forcing a failure.
[   44.697120][ T4092] name failslab, interval 1, probability 0, space 0, times 0
[   44.709807][ T4092] CPU: 1 UID: 0 PID: 4092 Comm: syz.2.195 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   44.720461][ T4092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   44.730609][ T4092] Call Trace:
[   44.733902][ T4092]  <TASK>
[   44.736894][ T4092]  dump_stack_lvl+0xf2/0x150
[   44.741530][ T4092]  dump_stack+0x15/0x20
[   44.745786][ T4092]  should_fail_ex+0x223/0x230
[   44.750533][ T4092]  ? fib6_add_1+0x35d/0xae0
[   44.755038][ T4092]  should_failslab+0x8f/0xb0
[   44.759639][ T4092]  kmem_cache_alloc_noprof+0x4c/0x290
[   44.765056][ T4092]  fib6_add_1+0x35d/0xae0
[   44.769449][ T4092]  fib6_add+0xfe/0x21b0
[   44.773620][ T4092]  ? should_fail_ex+0xd7/0x230
[   44.778484][ T4092]  ip6_ins_rt+0x70/0xb0
[   44.782639][ T4092]  __ipv6_dev_ac_inc+0x453/0x5c0
[   44.787580][ T4092]  ipv6_sock_ac_join+0x2fc/0x400
[   44.792591][ T4092]  do_ipv6_setsockopt+0x1a89/0x2250
[   44.797810][ T4092]  ? __rcu_read_unlock+0x4e/0x70
[   44.802774][ T4092]  ? avc_has_perm_noaudit+0x1cc/0x210
[   44.808293][ T4092]  ipv6_setsockopt+0x57/0x130
[   44.812976][ T4092]  udpv6_setsockopt+0x95/0xb0
[   44.817664][ T4092]  sock_common_setsockopt+0x64/0x80
[   44.822984][ T4092]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   44.828976][ T4092]  __sys_setsockopt+0x1cc/0x240
[   44.833984][ T4092]  __x64_sys_setsockopt+0x66/0x80
[   44.839073][ T4092]  x64_sys_call+0x278d/0x2d60
[   44.843755][ T4092]  do_syscall_64+0xc9/0x1c0
[   44.848342][ T4092]  ? clear_bhb_loop+0x55/0xb0
[   44.853031][ T4092]  ? clear_bhb_loop+0x55/0xb0
[   44.857735][ T4092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.863672][ T4092] RIP: 0033:0x7f0d57bfe719
[   44.868093][ T4092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.887852][ T4092] RSP: 002b:00007f0d56871038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   44.896341][ T4092] RAX: ffffffffffffffda RBX: 00007f0d57db5f80 RCX: 00007f0d57bfe719
[   44.904375][ T4092] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0000000000000003
[   44.912390][ T4092] RBP: 00007f0d56871090 R08: 0000000000000014 R09: 0000000000000000
[   44.920364][ T4092] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001
[   44.928360][ T4092] R13: 0000000000000000 R14: 00007f0d57db5f80 R15: 00007ffe4ae1d0a8
[   44.936338][ T4092]  </TASK>
[   45.024406][ T4097] loop5: detected capacity change from 0 to 512
[   45.042548][ T4097] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.197: Invalid inode bitmap blk 4 in block_group 0
[   45.057846][ T4097] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.077542][ T4097] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[   45.113496][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.130566][ T4098] netlink: 'syz.4.196': attribute type 1 has an invalid length.
[   45.138290][ T4098] netlink: 'syz.4.196': attribute type 2 has an invalid length.
[   45.151001][ T4107] netlink: 64 bytes leftover after parsing attributes in process `syz.0.200'.
[   45.161369][ T4107] netlink: 'syz.0.200': attribute type 4 has an invalid length.
[   45.195489][ T4116] loop4: detected capacity change from 0 to 1024
[   45.203969][ T4116] EXT4-fs: Ignoring removed orlov option
[   45.209791][ T4116] EXT4-fs: Ignoring removed nomblk_io_submit option
[   45.228422][ T4116] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.327371][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.375310][ T4131] sctp: [Deprecated]: syz.0.209 (pid 4131) Use of int in maxseg socket option.
[   45.375310][ T4131] Use struct sctp_assoc_value instead
[   45.407132][ T4132] netlink: 4 bytes leftover after parsing attributes in process `syz.5.210'.
[   45.416034][ T4132] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   45.423473][ T4132] batman_adv: batadv0: Removing interface: batadv_slave_0
[   45.451418][ T4132] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   45.458923][ T4132] batman_adv: batadv0: Removing interface: batadv_slave_1
[   45.491473][ T4140] loop5: detected capacity change from 0 to 1024
[   45.499224][ T4140] journal_path: Lookup failure for './file2'
[   45.505351][ T4140] EXT4-fs: error: could not find journal device path
[   45.588233][ T4165] loop0: detected capacity change from 0 to 1024
[   45.607720][ T4165] EXT4-fs: Ignoring removed orlov option
[   45.613586][ T4165] EXT4-fs: Ignoring removed nomblk_io_submit option
[   45.631366][ T4165] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.656907][ T4177] netlink: 1348 bytes leftover after parsing attributes in process `syz.4.227'.
[   45.666007][ T4177] netlink: 1348 bytes leftover after parsing attributes in process `syz.4.227'.
[   45.676240][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.801378][ T4198] loop5: detected capacity change from 0 to 512
[   45.809576][ T4199] loop0: detected capacity change from 0 to 512
[   45.826795][ T4198] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.827198][ T4199] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.839496][ T4198] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.853068][ T4199] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.192080][ T4213] FAULT_INJECTION: forcing a failure.
[   46.192080][ T4213] name failslab, interval 1, probability 0, space 0, times 0
[   46.204870][ T4213] CPU: 1 UID: 0 PID: 4213 Comm: syz.1.242 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   46.215722][ T4213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   46.225806][ T4213] Call Trace:
[   46.229121][ T4213]  <TASK>
[   46.232119][ T4213]  dump_stack_lvl+0xf2/0x150
[   46.236795][ T4213]  dump_stack+0x15/0x20
[   46.240976][ T4213]  should_fail_ex+0x223/0x230
[   46.245704][ T4213]  ? audit_log_start+0x34c/0x6b0
[   46.250676][ T4213]  should_failslab+0x8f/0xb0
[   46.255396][ T4213]  kmem_cache_alloc_noprof+0x4c/0x290
[   46.260847][ T4213]  audit_log_start+0x34c/0x6b0
[   46.265628][ T4213]  audit_seccomp+0x4b/0x130
[   46.270174][ T4213]  __seccomp_filter+0x6fa/0x1180
[   46.275147][ T4213]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   46.280840][ T4213]  ? vfs_write+0x596/0x920
[   46.285278][ T4213]  ? __schedule+0x6fa/0x930
[   46.289801][ T4213]  __secure_computing+0x9f/0x1c0
[   46.294825][ T4213]  syscall_trace_enter+0xd1/0x1f0
[   46.299871][ T4213]  do_syscall_64+0xaa/0x1c0
[   46.304451][ T4213]  ? clear_bhb_loop+0x55/0xb0
[   46.309189][ T4213]  ? clear_bhb_loop+0x55/0xb0
[   46.313878][ T4213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.319795][ T4213] RIP: 0033:0x7fa0209be719
[   46.324238][ T4213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.343857][ T4213] RSP: 002b:00007fa01f631038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   46.352354][ T4213] RAX: ffffffffffffffda RBX: 00007fa020b75f80 RCX: 00007fa0209be719
[   46.360365][ T4213] RDX: 0000000000000048 RSI: 0000000020000500 RDI: 000000000000000a
[   46.368424][ T4213] RBP: 00007fa01f631090 R08: 0000000000000000 R09: 0000000000000000
[   46.376412][ T4213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.384453][ T4213] R13: 0000000000000000 R14: 00007fa020b75f80 R15: 00007ffe48323568
[   46.392472][ T4213]  </TASK>
[   46.405674][ T4206] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   46.413175][ T4206] vhci_hcd: invalid port number 23
[   46.500031][ T4233] loop4: detected capacity change from 0 to 512
[   46.524535][ T4238] loop1: detected capacity change from 0 to 512
[   46.532016][ T4238] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   46.532417][ T4233] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.557227][ T4233] EXT4-fs (loop4): mount failed
[   46.571166][ T4238] EXT4-fs (loop1): 1 orphan inode deleted
[   46.577022][ T4238] EXT4-fs (loop1): 1 truncate cleaned up
[   46.583309][ T4238] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.597600][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.607609][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.638552][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.674605][ T4258] Process accounting resumed
[   46.739290][ T4265] loop0: detected capacity change from 0 to 512
[   46.746472][ T4265] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   46.757718][ T4265] EXT4-fs error (device loop0): ext4_orphan_get:1388: inode #15: comm syz.0.259: iget: bad extra_isize 7 (inode size 256)
[   46.770731][ T4265] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.259: couldn't read orphan inode 15 (err -117)
[   46.783494][ T4265] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.797623][ T4265] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   46.897107][ T4278] loop1: detected capacity change from 0 to 512
[   46.906473][ T4278] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.919240][ T4278] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.441032][ T4282] loop2: detected capacity change from 0 to 128
[   47.514583][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.526423][ T4282] syz.2.268: attempt to access beyond end of device
[   47.526423][ T4282] loop2: rw=2049, sector=201, nr_sectors = 672 limit=128
[   47.560029][ T4283] syz.2.268: attempt to access beyond end of device
[   47.560029][ T4283] loop2: rw=2049, sector=873, nr_sectors = 16 limit=128
[   47.574441][ T4283] syz.2.268: attempt to access beyond end of device
[   47.574441][ T4283] loop2: rw=2049, sector=897, nr_sectors = 144 limit=128
[   47.588103][ T4282] syz.2.268: attempt to access beyond end of device
[   47.588103][ T4282] loop2: rw=2049, sector=889, nr_sectors = 8 limit=128
[   47.588444][ T4289] FAULT_INJECTION: forcing a failure.
[   47.588444][ T4289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   47.588470][ T4289] CPU: 0 UID: 0 PID: 4289 Comm: syz.0.271 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   47.588500][ T4289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   47.588537][ T4289] Call Trace:
[   47.588544][ T4289]  <TASK>
[   47.588553][ T4289]  dump_stack_lvl+0xf2/0x150
[   47.588587][ T4289]  dump_stack+0x15/0x20
[   47.588614][ T4289]  should_fail_ex+0x223/0x230
[   47.588656][ T4289]  should_fail+0xb/0x10
[   47.588713][ T4289]  should_fail_usercopy+0x1a/0x20
[   47.588764][ T4289]  _copy_from_user+0x1e/0xb0
[   47.588791][ T4289]  __sys_bpf+0x14e/0x7a0
[   47.588820][ T4289]  __x64_sys_bpf+0x43/0x50
[   47.588857][ T4289]  x64_sys_call+0x2625/0x2d60
[   47.588891][ T4289]  do_syscall_64+0xc9/0x1c0
[   47.630325][ T4283] syz.2.268: attempt to access beyond end of device
[   47.630325][ T4283] loop2: rw=2049, sector=201, nr_sectors = 840 limit=128
[   47.635791][ T4289]  ? clear_bhb_loop+0x55/0xb0
[   47.635823][ T4289]  ? clear_bhb_loop+0x55/0xb0
[   47.710071][ T4289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.716064][ T4289] RIP: 0033:0x7f22a509e719
[   47.720544][ T4289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.740200][ T4289] RSP: 002b:00007f22a3d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   47.748659][ T4289] RAX: ffffffffffffffda RBX: 00007f22a5255f80 RCX: 00007f22a509e719
[   47.756633][ T4289] RDX: 0000000000000050 RSI: 0000000020000080 RDI: 000000000000000a
[   47.764610][ T4289] RBP: 00007f22a3d17090 R08: 0000000000000000 R09: 0000000000000000
[   47.772584][ T4289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.780630][ T4289] R13: 0000000000000000 R14: 00007f22a5255f80 R15: 00007ffe67ad11e8
[   47.788624][ T4289]  </TASK>
[   47.804816][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.826879][   T29] kauditd_printk_skb: 643 callbacks suppressed
[   47.826896][   T29] audit: type=1326 audit(1731306100.499:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   47.856414][   T29] audit: type=1326 audit(1731306100.499:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   47.880602][   T29] audit: type=1326 audit(1731306100.499:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   47.903961][   T29] audit: type=1326 audit(1731306100.499:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   47.927335][   T29] audit: type=1326 audit(1731306100.499:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   47.950733][   T29] audit: type=1326 audit(1731306100.499:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   47.974115][   T29] audit: type=1326 audit(1731306100.499:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   47.997459][   T29] audit: type=1326 audit(1731306100.499:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   48.020937][   T29] audit: type=1326 audit(1731306100.499:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   48.044326][   T29] audit: type=1326 audit(1731306100.499:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.1.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   48.131691][ T4307] loop0: detected capacity change from 0 to 1024
[   48.138482][ T4307] journal_path: Lookup failure for './file2'
[   48.144497][ T4307] EXT4-fs: error: could not find journal device path
[   48.485954][ T4318] loop5: detected capacity change from 0 to 512
[   48.506465][ T4318] EXT4-fs warning (device loop5): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.521618][ T4318] EXT4-fs (loop5): mount failed
[   48.981118][ T4325] loop1: detected capacity change from 0 to 512
[   48.996540][ T4325] EXT4-fs warning (device loop1): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   49.011515][ T4325] EXT4-fs (loop1): mount failed
[   49.046584][ T4331] loop0: detected capacity change from 0 to 128
[   49.764243][ T4348] loop4: detected capacity change from 0 to 1024
[   49.770988][ T4348] journal_path: Lookup failure for './file2'
[   49.777125][ T4348] EXT4-fs: error: could not find journal device path
[   50.028797][ T4357] bpf_get_probe_write_proto: 13 callbacks suppressed
[   50.028840][ T4357] syz.0.292[4357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.035750][ T4357] syz.0.292[4357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.047327][ T4357] syz.0.292[4357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.060508][ T4357] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   50.079119][ T4357] vhci_hcd: invalid port number 23
[   50.911849][ T4376] FAULT_INJECTION: forcing a failure.
[   50.911849][ T4376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.925034][ T4376] CPU: 0 UID: 0 PID: 4376 Comm: syz.4.303 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   50.935740][ T4376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   50.945899][ T4376] Call Trace:
[   50.949206][ T4376]  <TASK>
[   50.952176][ T4376]  dump_stack_lvl+0xf2/0x150
[   50.956853][ T4376]  dump_stack+0x15/0x20
[   50.961019][ T4376]  should_fail_ex+0x223/0x230
[   50.967114][ T4376]  should_fail+0xb/0x10
[   50.971392][ T4376]  should_fail_usercopy+0x1a/0x20
[   50.976480][ T4376]  _copy_from_user+0x1e/0xb0
[   50.981089][ T4376]  __sys_bpf+0x14e/0x7a0
[   50.985396][ T4376]  __x64_sys_bpf+0x43/0x50
[   50.989875][ T4376]  x64_sys_call+0x2625/0x2d60
[   50.994636][ T4376]  do_syscall_64+0xc9/0x1c0
[   50.999140][ T4376]  ? clear_bhb_loop+0x55/0xb0
[   51.003878][ T4376]  ? clear_bhb_loop+0x55/0xb0
[   51.008555][ T4376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.014496][ T4376] RIP: 0033:0x7fab1905e719
[   51.018909][ T4376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.038521][ T4376] RSP: 002b:00007fab17cd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   51.046974][ T4376] RAX: ffffffffffffffda RBX: 00007fab19215f80 RCX: 00007fab1905e719
[   51.054960][ T4376] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[   51.062935][ T4376] RBP: 00007fab17cd7090 R08: 0000000000000000 R09: 0000000000000000
[   51.070903][ T4376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.078873][ T4376] R13: 0000000000000000 R14: 00007fab19215f80 R15: 00007ffe98c07688
[   51.086898][ T4376]  </TASK>
[   51.599479][ T4399] syz.5.311[4399] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.599670][ T4399] syz.5.311[4399] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.611424][ T4399] syz.5.311[4399] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.624439][ T4399] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   51.643511][ T4399] vhci_hcd: invalid port number 23
[   51.789396][ T4407] FAULT_INJECTION: forcing a failure.
[   51.789396][ T4407] name failslab, interval 1, probability 0, space 0, times 0
[   51.802064][ T4407] CPU: 1 UID: 0 PID: 4407 Comm: syz.5.313 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   51.812747][ T4407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   51.822818][ T4407] Call Trace:
[   51.826100][ T4407]  <TASK>
[   51.829056][ T4407]  dump_stack_lvl+0xf2/0x150
[   51.833658][ T4407]  dump_stack+0x15/0x20
[   51.837872][ T4407]  should_fail_ex+0x223/0x230
[   51.842616][ T4407]  ? audit_log_start+0x34c/0x6b0
[   51.847567][ T4407]  should_failslab+0x8f/0xb0
[   51.852233][ T4407]  kmem_cache_alloc_noprof+0x4c/0x290
[   51.857619][ T4407]  audit_log_start+0x34c/0x6b0
[   51.862456][ T4407]  audit_seccomp+0x4b/0x130
[   51.867039][ T4407]  __seccomp_filter+0x6fa/0x1180
[   51.872061][ T4407]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   51.877785][ T4407]  ? vfs_write+0x596/0x920
[   51.882232][ T4407]  ? __rcu_read_unlock+0x4e/0x70
[   51.887281][ T4407]  ? __fget_files+0x1d4/0x210
[   51.891974][ T4407]  __secure_computing+0x9f/0x1c0
[   51.896941][ T4407]  syscall_trace_enter+0xd1/0x1f0
[   51.901994][ T4407]  ? fpregs_assert_state_consistent+0x83/0xa0
[   51.908153][ T4407]  do_syscall_64+0xaa/0x1c0
[   51.912655][ T4407]  ? clear_bhb_loop+0x55/0xb0
[   51.917452][ T4407]  ? clear_bhb_loop+0x55/0xb0
[   51.922154][ T4407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.928141][ T4407] RIP: 0033:0x7f86d466e719
[   51.932550][ T4407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.952164][ T4407] RSP: 002b:00007f86d32e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   51.960591][ T4407] RAX: ffffffffffffffda RBX: 00007f86d4825f80 RCX: 00007f86d466e719
[   51.968582][ T4407] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000
[   51.976598][ T4407] RBP: 00007f86d32e7090 R08: 0000000000000000 R09: 0000000000000000
[   51.984570][ T4407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.992627][ T4407] R13: 0000000000000000 R14: 00007f86d4825f80 R15: 00007ffdbafe1328
[   52.000608][ T4407]  </TASK>
[   52.044696][ T4409] netlink: 40 bytes leftover after parsing attributes in process `syz.1.315'.
[   52.075306][ T4409] all: renamed from ip_vti0 (while UP)
[   52.163192][ T4428] capability: warning: `syz.4.322' uses 32-bit capabilities (legacy support in use)
[   52.231840][ T4434] loop0: detected capacity change from 0 to 512
[   52.268065][ T4434] loop0: detected capacity change from 0 to 4096
[   52.278924][ T4448] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   52.287299][ T4448] vhci_hcd: invalid port number 23
[   52.308734][ T4434] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.355490][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.461386][ T4468] FAULT_INJECTION: forcing a failure.
[   52.461386][ T4468] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.474603][ T4468] CPU: 1 UID: 0 PID: 4468 Comm: syz.4.337 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   52.485276][ T4468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   52.495366][ T4468] Call Trace:
[   52.498667][ T4468]  <TASK>
[   52.501653][ T4468]  dump_stack_lvl+0xf2/0x150
[   52.506348][ T4468]  dump_stack+0x15/0x20
[   52.510605][ T4468]  should_fail_ex+0x223/0x230
[   52.515317][ T4468]  should_fail+0xb/0x10
[   52.519561][ T4468]  should_fail_usercopy+0x1a/0x20
[   52.524619][ T4468]  _copy_from_user+0x1e/0xb0
[   52.529229][ T4468]  copy_msghdr_from_user+0x54/0x2a0
[   52.534467][ T4468]  __sys_sendmsg+0x171/0x270
[   52.539092][ T4468]  __x64_sys_sendmsg+0x46/0x50
[   52.543871][ T4468]  x64_sys_call+0x2689/0x2d60
[   52.548580][ T4468]  do_syscall_64+0xc9/0x1c0
[   52.553116][ T4468]  ? clear_bhb_loop+0x55/0xb0
[   52.557821][ T4468]  ? clear_bhb_loop+0x55/0xb0
[   52.562600][ T4468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.568538][ T4468] RIP: 0033:0x7fab1905e719
[   52.572964][ T4468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.592691][ T4468] RSP: 002b:00007fab17cd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.601195][ T4468] RAX: ffffffffffffffda RBX: 00007fab19215f80 RCX: 00007fab1905e719
[   52.609266][ T4468] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000004
[   52.617259][ T4468] RBP: 00007fab17cd7090 R08: 0000000000000000 R09: 0000000000000000
[   52.625245][ T4468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.633224][ T4468] R13: 0000000000000000 R14: 00007fab19215f80 R15: 00007ffe98c07688
[   52.641218][ T4468]  </TASK>
[   52.672276][ T4470] rdma_op ffff88810a03ed80 conn xmit_rdma 0000000000000000
[   52.754748][ T4479] netlink: 8 bytes leftover after parsing attributes in process `syz.0.339'.
[   52.763721][ T4479] netlink: 36 bytes leftover after parsing attributes in process `syz.0.339'.
[   52.778675][ T4479] loop0: detected capacity change from 0 to 512
[   52.785742][ T4479] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   52.796068][ T4479] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[   52.844241][   T29] kauditd_printk_skb: 240 callbacks suppressed
[   52.844256][   T29] audit: type=1400 audit(1731306105.509:1446): avc:  denied  { block_suspend } for  pid=4481 comm="syz.4.342" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   52.927389][ T4487] netlink: 'syz.5.345': attribute type 29 has an invalid length.
[   52.938725][ T4487] netlink: 'syz.5.345': attribute type 29 has an invalid length.
[   52.958448][ T4491] loop1: detected capacity change from 0 to 512
[   52.971095][ T4487] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   52.985929][ T4487] netlink: 500 bytes leftover after parsing attributes in process `syz.5.345'.
[   52.994997][ T4487] unsupported nla_type 40
[   53.030944][   T29] audit: type=1326 audit(1731306105.699:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.036720][ T4491] loop1: detected capacity change from 0 to 4096
[   53.081802][ T4491] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.096693][   T29] audit: type=1326 audit(1731306105.699:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.120208][   T29] audit: type=1326 audit(1731306105.739:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.143552][   T29] audit: type=1326 audit(1731306105.739:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.166891][   T29] audit: type=1326 audit(1731306105.739:1451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.178684][ T4504] Zero length message leads to an empty skb
[   53.190216][   T29] audit: type=1326 audit(1731306105.739:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.219540][   T29] audit: type=1326 audit(1731306105.739:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.219576][   T29] audit: type=1326 audit(1731306105.739:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.219680][   T29] audit: type=1326 audit(1731306105.749:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4494 comm="syz.5.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   53.328663][ T4511] netlink: 5 bytes leftover after parsing attributes in process `syz.4.353'.
[   53.337683][ T4511] netlink: 5 bytes leftover after parsing attributes in process `syz.4.353'.
[   53.347614][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.458529][ T4525] loop4: detected capacity change from 0 to 2048
[   53.476523][ T4525] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.585402][ T4534] netlink: 8 bytes leftover after parsing attributes in process `syz.4.358'.
[   53.594223][ T4534] netlink: 8 bytes leftover after parsing attributes in process `syz.4.358'.
[   53.603103][ T4534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.358'.
[   53.768040][ T4545] loop0: detected capacity change from 0 to 256
[   53.775035][ T4545] vfat: Deprecated parameter 'posix'
[   53.780391][ T4545] FAT-fs: "posix" option is obsolete, not supported now
[   53.938792][ T4554] loop1: detected capacity change from 0 to 2048
[   53.967134][ T4554] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.013078][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.047250][ T4558] loop1: detected capacity change from 0 to 2048
[   54.056697][ T4558] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.085219][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.095488][ T4562] rdma_op ffff8881160bf580 conn xmit_rdma 0000000000000000
[   54.105714][ T4564] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   54.113136][ T4564] vhci_hcd: invalid port number 23
[   54.131028][ T4568] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0
[   54.141363][ T4569] IPVS: stopping master sync thread 4568 ...
[   54.154709][ T4570] netlink: 8 bytes leftover after parsing attributes in process `syz.5.369'.
[   54.169563][ T4570] loop5: detected capacity change from 0 to 512
[   54.176677][ T4570] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   54.187554][ T4570] EXT4-fs (loop5): can't mount with journal_checksum, fs mounted w/o journal
[   54.232523][ T4579] loop1: detected capacity change from 0 to 1024
[   54.239639][ T4579] journal_path: Lookup failure for './file2'
[   54.245757][ T4579] EXT4-fs: error: could not find journal device path
[   54.350527][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.459234][ T4616] loop0: detected capacity change from 0 to 1024
[   54.466140][ T4616] journal_path: Lookup failure for './file2'
[   54.472165][ T4616] EXT4-fs: error: could not find journal device path
[   54.583576][ T4629] loop0: detected capacity change from 0 to 2048
[   54.596351][ T4629] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.948039][ T4638] FAULT_INJECTION: forcing a failure.
[   54.948039][ T4638] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.961174][ T4638] CPU: 0 UID: 0 PID: 4638 Comm: syz.5.394 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   54.971938][ T4638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   54.982116][ T4638] Call Trace:
[   54.985496][ T4638]  <TASK>
[   54.988439][ T4638]  dump_stack_lvl+0xf2/0x150
[   54.993065][ T4638]  dump_stack+0x15/0x20
[   54.997272][ T4638]  should_fail_ex+0x223/0x230
[   55.002010][ T4638]  should_fail+0xb/0x10
[   55.006228][ T4638]  should_fail_usercopy+0x1a/0x20
[   55.011387][ T4638]  _copy_from_user+0x1e/0xb0
[   55.016135][ T4638]  move_addr_to_kernel+0x82/0x120
[   55.021172][ T4638]  __sys_sendto+0x15c/0x260
[   55.025723][ T4638]  __x64_sys_sendto+0x78/0x90
[   55.030447][ T4638]  x64_sys_call+0x2959/0x2d60
[   55.035175][ T4638]  do_syscall_64+0xc9/0x1c0
[   55.039683][ T4638]  ? clear_bhb_loop+0x55/0xb0
[   55.044363][ T4638]  ? clear_bhb_loop+0x55/0xb0
[   55.049045][ T4638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.054963][ T4638] RIP: 0033:0x7f86d466e719
[   55.059379][ T4638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.079080][ T4638] RSP: 002b:00007f86d32e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   55.087521][ T4638] RAX: ffffffffffffffda RBX: 00007f86d4825f80 RCX: 00007f86d466e719
[   55.095505][ T4638] RDX: 000000000000ffec RSI: 0000000020000040 RDI: 0000000000000008
[   55.103685][ T4638] RBP: 00007f86d32e7090 R08: 0000000020000340 R09: 0000000000000010
[   55.111666][ T4638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.119718][ T4638] R13: 0000000000000000 R14: 00007f86d4825f80 R15: 00007ffdbafe1328
[   55.127826][ T4638]  </TASK>
[   55.251613][ T4660] rdma_op ffff8881160bcd80 conn xmit_rdma 0000000000000000
[   55.318526][ T4669] loop5: detected capacity change from 0 to 512
[   55.325590][ T4669] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   55.335920][ T4669] EXT4-fs (loop5): can't mount with journal_checksum, fs mounted w/o journal
[   55.452048][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.108655][ T4695] loop2: detected capacity change from 0 to 512
[   56.127548][ T4695] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   56.143359][ T4695] EXT4-fs (loop2): mount failed
[   56.149899][ T4702] loop5: detected capacity change from 0 to 2048
[   56.176846][ T4702] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.236351][ T4716] FAULT_INJECTION: forcing a failure.
[   56.236351][ T4716] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.249480][ T4716] CPU: 1 UID: 0 PID: 4716 Comm: syz.4.423 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   56.260112][ T4716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   56.270198][ T4716] Call Trace:
[   56.273500][ T4716]  <TASK>
[   56.276478][ T4716]  dump_stack_lvl+0xf2/0x150
[   56.281189][ T4716]  dump_stack+0x15/0x20
[   56.285406][ T4716]  should_fail_ex+0x223/0x230
[   56.290295][ T4716]  should_fail+0xb/0x10
[   56.294553][ T4716]  should_fail_usercopy+0x1a/0x20
[   56.299625][ T4716]  _copy_from_user+0x1e/0xb0
[   56.304278][ T4716]  copy_msghdr_from_user+0x54/0x2a0
[   56.309524][ T4716]  __sys_sendmsg+0x171/0x270
[   56.314236][ T4716]  __x64_sys_sendmsg+0x46/0x50
[   56.319028][ T4716]  x64_sys_call+0x2689/0x2d60
[   56.323871][ T4716]  do_syscall_64+0xc9/0x1c0
[   56.328400][ T4716]  ? clear_bhb_loop+0x55/0xb0
[   56.333189][ T4716]  ? clear_bhb_loop+0x55/0xb0
[   56.337952][ T4716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.343988][ T4716] RIP: 0033:0x7fab1905e719
[   56.348423][ T4716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.368047][ T4716] RSP: 002b:00007fab17cd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.376591][ T4716] RAX: ffffffffffffffda RBX: 00007fab19215f80 RCX: 00007fab1905e719
[   56.384560][ T4716] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[   56.392607][ T4716] RBP: 00007fab17cd7090 R08: 0000000000000000 R09: 0000000000000000
[   56.400646][ T4716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.408615][ T4716] R13: 0000000000000000 R14: 00007fab19215f80 R15: 00007ffe98c07688
[   56.416654][ T4716]  </TASK>
[   56.461843][ T4723] loop0: detected capacity change from 0 to 1024
[   56.469383][ T4723] journal_path: Lookup failure for './file2'
[   56.475520][ T4723] EXT4-fs: error: could not find journal device path
[   56.495412][ T4724] loop4: detected capacity change from 0 to 512
[   56.504360][ T4726] loop0: detected capacity change from 0 to 512
[   56.506792][ T4724] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.522743][ T4726] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.427: Invalid inode bitmap blk 4 in block_group 0
[   56.561917][ T4731] rdma_op ffff88810a052180 conn xmit_rdma 0000000000000000
[   56.625040][ T4732] loop0: detected capacity change from 0 to 512
[   56.631990][ T4732] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   56.642437][ T4732] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[   56.667549][ T4734] loop4: detected capacity change from 0 to 1024
[   56.674240][ T4734] journal_path: Lookup failure for './file2'
[   56.680287][ T4734] EXT4-fs: error: could not find journal device path
[   57.203785][ T4753] loop5: detected capacity change from 0 to 512
[   57.212293][ T4753] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.438: Invalid inode bitmap blk 4 in block_group 0
[   57.258322][ T4756] loop5: detected capacity change from 0 to 1024
[   57.265427][ T4756] journal_path: Lookup failure for './file2'
[   57.271457][ T4756] EXT4-fs: error: could not find journal device path
[   57.299164][ T4758] loop5: detected capacity change from 0 to 512
[   57.307969][ T4758] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.440: Invalid inode bitmap blk 4 in block_group 0
[   57.407858][ T4766] loop5: detected capacity change from 0 to 2048
[   57.500606][ T4781] __nla_validate_parse: 11 callbacks suppressed
[   57.500625][ T4781] netlink: 8 bytes leftover after parsing attributes in process `syz.5.442'.
[   57.515852][ T4781] netlink: 8 bytes leftover after parsing attributes in process `syz.5.442'.
[   57.524628][ T4781] netlink: 4 bytes leftover after parsing attributes in process `syz.5.442'.
[   57.561267][ T4784] loop4: detected capacity change from 0 to 1024
[   57.563549][ T4786] loop0: detected capacity change from 0 to 512
[   57.567976][ T4784] journal_path: Lookup failure for './file2'
[   57.580008][ T4784] EXT4-fs: error: could not find journal device path
[   57.595380][ T4786] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.449: Invalid inode bitmap blk 4 in block_group 0
[   57.664478][ T4797] rdma_op ffff88810a052180 conn xmit_rdma 0000000000000000
[   57.723745][ T4798] netlink: 8 bytes leftover after parsing attributes in process `syz.0.453'.
[   57.732658][ T4798] netlink: 36 bytes leftover after parsing attributes in process `syz.0.453'.
[   57.747630][ T4798] loop0: detected capacity change from 0 to 512
[   57.754884][ T4798] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   57.767085][ T4798] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[   58.156057][   T29] kauditd_printk_skb: 336 callbacks suppressed
[   58.156075][   T29] audit: type=1401 audit(1731306110.829:1791): op=setxattr invalid_context=""
[   58.229434][ T4816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.460'.
[   58.283167][ T4818] loop4: detected capacity change from 0 to 512
[   58.303865][ T4818] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.461: Invalid inode bitmap blk 4 in block_group 0
[   58.319082][   T29] audit: type=1326 audit(1731306110.989:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   58.342688][ T4821] loop5: detected capacity change from 0 to 1024
[   58.344019][   T29] audit: type=1326 audit(1731306110.989:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   58.350320][ T4821] journal_path: Lookup failure for './file2'
[   58.372434][   T29] audit: type=1326 audit(1731306110.989:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   58.378353][ T4821] EXT4-fs: error: could not find journal device path
[   58.408529][   T29] audit: type=1326 audit(1731306110.989:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   58.431927][   T29] audit: type=1326 audit(1731306110.989:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   58.455482][   T29] audit: type=1326 audit(1731306110.989:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   58.478843][   T29] audit: type=1326 audit(1731306110.989:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   58.502278][   T29] audit: type=1326 audit(1731306110.989:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   58.526176][   T29] audit: type=1326 audit(1731306110.989:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4817 comm="syz.4.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   59.100503][ T4848] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   59.113391][ T4848] xt_CT: You must specify a L4 protocol and not use inversions on it
[   59.129995][ T4848] 9pnet_fd: Insufficient options for proto=fd
[   59.173014][ T4850] loop2: detected capacity change from 0 to 512
[   59.180861][ T4850] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.473: Invalid inode bitmap blk 4 in block_group 0
[   59.233956][ T4855] rdma_op ffff8881160be980 conn xmit_rdma 0000000000000000
[   59.292857][ T4856] netlink: 8 bytes leftover after parsing attributes in process `syz.2.475'.
[   59.301815][ T4856] netlink: 36 bytes leftover after parsing attributes in process `syz.2.475'.
[   59.314602][ T4856] loop2: detected capacity change from 0 to 512
[   59.321496][ T4856] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   59.331823][ T4856] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[   59.531100][ T4866] loop0: detected capacity change from 0 to 1024
[   59.538147][ T4866] journal_path: Lookup failure for './file2'
[   59.544192][ T4866] EXT4-fs: error: could not find journal device path
[   59.625929][ T4875] loop4: detected capacity change from 0 to 512
[   59.633797][ T4875] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.484: Invalid inode bitmap blk 4 in block_group 0
[   59.668557][ T4878] FAULT_INJECTION: forcing a failure.
[   59.668557][ T4878] name failslab, interval 1, probability 0, space 0, times 0
[   59.681205][ T4878] CPU: 0 UID: 0 PID: 4878 Comm: syz.4.485 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   59.691912][ T4878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   59.702027][ T4878] Call Trace:
[   59.705304][ T4878]  <TASK>
[   59.708241][ T4878]  dump_stack_lvl+0xf2/0x150
[   59.712848][ T4878]  dump_stack+0x15/0x20
[   59.717009][ T4878]  should_fail_ex+0x223/0x230
[   59.721803][ T4878]  ? mm_alloc+0x2b/0xa0
[   59.726038][ T4878]  should_failslab+0x8f/0xb0
[   59.730649][ T4878]  kmem_cache_alloc_noprof+0x4c/0x290
[   59.736076][ T4878]  mm_alloc+0x2b/0xa0
[   59.740128][ T4878]  alloc_bprm+0x324/0x740
[   59.744479][ T4878]  ? __rcu_read_unlock+0x4e/0x70
[   59.749472][ T4878]  ? should_fail_ex+0xd7/0x230
[   59.754464][ T4878]  do_execveat_common+0x134/0x800
[   59.759559][ T4878]  __x64_sys_execve+0x5a/0x70
[   59.764273][ T4878]  x64_sys_call+0x1277/0x2d60
[   59.769128][ T4878]  do_syscall_64+0xc9/0x1c0
[   59.773695][ T4878]  ? clear_bhb_loop+0x55/0xb0
[   59.778414][ T4878]  ? clear_bhb_loop+0x55/0xb0
[   59.783158][ T4878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.789090][ T4878] RIP: 0033:0x7fab1905e719
[   59.793511][ T4878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.813259][ T4878] RSP: 002b:00007fab17cd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   59.821721][ T4878] RAX: ffffffffffffffda RBX: 00007fab19215f80 RCX: 00007fab1905e719
[   59.829703][ T4878] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180
[   59.837749][ T4878] RBP: 00007fab17cd7090 R08: 0000000000000000 R09: 0000000000000000
[   59.845730][ T4878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.853711][ T4878] R13: 0000000000000000 R14: 00007fab19215f80 R15: 00007ffe98c07688
[   59.861704][ T4878]  </TASK>
[   59.880325][ T4879] loop0: detected capacity change from 0 to 512
[   59.907630][ T4879] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   59.922938][ T4879] EXT4-fs (loop0): mount failed
[   60.060981][ T4895] loop1: detected capacity change from 0 to 1024
[   60.067847][ T4895] journal_path: Lookup failure for './file2'
[   60.073878][ T4895] EXT4-fs: error: could not find journal device path
[   60.170915][ T4912] loop2: detected capacity change from 0 to 512
[   60.177806][ T4912] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   60.206552][ T4912] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.272103][ T4923] loop2: detected capacity change from 0 to 1024
[   60.278949][ T4923] journal_path: Lookup failure for './file2'
[   60.285071][ T4923] EXT4-fs: error: could not find journal device path
[   60.360996][ T4928] netlink: 8 bytes leftover after parsing attributes in process `syz.2.505'.
[   60.369931][ T4928] netlink: 36 bytes leftover after parsing attributes in process `syz.2.505'.
[   60.382847][ T4928] loop2: detected capacity change from 0 to 512
[   60.389751][ T4928] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   60.399911][ T4928] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[   60.902889][ T4950] loop4: detected capacity change from 0 to 512
[   60.911316][ T4950] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.515: Invalid inode bitmap blk 4 in block_group 0
[   61.262994][ T4985] loop5: detected capacity change from 0 to 1024
[   61.269878][ T4985] journal_path: Lookup failure for './file2'
[   61.275977][ T4985] EXT4-fs: error: could not find journal device path
[   61.317968][ T4993] xt_CT: You must specify a L4 protocol and not use inversions on it
[   61.336934][ T4993] 9pnet_fd: Insufficient options for proto=fd
[   61.359413][ T4994] loop2: detected capacity change from 0 to 512
[   61.360002][ T4994] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   61.376301][ T4994] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[   61.969120][ T5006] loop4: detected capacity change from 0 to 512
[   61.976137][ T5006] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   61.997095][ T5006] ext4 filesystem being mounted at /117/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   62.037882][ T5010] loop4: detected capacity change from 0 to 1024
[   62.044746][ T5010] journal_path: Lookup failure for './file2'
[   62.050867][ T5010] EXT4-fs: error: could not find journal device path
[   62.158638][ T5018] loop4: detected capacity change from 0 to 1024
[   62.165594][ T5018] journal_path: Lookup failure for './file2'
[   62.171652][ T5018] EXT4-fs: error: could not find journal device path
[   62.248413][ T5037] loop4: detected capacity change from 0 to 512
[   62.258122][ T5039] loop2: detected capacity change from 0 to 512
[   62.264731][ T5039] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   62.267121][ T5037] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.549: Invalid inode bitmap blk 4 in block_group 0
[   62.297007][ T5039] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   62.374319][ T5049] loop4: detected capacity change from 0 to 512
[   62.381291][ T5049] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   62.391803][ T5049] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[   62.690012][ T5057] 9pnet_fd: Insufficient options for proto=fd
[   62.794365][ T5071] loop1: detected capacity change from 0 to 512
[   62.802281][ T5071] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.562: Invalid inode bitmap blk 4 in block_group 0
[   63.180397][   T29] kauditd_printk_skb: 460 callbacks suppressed
[   63.180413][   T29] audit: type=1326 audit(1731306627.853:2260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.210505][   T29] audit: type=1326 audit(1731306627.863:2261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.233980][   T29] audit: type=1326 audit(1731306627.863:2262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.257348][   T29] audit: type=1326 audit(1731306627.863:2263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.280805][   T29] audit: type=1326 audit(1731306627.863:2264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.304311][   T29] audit: type=1326 audit(1731306627.863:2265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.327742][   T29] audit: type=1326 audit(1731306627.863:2266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.351116][   T29] audit: type=1326 audit(1731306627.863:2267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.374557][   T29] audit: type=1326 audit(1731306627.863:2268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.397896][   T29] audit: type=1326 audit(1731306627.863:2269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1905e719 code=0x7ffc0000
[   63.477455][ T5103] loop4: detected capacity change from 0 to 512
[   63.496240][ T5103] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.575: Invalid inode bitmap blk 4 in block_group 0
[   63.756215][ T5147] loop0: detected capacity change from 0 to 512
[   63.762915][ T5147] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   63.776782][ T5149] xt_CT: You must specify a L4 protocol and not use inversions on it
[   63.786610][ T5147] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   63.822277][ T5149] 9pnet_fd: Insufficient options for proto=fd
[   63.909045][ T5166] loop2: detected capacity change from 0 to 512
[   63.940351][ T5175] loop0: detected capacity change from 0 to 512
[   63.941565][ T5166] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.600: Failed to acquire dquot type 1
[   63.947990][ T5175] EXT4-fs (loop0): external journal device major/minor numbers have changed
[   63.958795][ T5166] EXT4-fs (loop2): 1 truncate cleaned up
[   63.970190][ T5175] EXT4-fs (loop0): failed to open journal device unknown-block(11,127) -6
[   63.973023][ T5166] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.007990][ T5175] loop0: detected capacity change from 0 to 256
[   64.021911][ T5175] FAT-fs (loop0): Directory bread(block 64) failed
[   64.029319][ T5175] FAT-fs (loop0): Directory bread(block 65) failed
[   64.035880][ T5175] FAT-fs (loop0): Directory bread(block 66) failed
[   64.042506][ T5175] FAT-fs (loop0): Directory bread(block 67) failed
[   64.049257][ T5175] FAT-fs (loop0): Directory bread(block 68) failed
[   64.055933][ T5175] FAT-fs (loop0): Directory bread(block 69) failed
[   64.062493][ T5175] FAT-fs (loop0): Directory bread(block 70) failed
[   64.069521][ T5178] __nla_validate_parse: 6 callbacks suppressed
[   64.069536][ T5178] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.602'.
[   64.069728][ T5175] FAT-fs (loop0): Directory bread(block 71) failed
[   64.076945][ T5173] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.602'.
[   64.085015][ T5175] FAT-fs (loop0): Directory bread(block 72) failed
[   64.093279][ T5178] netlink: 20 bytes leftover after parsing attributes in process `syz.1.602'.
[   64.100641][ T5175] FAT-fs (loop0): Directory bread(block 73) failed
[   64.129357][ T5173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.602'.
[   64.168674][ T5184] loop2: detected capacity change from 0 to 512
[   64.183713][ T5184] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   64.229661][ T5184] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.300076][ T5198] FAULT_INJECTION: forcing a failure.
[   64.300076][ T5198] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.313283][ T5198] CPU: 1 UID: 0 PID: 5198 Comm: syz.2.610 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   64.323953][ T5198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   64.334054][ T5198] Call Trace:
[   64.337340][ T5198]  <TASK>
[   64.340306][ T5198]  dump_stack_lvl+0xf2/0x150
[   64.345020][ T5198]  dump_stack+0x15/0x20
[   64.349235][ T5198]  should_fail_ex+0x223/0x230
[   64.353925][ T5198]  should_fail+0xb/0x10
[   64.358148][ T5198]  should_fail_usercopy+0x1a/0x20
[   64.363249][ T5198]  _copy_from_user+0x1e/0xb0
[   64.367856][ T5198]  copy_msghdr_from_user+0x54/0x2a0
[   64.373067][ T5198]  __sys_sendmmsg+0x21a/0x500
[   64.377843][ T5198]  __x64_sys_sendmmsg+0x57/0x70
[   64.382702][ T5198]  x64_sys_call+0xa49/0x2d60
[   64.387365][ T5198]  do_syscall_64+0xc9/0x1c0
[   64.391930][ T5198]  ? clear_bhb_loop+0x55/0xb0
[   64.396631][ T5198]  ? clear_bhb_loop+0x55/0xb0
[   64.401326][ T5198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.407295][ T5198] RIP: 0033:0x7f0d57bfe719
[   64.411743][ T5198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.431399][ T5198] RSP: 002b:00007f0d56871038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   64.439816][ T5198] RAX: ffffffffffffffda RBX: 00007f0d57db5f80 RCX: 00007f0d57bfe719
[   64.447806][ T5198] RDX: 0000000000000003 RSI: 0000000020004540 RDI: 0000000000000003
[   64.455775][ T5198] RBP: 00007f0d56871090 R08: 0000000000000000 R09: 0000000000000000
[   64.463762][ T5198] R10: 00000000240080e4 R11: 0000000000000246 R12: 0000000000000001
[   64.471912][ T5198] R13: 0000000000000000 R14: 00007f0d57db5f80 R15: 00007ffe4ae1d0a8
[   64.479976][ T5198]  </TASK>
[   64.541445][ T5211] syz.0.616 uses obsolete (PF_INET,SOCK_PACKET)
[   64.548824][ T5207] xt_CT: You must specify a L4 protocol and not use inversions on it
[   64.568901][ T5207] 9pnet_fd: Insufficient options for proto=fd
[   64.579951][ T5215] loop5: detected capacity change from 0 to 512
[   64.587356][ T5215] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   64.607601][ T5215] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.038070][ T5256] loop1: detected capacity change from 0 to 512
[   65.045694][ T5256] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.631: Invalid inode bitmap blk 4 in block_group 0
[   65.082527][ T5259] loop1: detected capacity change from 0 to 512
[   65.089273][ T5259] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.116881][ T5259] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.126906][ T5252] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.136155][ T5252] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.152723][ T5252] loop4: detected capacity change from 0 to 1024
[   65.159560][ T5252] EXT4-fs: Ignoring removed oldalloc option
[   65.165976][ T5252] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   65.191628][ T5268] xt_CT: You must specify a L4 protocol and not use inversions on it
[   65.207072][ T5268] 9pnet_fd: Insufficient options for proto=fd
[   65.291178][ T5276] loop1: detected capacity change from 0 to 256
[   65.297793][ T5276] vfat: Unknown parameter '9p'
[   65.332610][ T5278] loop1: detected capacity change from 0 to 2048
[   65.426710][ T5282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.639'.
[   65.435602][ T5282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.639'.
[   65.444381][ T5282] netlink: 4 bytes leftover after parsing attributes in process `syz.1.639'.
[   65.598085][ T5303] loop5: detected capacity change from 0 to 512
[   65.604834][ T5303] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.617105][ T5303] ext4 filesystem being mounted at /117/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.778649][ T5331] xt_CT: You must specify a L4 protocol and not use inversions on it
[   65.796556][ T5331] 9pnet_fd: Insufficient options for proto=fd
[   65.898124][ T5343] capability: warning: `syz.0.663' uses deprecated v2 capabilities in a way that may be insecure
[   65.994186][ T5351] loop0: detected capacity change from 0 to 1024
[   66.001120][ T5351] journal_path: Lookup failure for './file2'
[   66.007150][ T5351] EXT4-fs: error: could not find journal device path
[   66.063362][ T5358] loop0: detected capacity change from 0 to 512
[   66.071340][ T5358] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.670: Invalid inode bitmap blk 4 in block_group 0
[   66.214802][ T5375] netlink: 16 bytes leftover after parsing attributes in process `syz.0.678'.
[   66.259945][ T5384] loop0: detected capacity change from 0 to 512
[   66.278150][ T5384] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.681: Invalid inode bitmap blk 4 in block_group 0
[   66.306190][ T5391] xt_CT: You must specify a L4 protocol and not use inversions on it
[   66.577354][ T5426] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.694'.
[   66.587735][ T5412] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.694'.
[   66.642150][ T5434] loop0: detected capacity change from 0 to 1024
[   66.649377][ T5434] journal_path: Lookup failure for './file2'
[   66.655478][ T5434] EXT4-fs: error: could not find journal device path
[   66.721033][ T5443] loop1: detected capacity change from 0 to 128
[   66.916375][ T5459] loop4: detected capacity change from 0 to 128
[   66.983918][ T5457] syz.1.708: attempt to access beyond end of device
[   66.983918][ T5457] loop1: rw=2049, sector=201, nr_sectors = 744 limit=128
[   66.998801][ T5443] syz.1.708: attempt to access beyond end of device
[   66.998801][ T5443] loop1: rw=2049, sector=945, nr_sectors = 56 limit=128
[   67.016624][ T5457] syz.1.708: attempt to access beyond end of device
[   67.016624][ T5457] loop1: rw=2049, sector=1001, nr_sectors = 8 limit=128
[   67.030915][ T5443] syz.1.708: attempt to access beyond end of device
[   67.030915][ T5443] loop1: rw=2049, sector=1009, nr_sectors = 8 limit=128
[   67.047223][ T5457] syz.1.708: attempt to access beyond end of device
[   67.047223][ T5457] loop1: rw=2049, sector=1017, nr_sectors = 8 limit=128
[   67.060863][ T5443] syz.1.708: attempt to access beyond end of device
[   67.060863][ T5443] loop1: rw=2049, sector=1025, nr_sectors = 8 limit=128
[   67.077220][ T5457] syz.1.708: attempt to access beyond end of device
[   67.077220][ T5457] loop1: rw=2049, sector=1033, nr_sectors = 8 limit=128
[   67.105776][ T5457] syz.1.708: attempt to access beyond end of device
[   67.105776][ T5457] loop1: rw=2049, sector=201, nr_sectors = 840 limit=128
[   67.139075][ T5461] syz.4.715: attempt to access beyond end of device
[   67.139075][ T5461] loop4: rw=2049, sector=201, nr_sectors = 840 limit=128
[   67.163522][ T5461] syz.4.715: attempt to access beyond end of device
[   67.163522][ T5461] loop4: rw=2049, sector=201, nr_sectors = 840 limit=128
[   67.551727][ T5464] loop0: detected capacity change from 0 to 512
[   67.558590][ T5464] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   67.577060][ T5464] EXT4-fs mount: 55 callbacks suppressed
[   67.577072][ T5464] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.595415][ T5464] ext4 filesystem being mounted at /172/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   67.606184][ T5464] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.631967][ T5469] FAULT_INJECTION: forcing a failure.
[   67.631967][ T5469] name failslab, interval 1, probability 0, space 0, times 0
[   67.644644][ T5469] CPU: 0 UID: 0 PID: 5469 Comm: syz.0.717 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   67.655261][ T5469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   67.665344][ T5469] Call Trace:
[   67.668671][ T5469]  <TASK>
[   67.671618][ T5469]  dump_stack_lvl+0xf2/0x150
[   67.676225][ T5469]  dump_stack+0x15/0x20
[   67.680379][ T5469]  should_fail_ex+0x223/0x230
[   67.685095][ T5469]  ? assoc_array_delete+0x6a/0x920
[   67.690210][ T5469]  should_failslab+0x8f/0xb0
[   67.694870][ T5469]  __kmalloc_cache_noprof+0x4b/0x2a0
[   67.700263][ T5469]  assoc_array_delete+0x6a/0x920
[   67.705276][ T5469]  key_unlink+0x68/0xe0
[   67.709461][ T5469]  keyctl_keyring_unlink+0xd8/0x110
[   67.714723][ T5469]  __se_sys_keyctl+0x560/0xbb0
[   67.719499][ T5469]  ? __rcu_read_unlock+0x4e/0x70
[   67.724531][ T5469]  ? __fget_files+0x1d4/0x210
[   67.729259][ T5469]  ? fput+0x14e/0x190
[   67.733327][ T5469]  ? ksys_write+0x17a/0x1b0
[   67.737860][ T5469]  __x64_sys_keyctl+0x67/0x80
[   67.742571][ T5469]  x64_sys_call+0x971/0x2d60
[   67.747208][ T5469]  do_syscall_64+0xc9/0x1c0
[   67.751729][ T5469]  ? clear_bhb_loop+0x55/0xb0
[   67.756531][ T5469]  ? clear_bhb_loop+0x55/0xb0
[   67.761205][ T5469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.767146][ T5469] RIP: 0033:0x7f22a509e719
[   67.771553][ T5469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.791231][ T5469] RSP: 002b:00007f22a3d17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[   67.799687][ T5469] RAX: ffffffffffffffda RBX: 00007f22a5255f80 RCX: 00007f22a509e719
[   67.807675][ T5469] RDX: 0000000028d5232e RSI: 000000002a34b87b RDI: 0000000000000009
[   67.815810][ T5469] RBP: 00007f22a3d17090 R08: 0000000000000000 R09: 0000000000000000
[   67.823778][ T5469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.831767][ T5469] R13: 0000000000000000 R14: 00007f22a5255f80 R15: 00007ffe67ad11e8
[   67.839794][ T5469]  </TASK>
[   67.859255][ T5471] FAULT_INJECTION: forcing a failure.
[   67.859255][ T5471] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.872544][ T5471] CPU: 0 UID: 0 PID: 5471 Comm: syz.2.718 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   67.883239][ T5471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   67.893344][ T5471] Call Trace:
[   67.896686][ T5471]  <TASK>
[   67.899696][ T5471]  dump_stack_lvl+0xf2/0x150
[   67.904318][ T5471]  dump_stack+0x15/0x20
[   67.908552][ T5471]  should_fail_ex+0x223/0x230
[   67.913250][ T5471]  should_fail+0xb/0x10
[   67.917426][ T5471]  should_fail_usercopy+0x1a/0x20
[   67.922538][ T5471]  _copy_from_user+0x1e/0xb0
[   67.927229][ T5471]  __x64_sys_epoll_ctl+0x8e/0xf0
[   67.932271][ T5471]  x64_sys_call+0x27c9/0x2d60
[   67.936968][ T5471]  do_syscall_64+0xc9/0x1c0
[   67.941490][ T5471]  ? clear_bhb_loop+0x55/0xb0
[   67.946176][ T5471]  ? clear_bhb_loop+0x55/0xb0
[   67.950949][ T5471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.957001][ T5471] RIP: 0033:0x7f0d57bfe719
[   67.961481][ T5471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.981173][ T5471] RSP: 002b:00007f0d56871038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[   67.989642][ T5471] RAX: ffffffffffffffda RBX: 00007f0d57db5f80 RCX: 00007f0d57bfe719
[   67.997647][ T5471] RDX: 0000000000000007 RSI: 0000000000000003 RDI: 0000000000000006
[   68.005644][ T5471] RBP: 00007f0d56871090 R08: 0000000000000000 R09: 0000000000000000
[   68.013625][ T5471] R10: 0000000020000280 R11: 0000000000000246 R12: 0000000000000001
[   68.021598][ T5471] R13: 0000000000000000 R14: 00007f0d57db5f80 R15: 00007ffe4ae1d0a8
[   68.029580][ T5471]  </TASK>
[   68.052280][ T5477] loop2: detected capacity change from 0 to 1024
[   68.059172][ T5477] journal_path: Lookup failure for './file2'
[   68.065280][ T5477] EXT4-fs: error: could not find journal device path
[   68.173653][ T5491] loop0: detected capacity change from 0 to 512
[   68.186545][ T5491] __quota_error: 739 callbacks suppressed
[   68.186558][ T5491] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[   68.202344][ T5491] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   68.212325][ T5491] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.726: Failed to acquire dquot type 1
[   68.224491][ T5491] EXT4-fs (loop0): 1 truncate cleaned up
[   68.230561][ T5491] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.243132][ T5491] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.263027][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.280885][   T29] audit: type=1326 audit(1731306632.953:3007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5500 comm="syz.0.729" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f22a509e719 code=0x0
[   68.703528][ T5505] xt_CT: You must specify a L4 protocol and not use inversions on it
[   68.718192][ T5505] 9pnet_fd: Insufficient options for proto=fd
[   68.748388][ T5507] FAULT_INJECTION: forcing a failure.
[   68.748388][ T5507] name failslab, interval 1, probability 0, space 0, times 0
[   68.761104][ T5507] CPU: 0 UID: 0 PID: 5507 Comm: +}[@ Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   68.771288][ T5507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   68.781341][ T5507] Call Trace:
[   68.784643][ T5507]  <TASK>
[   68.787572][ T5507]  dump_stack_lvl+0xf2/0x150
[   68.792179][ T5507]  dump_stack+0x15/0x20
[   68.796414][ T5507]  should_fail_ex+0x223/0x230
[   68.801153][ T5507]  ? dup_task_struct+0x6c/0x710
[   68.806151][ T5507]  should_failslab+0x8f/0xb0
[   68.810756][ T5507]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[   68.816598][ T5507]  dup_task_struct+0x6c/0x710
[   68.821407][ T5507]  ? kstrtoull+0x110/0x140
[   68.825858][ T5507]  copy_process+0x3a9/0x1f90
[   68.830528][ T5507]  ? 0xffffffff81000000
[   68.834693][ T5507]  ? selinux_file_permission+0x22a/0x360
[   68.840325][ T5507]  ? __rcu_read_unlock+0x4e/0x70
[   68.845284][ T5507]  kernel_clone+0x167/0x5e0
[   68.849814][ T5507]  ? vfs_write+0x596/0x920
[   68.854244][ T5507]  ? __pfx_kfree_link+0x10/0x10
[   68.859212][ T5507]  __x64_sys_clone+0xe8/0x120
[   68.863993][ T5507]  x64_sys_call+0x2d23/0x2d60
[   68.868741][ T5507]  do_syscall_64+0xc9/0x1c0
[   68.873299][ T5507]  ? clear_bhb_loop+0x55/0xb0
[   68.878127][ T5507]  ? clear_bhb_loop+0x55/0xb0
[   68.882884][ T5507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.888964][ T5507] RIP: 0033:0x7f86d466e719
[   68.893384][ T5507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.913007][ T5507] RSP: 002b:00007f86d32e6fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   68.921434][ T5507] RAX: ffffffffffffffda RBX: 00007f86d4825f80 RCX: 00007f86d466e719
[   68.929473][ T5507] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000638c1000
[   68.937492][ T5507] RBP: 00007f86d32e7090 R08: 0000000000000000 R09: 0000000000000000
[   68.945465][ T5507] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   68.953454][ T5507] R13: 0000000000000000 R14: 00007f86d4825f80 R15: 00007ffdbafe1328
[   68.961478][ T5507]  </TASK>
[   68.979751][   T29] audit: type=1326 audit(1731306633.653:3008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.5.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   69.003576][   T29] audit: type=1326 audit(1731306633.653:3009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.5.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   69.027023][   T29] audit: type=1326 audit(1731306633.653:3010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.5.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   69.050460][   T29] audit: type=1326 audit(1731306633.653:3011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.5.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   69.073915][   T29] audit: type=1326 audit(1731306633.653:3012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.5.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   69.097288][   T29] audit: type=1326 audit(1731306633.653:3013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.5.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   69.120722][   T29] audit: type=1326 audit(1731306633.653:3014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.5.732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86d466e719 code=0x7ffc0000
[   69.159797][ T5522] __nla_validate_parse: 5 callbacks suppressed
[   69.159817][ T5522] netlink: 324 bytes leftover after parsing attributes in process `syz.5.736'.
[   69.350469][ T5531] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   69.350469][ T5531] The task syz.0.738 (5531) triggered the difference, watch for misbehavior.
[   69.809752][ T5536] loop1: detected capacity change from 0 to 512
[   69.816693][ T5536] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   69.836761][ T5536] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.849444][ T5536] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.862029][ T5536] netlink: 12 bytes leftover after parsing attributes in process `syz.1.741'.
[   69.878573][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.974506][ T5557] netlink: 324 bytes leftover after parsing attributes in process `syz.1.749'.
[   70.139153][ T5571] loop4: detected capacity change from 0 to 256
[   70.141183][ T5562] loop1: detected capacity change from 0 to 128
[   70.241815][ T5582] loop5: detected capacity change from 0 to 2048
[   70.258559][ T5582] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.367438][ T5600] netlink: 8 bytes leftover after parsing attributes in process `syz.5.760'.
[   70.376343][ T5600] netlink: 8 bytes leftover after parsing attributes in process `syz.5.760'.
[   70.385166][ T5600] netlink: 4 bytes leftover after parsing attributes in process `syz.5.760'.
[   70.537552][ T5605] loop0: detected capacity change from 0 to 2048
[   70.546612][ T5605] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.633545][ T5609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.766'.
[   70.642479][ T5609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.766'.
[   70.651290][ T5609] netlink: 4 bytes leftover after parsing attributes in process `syz.0.766'.
[   71.098247][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.138617][ T5614] xt_CT: You must specify a L4 protocol and not use inversions on it
[   71.150263][ T5616] loop4: detected capacity change from 0 to 512
[   71.157877][ T5614] 9pnet_fd: Insufficient options for proto=fd
[   71.168739][ T5616] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[   71.176947][ T5616] System zones: 1-12
[   71.181067][ T5616] EXT4-fs (loop4): orphan cleanup on readonly fs
[   71.187812][ T5616] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 33619980: comm +}[@: invalid block
[   71.199255][ T5616] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm +}[@: invalid indirect mapped block 1819239214 (level 1)
[   71.213647][ T5616] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 361: padding at end of block bitmap is not set
[   71.230479][ T5616] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   71.239614][ T5616] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm +}[@: attempt to clear invalid blocks 33619980 len 1
[   71.252863][ T5623] FAULT_INJECTION: forcing a failure.
[   71.252863][ T5623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.265958][ T5623] CPU: 0 UID: 0 PID: 5623 Comm: syz.5.771 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   71.276582][ T5623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.286655][ T5623] Call Trace:
[   71.290016][ T5623]  <TASK>
[   71.292959][ T5623]  dump_stack_lvl+0xf2/0x150
[   71.297697][ T5623]  dump_stack+0x15/0x20
[   71.301884][ T5623]  should_fail_ex+0x223/0x230
[   71.306674][ T5623]  should_fail+0xb/0x10
[   71.310895][ T5623]  should_fail_usercopy+0x1a/0x20
[   71.315946][ T5623]  _copy_to_user+0x20/0xa0
[   71.318188][ T5627] loop2: detected capacity change from 0 to 8192
[   71.320369][ T5623]  simple_read_from_buffer+0xa0/0x110
[   71.329148][ T5616] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm +}[@: invalid indirect mapped block 1819239214 (level 0)
[   71.332058][ T5623]  proc_fail_nth_read+0xf9/0x140
[   71.345918][ T5627] vfat: Unknown parameter '����'
[   71.350353][ T5623]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   71.357120][ T5616] EXT4-fs (loop4): 1 truncate cleaned up
[   71.361004][ T5623]  vfs_read+0x1a2/0x700
[   71.370952][ T5623]  ? __fget_files+0x1d4/0x210
[   71.371005][ T5623]  ksys_read+0xeb/0x1b0
[   71.371048][ T5623]  __x64_sys_read+0x42/0x50
[   71.371086][ T5623]  x64_sys_call+0x27d3/0x2d60
[   71.371131][ T5623]  do_syscall_64+0xc9/0x1c0
[   71.371161][ T5623]  ? clear_bhb_loop+0x55/0xb0
[   71.371186][ T5623]  ? clear_bhb_loop+0x55/0xb0
[   71.371213][ T5623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.371247][ T5623] RIP: 0033:0x7f86d466d15c
[   71.371263][ T5623] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   71.371329][ T5623] RSP: 002b:00007f86d32e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   71.371353][ T5623] RAX: ffffffffffffffda RBX: 00007f86d4825f80 RCX: 00007f86d466d15c
[   71.371370][ T5623] RDX: 000000000000000f RSI: 00007f86d32e70a0 RDI: 0000000000000004
[   71.371386][ T5623] RBP: 00007f86d32e7090 R08: 0000000000000000 R09: 0000000000000000
[   71.371401][ T5623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.371417][ T5623] R13: 0000000000000000 R14: 00007f86d4825f80 R15: 00007ffdbafe1328
[   71.371489][ T5623]  </TASK>
[   71.388744][ T5616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   71.395637][ T5629] loop5: detected capacity change from 0 to 256
[   71.408668][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.431122][ T5629] FAT-fs (loop5): Directory bread(block 64) failed
[   71.538523][ T5629] FAT-fs (loop5): Directory bread(block 65) failed
[   71.545895][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.546927][ T5629] FAT-fs (loop5): Directory bread(block 66) failed
[   71.561610][ T5629] FAT-fs (loop5): Directory bread(block 67) failed
[   71.568185][ T5629] FAT-fs (loop5): Directory bread(block 68) failed
[   71.575721][ T5629] FAT-fs (loop5): Directory bread(block 69) failed
[   71.586313][ T5629] FAT-fs (loop5): Directory bread(block 70) failed
[   71.592960][ T5629] FAT-fs (loop5): Directory bread(block 71) failed
[   71.599694][ T5629] FAT-fs (loop5): Directory bread(block 72) failed
[   71.603817][ T5634] loop6: detected capacity change from 0 to 7
[   71.606364][ T5629] FAT-fs (loop5): Directory bread(block 73) failed
[   71.612960][ T5634] Buffer I/O error on dev loop6, logical block 0, async page read
[   71.629091][ T5634] Buffer I/O error on dev loop6, logical block 0, async page read
[   71.636939][ T5634]  loop6: unable to read partition table
[   71.642588][ T5634] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[   71.642588][ T5634] 
) failed (rc=-5)
[   71.692219][ T5643] loop2: detected capacity change from 0 to 2048
[   71.716929][ T5643] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.807101][ T5661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.778'.
[   71.886772][ T5666] ebtables: ebtables: counters copy to user failed while replacing table
[   71.998809][ T5671] syz.0.786[5671] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.998882][ T5671] syz.0.786[5671] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.420511][ T5678] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[   72.438341][ T5678] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   72.446082][ T5678] vhci_hcd vhci_hcd.0: Device attached
[   72.452442][ T5680] vhci_hcd: cannot find the pending unlink 53665
[   72.459512][ T5680] vhci_hcd: connection closed
[   72.459746][   T11] vhci_hcd: stop threads
[   72.468724][   T11] vhci_hcd: release socket
[   72.473161][   T11] vhci_hcd: disconnect device
[   72.565726][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.575589][ T5683] FAULT_INJECTION: forcing a failure.
[   72.575589][ T5683] name failslab, interval 1, probability 0, space 0, times 0
[   72.588265][ T5683] CPU: 1 UID: 0 PID: 5683 Comm: syz.5.789 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   72.598962][ T5683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   72.609068][ T5683] Call Trace:
[   72.612365][ T5683]  <TASK>
[   72.615378][ T5683]  dump_stack_lvl+0xf2/0x150
[   72.620024][ T5683]  dump_stack+0x15/0x20
[   72.624211][ T5683]  should_fail_ex+0x223/0x230
[   72.629018][ T5683]  ? mas_alloc_nodes+0x1d3/0x4a0
[   72.634053][ T5683]  should_failslab+0x8f/0xb0
[   72.638766][ T5683]  kmem_cache_alloc_noprof+0x4c/0x290
[   72.644154][ T5683]  mas_alloc_nodes+0x1d3/0x4a0
[   72.648969][ T5683]  mas_preallocate+0x449/0x650
[   72.653816][ T5683]  __split_vma+0x244/0x6a0
[   72.658242][ T5683]  vma_modify+0x2cb/0xcd0
[   72.662622][ T5683]  vma_modify_policy+0xeb/0x120
[   72.667584][ T5683]  mbind_range+0x1d8/0x490
[   72.672021][ T5683]  __se_sys_mbind+0x915/0x1160
[   72.676803][ T5683]  __x64_sys_mbind+0x78/0x90
[   72.681401][ T5683]  x64_sys_call+0x2b4d/0x2d60
[   72.686109][ T5683]  do_syscall_64+0xc9/0x1c0
[   72.690613][ T5683]  ? clear_bhb_loop+0x55/0xb0
[   72.695290][ T5683]  ? clear_bhb_loop+0x55/0xb0
[   72.700028][ T5683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.706033][ T5683] RIP: 0033:0x7f86d466e719
[   72.710584][ T5683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.730322][ T5683] RSP: 002b:00007f86d32e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[   72.738767][ T5683] RAX: ffffffffffffffda RBX: 00007f86d4825f80 RCX: 00007f86d466e719
[   72.746933][ T5683] RDX: 0000000000000004 RSI: 0000000000800000 RDI: 0000000020001000
[   72.754926][ T5683] RBP: 00007f86d32e7090 R08: 0000000000000000 R09: 0000000000000002
[   72.762914][ T5683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.770907][ T5683] R13: 0000000000000000 R14: 00007f86d4825f80 R15: 00007ffdbafe1328
[   72.778909][ T5683]  </TASK>
[   72.830291][ T5701] xt_CT: You must specify a L4 protocol and not use inversions on it
[   72.839886][ T5701] 9pnet_fd: Insufficient options for proto=fd
[   73.003925][ T5731] loop2: detected capacity change from 0 to 512
[   73.011775][ T5731] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.805: Invalid inode bitmap blk 4 in block_group 0
[   73.024677][ T5731] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.062354][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.100068][ T5738] loop5: detected capacity change from 0 to 4096
[   73.121116][ T5738] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.154078][ T5747] xt_CT: You must specify a L4 protocol and not use inversions on it
[   73.165575][ T5747] 9pnet_fd: Insufficient options for proto=fd
[   73.165740][ T3718] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.185747][ T5753] loop1: detected capacity change from 0 to 128
[   73.192672][ T5753] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   73.204858][ T5753] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   73.233334][   T29] kauditd_printk_skb: 537 callbacks suppressed
[   73.233349][   T29] audit: type=1400 audit(1731306637.903:3552): avc:  denied  { read } for  pid=5760 comm="syz.5.818" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   73.264114][   T29] audit: type=1400 audit(1731306637.913:3553): avc:  denied  { open } for  pid=5760 comm="syz.5.818" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   73.288762][   T29] audit: type=1400 audit(1731306637.913:3554): avc:  denied  { ioctl } for  pid=5760 comm="syz.5.818" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   73.332024][   T29] audit: type=1400 audit(1731306638.003:3555): avc:  denied  { bind } for  pid=5771 comm="syz.5.821" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   73.335627][ T5769] loop1: detected capacity change from 0 to 512
[   73.358730][   T29] audit: type=1400 audit(1731306638.003:3556): avc:  denied  { node_bind } for  pid=5771 comm="syz.5.821" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[   73.391839][ T5769] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.819: Invalid inode bitmap blk 4 in block_group 0
[   73.405779][ T5769] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.431440][   T29] audit: type=1326 audit(1731306638.103:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5767 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   73.455725][   T29] audit: type=1326 audit(1731306638.133:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5767 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   73.479114][   T29] audit: type=1326 audit(1731306638.133:3559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5767 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   73.504450][   T29] audit: type=1326 audit(1731306638.133:3560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5767 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   73.527794][   T29] audit: type=1326 audit(1731306638.133:3561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5767 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0209be719 code=0x7ffc0000
[   73.552476][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.589059][ T5788] 9pnet_fd: Insufficient options for proto=fd
[   73.596690][ T5790] loop1: detected capacity change from 0 to 4096
[   73.609139][ T5792] SELinux:  Context system_u:object_r:tpm_device_t:s0 is not valid (left unmapped).
[   73.617885][ T5783] loop5: detected capacity change from 0 to 128
[   73.621111][ T5790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.640767][ T5798] FAULT_INJECTION: forcing a failure.
[   73.640767][ T5798] name failslab, interval 1, probability 0, space 0, times 0
[   73.653444][ T5798] CPU: 1 UID: 0 PID: 5798 Comm: syz.4.830 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   73.664185][ T5798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   73.674248][ T5798] Call Trace:
[   73.677531][ T5798]  <TASK>
[   73.680483][ T5798]  dump_stack_lvl+0xf2/0x150
[   73.685128][ T5798]  dump_stack+0x15/0x20
[   73.689358][ T5798]  should_fail_ex+0x223/0x230
[   73.694159][ T5798]  ? skb_clone+0x154/0x1f0
[   73.698584][ T5798]  should_failslab+0x8f/0xb0
[   73.703257][ T5798]  kmem_cache_alloc_noprof+0x4c/0x290
[   73.708733][ T5798]  skb_clone+0x154/0x1f0
[   73.712980][ T5798]  __netlink_deliver_tap+0x2bd/0x4c0
[   73.718276][ T5798]  netlink_unicast+0x64a/0x670
[   73.723166][ T5798]  netlink_sendmsg+0x5cc/0x6e0
[   73.727937][ T5798]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.733235][ T5798]  __sock_sendmsg+0x140/0x180
[   73.737939][ T5798]  ____sys_sendmsg+0x312/0x410
[   73.742752][ T5798]  __sys_sendmsg+0x1d9/0x270
[   73.747388][ T5798]  __x64_sys_sendmsg+0x46/0x50
[   73.752175][ T5798]  x64_sys_call+0x2689/0x2d60
[   73.756875][ T5798]  do_syscall_64+0xc9/0x1c0
[   73.761385][ T5798]  ? clear_bhb_loop+0x55/0xb0
[   73.766110][ T5798]  ? clear_bhb_loop+0x55/0xb0
[   73.770793][ T5798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.776794][ T5798] RIP: 0033:0x7fab1905e719
[   73.781313][ T5798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.801086][ T5798] RSP: 002b:00007fab17cd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.809570][ T5798] RAX: ffffffffffffffda RBX: 00007fab19215f80 RCX: 00007fab1905e719
[   73.817554][ T5798] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000007
[   73.825605][ T5798] RBP: 00007fab17cd7090 R08: 0000000000000000 R09: 0000000000000000
[   73.833580][ T5798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.841580][ T5798] R13: 0000000000000000 R14: 00007fab19215f80 R15: 00007ffe98c07688
[   73.849628][ T5798]  </TASK>
[   73.860686][ T5798] vlan2: entered allmulticast mode
[   73.944064][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.987149][ T5812] loop2: detected capacity change from 0 to 512
[   74.024848][ T5812] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.837: Invalid inode bitmap blk 4 in block_group 0
[   74.056340][ T5812] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.097349][ T5816] bio_check_eod: 5 callbacks suppressed
[   74.097363][ T5816] syz.5.825: attempt to access beyond end of device
[   74.097363][ T5816] loop5: rw=2049, sector=201, nr_sectors = 840 limit=128
[   74.137021][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.147095][ T5816] syz.5.825: attempt to access beyond end of device
[   74.147095][ T5816] loop5: rw=2049, sector=201, nr_sectors = 840 limit=128
[   74.177856][ T5838] __nla_validate_parse: 4 callbacks suppressed
[   74.177869][ T5838] netlink: 12 bytes leftover after parsing attributes in process `syz.1.847'.
[   74.204002][ T5838] 8021q: adding VLAN 0 to HW filter on device bond1
[   74.210803][ T5835] loop4: detected capacity change from 0 to 2048
[   74.242111][ T5838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.847'.
[   74.284000][ T5835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.310284][ T5857] loop1: detected capacity change from 0 to 1024
[   74.317129][ T5857] journal_path: Lookup failure for './file2'
[   74.323156][ T5857] EXT4-fs: error: could not find journal device path
[   74.350600][ T5861] loop1: detected capacity change from 0 to 512
[   74.362954][ T5865] loop2: detected capacity change from 0 to 128
[   74.370359][ T5861] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.855: Invalid inode bitmap blk 4 in block_group 0
[   74.385758][ T5866] netlink: 8 bytes leftover after parsing attributes in process `syz.4.846'.
[   74.387164][ T5865] netlink: 16 bytes leftover after parsing attributes in process `syz.2.856'.
[   74.394559][ T5866] netlink: 8 bytes leftover after parsing attributes in process `syz.4.846'.
[   74.403447][ T5865] netlink: 16 bytes leftover after parsing attributes in process `syz.2.856'.
[   74.412221][ T5866] netlink: 4 bytes leftover after parsing attributes in process `syz.4.846'.
[   74.423775][ T5861] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.480991][ T5875] loop0: detected capacity change from 0 to 1024
[   74.490048][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.518714][ T5877] rdma_op ffff888123c17d80 conn xmit_rdma 0000000000000000
[   74.519946][ T5875] EXT4-fs: Ignoring removed nomblk_io_submit option
[   74.537272][ T5880] loop1: detected capacity change from 0 to 164
[   74.544409][ T5880] rock: corrupted directory entry. extent=41, offset=65536, size=8
[   74.546152][ T5875] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.553272][ T5880] rock: corrupted directory entry. extent=41, offset=65536, size=8
[   74.573125][ T5880] iso9660: Corrupted directory entry in block 4 of inode 1792
[   74.581711][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.582247][ T5881] netlink: 8 bytes leftover after parsing attributes in process `syz.2.860'.
[   74.599666][ T5881] netlink: 36 bytes leftover after parsing attributes in process `syz.2.860'.
[   74.628743][ T5881] loop2: detected capacity change from 0 to 512
[   74.636538][ T5881] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.648550][ T5881] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[   74.668294][ T5887] loop0: detected capacity change from 0 to 2048
[   74.686566][ T5887] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.709589][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.740547][ T5894] netlink: 324 bytes leftover after parsing attributes in process `syz.1.865'.
[   74.770946][ T5896] loop1: detected capacity change from 0 to 1024
[   74.778011][ T5896] journal_path: Lookup failure for './file2'
[   74.784088][ T5896] EXT4-fs: error: could not find journal device path
[   74.842041][ T5901] loop1: detected capacity change from 0 to 512
[   74.856987][ T5901] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.869731][ T5901] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.987620][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.060486][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.069539][ T5911] FAULT_INJECTION: forcing a failure.
[   75.069539][ T5911] name failslab, interval 1, probability 0, space 0, times 0
[   75.069568][ T5911] CPU: 0 UID: 0 PID: 5911 Comm: syz.1.871 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   75.069599][ T5911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   75.069616][ T5911] Call Trace:
[   75.069623][ T5911]  <TASK>
[   75.069634][ T5911]  dump_stack_lvl+0xf2/0x150
[   75.069668][ T5911]  dump_stack+0x15/0x20
[   75.069694][ T5911]  should_fail_ex+0x223/0x230
[   75.069777][ T5911]  ? usb_hcd_submit_urb+0x629/0x1510
[   75.128010][ T5911]  should_failslab+0x8f/0xb0
[   75.132656][ T5911]  __kmalloc_noprof+0xa5/0x370
[   75.137476][ T5911]  usb_hcd_submit_urb+0x629/0x1510
[   75.142665][ T5911]  ? enqueue_task_fair+0x122/0x880
[   75.147793][ T5911]  ? finish_task_switch+0xb5/0x2b0
[   75.152945][ T5911]  ? __schedule+0x6fa/0x930
[   75.157499][ T5911]  usb_submit_urb+0xa80/0xb70
[   75.162203][ T5911]  usb_start_wait_urb+0x91/0x190
[   75.167159][ T5911]  usb_control_msg+0x182/0x240
[   75.171931][ T5911]  hub_ext_port_status+0xbf/0x480
[   75.177019][ T5911]  hub_activate+0x4c8/0xf40
[   75.181621][ T5911]  hub_resume+0x48/0x1e0
[   75.185870][ T5911]  ? mutex_lock+0xd/0x40
[   75.190289][ T5911]  usb_resume_both+0x3ed/0x5b0
[   75.195070][ T5911]  ? __pfx_usb_runtime_resume+0x10/0x10
[   75.200692][ T5911]  usb_runtime_resume+0x21/0x30
[   75.205593][ T5911]  __rpm_callback+0x299/0x720
[   75.210301][ T5911]  ? __pfx_usb_runtime_resume+0x10/0x10
[   75.215908][ T5911]  rpm_resume+0x8e6/0xd00
[   75.220259][ T5911]  ? klist_dec_and_del+0xb8/0x260
[   75.225339][ T5911]  __pm_runtime_resume+0xdc/0x100
[   75.230397][ T5911]  usb_autoresume_device+0x25/0xd0
[   75.235532][ T5911]  usbdev_open+0xfe/0x480
[   75.239908][ T5911]  ? selinux_file_open+0x34a/0x3b0
[   75.245061][ T5911]  chrdev_open+0x2f9/0x370
[   75.249489][ T5911]  ? __pfx_chrdev_open+0x10/0x10
[   75.254453][ T5911]  do_dentry_open+0x621/0xa20
[   75.259204][ T5911]  vfs_open+0x38/0x1f0
[   75.263347][ T5911]  path_openat+0x1ac2/0x1fa0
[   75.267982][ T5911]  do_filp_open+0xf7/0x200
[   75.272470][ T5911]  do_sys_openat2+0xab/0x120
[   75.277079][ T5911]  __x64_sys_openat+0xf3/0x120
[   75.281870][ T5911]  x64_sys_call+0x1025/0x2d60
[   75.286604][ T5911]  do_syscall_64+0xc9/0x1c0
[   75.291240][ T5911]  ? clear_bhb_loop+0x55/0xb0
[   75.295957][ T5911]  ? clear_bhb_loop+0x55/0xb0
[   75.300643][ T5911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.306599][ T5911] RIP: 0033:0x7fa0209bd0b0
[   75.311034][ T5911] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[   75.330656][ T5911] RSP: 002b:00007fa01f630b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   75.339155][ T5911] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa0209bd0b0
[   75.347243][ T5911] RDX: 0000000000000000 RSI: 00007fa01f630c10 RDI: 00000000ffffff9c
[   75.355220][ T5911] RBP: 00007fa01f630c10 R08: 0000000000000000 R09: 0000000000000000
[   75.363251][ T5911] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[   75.371244][ T5911] R13: 0000000000000000 R14: 00007fa020b75f80 R15: 00007ffe48323568
[   75.379261][ T5911]  </TASK>
[   75.386231][ T5911] hub 8-0:1.0: hub_ext_port_status failed (err = -12)
[   75.393873][ T5913] vhci_hcd: invalid port number 0
[   75.399726][ T5913] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   75.417783][ T5915] netlink: 'syz.2.873': attribute type 5 has an invalid length.
[   75.466950][ T5921] loop4: detected capacity change from 0 to 128
[   75.473972][ T5921] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   75.488146][ T5921] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   75.556456][ T5935] loop1: detected capacity change from 0 to 2048
[   75.583538][ T5935] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.670480][ T5960] loop0: detected capacity change from 0 to 512
[   75.677946][ T5960] ext4: Unknown parameter 'smackfstransmute'
[   76.420350][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.455851][   T28] ==================================================================
[   76.463998][   T28] BUG: KCSAN: data-race in n_tty_flush_buffer / n_tty_lookahead_flow_ctrl
[   76.472550][   T28] 
[   76.474893][   T28] write to 0xffffc90005d70270 of 8 bytes by task 5947 on cpu 0:
[   76.482544][   T28]  n_tty_flush_buffer+0x9f/0x190
[   76.487498][   T28]  tty_ldisc_hangup+0x72/0x370
[   76.492280][   T28]  __tty_hangup+0x3b1/0x530
[   76.496791][   T28]  tty_vhangup+0x17/0x20
[   76.501050][   T28]  pty_close+0x262/0x280
[   76.505297][   T28]  tty_release+0x206/0x930
[   76.509707][   T28]  __fput+0x17a/0x6d0
[   76.513711][   T28]  ____fput+0x1c/0x30
[   76.517742][   T28]  task_work_run+0x13a/0x1a0
[   76.522337][   T28]  get_signal+0xee9/0x1070
[   76.526763][   T28]  arch_do_signal_or_restart+0x95/0x4b0
[   76.532307][   T28]  syscall_exit_to_user_mode+0x59/0x130
[   76.537850][   T28]  do_syscall_64+0xd6/0x1c0
[   76.542365][   T28]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.548270][   T28] 
[   76.550588][   T28] read-write to 0xffffc90005d70270 of 8 bytes by task 28 on cpu 1:
[   76.558491][   T28]  n_tty_lookahead_flow_ctrl+0x48/0x130
[   76.564042][   T28]  tty_port_default_lookahead_buf+0x8a/0xc0
[   76.569935][   T28]  flush_to_ldisc+0x31c/0x410
[   76.574609][   T28]  process_scheduled_works+0x483/0x9a0
[   76.580092][   T28]  worker_thread+0x51d/0x6f0
[   76.584676][   T28]  kthread+0x1d1/0x210
[   76.588761][   T28]  ret_from_fork+0x4b/0x60
[   76.593181][   T28]  ret_from_fork_asm+0x1a/0x30
[   76.597947][   T28] 
[   76.600258][   T28] value changed: 0x0000000000001fed -> 0x0000000000000000
[   76.607356][   T28] 
[   76.609670][   T28] Reported by Kernel Concurrency Sanitizer on:
[   76.615811][   T28] CPU: 1 UID: 0 PID: 28 Comm: kworker/u8:1 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   76.626480][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   76.636534][   T28] Workqueue: events_unbound flush_to_ldisc
[   76.642345][   T28] ==================================================================
[   76.719959][ T5982] FAULT_INJECTION: forcing a failure.
[   76.719959][ T5982] name failslab, interval 1, probability 0, space 0, times 0
[   76.732663][ T5982] CPU: 0 UID: 0 PID: 5982 Comm: syz.1.895 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0
[   76.743343][ T5982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   76.753414][ T5982] Call Trace:
[   76.756713][ T5982]  <TASK>
[   76.759747][ T5982]  dump_stack_lvl+0xf2/0x150
[   76.764415][ T5982]  dump_stack+0x15/0x20
[   76.768593][ T5982]  should_fail_ex+0x223/0x230
[   76.773309][ T5982]  ? alloc_pipe_info+0x1cb/0x360
[   76.778280][ T5982]  should_failslab+0x8f/0xb0
[   76.782884][ T5982]  __kmalloc_noprof+0xa5/0x370
[   76.787722][ T5982]  alloc_pipe_info+0x1cb/0x360
[   76.792539][ T5982]  splice_direct_to_actor+0x60f/0x670
[   76.797959][ T5982]  ? __pfx_direct_splice_actor+0x10/0x10
[   76.803599][ T5982]  ? selinux_file_permission+0x327/0x360
[   76.809234][ T5982]  do_splice_direct+0xd7/0x150
[   76.814122][ T5982]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   76.820063][ T5982]  do_sendfile+0x39b/0x970
[   76.824544][ T5982]  __x64_sys_sendfile64+0x110/0x150
[   76.829763][ T5982]  x64_sys_call+0xed5/0x2d60
[   76.834360][ T5982]  do_syscall_64+0xc9/0x1c0
[   76.838868][ T5982]  ? clear_bhb_loop+0x55/0xb0
[   76.843594][ T5982]  ? clear_bhb_loop+0x55/0xb0
[   76.848272][ T5982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.854267][ T5982] RIP: 0033:0x7fa0209be719
[   76.858751][ T5982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.878364][ T5982] RSP: 002b:00007fa01f5ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   76.886815][ T5982] RAX: ffffffffffffffda RBX: 00007fa020b76130 RCX: 00007fa0209be719
[   76.894878][ T5982] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[   76.902845][ T5982] RBP: 00007fa01f5ef090 R08: 0000000000000000 R09: 0000000000000000
[   76.910813][ T5982] R10: 000000008000002b R11: 0000000000000246 R12: 0000000000000001
[   76.918783][ T5982] R13: 0000000000000001 R14: 00007fa020b76130 R15: 00007ffe48323568
[   76.926773][ T5982]  </TASK>