last executing test programs:

2m21.681548135s ago: executing program 4 (id=1966):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="9c0100001900010025bd7000ffdbdf251d01020008000500f9f7fdfe15000300000000c005030000a4887e803004673603"], 0x19c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r3 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000000)='cpu<=0||!')
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200080, &(0x7f00000000c0)={[{@errors_remount}, {@delalloc}, {@bsdgroups}]}, 0x3, 0x56d, &(0x7f0000000c00)="$eJzs3c+PG1cdAPDvzP6w86PdBHqAqpAAhYCieLNOG1W9NLmAUFUJUXFAHNJl11ktseMQe0t3icT2bwAJBCf4EzggcUDqiQM3jkgcEFI5IAWIQFkESEYznt04WVtxYq/d7H4+0mR+vHnzfU/O+D0/e+cFcGSdjYjtiJiPiHciYqE4nhRLXOku2Xn3791Z2bl3ZyWJTuftvyd5enYsevJkThTXLEfE178S8e1kf9zW5taN5Xq9drvYX2w3bi22NrcurDeW12prtZvV6uWlyxdfu/RqdWx1PdP45d0vr7/5jd/8+lMf/n77S9/PinWySOutxzh1qz63FyczGxFvHkSwKZgp1vP7Ul7qn+HKwZaHJ5NGxMci4rP5/b8QM/n/TgDgMOt0fhqdhd59AOCwyz7/nywnaSUi0rToBFS6Y3gvxPG03my1z19vbtxc7Y6VnYq59Pp6vXbxdOmP381Pnkuy/aU8LU/P96uP7F+KiNMR8aPSsXy/stKsr06nywMAR96J/Duwov2PiH+V0rRSGSprn2/1AIBnRnkKOQGA6eptxUtTLAcAMDk+xQPA0TNE+1982b994GUBACbD538AOHq0/wBw9Dxp++83ggDwTPvaW29lS2eneP716rubG3PNdy+s1lo3Ko2NlcpK8/atylqzuZY/s6fxUOZjPdtFn6DebN5aeiU23lts11rtxdbm1rVGc+Nm+1r+XO9rtbmJ1g4A6Of0mQ/+kETE9uvH8iV65nLQVsPhlk67AMDUzDzYrJ140sw6CPBMe7rZvv4z9nIAkzdUE553En534GUBpqPvw7zLfTcf9pMnCOJ3xvCRcu6Tw4//75/jGXiWGf+Ho2vmqXK9MfZyAJP3dOP/wGHQ6SSPzvk/v5cEABxKI/yEr/ODcXVCgKl63GTeY/n+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6ZkxHxnUjSSj4XeJr9m1YqEc9FxKmYS66v12sXI+L5OBMRc6Vsf2nahQYARpT+NSnm/zq38PLJR1Pnk3+X8nVEfO9nb//4veV2+/ZSdvwfe8dLu9OHVR/kG2FeQQBgOJ3SkCfm7Xe1WPd8kL9/787K7nJQhezn7tX4XzEV8crOvTv50k2ZjexgRDnvSxz/ZxKzRZ5yRLwYETNjiL/9fkR8ol/9k3xs5FQx82lv/ChiPzfR+OlD8dM8rbvOOl8fH0NZ4Kj54GpEXOl3/6VxNl/3v//L+TvU6O5e7V5s971vpyf+bBFppk/87J4/O2yMV3771X0HOwvdtPcjXpztFz/Zi58MiP/ykPH/9NKnf/jGgLTOzyPORf/4vbEW241bi63NrQvrjeW12lo5qtXLS5cvvnbp1epiPka9uDtSvd/fXj///KCyZfU/PiB+uW/95/fyfn7I+v/iv+986zMPdkuPxv/i5/q//i/0jd+VtYlfeDhMZ1D85eO/Gjh9dxZ/dUD9H/f6nx+m8hHx4V+2Voc8FQCYgNbm1o3ler12e6SNNHY647jOvo2siMOdvNtdHC3on+MgavGUG3MjV2daG7N7fcXxXvmb2RUnXJ107LUYaeP+pGJN7z0JmIwHN/20SwIAAAAAAAAAAAAAAAwyiT9dmnYdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOLz+HwAA//+WydIx")
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r6, 0x0, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES16=r5], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
r8 = syz_open_procfs$pagemap(0x0, &(0x7f00000000c0))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000f0f000000000700000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000050900010073797a31000000003c000000050a01020000000000000000010000000c00024000000000000000010900010073797a3100000000040004800b00070066696c"], 0xc4}}, 0x0)
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f0000000100)={0x60, 0x2, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x10000, &(0x7f0000000580)=[{0x8, 0x7ff, 0x5}, {0x5, 0x7, 0x6}, {0xd974, 0x3, 0xfffffffffffff000}, {0x8000, 0x401, 0x4}, {0x1ff, 0x4}, {0x7aed, 0x3, 0x2}, {0x9, 0x100000001, 0xe}, {0xffffffff, 0x4224, 0x7}], 0x8, 0xffffffffffff3539, 0x11, 0x28, 0x24, 0x40})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r7, 0xb, &(0x7f0000000500), 0x66)
r10 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', <r11=>0x0})
r12 = syz_open_dev$sg(&(0x7f0000000340), 0x2, 0x404080)
ioctl$FIBMAP(r12, 0x1, &(0x7f0000000640)=0x3)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000040))
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f000000c1c0)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r11}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

2m20.761260449s ago: executing program 4 (id=1971):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000700000000000000008000008500000075000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb)
clock_adjtime(0x0, &(0x7f0000000b00)={0xfd0, 0x0, 0x4100, 0x0, 0xffffffffffffffff, 0x0, 0x9, 0x0, 0xfffffffffffffffd, 0x5, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0xae, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x104, 0x4, 0x3c8, 0xe8, 0x1d0, 0xe8, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@arp={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0xfe, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {}, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x100}}}, {{@arp={@rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0xfc, {@empty, {[0xff, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@multicast, {[0xff]}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bond_slave_1\x00', 'ipvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @multicast2, @private=0xa010100, 0x4, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}, 0x10)
socket$can_raw(0x1d, 0x3, 0x1)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
connect$netlink(r7, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f00000002c0)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)

2m19.110152924s ago: executing program 4 (id=1988):
syz_emit_ethernet(0x4a, &(0x7f00000001c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2727f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x8000, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}}}}}}}, 0x0)

2m19.057124615s ago: executing program 4 (id=1990):
syz_mount_image$vfat(&(0x7f0000001ac0), &(0x7f0000000340)='./bus\x00', 0x90008c, &(0x7f0000001b00)={[{@numtail}, {@utf8no}, {@utf8no}, {@numtail}, {@uni_xlate}, {@uni_xlateno}, {@shortname_lower}]}, 0x0, 0x2f8, &(0x7f00000017c0)="$eJzs3cGKW1UYB/DPsc6UkfbOQgQF8aAb3VxmxhcwSAvFAWVsRLsQbp07GnInGXLDSIpYd259juLSnSC+wGx8BnfZuOyiGGkyTZMacTVeSn4/COcPJ384l5BwNuEbf/bjSfe4zo+LYWy8n2IjIjYeRuxM08wLF+vGNG/Gou/j3VtXx2988vmdD1sHBzcOU7rZuv3efkrp+pu/fvPtT2/9Nnz505+v/7IV5ztfjP/c/+P81fPXxn/d/rpTp06dev1hKtLdfn9Y3K3KdNSpu3lKH1dlUZep06vLwdL+cdU/PR2lond0bft0UNZ1Knqj1C1HadhPw8EoFV8VnV7K8zxd2w7+S/vB4WHRavoUXK7BoFVkEbH1j532g0YOBAA0yv1/nbn/r4PH9//Ni+/vMvd/AAAAAAAAAAAAAAB4HjycTLLJZJI9WZ99NX0+LpfPf70t/HHvasTJD2fts/Zsne23jqMTVZSxG1k8ipjMzfLNWwc3dtPUTtw5uX/Rv3/WfnG5vxdZ7Kzu7836abn/Umwv9vcji1dW9/dX9jfjnbcX+nlk8fuX0Y8qjuJx92n/u72UPvjo4Jn+1vR9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKyHPM2tnN+f5/+2P+vP5+vvRhaPVs/n3105n/9KvH6l2WcHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCfq0b1uUVXlQBAEYR6a/mUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/9/Tod9NnwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAm1aN73aKqysElhqafEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HnydwAAAP//JaErcQ==")
utimes(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x188)
mkdirat(r0, &(0x7f0000000040)='./bus\x00', 0x51)
syz_open_dev$loop(&(0x7f0000001640), 0x9, 0x12d600)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, r1)
sendmsg$NL802154_CMD_DEL_SEC_DEV(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00@\x00', @ANYRES16, @ANYBLOB="01002bbd7000fcdbdf251b000000"], 0x14}, 0x1, 0x0, 0x0, 0x10000000}, 0x800)
iopl(0x3)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001680), r1)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000016c0)={'wpan1\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r1, &(0x7f0000001780)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001740)={&(0x7f0000001b80)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000425bd7000fbdbdf252a00000008000200", @ANYRES32=r3, @ANYBLOB="060006000200000005003600010000000c0005000202aaaaaaaaa8aa13c671723c2d4695d0b4e6cba15107fd8464af3d5de667165bc347c47dffe6c0a6768f578fe804705b1f9ac321a1726a1c69873913bbff2a7ff289ba5c8189d62c1db26da37f9397b2b6a8bd1a01882dc5f8e23922939f017b4349f4f9153116a76b11eb4ca13cd92a584460ef65f080c20814d7102efe8f79dec7df1712dea8ecf0f2b6fb86bd9d33ca4756ca449c2ef10f80270574482c33587a715683ef3626df07b50823b51e7db007637c152c89458464396047d634fa299bc3b69204827a1439a7f47e56cf941e8a68972f1974eee4462573dc6b"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x20008084)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000300)={[{@noload}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@init_itable}, {@errors_remount}, {@noinit_itable}, {@errors_continue}]}, 0x2, 0x44b, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbw+/HWivgColaJsfGlpQWVgxeNJh4wmugBj3VbCGGhhtZECJFqDF5MDImejUcT/wJvXox6MvGqd0NClAvoqWZmZ2C77PaFbncr+/kkA8+z83Sf57vPPDPPzLMbQN8ayf5JInZExG8RMVTPLi0wUv/vxrUL1b+vXagmsbj41p9JXu76tQvVsmj5d9uLzGgakX6SFJUsNXfu/KmpWm3mbJEfnz/93vjcufPPnjw9dWLmxMyZySNHDh+aeOH5yec6EmcW1/V9H87u3/vaO5dfrx67/O5P32bt3VHsb4yjU0aywP9azDXve6LTlfXYzoZ0MtDDhrAmlYjIumswH/9DUYlbnTcUr37c08YBGyq7Nm1tv3thEbiLJdHrFgC9UV7os/vfcuvS1GNTuPpS/QYoi/tGsdX3DERalBlsur/tpJGIOLbwz1fZFhv0HAIAoNFn1S+PxjOt5n9p3N9QblexhjIcEfdExO6IuDci9kTEfRF52Qci4sE11t+8NHT7/Ce9ckeBrVI2/3uxWNtaOv8rZ38xXClyO/P4B5PjJ2szB4vPZDQGt2b5iWXq+P6VXz9vt69x/pdtWf3lXLBox5WBpgd001PzU/mktAOufhSxb6BV/MnNlYAkIvZGxL61vfWuMnHyqW/2tyu0cvzL6MA60+LXEU/W+38hmuIvJcuvT47/L2ozB8fLo+J2P/9y6c129a8r/g7I+n/b0uO/uchw0rheO7f2Oi79/mnbe5o7Pf63JG/n56Oyoz6Ymp8/OxGxJTmav1geGvnrk7f+tsyX5bP4Rw+0Hv+741YFD0VEdhA/HBGPRMSjRdsfi4jHI+LAMvH/+HL7fZuh/6dbnv9uHv9N/b/2ROXUD9+1q391/X84T40Wr+TnvxWstoHr+ewAAADgvyLNvwOfpGM302k6Nlb/Dv+e2JbWZufmnz4++/6Z6fp35YdjMC2fdA01PA+dSBaKd6znJ4tnxeX+Q8Vz4y8q/8/zY9XZ2nSPY4d+t73N+M/8Uel164AN12odbXJLDxoCdF3z+E+XZi++0c3GAF3l99rQv1YY/2m32gF0n+s/9K9W4/9iU95aANydXP+hfxn/0L+Mf+hfxj/0pfX8rl+inxORbopmSGxQotdnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74NwAA//+8yu7V")
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000100)={'gretap0\x00', &(0x7f0000000040)={'syztnl0\x00', <r4=>0x0, 0x8000, 0x80, 0x3, 0xbc4, {{0x5, 0x4, 0x2, 0x3e, 0x14, 0x64, 0x0, 0x8, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty}}}})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x5, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61128c030000000061138c8800000000bf30000000000000070000000009240b2d03010000000000950000a7000000006916700000000000bf67000000000000b5070000fcff0304670600001f000000370390ff0ef90060bf050000000000007e650000000000006507f9ff01000000470700004c0000005f75000000000000bf54000000000000070400000400f9fead4301000000000095000000000000000500000000000000950000000000000032ed3c5be9529914953170d2d7ffffff8ecf264e9981db7d04df3244c7bd7e7e7f2f1754558f2278af6d71c19a5e12814cb1d8a5d4601d15871637b65f8903dc8700a0b9bdb7dd399700d6c4f6f3be4b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fc9de56c9d8a814261bd81762bab839dfa66810b5b40d893ea8fe0185473d51b546c087431d770000000767c955cfa1f6ab689fde4de5f832c8b664e73b99b6c2e0ab330e1c7feada70600000000000000b7010001000000009af619e3cca4d19e0dee5eb106774a8f3e6916df85aaf34c4756ad3a6d9fee0000000000000000c8fb735fd552bdc206004aeb0743eb3dc819b6cf5c8a0700000000000000a13d0045fb3cdaffa673a6bb55d8c85f21dce44aba5387e35350481aedac065b5031e56723888fb126a163f16fb2ad9bc1172bec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67a993716dbf580469f11294b4800a045ea11b3566bf3a649878e582f2af97787f696649a462e7ee4bcf89cbf2f0800000000000000b2c4acb07a10d6732f54beb40000040000000000000000000000000200f674629709e7e78f4ddc211bc304f0bd9d42ca019dd5d022cf74686e9fbe2562671cd47840a7afaab43176e65ec1118d46e4e827f3477523dcfa17690884f8d2001e03a651bb96589a7eab010e861bbd0000000000000000c5904c647802cf86f1b4c3005f33d83f84e98a72fbbecd106425563d80bd0d0d703f37ca153f601ae899a53f6715a0080034b0c94cce69945205480a55c22fe394ac000000000000000000040000000000437d57defb79ea6a58b83eeed729a2f95e6a1fc3857fb51b324be00000000000000090867f7a3b9bc43717188cb8426286fc55fc57cc3c6de4aa67babf350709e282a4f2bf59f46e20465eae865dbfd533b1cb2d540d0490cd5248715c74b6bd0248a9a0b413bbdfb5351defc6e34a961f3593920411e112c9df23a29c072d3460eb37beb5bbc04600c64acad9a04ffe62875177b51d2f0c6d7194c26789d2bec2d0846831455b8fcd03beaeca2c1335d8a49a92f9d2bef5f485c4fff4cf710b7d00000000000000009d47d564a838bdf8901a719431a9b0ef918ec0ec79037cb61df16379e3bf2a8100000007e8512e21080315e62559e8dd67dae85177d899d9e078f80585837f0e943b8820b19c75d243a78d8c2093c59cbc4c55f1578cff737502ea2d8d0b9dc946dcb38692dcc8db84834cc7726429cb20603b5338184f9856eeaec437fc3446b6c5ffe5db28aa802e37d3c4f259d616307d8aa46ca094049c0ddc1caaed5485b4ff030000182620bcba2316f9e6df0c8647f6ff0000000000000000386096e4a4ff86042f0b42027ff933d2dfe2d5baffacc9dc2411302a185ea454af5839be28b7d040c1fe1ce0fd63fa7f32b8ab6cd6a8b8bf1b693e4ffeca635d84c376b03a58677dd9f8c2a6fa126c7dad3f9e939c92d63ab1cf2fbea26a60b951914aba5c0696cc64e66b9b0f2c4444f8c391c0d9b647a3be4885a055ce3879a91fb62ca97e6526286c14c80b6dc981c5ae6ebf0778ea01a3a44e01ab79bcddbb83266a1ce1a1dea83ebb89d07b4d05aa09ad2904040e7784e96cd66b04204d47b1c66d5a84e7c3de1d1062fd8a23d1b402003c177e76dbca599691164ade323ad4a17abe99975cba748bc2379eed5a83dc94947eb18976db6ca6d35bfb65a3d8b5129d5263b66dbae6c2baa9bbec017646569fa99537aa453f3e6b2acebeddb6c32a87455f351efcd8385100f33d6b0c3195e229bd30260941825ba884d7db07e1212033409e62d7154cc68a7ee910e393470cdb781817f85373a647fd1b626035b666f224a66c0e47e15c6b836b324318507501a0f4b2cc9153167fd839a483615cbc2ad1a7d1528f01bf91b950a9bcd7d06491e1a355e476365f653d2d94ba898ab8d64d70bdb364ef3adb5ba1e4d9d5002da76ccec5d5184e912aaf5a945ae062e670fafb8cf0afee51c851546bb38c5ef303000000000000002ecdc2b82059750f019a418e3e8d20b6bf768a7db1f8472713452553149a4634418de7eda7b2e682271c6e62f5dfaabba46560dfa410e1f334a5f60791b275368469ddc42f7712bff1689f2ffbf5268cc0572e23afd4c402b154ae94c1f65d7d4a79272945287c79b4b70183d2cde66c7225106a064a1800d777372b2b43326821d5c1c78fda699c7484f3e5fc8bbce6fb3039569646b0de22c431d90c12d48e314d8a5ef4db14a110da070000002c4f7bd7f36f814ed92197fe3eb0843c2681c609231825b8a27ba301142cec8a6fd85965f83ff4dd40296e5fb5678d93d0daee45c43bdb9bde9c1d1c988b909fdf78cfda5da3dc28792b10fb8f3f22ece745c074f86f471489337a9a8d9ad7f310aa50c983b490f561bc420289b6aa0fc3f43f8a4548aa9c723ce466287760f919afbb94b0410ff06071de3aa1c199f407347af666713096a422fbc70671ac08f9256ab0079c101a724136352af2895899effda7bcd127ba98521eb4b04b2a821935ee3b216190e21fb059f9519c4804283d2ce09977842ff7309ad2c4d8f0420dfc8cdb1b37ad52985a88ca4cdc1e37715362a59f7c9c7df793d69f974399859e622ec3a1bab735a1aa489fe50619fe399eddaf92f67755cb54824685444a58731ee166ae65412709b853a5df7ce44220fc188c00291843d66e69da3744f39f5f6113fbe390b22cdbefb90ca2a51b1ff21f384e7bf076825aadaf02da77eeefb8875d630b7575e661b90eb6cd98674c92f179b2675b1f6c86712846ddae87bb3a3887b56292356270e85888c25a1c8ae958906ef6b71e1b800107da1c5608fe05d2f4265a5300000000000000007c737c911c049ae7dc9d77edecaf9685c53ac264e9f02ffcf0318af80c99ea2020b1e1f47cfdd6097c49b5f4bb92bb9133df719f35d4bf730784f1caa8e4e16f4eeb535c059a700d57e4d6c83c4a35a6ef44f135657d3d41856235253326d937125b6f23af7eb95bac231b84c6935a3a6d24d18f7e379db2fd5e76d5ad0d5b4a6c155e8759eb0e7b39ef433861158bd496ecafb3d1c50294e43d5895df1a2de536f5d85e0a000049277bc09533ceead6812fdfb5ef59b15069ea0df6a3eee0484c848fe4e6e7461ffc3917e4e07d250d9459ebea5fd4e26fc04eb38e70597fcb693cb2f7506f5f50b9f73a25bb83b6c71240e5d725ff567d9745a3ba5462524648a93360fb2b9feb1401e30996e1e7d14bb8db59880cde130af0a6a0e6152a6e3a8a684cabf379d4aa33c896bca694ce0180000000000000041caca10fe3ce74f1b8156d8155a4e11d2f35674dff1aa5e749deffffffffb946192820d223f4f0a1a7a2be83872662477884d65af42bcac801d0c667fba32e16ead8f076eed944d5998bca285c25349c6f26485902316c156eee9dcaa64f8a889abb1a890b23c7de6b2b0a6128545efc3ee8e60ea8eafa617ec3f0bfb1e23c4f75bc2a649a886bf4d5378c58259fddea066f1d70df9633af91752bf41a0d4d0929c34472a6f7110de1420800000000000000ca07ba65ce67dd46909ed693d71a5de47fe26a4eb2f4d514029b11f3f0c3ccb2403db497a55d23c25003ba864cdaf6e732f74e11d1a58e89f60267e60d79f467b181d636c9300420b30760bf861195eeb74275e9c4ed71f0e9fda02bdbf8aaa3e23a6d22dd423541b6acdd386a686bc8b128f724567d4c4908391b979a1c7102f5be7ed9db7a36ecfc3b9e0ab0eedde34700000000bec5fbefb008005888ce01eb816f2873e4c59facc7be45b2ab04b1456da413e3f7cf345d6fed0bff0800f8c3018bd0ea78ed54c8b684c797390bf5cad492bff0d97e553e42aba229446354cb4f5825915eccc911e7deee66873c20ffd06e63c27b8a12d757210a43870a0ef4ba3bad01c492d792c1535aeff946f3415912b5abbff35d1cd17c842175357a4bc758b4a943e06a7569fa1e1e4e017e43e8e47914d1000000000000000000000000000cd6b36d72dbc0d8000000c95d5ccace09e52960dbdf13b62f586b47ade41458b77834a573687780117829310ece7950fabcb63c63e18b207cbe936ee9a9a37879d42c66c2a72dfef46013ada19eb8d7e9f35267d0b72d591d0c2f92e2e667eed068310056ec5682b4c2bd946e657f2d9bce51da84f1e3b7d073265f352481b81703e0ecb59f70daf545215151b2b01b2bba1545de5d785ce281000000000000000000000000000000af9637ac06897446708dda1bd7b91be06c3f66def98618eb55bd5652d2ae6036402d69db587e87d04b6e4b1c86328adfcc7a22d77e8db6b1024f6bf7aec85a7f4241fb6b326acae3d9a4f4a0e8b723c43aae4f909f40d7167d1afde58812163d292666cf967e16c25889683658fdc86c820246d4009b3c4e8db0fe57735fb577b9f8e9d5fd9843615ec7c7affa29c04a7e8ea439d4938710039a55da15142ed876e581b4760b3483367fd96f0531ea7f3c6bb4193a76ea6b805b45a74365c15f41b8b542f21a83cae1aff4a858d551b95a2ba77fc8a1109f11e7b18d6f825587bb986e13ff37f111329feb2a09ebc54f1ee1ccd056ff9ec0ff0ce1c1ec5bfab4119a452eef335c0fe2b6bfcd635ef5979352de3801bdba7c145cdfb3ab07b45f13b8f45772c9f9c8285bbe14605879e4ddd78bfb6aa3444b7b3ef1713c58d3d348ea764370002f393e10ec3cf3ef1ab0aa1cab9596fe467c7288893172cd97691a0f1d68ca0449f05902fb7f46f7d0e0d36a68abb3f075358cdb701eac9c3f7f19ab13a83314309861dfaa256ccb4400ffc2568b900be14d9e06b138daf2b41c38abba3b1b2de2f3a660af382b7bc0c1318c5cbdec02646f3e28d8eef763aac4a7fd39c15950764734b8d641e4d642e44c4e6b83d1c3dda34d7cda18c652a5d8d9b406d4df8554e2a5611023766c53e9b478d374112165480e887c923ff0a33551d8f270481230ef34d9168806d43278c977b77148371bd02ee1bcfd278a579be8cc6dc58f6e1f8ee7118ae792c30d4f76546a630f7859fd315513722a1b871d311dc28f40d15b7c631b81e58a6bf8891875fe21e8ebcf2925c2fb2b32dc8a0b1b5c7f806ba81a31b1eec700225a14ff8dc83b484ab80849558a0ffc1ab62b2a4545dbfee4d93ed5de4ffe4469ed88df341dc69ab8b1da80bc47cd127c9e1378020cf5d362819e42350f293dd305b4801932d9e07fc647628a8a84958319874295b3cab523b2f43704845d5785c6b3025fadd8442ab42ebfc3bc45efcf24396f1c2ce50ba96430f8feaa1f8bcd8635a4ce00209a8ebabfdf6f1b5129c0e2a40ba4d1b5e3d6249ee8fa5d2d77351b6fba38756dea4e35c8573eda42eac89b4c50b85346b5ede0ff4dca6a70b38177eb5cb8b8437bb533f6ea1de29e1f1fda88e3afe92482af05ed713dd00aa6a5f8381b5d421909462ac33dee4095afcc67a926e50d2cbe1507195b73f624349b132e7b6b339f9a41fad97f3b70e5808eb177c9e7cb154554644e960f29c5d56fd83d8530a6afc8924dcf01e4ef07e7d16bcef404af5ee3b7767dfbd45f0eee2b583d0159b45cca60a930f37d995b02701d2991761cab642165ed3e52961b7c612991c11028bd1d45ea3106018692facfa14996d3d26d5642566c2f592f67975ce3840131275ce29ed116b6f6eeae34aeae334250e7ae4e25e98cc63b4104fdc79ac676a3c11fd6e9a67dc134802d41c4b01a47e3ad5b6ecd6f4a05bf55c1756535374b7bc9e010966a1415a1e50b2fcb20f3d972d9d7a9f0baf841be4f514eb35c9edaac4b3ca7bfab8a53945d035019cf3321c9144961780413dbb21b89c01fe020bcbaa7fe6b4697b196cf7ac3aa014c48259f5b22b45b2ae023d6052644fa51fc0671d6c4e012607a2df05b6f444903ab3251bdd8d2c98adf9f77de7edbc9631b0e7283a5ce1130d99ae5697ce3ea41e3ba5394883c9899384208cba558d69afdc574cbf05a45ed56d07a41f75c55603561f0e8d54670a53e4b8162729bc34ab66babf31d2e86af5a72553ec045466678427ca42eb49b58c5e58980b73451029b88118d730cce2a48b5d6b9caa2c8fb7178ff90196bd1091568a70d1b7ac47585f6180767a2534401aaf0cda644a4c978b972e0bf7b156aa5d80aa1c3d70c0bcd25ab61122349dd78bc28c3e169adea7ac95e09b6a160204ac772f810193cecf495a9836e082b60626316c02dba83abb792422079947b0d887b87f4cd6bd7c82b00000000000000008207fc649dab3ec0be72d68e61c19c1943664bf9088981b19ebbd3f212a471c6b01d28c1f5a0e5d9e0b762f7cebc056ae8fdeb4448ecb291b08684de1ff1c209448223e3979469b18ea13d5d88532f5a45ae4a86d21bde29b472d65e77d5412dae907ffaca95182316d15dbf12b7d77dcf2154376ab3900ba7d8f026e8a566372cdae696cdec4baa7efcbfc3d250638ee391aa3ab3cdd0a3fc42b674e1943bd0a3e1d103fe00b8788dc5b8ba"], &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x4a, '\x00', r4, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
stat(&(0x7f0000001540)='./file0\x00', &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = syz_io_uring_setup(0xf96, &(0x7f0000000240)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f0000001700), &(0x7f0000000080))
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x4044004)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r7 = socket(0x29, 0x803, 0x0)
getsockname$packet(r7, 0x0, &(0x7f00000000c0))
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r8, 0x0)
io_uring_enter(r6, 0x47bc, 0x0, 0x0, 0x0, 0x0)
setfsgid(r5)

2m18.133567509s ago: executing program 4 (id=2004):
r0 = socket(0x10, 0x2, 0x0)
syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, 0x0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
process_mrelease(r2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x20)
accept$inet(r0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb080003"], 0x2c}, 0x1, 0x0, 0x0, 0x20044040}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r7, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r3], 0x4}}, 0x0)
sendfile(r6, r4, 0x0, 0x100000000) (fail_nth: 3)

2m17.446643399s ago: executing program 4 (id=2010):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x6, <r0=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r1}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r2, 0x0, 0x7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
get_mempolicy(0x0, 0x0, 0x8f3f, &(0x7f0000fff000/0x1000)=nil, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x14, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180028000000978058cabb7583f754660000000000000000000000120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)

2m17.37752653s ago: executing program 32 (id=2010):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x6, <r0=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r1}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r2, 0x0, 0x7}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
get_mempolicy(0x0, 0x0, 0x8f3f, &(0x7f0000fff000/0x1000)=nil, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x14, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180028000000978058cabb7583f754660000000000000000000000120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)

1m54.761529911s ago: executing program 3 (id=2285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x17, 0x7, &(0x7f0000000300)=ANY=[@ANYRESOCT, @ANYRES16=r0, @ANYRES8=r0], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
symlinkat(&(0x7f00000040c0)='./file0/file0\x00', 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r3 = dup(r2)
r4 = open(&(0x7f00000030c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x405c0, 0x154)
sendfile(r3, r4, 0x0, 0x8000fffffffe)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x42000000)
syz_usb_disconnect(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000680)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@journal_checksum}, {@grpquota}], [{@euid_lt}]}, 0x5, 0x4dd, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nSRN+vU6r6+v77VWTa1isJi0abVdCFJRcKEgVlCXIR8ldtpIk4ItVaYgdSkF9+LSrQu36qaIK8FtXQpSKNJNW0EcuTN3PjuTNMkkY8zvB5M5536dc+655+bcc2YmgE1rOP2TVMI3I2JXRORaNxiuvN27c2Xy/p0rk1EslU7/lpR3u5vGM9lhYnsWGclF5D5O6isazF+6fHaiUJi+kMXHFs69PzZ/6fKzs0PZkpMnjx87euL58eeWX6g26aXlurv/o7kD+1599/rrk/3V5dXUGsvRLcMx3C4rZU91O7Ee29kQTvp7mBGWJb3+0+oaKLf/XdEXi1VecR1zBqy1UqlUGuy8ulhqdfWBJcCGlUSvcwD0RvUfffr8W3216whsWZvuR8/dPlV5AErLfS97RTxeXlgdBxloeb7tpuGIeKf4++fpK9ZoHAIAoNG3p2rDP839v3xlZuSPizdeTN//lc2h5CPi3xGxOyL+ExF7IuK/EbE3Iv4XEf9vOX5fRJQWSX+4JV5LvzYJlbvVhWJ2lPb/Xsjmtur9v6YM5Puy2M6Iaod5+kh2TkZiYHBmtjB9dJE0vnv5p087rWvs/6WvNP1qXzDLx63+lgG6qYmFiRUXuMXtqxH7+1vLn/RHJLWZgCQi9kXE/mUcN98Qnn3mywO1yEDzdkuXv6zUdh6tC/NMpS8inq7UfzGa6r+eYtI0P3lu4sz0menz47X5ybGhKEwfGZvpmJsffrz2Rqd1S5b/619ad3nlxDens5a1emn9b2u4/qM6f1svfz6JSGrztfPLT+Paz590fKZZ6fW/JXmrHK4+l34wsbBw4WjEluS1B5eP1/etxtP3KFbKP3Koffvfne2TnolHIiK9iB+NiMei8oSY5v1gRDwREYcWKf/3Lz353srLv7bS8k+13P8qNd9U//X5+k6BJJsbbLOq7+zBm/c73Dwerv6Pl0Mj2ZL297+k6RbRKafVcY90yZ+rPnsAAACwMeQiYkfDWNKOyOVGRytjQHtiW64wN79weGbu4vmpdF1EPgZyM7OF8vhnZTx4IKmOf+Yb4uMt8WPZuPFnfVvL8dHJucJUT0sObC+3+SQ3GvF2X0P7T/3anSFm4O/M97Vg81qs/aed+L3X1zEzwLp6+P//Nz5c04wA666h/Xf6hn9xBZ/7AjYAz/9A3dI/9OOeARtfSVuGTW1Z7f+wHwGEf5L+eLMWzvU0J8B60/+HTWnJ7/WvKlAabL9qKB7cOIYWP2BfrCwbW9uk1ZNA2rPqSepbV7JX9dcUOm4TueUdcDC6U6czqzwbxQvzZ/Z2/eIvZZ+V73YNfrUu7bRdoCe3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK77KwAA//8KhtfB")
r5 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$P9_RAUTH(0xffffffffffffffff, &(0x7f0000000040)={0x14, 0x67, 0x2, {0x0, 0x0, 0x2}}, 0x14)
write$P9_RREADLINK(r5, &(0x7f0000002040)={0x1007, 0x17, 0x1, {0xffe, './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0'}}, 0x1007)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='#.\\\xf5}\x00', &(0x7f0000000400)=',^a\"\x15/\x845C\xa4\xd0\x00', 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000007, 0x10, r5, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r7}, 0x18)
r8 = socket(0x10, 0x80003, 0x0)
write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
close_range(r8, 0xffffffffffffffff, 0x0)

1m53.700661737s ago: executing program 3 (id=2297):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1e000000000000000aa60000030000000e050000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000ba9f1a8715000000000000152d915f34c70b01bb0f48"], 0x50)
getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
unlink(&(0x7f0000000180)='./file1\x00')

1m53.009774107s ago: executing program 3 (id=2299):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000ac0), 0x1, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000600)={0x5, 0x0, 0x8, 0x2})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffc)
sendfile(r2, r2, 0x0, 0x800000009)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00'}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

1m51.990584062s ago: executing program 3 (id=2308):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000040))
fstat(r3, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x10)
getdents(r6, 0x0, 0x58)
getgroups(0x3, &(0x7f0000000280)=[<r7=>0xee01, 0x0, 0xffffffffffffffff])
r8 = syz_clone(0x20022180, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = syz_open_procfs(r8, &(0x7f0000000040)='stat\x00')
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f0000000a40)=<r10=>0x0)
r11 = getpgid(0xffffffffffffffff)
r12 = socket$netlink(0x10, 0x3, 0x0)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r13, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@delsa={0x34, 0x11, 0x1, 0x70bd2d, 0x7, {@in=@dev={0xac, 0x14, 0x14, 0x3f}, 0x4d3, 0x2, 0x33}, [@mark={0xc, 0x15, {0x350759, 0x2}}]}, 0x34}, 0x1, 0x0, 0x0, 0x404888d}, 0x0)
getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r14=>0x0}, &(0x7f0000cab000)=0xc)
r15 = socket$inet6(0xa, 0x2, 0x0)
r16 = socket$nl_generic(0x10, 0x3, 0x10)
r17 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r15, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r18=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r17, @ANYBLOB="01002bbd7000fcdbdf250f00000008000300", @ANYRES32=r18, @ANYBLOB="ace549928fee84611f273ab179a797587606000000000000000000f105a0f959844bede71a3d4088ca9a97001de305d9e61316bb4fa861ce924c0f074015bb6bed3748286b60fb5970dc2291231a0cb03a4e8869ff63428518fcc71b49565ab84e028f6b6ffb"], 0x24}, 0x1, 0x0, 0x0, 0x40880}, 0x0)
sendmsg$BATADV_CMD_TP_METER(r9, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x2c, r17, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x40000)
setresgid(0x0, r14, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000ec0)={0x0, <r19=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000f00)={{{@in=@initdev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000001000)=0xe8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001040)={{0x1, 0x1, 0x18, r2, {0x0, <r21=>0xffffffffffffffff}}, './file0\x00'})
sendmsg$unix(r4, &(0x7f0000001100)={&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000e00)=[{&(0x7f0000000740)="457b720e5a280ca74274e4be3a1d3f3a757f532285682bc8d56fb5280383421f4364c61cdfaa35d7b08fbad76401c284eab8d16a647f30ddacf93a2614031ba2ffb616da2faea8a70abd54cc93ab698706a40fe5ed52af26b1ad0c672bde87bdaff90050977504d67a6535540c4789ac80fe9f26b7a2961bf1e6e8b2456f8ab0c073ef1e468072bc841d493037d4605f814fab4c0a3d048987ccc41365bf4989e44e1c275e70fde709b27a3083dd50f00bcf9106a2945606737a1ef792d7daae9000a80b6d853775ad7e4d7c62a588976d163c52e6b537efe2ab5ee3c3ccb3", 0xdf}, {&(0x7f0000000180)="90ef38caf894365ae06a0b005a21df86ee6ee9db9adc546e32212a0f1b2ffd39533b7d877b83588cf4b6b091da772d2f865d2056131fc2f0773c9199c2f4f56bb04b753f4a54962d3df575d7159ca2ee4708712fa019450f9c5eae32fdc414932500a41c6119a676cf61e4c34f1fae025c6ff6", 0x73}, {&(0x7f0000000840)="731c4532603495d4d77c6faf1217ff26437678ce88e90f2a727c9424090ee3968879757517cb47a0c788d0d9722fb7839dac945f47e95c3d62fd3260573a4af928b4a885865fd810e96a9d602965db82adf503661e405af011d54e6b03206dfb7705958efcab102ce593dc820e72dcd18e452ad4d48a5c11e3c97ec3230ef22f1e662c3c46d903889327e359f9157bcae557da1ef4c2fda11849c9de71abc04cfc540ef33f0bf3abae5e4601be8266f7e8a6f4e4462b6db78e5fac20319fb51a239338b8ab10b7b2ffd565259cbe94fc0eb832e42f1b8a0d88bcfbcc05e5", 0xde}, {&(0x7f0000000940)="d6351c3db8f9380587e5efcaa904d6faa6e4487fda75b3a208fb3cf0ae83bb6895f3c7aff5a2949b2110b79703a64b5258da7f50a06f0a542a9ef5183de0d595f89e7b52ca09538e399974ce3ee594254351da76d950325898f23559a20d647dd7d2a863638c5cf378d7610f00e255b77c803b30efe7deb5f9508ab3d98b8d2fb95c2e44a5fe09e91225e6e007f7e860ac5aa1d58657902b85b99424a48dcdb876f86f445e3a1d84d2e7c44396ca774c68966411a73884d73e74ed96fd9f0397aa6b3fdd3e4be2ef3470284e", 0xcc}, {&(0x7f0000000ac0)="fe778492d18ffcff7b4065e9961589da71079d86bb21dafdb8366b1aa668146298710f9b5e34a825c83b274bdbd3ad77a86c9bf6b0e21a4c8118ab3396fd79dc3dac41411d98d9d8bff4f5cfca648558452dc70f589a0972ecf64379c46c32dc485d4ba459896cd0c4227e310daa22683cca956b19129465760475133463927602d2ed14526767ac42d5410ba46f582ba3c2a1ff0c749e64c57d999752bbbcb3da4c38b76cb2833b5e50e7ce6019df5672fcafe16fc6c4be5b24a962a2b2ffce03a888e51754d070867d", 0xca}, {&(0x7f0000000c00)="c49d8062d622716d1d261f19fc5f2bc3dc272a7a4cd63f58a09b9c1bb6333fff8e8ff32bf5ed1cc4eab822ef749f9e52727f4cf89a108980372e5db73d9f7449bc6a09cf9405813de1bce19258c2735b72e7181f9bdc71101832bec736fa8f28999833c8c5ad567561bc3b4cac952161569e93cf828b90b8ae8433954af61dde574976304ca0814d1143883606f6b452315c6efe39110d3bc65298d2991774187987556f8115f7b5113c6ca629471befa2a731206faec487a3201c2171d17bf9da465e4c38ef2bcd4b9f6d3328c50cb4a84553d1870b21da8227416cc1ba8a46d6772549ce14e8ad0e461f5d6f087ed1066432ae", 0xf4}, {&(0x7f0000000d00)="81ded018e9fa1ac2a0828794c6a224dab020a85eaa20f1046dda58c3c3b3b0994bbd507fb70c32b9ced041a5024df439a3e5fc8f15f218423fe1e3466fac301e0cabc86d1c3fff5277deffaf0655c8552f7e41176fdc24807b40a4cbb62935db079572e7674cece718e9409f8f170b20cf4b36b791aefb3e25f310e59b5f29befeaee6947ac1992b1e005a363e3ac268cf049073680673458c712148edb4df71114910bec99cf08ccadc0bcd759cc0cd2f16c40acf3db3bddd2cdc1fc67f1d742b5e3605a8ce7423ef9d1a509ebc655fa7a2efa135cca5677873b6840b8e7a0dc3a6235f6129f890713a008a80999763bce4f41438b03a7ff679b3bf829473", 0xff}, {&(0x7f0000000240)="df0a41dba01629f46fa1fc44b895121543471d5e0e4e2532f8", 0x19}, {&(0x7f0000000580)="b6764217cceb34eb2b9573c605fb8665b3bd0de92116fd51a484748b841bf13b0461ec26205be0fcc1785b1f3855431f8e9fe4d1692492c5a1a20576ac03578f3ae0aa00efc895a50b184419c007a1d89ba3f82eb48ce4c778b0c44014baeb655764c16be8516ec4edfaccb4e63cda897ceda8b6d1d509195fec9e9d4d52d14fc443a0fe6148b1077abc02f67af0ddf3361d53cd2ba3178b104bfeb1f42b69520dd1e561d48b41caccdc577660a5e574d692d5e8", 0xb4}], 0x9, &(0x7f0000001080)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r5, r7}}}, @cred={{0x1c, 0x1, 0x2, {r8, r10, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r11, 0x0, r14}}}, @cred={{0x1c, 0x1, 0x2, {r19, r20, r21}}}], 0x80, 0x4881}, 0x4040000)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

1m51.655969698s ago: executing program 3 (id=2314):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

1m50.12424975s ago: executing program 3 (id=2325):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000040)='fib6_table_lookup\x00', r1}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x4, 0x0, 0x0, 0x0, 0x3, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

1m50.081279121s ago: executing program 33 (id=2325):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000040)='fib6_table_lookup\x00', r1}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x4, 0x0, 0x0, 0x0, 0x3, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

3.634423655s ago: executing program 0 (id=4205):
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000040)={0x400, 0x203}, 0x8)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="ab", 0xff04, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="76389e147583ddd0569ba56a888e", 0x0, 0xff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x2}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="c50f00000000000000001100000008000300cacc5e0ea173d3bca498e597636339bfeca9d27e89c1c80ae3d48e7a0b9f9b65e51cf2cdbd6016732236f2329862dae6eeef517e840ed3aa930edc7be334e4d023dccfadb1d87d618955bb19933fa6a3e54e9c4a47f6df6b7a06391ca6c84213bdf7fff77c40413b7ae41a3b265459eba7440817376f1240b8ed069b580dc6ce16ace3028e6b2162f2aec6d76cac72de6e4b1aa012492c07", @ANYRES32=0x0, @ANYBLOB="08002a0084210000"], 0x24}}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfdef)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r9, 0x0, 0x2}, 0x18)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f00000010c0)={[{@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@user_xattr}], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x10}, 0xc)

3.497789617s ago: executing program 5 (id=4208):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40000)
r0 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x16, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x2}, {0x10000001, 0x0, 0x0, 0x4}], 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000), 0x10)
sendmsg$inet(r0, 0x0, 0x80d1)
socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0}, 0x40040d4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b904021d080211000000040000a118000200e000000e00000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843c8802033d0803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, 0x0, 0x0)

3.32640538s ago: executing program 5 (id=4212):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000259a59fa41095a2fba71b55213eb33703ed1d2d7a024f9c1c7960806b1735a4b033689a3164eb13268d2edbdf6ebfde8f51eaa6f9707885638d6c51151c8c8bdc786c5fa9e756ab4f74bfbd500000077330c698d40ba66"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
r4 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r3])

2.922685346s ago: executing program 2 (id=4216):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x800700, &(0x7f00000001c0)={[{@grpjquota}, {@discard}, {@norecovery}, {@noinit_itable}, {@nombcache}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@jqfmt_vfsold}, {@dioread_lock}, {@noblock_validity}, {@nouid32}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
r1 = creat(&(0x7f0000000280)='./bus\x00', 0x2)
pwritev2(r1, &(0x7f00000000c0)=[{&(0x7f0000002380)="c2", 0x1}], 0x1, 0x10fffff, 0x1, 0x0)
r2 = open(&(0x7f0000000200)='./bus\x00', 0x44000, 0x0)
r3 = dup3(r2, r1, 0x0)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
dup(r4)
finit_module(r3, 0x0, 0x200000000000000)

2.766018498s ago: executing program 0 (id=4218):
r0 = io_uring_setup(0x1946, &(0x7f0000000a80)={0x0, 0xa94d, 0x1, 0xfffffffd, 0x179})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000500)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
r2 = dup(r1)
sendmsg$IPSET_CMD_TYPE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x24008000}, 0x20000001)
close_range(r0, 0xffffffffffffffff, 0x0)

2.700884809s ago: executing program 0 (id=4219):
removexattr(&(0x7f00000002c0)='\x00', &(0x7f0000000000)=@known='com.apple.FinderInfo\x00')
r0 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x20081e, &(0x7f0000000340), 0x1, 0x532, &(0x7f0000001200)="$eJzs3c9vI1cdAPCvZ/PDm02bbekBEG2XtrCg1TqJt42qHqCcEEKVED0WKQ2JE0Wx4yh2ShP2kJ65IlGJExz5Azj3hMSRC4Ibl3JAKhCBGhAHoxmPgze1yc+1s/HnI43mzbx4vt8Xy+/Zz/K8AEbWnYjYj4iJiHg3Imby84V8izfbW/p3nx48XD48eLhciFbr7b8Vsvr0XHQ9JnUrv2YxIr7/7YgfFj4bt7G7t7FUrVa28+PZZm1rtrG7d3+9trRWWatslssL8wtzrz94rXxpbX2xNpGXnv/4d/tf/3Ga1nR+prsdl6nd9PGjOKmxiPju4wg2BDfy9kwMOxHOJYmIZyPipez1PxM3smcTALjOWq2ZaM10HwMA112SzYEVklI+FzAdSVIqtefwnouppFpvNO+t1nc2V9pzZbdjPFldr1bm8rnC2zFZSI/ns3JWnx2Xjx0/iIhnIuKnkzez49JyvboyzDc+ADDCbh0b//852R7/T/T84gCyAwAem+KwEwAABs74DwCjx/gPAKPH+A8Ao6c9/t88y0PGH1cuAMBg+PwPAKPnIuP//iXmAQAMxPfeeivdWof5/a9X3tvd2ai/d3+l0tgo1XaWS8v17a3SWr2+lt2zp3bS9ar1+tb8q7Hz/u1vbDWas43dvcVafWezuZjd13ux0v7ewJsGABimZ1786I+FdER+42a2RddaDr7jh+stGXYCwNDcGHYCwNBY7QtG10mf8f/dOvdDgSdEjyV6H1Hs9QOhVqvVv3sArrq7XzD/D6Oqa/7fr4BgxJj/h9Fl/h9GV6tVSLfTLBXcnu8DAJ545viBPt//P5vvf5V/OfCDleN/8eFZopzpFqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw5XXW/y3la4FPR5KUShFPRcTtGC+srlcrcxHxdET8YXJ8Mj2eH3LOAMBFJX8p5Ot/3Z15ZfqRqhduHRUnIuJHP3/7Z+8vNZvbv4+YKPx9snO++WF+vjz47AGAk3XG6Wzf9UH+04OHy51tkPl88q2IKLbjHx5MxOFR/LEYy/bFGI+IqX8U8uO2QtfcxUXsfxARn+/V/kJMZ3Mg7ZVPj8dPYz810PjJI/GTrK69T/8Xn7uEXGDUfJT2P2/2ev0lcSfb9379F7Me6uLy/i+91PJh1gf+L36n/7vRp/+7c9oYr/7mO+3SZ9df/uSDiC+ORXRiH3b1P534hT7xXzll/D996YWX+tW1fhFxN3rH744126xtzTZ29+6v15bWKmuVzXJ5YX5h7vUHr5VnV9d/W5mb7T8a/PWNe0/3q0vbP9UnfvGE9n/llO3/5X/efefLPc6P5fG/9nKv+Ek893/ip2PiV08Zf2nq18V+dWn8lT7tP+n5v3fK+B//eW8lG6gAgCuhsbu3sVStVrYvXngnv2R2JpJLvPJ5C8UYZvShF6bO8Med93bDzvmEQpriFUijZ+Gbg4o1Eb2rfvJy+zk8VtVqnStWvx7jMmbdgKvg6EUfEf8adjIAAAAAAAAAAAAAAEBPg/jF0rDbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPX13wAAAP//JUXJAg==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfe6a)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1, 0x0, 0x2}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000300)={@local}, &(0x7f00000004c0)=0x37)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000006110a40000000e001f0100000000000095f16e14b5ee0000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYRES32=r0], 0x0, 0x4, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000280)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRES16, @ANYBLOB="bc1b78e78b5f7c861cecd1dbad9705cc36cd468bd15bdc085a215d0e0eeaf5a530004ed68dbb627ec938b74b0e3f95a1401a9e7e9c88b17a91fa911f9617255328db8f039b9efd3762c40d1df18067deb37a2dd29337f7a8daa4de9d0d2b2dac90eaaf78bb3cda4ef0ee5e0e8d7bdea8b5900211161af743f30692f7df66d1a82ee79e9712fa4965335b79a87c9ed71b5b410f713c5ff60ecb08d7e9230baeb2b5bbfb07652a63ceabf6879f6088f1bfd0df5a9f00f3fd51080da6a6d93980fbc743f8a2f4be9fc5a4c3ee26a325463024e714fe328e4ccbd55c0b7121", @ANYRESHEX=r4, @ANYRES8=r5, @ANYRES16=r2, @ANYRES16, @ANYRES16=r1, @ANYRES8], 0x10b8}, 0x20044010)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
write$binfmt_misc(r7, &(0x7f0000000240), 0xfffffecc)

2.666608279s ago: executing program 2 (id=4220):
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in=@multicast2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 0x4e24, 0x0, 0x2}, {0x4, 0x1, 0x0, 0x3, 0x4005, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x1, 0x1, 0x3}, {{@in=@empty, 0x0, 0x32}, 0xa, @in=@local, 0x0, 0x4, 0x0, 0x0, 0x7}}, 0xe8)
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0xa, 0x5, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=0x1], 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r4 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r4, 0x47fa, 0x0, 0x0, 0x0, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000c561854281d17b820000000000"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRESHEX=r7, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRESHEX, @ANYRES16=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r10, 0x0, 0x4ab}, 0x18)
pipe2(&(0x7f0000001cc0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000200), 0x800, &(0x7f0000000cc0)=ANY=[@ANYRES32=r1, @ANYRESHEX=r11, @ANYBLOB="1d7c666c6e6f3d", @ANYRESHEX=r12, @ANYBLOB="2c756e616d653dd0aedec1aa20ffd81d1bf89329217cb058a396eda2ab40a26d93dd083c0074dcab6cab21ae16c4"])
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000040)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)

2.390278394s ago: executing program 5 (id=4225):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x80080)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'wg2\x00'})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")

1.541908066s ago: executing program 0 (id=4230):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)

1.529009626s ago: executing program 1 (id=4231):
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendto$inet6(r0, &(0x7f0000000180)='v', 0x1fb5b, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.197945072s ago: executing program 1 (id=4232):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000259a59fa41095a2fba71b55213eb33703ed1d2d7a024f9c1c7960806b1735a4b033689a3164eb13268d2edbdf6ebfde8f51eaa6f9707885638d6c51151c8c8bdc786c5fa9e756ab4f74bfbd500000077330c698d40ba66"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r2])

1.025072994s ago: executing program 6 (id=4234):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000380)=ANY=[], 0x9)

1.022402704s ago: executing program 0 (id=4235):
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x3, 0x4de, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nUma9Ot1Xl9f32utmlrFYDFp02q7EKSi4EJBrKAuQ5KW2rSRJgVbqkxB6lIK7sWlWxdu1U0RV4LbuhSkUKSbtoI4cmfunZlMZ5ImmWSM+f1gMufcr3POPffcOfeczASwYQ2lf5Ja+GZE7IiIQusGQ7W3e3euTNy/c2UiypXKyd+S6m5303gmO0xszSLDhYjCx0ljRZPZS5fPjk9PT13I4qNz594fnb10+dkzg9mS48ePHjl87Pmx55ZeqDbppeW6u/ejmX17Xn33+usTffnyPLXmcnTLUAy1y0rVU91OrMe2N4WTvh5mhCVJr/+0uvqr7X9HFGOhyiuvYc6A1VapVCoDnVeXK62uPrAEWLdisNc5AHoj/6BPn3/zV7uOwKbV6X703O0TtQegtNz3slfE49WF+ThIf8vzbTcNRcQ75d8/T1+xSuMQAADNvj2R9wRb+n+l2szIHxdvvJi+/yubQylFxL8jYmdE/CcidkXEfyNid0T8LyL+33L8YkRUFkh/qCVeT78+CVW41aWitpX2/17I5rYa/b95GSgVs9j2iLzDPHUoOyfD0T9w6sz01OEF0vju5Z8+7bSuuf+XvtL0875glo9bfS0DdJPjc+PLLnCL21cj9va1lj/pi0jqMwFJROyJiL1LOG6pKXzmmS/31SP987dbvPxVlbbzaF2YZ6p8EfF0rf7LMa/+Gykm8+Ynz42fnjo9dX6sPj85OhjTU4dG06vgUNs0fvjx2hud0l+0/F//0rrLK8e+OZm1rJVL639L0/Uf+fxto/ylJCKpz9fOLj2Naz9/0vGZZrnX/6bkrWo4fy79YHxu7sLhiE3Jaw8uH2vsm8fT9yjXyj98oH3735ntk56JRyIivYgfjYjHovaEmOZ9f0Q8EREHFij/9y89+d7yy7+60vJPttz/ajU/r/4b8/WdAkk2N9hmVfHs/pv3O9w8Hq7+j1ZDw9mS9ve/ZN4tolNO80+7dMmfKz57AAAAsD4UImJb01jStigURkZqY0C7YkthemZ27uCpmYvnJ9N1EaXoL+QjXbXx4P4kH/8sNcXHWuJHsnHjz4qbq/GRiZnpyZ6WHNhabfNJYSTi7WJT+0/92p0hZuDvzPe1YONaqP2nnfjd19cwM8CaevjP/xsfrmpGgDXX1P47fcO/vIz/+wLWAc//QMPiP/TjngHrX0Vbhg1tSe3/oB8BhH+SvnizHi70NCfAWtP/hw1p0e/1ryhQGWi/ajAe3DgGFz5gMZaXjc1t0upJIO1Z9ST1zcvZK/81hY7bRGFpBxyI7tTpqRWejfKF2dO7u37xV7L/le92DX61Ju20XaAntyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICu+ysAAP//+sDgnA==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={0xffffffffffffffff, 0x4}, 0xc)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r2, 0xc038943b, &(0x7f00000001c0)={0x2, 0x10, '\x00', 0x0, &(0x7f0000000180)=[0x0, 0x0]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r4, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414"], 0x44}, 0x1, 0x2}, 0x0)

991.424655ms ago: executing program 1 (id=4236):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
unlink(0x0)

946.463705ms ago: executing program 2 (id=4237):
removexattr(&(0x7f00000002c0)='\x00', &(0x7f0000000000)=@known='com.apple.FinderInfo\x00')
r0 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x20081e, &(0x7f0000000340), 0x1, 0x532, &(0x7f0000001200)="$eJzs3c9vI1cdAPCvZ/PDm02bbekBEG2XtrCg1TqJt42qHqCcEEKVED0WKQ2JE0Wx4yh2ShP2kJ65IlGJExz5Azj3hMSRC4Ibl3JAKhCBGhAHoxmPgze1yc+1s/HnI43mzbx4vt8Xy+/Zz/K8AEbWnYjYj4iJiHg3Imby84V8izfbW/p3nx48XD48eLhciFbr7b8Vsvr0XHQ9JnUrv2YxIr7/7YgfFj4bt7G7t7FUrVa28+PZZm1rtrG7d3+9trRWWatslssL8wtzrz94rXxpbX2xNpGXnv/4d/tf/3Ga1nR+prsdl6nd9PGjOKmxiPju4wg2BDfy9kwMOxHOJYmIZyPipez1PxM3smcTALjOWq2ZaM10HwMA112SzYEVklI+FzAdSVIqtefwnouppFpvNO+t1nc2V9pzZbdjPFldr1bm8rnC2zFZSI/ns3JWnx2Xjx0/iIhnIuKnkzez49JyvboyzDc+ADDCbh0b//852R7/T/T84gCyAwAem+KwEwAABs74DwCjx/gPAKPH+A8Ao6c9/t88y0PGH1cuAMBg+PwPAKPnIuP//iXmAQAMxPfeeivdWof5/a9X3tvd2ai/d3+l0tgo1XaWS8v17a3SWr2+lt2zp3bS9ar1+tb8q7Hz/u1vbDWas43dvcVafWezuZjd13ux0v7ewJsGABimZ1786I+FdER+42a2RddaDr7jh+stGXYCwNDcGHYCwNBY7QtG10mf8f/dOvdDgSdEjyV6H1Hs9QOhVqvVv3sArrq7XzD/D6Oqa/7fr4BgxJj/h9Fl/h9GV6tVSLfTLBXcnu8DAJ545viBPt//P5vvf5V/OfCDleN/8eFZopzpFqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw5XXW/y3la4FPR5KUShFPRcTtGC+srlcrcxHxdET8YXJ8Mj2eH3LOAMBFJX8p5Ot/3Z15ZfqRqhduHRUnIuJHP3/7Z+8vNZvbv4+YKPx9snO++WF+vjz47AGAk3XG6Wzf9UH+04OHy51tkPl88q2IKLbjHx5MxOFR/LEYy/bFGI+IqX8U8uO2QtfcxUXsfxARn+/V/kJMZ3Mg7ZVPj8dPYz810PjJI/GTrK69T/8Xn7uEXGDUfJT2P2/2ev0lcSfb9379F7Me6uLy/i+91PJh1gf+L36n/7vRp/+7c9oYr/7mO+3SZ9df/uSDiC+ORXRiH3b1P534hT7xXzll/D996YWX+tW1fhFxN3rH744126xtzTZ29+6v15bWKmuVzXJ5YX5h7vUHr5VnV9d/W5mb7T8a/PWNe0/3q0vbP9UnfvGE9n/llO3/5X/efefLPc6P5fG/9nKv+Ek893/ip2PiV08Zf2nq18V+dWn8lT7tP+n5v3fK+B//eW8lG6gAgCuhsbu3sVStVrYvXngnv2R2JpJLvPJ5C8UYZvShF6bO8Med93bDzvmEQpriFUijZ+Gbg4o1Eb2rfvJy+zk8VtVqnStWvx7jMmbdgKvg6EUfEf8adjIAAAAAAAAAAAAAAEBPg/jF0rDbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPX13wAAAP//JUXJAg==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfe6a)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1, 0x0, 0x2}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000300)={@local}, &(0x7f00000004c0)=0x37)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000006110a40000000e001f0100000000000095f16e14b5ee0000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYRES32=r0], 0x0, 0x4, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r8}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000280)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRES16, @ANYBLOB="bc1b78e78b5f7c861cecd1dbad9705cc36cd468bd15bdc085a215d0e0eeaf5a530004ed68dbb627ec938b74b0e3f95a1401a9e7e9c88b17a91fa911f9617255328db8f039b9efd3762c40d1df18067deb37a2dd29337f7a8daa4de9d0d2b2dac90eaaf78bb3cda4ef0ee5e0e8d7bdea8b5900211161af743f30692f7df66d1a82ee79e9712fa4965335b79a87c9ed71b5b410f713c5ff60ecb08d7e9230baeb2b5bbfb07652a63ceabf6879f6088f1bfd0df5a9f00f3fd51080da6a6d93980fbc743f8a2f4be9fc5a4c3ee26a325463024e714fe328e4ccbd55c0b7121", @ANYRESHEX=r4, @ANYRES8=r5, @ANYRES16=r2, @ANYRES16, @ANYRES16=r1, @ANYRES8], 0x10b8}, 0x20044010)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000240), 0xfffffecc)

859.830917ms ago: executing program 6 (id=4238):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x0, 0x0}, 0x10)
socketpair(0x11, 0xa, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)

859.293037ms ago: executing program 1 (id=4239):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed4040, &(0x7f00000002c0)={[{@noblock_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@journal_dev={'journal_dev', 0x3d, 0x803}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@jqfmt_vfsv0}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@init_itable_val={'init_itable', 0x3d, 0x5}}]}, 0xf5, 0x47a, &(0x7f0000000ac0)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKd1WwhSwEBNhBBFDxjjwZB4Nx5N/As86cWoJxOveDckxHABPa2ZnRnaLrulpQu7uJ9PMux7M7O89903b/fNe7sNoG+NZf8kEesj4mJEjEZEpfmEsfzh2pWztX+unK0lUa+/9XeSPS2uXjlbK/6LxpZZl++o14v8mhblnn83ojo7O3OyyE/MHftg4tTpM88eOVY9PHN45vjUgQN792wf2j+1ryNxZnFd3frxiW1bXn3nwuu1gxfe+/X7rL7ri+NlHJ00lr+6LT3R6cK6bMOCdFLpYkVYkazdBovtYozGQIxcPzYar3zW1coBt1ul1edz4Vwd+B/LBupAPyo/6LP733K7Q+OOnnD5xXzCI4v7WrHlRyqRFucMNt3fdtJwRBw89+832Ra3aR4CAGChH7PxzzOtxn9pPLDgvHuKNZSNEXFvRGyKiPsiYnNE3B/ROPfBiHhoheU3r5DcOP5JLy3K1gdWWMLSsvHf88Xa1uLxXzn6i40DRW5DI/7B5NCR2ZndxWuyKwbXZPnJRU9Z7KeX//iqed+XxTT72ILxX7Zl5S+OML3UPEE3XZ2rrj7y3OVPI7ZWWsWfXF8HTCJiS0RsvcUyjjz13bZ2x1rFX46Fb6oD60z1byOezNv/XDTFX0rark9OPrd/at/EcMzO7J4or4ob/fb7+Tfblb+q+Dsga/+1La//PP7sHjEZjjh1+szRxnrtqVso5M/Pa0mbQ5tvGv+N139tZ8RQ8nYjPVSeVTwOJa9lDyPl/o+qc3Mnp+afW+Ybj5N5/Lt2zMdfjfn+vym/PWu8Eg9HRHYRb4+IRyLi0aLtHouIxyNixxLh//LSzvfbHWvf/kvMyndQFv/0Eu2fveVlqfn2X3li4OjPP7Qrv76s9t/bSO0q9izn/W+5FVzNawcAAAB3i7TxHfgkHb+eTtPx8fw7/JtjbVqJiKcPnfjw+HT+XfmNMZiWM12jC+ZDJ4u54TI/1ZTfU8wbfz0w0siP107MTnc7eOhz69r0/8xfnV1qAXqR32tB/9L/oX/p/9C/9H/oXy90uwJAdwy13v3Jna4H0BUrH/8P35Z6AHee+3/oX/o/9C/9H/pS29/Gp6v6yf/dmqj0RjVaJkZ6oxplItKeqEbnEm98kXeJXqlPmags+49Z3GJiTctD3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iz/AgAA///NIdoS")
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0, 0x5}, 0x80, 0x800, 0x0, 0x0, 0x0, 0x7, 0xffff, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x15, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r4, 0x89e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
unshare(0x6a040000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x5c, 0x10, 0x421, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x28079}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x22, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x4}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_ENCAP_DPORT={0x6}]}}}, @IFLA_ADDRESS={0xa, 0x1, @random="087934e9cff9"}]}, 0x5c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r6 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_user(r6, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t root'], 0x27)

786.958248ms ago: executing program 6 (id=4240):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x2, {0x2, 0x0, 0x2}}, 0x18)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
r4 = fsopen(&(0x7f0000000000)='selinuxfs\x00', 0x1)
fsconfig$FSCONFIG_SET_FLAG(r4, 0x5, &(0x7f0000000540)='mand\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x106f)
sendmmsg$sock(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="6e4147332e3d2a486f8dbfa4fdb710c01d7a24dbe8d60a89c5aaadf8b35dcbe0650a138b1bab675dabb77886d55ad6a291e81f0b4398de53808af5014b685e4df848611c6f0a29f0eaaaf1169e9cacd37ba58fd8fb22e36fc6e32fc9139d"}, {&(0x7f0000000280)="a8b57748b743880915775d5782fae2605f64a2499ed59359c587eede4734e1c58f71701085c36b734df7d0f888c9e5090598775369ecfbbb6c8a462c3a9519a4f63cc75e6537f917043834d0e1ec66d2fd615bd487226517a74a56543b1c5883ea6872b2d88369815ff2777be2ae6870791def95c109ce74faf506937c0e94e4c33bdf3a8806562594be036729226aa8d21f09b7fdd79785c02c20277d9cf1d47152"}], 0x0, &(0x7f0000000140)=[@timestamping={{0x0, 0x1, 0x25, 0xb}}, @timestamping={{0x0, 0x1, 0x25, 0xfffeffff}}, @timestamping, @mark, @mark={{0x0, 0x1, 0x24, 0x4}}]}}], 0x2, 0xc80c0)
r5 = socket$kcm(0x11, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
sendmsg$kcm(r5, &(0x7f00000001c0)={&(0x7f0000000200)=@phonet={0x23, 0x0, 0xff, 0xf}, 0x80, &(0x7f00000018c0)}, 0x0)

660.25426ms ago: executing program 6 (id=4241):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kmem_cache_free\x00', r3, 0x0, 0x800}, 0x18)
flock(r0, 0x2)

608.911871ms ago: executing program 5 (id=4242):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x2, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000040000000400000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x6, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x100})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000100)=r4, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f0, &(0x7f0000000080))

575.795591ms ago: executing program 0 (id=4243):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x400, 0x203}, 0x8)
sendto$inet(r0, &(0x7f0000000100)="ab", 0xff04, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="76389e147583ddd0569ba56a888e", 0x0, 0xff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x8}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r7, 0x0, 0x2}, 0x18)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="c50f00000000000000001100000008000300cacc5e0ea173d3bca498e597636339bfeca9d27e89c1c80ae3d48e7a0b9f9b65e51cf2cdbd6016732236f2329862dae6eeef517e840ed3aa930edc7be334e4d023dccfadb1d87d618955bb19933fa6a3e54e9c4a47f6df6b7a06391ca6c84213bdf7fff77c40413b7ae41a3b265459eba7440817376f1240b8ed069b580dc6ce16ace3028e6b2162f2aec6d76cac72de6e4b1aa012492c07", @ANYRES32=0x0, @ANYBLOB="08002a0084210000"], 0x24}}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0xfdef)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r10, 0x0, 0x2}, 0x18)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f00000010c0)={[{@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@user_xattr}], [{@defcontext={'defcontext', 0x3d, 'staff_u'}}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x10}, 0xc)

575.384061ms ago: executing program 6 (id=4244):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000259a59fa41095a2fba71b55213eb33703ed1d2d7a024f9c1c7960806b1735a4b033689a3164eb13268d2edbdf6ebfde8f51eaa6f9707885638d6c51151c8c8bdc786c5fa9e756ab4f74bfbd500000077330c698d40ba66"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r1])

479.792483ms ago: executing program 2 (id=4245):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0b00000005000000020000000200000005000000", @ANYRES32, @ANYBLOB="00f22c00000000000000000000000000000000000000b943d96fa3e99ed3c9d96ff9a4ea74325019f78a8c52f2475ce24e9b2a8a184b9ec21ded6910e7e8665e7e60a8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = gettid()
timer_create(0x5, &(0x7f00000000c0)={0x0, 0x8, 0x0, @tid=r3}, &(0x7f0000000100)) (async)
timer_create(0x5, &(0x7f00000000c0)={0x0, 0x8, 0x0, @tid=r3}, &(0x7f0000000100))
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4) (async)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'gre0\x00', &(0x7f00000001c0)={'syztnl0\x00', <r4=>0x0, 0x40, 0x40, 0xfff, 0x6, {{0xe, 0x4, 0x1, 0xd, 0x38, 0x64, 0x0, 0x6, 0x2f, 0x0, @local, @loopback, {[@rr={0x7, 0x23, 0x73, [@multicast1, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @private=0xa010100, @private=0xa010102, @multicast1, @loopback]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000580)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl0\x00', r4, 0x2f, 0x7f, 0x1, 0x8, 0x84, @dev={0xfe, 0x80, '\x00', 0x34}, @remote, 0x80, 0x1, 0x10, 0xfffffffa}}) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000580)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl0\x00', r4, 0x2f, 0x7f, 0x1, 0x8, 0x84, @dev={0xfe, 0x80, '\x00', 0x34}, @remote, 0x80, 0x1, 0x10, 0xfffffffa}})
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
socket$kcm(0x10, 0x2, 0x0) (async)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) (async)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

455.906133ms ago: executing program 5 (id=4246):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xa6, 0x7ffc1ffb}]})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)

438.798063ms ago: executing program 6 (id=4247):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f0000005140), 0x0, 0x240000c0)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x200000000007}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r3 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r1, 0x0, 0x0)
mkdirat(r4, &(0x7f0000000100)='./file0\x00', 0xcc)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x3008002, &(0x7f0000000000)={[{@noblock_validity}]}, 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x5, 0xffffffff, 0x4, 0x3, 0x2, 0x809, 0x7b, 0x0, 0x80000000})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/135, 0x87}, {&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/56, 0x38}, {&(0x7f0000001180)=""/111, 0x6f}, {&(0x7f0000001200)=""/242, 0xf2}, {&(0x7f0000001300)=""/188, 0xbc}, {&(0x7f00000013c0)=""/251, 0xfb}, {&(0x7f00000014c0)=""/63, 0x3f}, {&(0x7f0000001500)=""/130, 0x82}], 0x9)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
getsockopt$IP_SET_OP_GET_BYINDEX(r5, 0x1, 0x53, &(0x7f0000000000), &(0x7f0000000040)=0x28)

402.807794ms ago: executing program 1 (id=4248):
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0x1, 0x50f, &(0x7f0000000140)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x30)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r2, &(0x7f00000002c0)={0x2c, 0x4, r4}, 0x10)
fallocate(r0, 0x0, 0x0, 0x1001f0)

34.306849ms ago: executing program 2 (id=4249):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fsetxattr$security_selinux(r2, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0) (fail_nth: 1)

33.38032ms ago: executing program 5 (id=4250):
r0 = socket$inet(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, 0x0, 0x80c0)
r2 = syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0xa0502)
syz_usb_disconnect(r2)
syz_usb_connect(0x5, 0x36, &(0x7f0000000100)=ANY=[], 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000800)={[{@nojournal_checksum}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@euid_eq}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}, 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
socket$nl_xfrm(0x10, 0x3, 0x6)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000400), 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000940)=@mangle={'mangle\x00', 0x44, 0x6, 0x3e0, 0x230, 0x0, 0x2d0, 0x138, 0x2d0, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x7a00, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x3, 0xf4}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@multicast2, @loopback, 0xff, 0x0, 'veth1_vlan\x00', 'veth1_macvtap\x00', {}, {0xff}, 0x0, 0x1, 0xc1513f04b421a003}, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, [0xffffffff, 0x0, 0x0, 0x5c6cad92e6a38bac], 0x4e21, 0x4e23, 0x4e21, 0x4e21, 0x56, 0x9, 0xb, 0x3, 0x7ff1}}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x440)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000000)={0x2c}, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001a00)=@newqdisc={0x3a0, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x140, 0x2, [@TCA_RED_MARK_BLOCK={0x8, 0x6, 0x8}, @TCA_RED_STAB={0x104, 0x2, "f20c3d1bd7f4acdc48c4b6121dc0a0b77541b95b385a06d92d042c2d531588386dbf9a3fe58c4f0610f650317d09e2ce88980bed4ea0ab575b4180a6edebb7755de3172d3f3f7191c53d83013f16b44302d53a1857eedf9eae46cf27194c3c688dfa86afece65c5923bb45947775984f094f2b6967b33ffe6022afaf32c8deaae343d9291fc33eb73c3faa7945e1562336dbb97223f19db2c05118dcb21cefccbffcba194e6a075fe305fe5e034d8c4a93c71d35678cf1030e0992b883807436f05020004033bafc8c20635588fc1627bcf2f7eca9c7fc2ba89def518c2cd471258733b1447b5e7f26f0bbcf5446658da3c28e32364fcfb026b7d26676e25a83"}, @TCA_RED_FLAGS={0xc, 0x4, {0x0, 0x8}}, @TCA_RED_MAX_P={0x8, 0x3, 0x3}, @TCA_RED_MAX_P={0x8, 0x3, 0x6}, @TCA_RED_PARMS={0x14, 0x1, {0x200, 0xf, 0x0, 0x11, 0x1d, 0x9, 0x5}}]}}, @TCA_STAB={0x234, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x2, 0x0, 0x7, 0x2, 0xe, 0x2, 0x4}}, {0xc, 0x2, [0x7ff, 0x56ac, 0x0, 0xfcad]}}, {{0x1c, 0x1, {0xfe, 0x80, 0xfff7, 0x10, 0x2, 0x7, 0x7, 0x6}}, {0x10, 0x2, [0x9, 0xff80, 0x6, 0x5, 0x3, 0x0]}}, {{0x1c, 0x1, {0xbb, 0xda, 0x27b, 0x10005, 0x1, 0x6, 0x3, 0x1}}, {0x6, 0x2, [0x1]}}, {{0x1c, 0x1, {0x3, 0x9, 0xc2, 0x8454, 0x1, 0xea, 0x1, 0x9}}, {0x16, 0x2, [0xf8d8, 0xb48, 0x4, 0x6, 0xf000, 0x7, 0x7, 0x1ff, 0xfffc]}}, {{0x1c, 0x1, {0x0, 0x9, 0x3, 0x7, 0x2, 0xfffffffb, 0x1, 0x2}}, {0x8, 0x2, [0x800, 0x1ff]}}, {{0x1c, 0x1, {0x7, 0xa9, 0x8, 0xdd9, 0x0, 0x3, 0x5, 0x1}}, {0x6, 0x2, [0x9]}}, {{0x1c, 0x1, {0x5, 0xa, 0xf2ed, 0x8, 0x0, 0x4, 0xa5000000, 0x1}}, {0x6, 0x2, [0x7]}}, {{0x1c, 0x1, {0xf9, 0x65, 0x96c3, 0x2, 0x1, 0x353, 0x8001, 0x5}}, {0xe, 0x2, [0x2, 0x76e, 0xff, 0xc, 0x1ff]}}, {{0x1c, 0x1, {0x80, 0x3, 0x5, 0xff, 0x2, 0x5, 0x2faaa85e, 0x1}}, {0x6, 0x2, [0x8]}}, {{0x1c, 0x1, {0x1, 0x7, 0x8, 0x5, 0x1, 0x5, 0x6, 0x7}}, {0x12, 0x2, [0x2, 0x3, 0xa, 0x5, 0xff, 0x5c68, 0x7]}}, {{0x1c, 0x1, {0x90, 0x6, 0x6, 0xdc, 0x2, 0xc, 0x8, 0x2}}, {0x8, 0x2, [0x200, 0x81]}}, {{0x1c, 0x1, {0x31, 0x8, 0x4, 0x0, 0x0, 0x3, 0xfe0, 0x4}}, {0xc, 0x2, [0x7c, 0x4, 0x7, 0x9]}}, {{0x1c, 0x1, {0x2, 0x8, 0x1, 0x8, 0x1, 0xc, 0x1, 0x4}}, {0xc, 0x2, [0x8001, 0x2, 0xffff, 0x9]}}, {{0x1c, 0x1, {0xfe, 0xc2, 0xf, 0x9, 0x0, 0x1fc, 0x6, 0x2}}, {0x8, 0x2, [0x8, 0x38a]}}]}]}, 0x3a0}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

716.17µs ago: executing program 2 (id=4251):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYRESDEC=r0, @ANYRES8=r0, @ANYRESOCT=r1, @ANYRESHEX=r1, @ANYBLOB="4d5e92f48562e2b7436799457af3fbd85f06a66d19ab07f935613362d590669c1b94b760e3c2a0b06b3d0f5c35d18ae0b12c252b9c6f849ff7618af9c6875895df461d0af69adf40400decdd1fd8036b346e8b8b86a50b82011c85c861c3225e49137f2924ec046a4fd3b85a4ec6fcf5c44f1c3074f3a80fbdd5fabdf9dc89e9bfc8d61245108ce59f2b3a318a1eb7c0b92fe3686ce3", @ANYRESHEX=r1, @ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10)
r3 = gettid()
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
read(r4, &(0x7f0000000200)=""/202, 0xca)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, {0x3}})
tkill(r3, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r4, 0xc08c5336, &(0x7f0000000000)={0x1, 0x2, 0x0, 'queue0\x00', 0x3})
dup(r1)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0), 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000000), 0xffffff6a)

0s ago: executing program 1 (id=4252):
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
sendto$inet6(r0, &(0x7f0000000180)='v', 0x1fb5b, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

kernel console output (not intermixed with test programs):

6.910295][T14268] syz.6.3649: attempt to access beyond end of device
[  466.910295][T14268] loop6: rw=2049, sector=233, nr_sectors = 8 limit=128
[  466.990897][T14298] FAULT_INJECTION: forcing a failure.
[  466.990897][T14298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  467.004148][T14298] CPU: 0 UID: 0 PID: 14298 Comm: syz.5.3660 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  467.004182][T14298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  467.004198][T14298] Call Trace:
[  467.004205][T14298]  <TASK>
[  467.004218][T14298]  __dump_stack+0x1d/0x30
[  467.004239][T14298]  dump_stack_lvl+0xe8/0x140
[  467.004269][T14298]  dump_stack+0x15/0x1b
[  467.004288][T14298]  should_fail_ex+0x265/0x280
[  467.004278][T14268] syz.6.3649: attempt to access beyond end of device
[  467.004278][T14268] loop6: rw=2049, sector=249, nr_sectors = 8 limit=128
[  467.004318][T14298]  should_fail+0xb/0x20
[  467.004419][T14298]  should_fail_usercopy+0x1a/0x20
[  467.004466][T14298]  _copy_from_user+0x1c/0xb0
[  467.004495][T14298]  ___sys_sendmsg+0xc1/0x1d0
[  467.004613][T14298]  __x64_sys_sendmsg+0xd4/0x160
[  467.004665][T14298]  x64_sys_call+0x2999/0x2fb0
[  467.004770][T14298]  do_syscall_64+0xd2/0x200
[  467.004796][T14298]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  467.004831][T14298]  ? clear_bhb_loop+0x40/0x90
[  467.004859][T14298]  ? clear_bhb_loop+0x40/0x90
[  467.004889][T14298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.004920][T14298] RIP: 0033:0x7f9587a0e929
[  467.004940][T14298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  467.004987][T14298] RSP: 002b:00007f9586077038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  467.005013][T14298] RAX: ffffffffffffffda RBX: 00007f9587c35fa0 RCX: 00007f9587a0e929
[  467.005030][T14298] RDX: 0000000004000054 RSI: 0000200000000480 RDI: 0000000000000003
[  467.005102][T14298] RBP: 00007f9586077090 R08: 0000000000000000 R09: 0000000000000000
[  467.005118][T14298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  467.005135][T14298] R13: 0000000000000000 R14: 00007f9587c35fa0 R15: 00007ffe164d0668
[  467.005160][T14298]  </TASK>
[  467.222049][T14268] syz.6.3649: attempt to access beyond end of device
[  467.222049][T14268] loop6: rw=2049, sector=265, nr_sectors = 8 limit=128
[  467.265941][T14268] syz.6.3649: attempt to access beyond end of device
[  467.265941][T14268] loop6: rw=2049, sector=281, nr_sectors = 8 limit=128
[  467.536714][T14322] loop2: detected capacity change from 0 to 512
[  467.543538][T14319] bond5: entered promiscuous mode
[  467.548603][T14319] bond5: entered allmulticast mode
[  467.553410][T14322] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  467.564845][T14319] 8021q: adding VLAN 0 to HW filter on device bond5
[  467.578197][T14322] EXT4-fs (loop2): 1 truncate cleaned up
[  467.612278][T14319] loop1: detected capacity change from 0 to 512
[  467.621664][T14319] EXT4-fs: Ignoring removed nomblk_io_submit option
[  467.673935][T14319] ext4 filesystem being mounted at /194/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  467.693051][T14336] loop2: detected capacity change from 0 to 512
[  467.701604][T14336] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  467.721295][T14336] EXT4-fs (loop2): 1 truncate cleaned up
[  467.780360][T14344] FAULT_INJECTION: forcing a failure.
[  467.780360][T14344] name failslab, interval 1, probability 0, space 0, times 0
[  467.793130][T14344] CPU: 1 UID: 0 PID: 14344 Comm: syz.2.3677 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  467.793164][T14344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  467.793179][T14344] Call Trace:
[  467.793187][T14344]  <TASK>
[  467.793197][T14344]  __dump_stack+0x1d/0x30
[  467.793260][T14344]  dump_stack_lvl+0xe8/0x140
[  467.793284][T14344]  dump_stack+0x15/0x1b
[  467.793306][T14344]  should_fail_ex+0x265/0x280
[  467.793346][T14344]  should_failslab+0x8c/0xb0
[  467.793375][T14344]  kmem_cache_alloc_noprof+0x50/0x310
[  467.793452][T14344]  ? alloc_vfsmnt+0x2d/0x360
[  467.793481][T14344]  alloc_vfsmnt+0x2d/0x360
[  467.793553][T14344]  vfs_create_mount+0x3b/0x240
[  467.793585][T14344]  __se_sys_fsmount+0x2d9/0x580
[  467.793611][T14344]  __x64_sys_fsmount+0x43/0x50
[  467.793634][T14344]  x64_sys_call+0x2a6a/0x2fb0
[  467.793661][T14344]  do_syscall_64+0xd2/0x200
[  467.793769][T14344]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  467.793799][T14344]  ? clear_bhb_loop+0x40/0x90
[  467.793819][T14344]  ? clear_bhb_loop+0x40/0x90
[  467.793839][T14344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.793866][T14344] RIP: 0033:0x7f60c538e929
[  467.793961][T14344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  467.793983][T14344] RSP: 002b:00007f60c39f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b0
[  467.794041][T14344] RAX: ffffffffffffffda RBX: 00007f60c55b5fa0 RCX: 00007f60c538e929
[  467.794058][T14344] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  467.794073][T14344] RBP: 00007f60c39f7090 R08: 0000000000000000 R09: 0000000000000000
[  467.794089][T14344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  467.794104][T14344] R13: 0000000000000000 R14: 00007f60c55b5fa0 R15: 00007ffe747f8e48
[  467.794123][T14344]  </TASK>
[  467.898936][T14341] loop5: detected capacity change from 0 to 128
[  468.056046][T14357] loop1: detected capacity change from 0 to 512
[  468.078119][T14357] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.3681: corrupted in-inode xattr: invalid ea_ino
[  468.205267][T14357] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.3681: couldn't read orphan inode 15 (err -117)
[  468.381400][   T29] kauditd_printk_skb: 371 callbacks suppressed
[  468.381416][   T29] audit: type=1400 audit(1749929961.320:6494): avc:  denied  { validate_trans } for  pid=14370 comm="syz.6.3689" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  468.442935][   T29] audit: type=1326 audit(1749929961.366:6495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14369 comm="syz.0.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f17b52be929 code=0x7ffc0000
[  468.479550][   T29] audit: type=1326 audit(1749929961.395:6496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14367 comm="syz.0.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b52be929 code=0x7ffc0000
[  468.479583][   T29] audit: type=1326 audit(1749929961.395:6497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14367 comm="syz.0.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b52be929 code=0x7ffc0000
[  468.535053][T14379] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14379 comm=syz.6.3690
[  468.535120][T14379] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3690'.
[  468.535148][T14379] netlink: 'syz.6.3690': attribute type 5 has an invalid length.
[  468.537615][T14379] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  468.537656][T14379] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  468.537718][T14379] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  468.537756][T14379] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  468.538041][T14379] vxlan0: entered promiscuous mode
[  468.629863][T14381] bond3: entered promiscuous mode
[  468.635024][T14381] bond3: entered allmulticast mode
[  468.662514][T14381] 8021q: adding VLAN 0 to HW filter on device bond3
[  468.680881][T14381] loop0: detected capacity change from 0 to 512
[  468.681302][T14381] EXT4-fs: Ignoring removed nomblk_io_submit option
[  468.729383][T14381] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  468.750009][T14389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  468.750112][T14389] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  468.751493][T14389] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3694'.
[  468.834002][   T29] audit: type=1326 audit(1749929961.741:6498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14390 comm="syz.5.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  468.834042][   T29] audit: type=1326 audit(1749929961.741:6499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14390 comm="syz.5.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  468.834115][   T29] audit: type=1326 audit(1749929961.741:6500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14390 comm="syz.5.3695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  468.853143][T14394] lo speed is unknown, defaulting to 1000
[  468.914413][T14394] lo speed is unknown, defaulting to 1000
[  468.914666][T14394] lo speed is unknown, defaulting to 1000
[  468.928924][T14395] netlink: 16 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  468.929030][T14395] netlink: 16 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  468.929663][T14394] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  468.930382][T14394] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  468.973818][T14394] lo speed is unknown, defaulting to 1000
[  468.974169][T14394] lo speed is unknown, defaulting to 1000
[  468.974434][T14394] lo speed is unknown, defaulting to 1000
[  468.974923][T14394] lo speed is unknown, defaulting to 1000
[  468.975163][T14394] lo speed is unknown, defaulting to 1000
[  468.975425][T14394] lo speed is unknown, defaulting to 1000
[  468.976011][T14394] lo speed is unknown, defaulting to 1000
[  469.043574][   T29] audit: type=1326 audit(1749929961.937:6501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.5.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  469.068233][   T29] audit: type=1326 audit(1749929961.956:6502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.5.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  469.098854][   T29] audit: type=1326 audit(1749929961.956:6503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14398 comm="syz.5.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  469.126499][T14401] loop2: detected capacity change from 0 to 512
[  469.159883][T14401] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  469.177380][T14401] EXT4-fs (loop2): 1 truncate cleaned up
[  469.185756][T14401] hub 6-0:1.0: USB hub found
[  469.190909][T14401] hub 6-0:1.0: 8 ports detected
[  469.206199][T14406] bond3: entered promiscuous mode
[  469.211340][T14406] bond3: entered allmulticast mode
[  469.217111][T14406] 8021q: adding VLAN 0 to HW filter on device bond3
[  469.231577][T14406] loop5: detected capacity change from 0 to 512
[  469.241552][T14406] EXT4-fs: Ignoring removed nomblk_io_submit option
[  469.253567][T14406] ext4 filesystem being mounted at /396/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  469.392454][T14416] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3703'.
[  469.477279][T14427] netlink: 'syz.6.3708': attribute type 2 has an invalid length.
[  469.480840][T14429] loop0: detected capacity change from 0 to 512
[  469.485119][T14427] netlink: 'syz.6.3708': attribute type 8 has an invalid length.
[  469.499520][T14427] netlink: 132 bytes leftover after parsing attributes in process `syz.6.3708'.
[  469.503380][T14431] loop5: detected capacity change from 0 to 2048
[  469.515671][T14431] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  469.553421][T14420] loop1: detected capacity change from 0 to 128
[  469.567915][T14429] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.3709: corrupted in-inode xattr: invalid ea_ino
[  469.604621][T14429] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3709: couldn't read orphan inode 15 (err -117)
[  469.659569][T14429] Invalid ELF header magic: != ELF
[  469.730305][T14440] FAULT_INJECTION: forcing a failure.
[  469.730305][T14440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.743492][T14440] CPU: 1 UID: 0 PID: 14440 Comm: syz.0.3712 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  469.743520][T14440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.743536][T14440] Call Trace:
[  469.743544][T14440]  <TASK>
[  469.743557][T14440]  __dump_stack+0x1d/0x30
[  469.743593][T14440]  dump_stack_lvl+0xe8/0x140
[  469.743618][T14440]  dump_stack+0x15/0x1b
[  469.743637][T14440]  should_fail_ex+0x265/0x280
[  469.743721][T14440]  should_fail+0xb/0x20
[  469.743748][T14440]  should_fail_usercopy+0x1a/0x20
[  469.743788][T14440]  _copy_to_user+0x20/0xa0
[  469.743858][T14440]  simple_read_from_buffer+0xb5/0x130
[  469.743896][T14440]  proc_fail_nth_read+0x100/0x140
[  469.743933][T14440]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  469.743971][T14440]  vfs_read+0x1a0/0x6f0
[  469.744067][T14440]  ? __rcu_read_unlock+0x4f/0x70
[  469.744096][T14440]  ? __fget_files+0x184/0x1c0
[  469.744122][T14440]  ksys_read+0xda/0x1a0
[  469.744192][T14440]  __x64_sys_read+0x40/0x50
[  469.744256][T14440]  x64_sys_call+0x2d77/0x2fb0
[  469.744284][T14440]  do_syscall_64+0xd2/0x200
[  469.744308][T14440]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  469.744416][T14440]  ? clear_bhb_loop+0x40/0x90
[  469.744557][T14440]  ? clear_bhb_loop+0x40/0x90
[  469.744579][T14440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.744602][T14440] RIP: 0033:0x7f17b52bd33c
[  469.744619][T14440] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  469.744659][T14440] RSP: 002b:00007f17b3927030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  469.744683][T14440] RAX: ffffffffffffffda RBX: 00007f17b54e5fa0 RCX: 00007f17b52bd33c
[  469.744702][T14440] RDX: 000000000000000f RSI: 00007f17b39270a0 RDI: 0000000000000003
[  469.744718][T14440] RBP: 00007f17b3927090 R08: 0000000000000000 R09: 0000000000000000
[  469.744732][T14440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.744745][T14440] R13: 0000000000000000 R14: 00007f17b54e5fa0 R15: 00007ffe0a3a8f78
[  469.744803][T14440]  </TASK>
[  470.080855][T14443] bond3: entered promiscuous mode
[  470.085993][T14443] bond3: entered allmulticast mode
[  470.114005][T14443] 8021q: adding VLAN 0 to HW filter on device bond3
[  470.154630][T14450] loop2: detected capacity change from 0 to 512
[  470.182684][T14450] EXT4-fs: Ignoring removed nomblk_io_submit option
[  470.228197][T14450] ext4 filesystem being mounted at /171/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  470.319669][T14461] bond4: entered promiscuous mode
[  470.324803][T14461] bond4: entered allmulticast mode
[  470.330538][T14461] 8021q: adding VLAN 0 to HW filter on device bond4
[  470.431935][T14461] loop0: detected capacity change from 0 to 512
[  470.447199][T14472] loop2: detected capacity change from 0 to 512
[  470.512247][T14461] EXT4-fs: Ignoring removed nomblk_io_submit option
[  470.519938][T14472] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3722: corrupted in-inode xattr: invalid ea_ino
[  470.567753][T14472] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3722: couldn't read orphan inode 15 (err -117)
[  470.580098][T14481] loop1: detected capacity change from 0 to 512
[  470.597674][T14481] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.3726: corrupted in-inode xattr: invalid ea_ino
[  470.665921][T14472] Invalid ELF header magic: != ELF
[  470.671418][T14481] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.3726: couldn't read orphan inode 15 (err -117)
[  470.693533][T14461] ext4 filesystem being mounted at /94/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  470.917329][T14487] loop6: detected capacity change from 0 to 512
[  470.943383][T14487] ext4 filesystem being mounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  471.695935][T14493] loop2: detected capacity change from 0 to 512
[  471.711691][T14493] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3730: corrupted in-inode xattr: invalid ea_ino
[  471.712387][T14493] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3730: couldn't read orphan inode 15 (err -117)
[  471.828932][T14495] loop1: detected capacity change from 0 to 128
[  472.020707][T14499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  472.041311][T14499] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  472.047874][T14511] loop2: detected capacity change from 0 to 512
[  472.057091][T14499] loop0: detected capacity change from 0 to 1024
[  472.073875][T14499] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  472.082662][T14511] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  472.108198][T14511] EXT4-fs (loop2): 1 truncate cleaned up
[  472.180745][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3737'.
[  472.211727][T14517] loop2: detected capacity change from 0 to 512
[  472.224558][T14517] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3738: corrupted in-inode xattr: invalid ea_ino
[  472.248624][T14517] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3738: couldn't read orphan inode 15 (err -117)
[  472.320393][T14495] bio_check_eod: 270 callbacks suppressed
[  472.320408][T14495] syz.1.3727: attempt to access beyond end of device
[  472.320408][T14495] loop1: rw=2049, sector=137, nr_sectors = 8 limit=128
[  472.366725][T14495] syz.1.3727: attempt to access beyond end of device
[  472.366725][T14495] loop1: rw=2049, sector=153, nr_sectors = 8 limit=128
[  472.392388][T14495] syz.1.3727: attempt to access beyond end of device
[  472.392388][T14495] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[  472.407643][T14495] syz.1.3727: attempt to access beyond end of device
[  472.407643][T14495] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[  472.421214][T14495] syz.1.3727: attempt to access beyond end of device
[  472.421214][T14495] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[  472.436406][T14495] syz.1.3727: attempt to access beyond end of device
[  472.436406][T14495] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[  472.446330][T14525] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3742'.
[  472.450418][T14495] syz.1.3727: attempt to access beyond end of device
[  472.450418][T14495] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[  472.472531][T14495] syz.1.3727: attempt to access beyond end of device
[  472.472531][T14495] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128
[  472.487999][T14495] syz.1.3727: attempt to access beyond end of device
[  472.487999][T14495] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[  472.501663][T14495] syz.1.3727: attempt to access beyond end of device
[  472.501663][T14495] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[  472.552437][T14532] loop2: detected capacity change from 0 to 512
[  472.564890][T14532] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  472.593016][T14532] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.3744: invalid indirect mapped block 4294967295 (level 1)
[  472.601924][T14533] loop6: detected capacity change from 0 to 2048
[  472.615367][T14533] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  472.658739][T14532] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.3744: invalid indirect mapped block 4294967295 (level 1)
[  472.675062][T14536] loop5: detected capacity change from 0 to 512
[  472.684559][T14532] EXT4-fs (loop2): 2 truncates cleaned up
[  472.686729][T14536] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  472.714932][T14536] EXT4-fs (loop5): 1 truncate cleaned up
[  472.717400][T14540] loop1: detected capacity change from 0 to 512
[  472.731815][T14536] hub 6-0:1.0: USB hub found
[  472.741496][T14536] hub 6-0:1.0: 8 ports detected
[  472.771939][T14540] ext4 filesystem being mounted at /205/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  472.774233][T14543] loop0: detected capacity change from 0 to 512
[  472.793177][T14543] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  472.816169][T14543] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.3748: invalid indirect mapped block 4294967295 (level 1)
[  472.830750][T14543] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.3748: invalid indirect mapped block 4294967295 (level 1)
[  472.848689][T14543] EXT4-fs (loop0): 2 truncates cleaned up
[  472.914507][T14556] loop0: detected capacity change from 0 to 512
[  472.932641][T14556] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.3752: corrupted in-inode xattr: invalid ea_ino
[  472.948384][T14556] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3752: couldn't read orphan inode 15 (err -117)
[  472.976235][T14556] Invalid ELF header magic: != ELF
[  473.017431][T14562] FAULT_INJECTION: forcing a failure.
[  473.017431][T14562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.030794][T14562] CPU: 1 UID: 0 PID: 14562 Comm: syz.1.3755 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  473.030837][T14562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  473.030852][T14562] Call Trace:
[  473.030861][T14562]  <TASK>
[  473.030870][T14562]  __dump_stack+0x1d/0x30
[  473.030897][T14562]  dump_stack_lvl+0xe8/0x140
[  473.030919][T14562]  dump_stack+0x15/0x1b
[  473.030939][T14562]  should_fail_ex+0x265/0x280
[  473.031044][T14562]  should_fail+0xb/0x20
[  473.031077][T14562]  should_fail_usercopy+0x1a/0x20
[  473.031215][T14562]  _copy_to_user+0x20/0xa0
[  473.031240][T14562]  simple_read_from_buffer+0xb5/0x130
[  473.031273][T14562]  proc_fail_nth_read+0x100/0x140
[  473.031296][T14562]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  473.031387][T14562]  vfs_read+0x1a0/0x6f0
[  473.031425][T14562]  ? __rcu_read_unlock+0x4f/0x70
[  473.031446][T14562]  ? __fget_files+0x184/0x1c0
[  473.031474][T14562]  ksys_read+0xda/0x1a0
[  473.031568][T14562]  __x64_sys_read+0x40/0x50
[  473.031599][T14562]  x64_sys_call+0x2d77/0x2fb0
[  473.031651][T14562]  do_syscall_64+0xd2/0x200
[  473.031675][T14562]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  473.031760][T14562]  ? clear_bhb_loop+0x40/0x90
[  473.031787][T14562]  ? clear_bhb_loop+0x40/0x90
[  473.031816][T14562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.031844][T14562] RIP: 0033:0x7f2de02dd33c
[  473.031872][T14562] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  473.031896][T14562] RSP: 002b:00007f2dde947030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  473.032000][T14562] RAX: ffffffffffffffda RBX: 00007f2de0505fa0 RCX: 00007f2de02dd33c
[  473.032015][T14562] RDX: 000000000000000f RSI: 00007f2dde9470a0 RDI: 0000000000000004
[  473.032030][T14562] RBP: 00007f2dde947090 R08: 0000000000000000 R09: 0000000000000000
[  473.032045][T14562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.032059][T14562] R13: 0000000000000000 R14: 00007f2de0505fa0 R15: 00007ffc5b656c48
[  473.032084][T14562]  </TASK>
[  473.264454][T14567] loop2: detected capacity change from 0 to 512
[  473.280319][T14570] loop6: detected capacity change from 0 to 512
[  473.287425][T14570] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  473.297896][T14567] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  473.309656][T14567] EXT4-fs (loop2): 1 truncate cleaned up
[  473.327635][T14570] EXT4-fs (loop6): 1 truncate cleaned up
[  473.408129][T14580] FAULT_INJECTION: forcing a failure.
[  473.408129][T14580] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.421415][T14580] CPU: 0 UID: 0 PID: 14580 Comm: syz.1.3763 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  473.421458][T14580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  473.421474][T14580] Call Trace:
[  473.421482][T14580]  <TASK>
[  473.421491][T14580]  __dump_stack+0x1d/0x30
[  473.421552][T14580]  dump_stack_lvl+0xe8/0x140
[  473.421570][T14580]  dump_stack+0x15/0x1b
[  473.421590][T14580]  should_fail_ex+0x265/0x280
[  473.421629][T14580]  should_fail+0xb/0x20
[  473.421733][T14580]  should_fail_usercopy+0x1a/0x20
[  473.421774][T14580]  _copy_from_user+0x1c/0xb0
[  473.421800][T14580]  ___sys_sendmsg+0xc1/0x1d0
[  473.421859][T14580]  __x64_sys_sendmsg+0xd4/0x160
[  473.421899][T14580]  x64_sys_call+0x2999/0x2fb0
[  473.421972][T14580]  do_syscall_64+0xd2/0x200
[  473.421994][T14580]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  473.422026][T14580]  ? clear_bhb_loop+0x40/0x90
[  473.422052][T14580]  ? clear_bhb_loop+0x40/0x90
[  473.422143][T14580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.422169][T14580] RIP: 0033:0x7f2de02de929
[  473.422187][T14580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.422210][T14580] RSP: 002b:00007f2dde947038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  473.422234][T14580] RAX: ffffffffffffffda RBX: 00007f2de0505fa0 RCX: 00007f2de02de929
[  473.422249][T14580] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  473.422305][T14580] RBP: 00007f2dde947090 R08: 0000000000000000 R09: 0000000000000000
[  473.422317][T14580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.422328][T14580] R13: 0000000000000000 R14: 00007f2de0505fa0 R15: 00007ffc5b656c48
[  473.422425][T14580]  </TASK>
[  473.664793][T14587] loop0: detected capacity change from 0 to 512
[  473.672429][T14587] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  473.714520][T14587] EXT4-fs (loop0): orphan cleanup on readonly fs
[  473.721770][T14587] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3761: bg 0: block 248: padding at end of block bitmap is not set
[  473.738058][T14587] __quota_error: 315 callbacks suppressed
[  473.738076][T14587] Quota error (device loop0): write_blk: dquota write failed
[  473.751306][T14587] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  473.761305][T14587] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3761: Failed to acquire dquot type 1
[  473.773959][T14589] program syz.6.3764 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  473.785936][T14587] EXT4-fs (loop0): 1 truncate cleaned up
[  473.810733][T14593] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3766'.
[  473.832213][T14592] bond6: entered promiscuous mode
[  473.837528][T14592] bond6: entered allmulticast mode
[  473.843133][T14592] 8021q: adding VLAN 0 to HW filter on device bond6
[  473.876865][T14596] loop2: detected capacity change from 0 to 512
[  473.888468][T14592] loop1: detected capacity change from 0 to 512
[  473.910199][T14592] EXT4-fs: Ignoring removed nomblk_io_submit option
[  473.919333][T14596] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  473.957278][T14592] ext4 filesystem being mounted at /213/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  474.465825][   T29] audit: type=1400 audit(1749929982.004:6819): avc:  denied  { bind } for  pid=14603 comm="syz.6.3772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  474.539802][   T29] audit: type=1326 audit(1749929982.079:6820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14607 comm="syz.6.3774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7735e929 code=0x7ffc0000
[  474.567177][T14608] loop6: detected capacity change from 0 to 512
[  474.606107][T14608] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  474.673745][   T29] audit: type=1326 audit(1749929982.107:6821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14607 comm="syz.6.3774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7735e929 code=0x7ffc0000
[  474.697662][   T29] audit: type=1326 audit(1749929982.107:6822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14607 comm="syz.6.3774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f4a7735e929 code=0x7ffc0000
[  474.721357][   T29] audit: type=1326 audit(1749929982.107:6823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14607 comm="syz.6.3774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7735e929 code=0x7ffc0000
[  474.744974][   T29] audit: type=1326 audit(1749929982.107:6824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14607 comm="syz.6.3774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7735e929 code=0x7ffc0000
[  474.768514][   T29] audit: type=1326 audit(1749929982.107:6825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14607 comm="syz.6.3774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4a7735e929 code=0x7ffc0000
[  474.792122][   T29] audit: type=1326 audit(1749929982.107:6826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14607 comm="syz.6.3774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4a7735e963 code=0x7ffc0000
[  474.890669][T14608] EXT4-fs (loop6): 1 truncate cleaned up
[  474.913503][T14608] EXT4-fs mount: 122 callbacks suppressed
[  474.913521][T14608] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  475.217488][T14634] bond4: entered promiscuous mode
[  475.222640][T14634] bond4: entered allmulticast mode
[  475.249890][T10727] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.277929][T14634] 8021q: adding VLAN 0 to HW filter on device bond4
[  475.380671][T14632] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.394485][T14632] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  475.432665][T12995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.433962][T14646] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3787'.
[  475.456084][T14632] loop5: detected capacity change from 0 to 1024
[  475.472617][T14632] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  475.493643][T14653] loop2: detected capacity change from 0 to 512
[  475.505595][T14653] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  475.559345][T14653] EXT4-fs (loop2): 1 truncate cleaned up
[  475.566438][T14653] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  475.581455][T14657] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3791'.
[  475.626855][T12129] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.659069][T14665] loop1: detected capacity change from 0 to 512
[  475.671079][T14665] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  475.699541][T14665] EXT4-fs (loop1): 1 truncate cleaned up
[  475.705406][T14672] loop0: detected capacity change from 0 to 512
[  475.706025][T14665] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  475.731657][T14672] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  475.744866][T14672] ext4 filesystem being mounted at /106/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  475.762013][T14675] loop6: detected capacity change from 0 to 2048
[  475.770561][T14675] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  475.793314][T11394] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.898550][T14681] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3800'.
[  475.981157][T14687] loop1: detected capacity change from 0 to 512
[  475.983323][T14687] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.3803: corrupted in-inode xattr: invalid ea_ino
[  476.001706][T14687] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.3803: couldn't read orphan inode 15 (err -117)
[  476.002206][T14687] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  476.035158][T11394] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.165120][T14699] netlink: 'syz.5.3808': attribute type 2 has an invalid length.
[  476.165218][T14699] netlink: 'syz.5.3808': attribute type 8 has an invalid length.
[  476.165244][T14699] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3808'.
[  476.196320][T14701] loop5: detected capacity change from 0 to 512
[  476.207694][T14701] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3809: corrupted in-inode xattr: invalid ea_ino
[  476.208035][T14701] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3809: couldn't read orphan inode 15 (err -117)
[  476.208948][T14701] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  476.265569][ T9713] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.313674][T14706] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3811'.
[  476.352058][T14708] bond4: entered promiscuous mode
[  476.352080][T14708] bond4: entered allmulticast mode
[  476.352262][T14708] 8021q: adding VLAN 0 to HW filter on device bond4
[  476.403534][T14713] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.458426][T14711] loop1: detected capacity change from 0 to 128
[  476.481146][T14713] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.493702][T14717] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3814'.
[  476.493731][T14717] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3814'.
[  476.535718][T14713] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.587993][T14721] loop2: detected capacity change from 0 to 512
[  476.662142][T14713] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.689027][T14721] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  476.699865][T12995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.730624][T14721] EXT4-fs (loop2): 1 truncate cleaned up
[  476.823781][T14721] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  476.884971][T14713] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  476.981071][T14713] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  477.026455][T12129] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  477.102800][T14713] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  477.123687][T14733] netlink: 'syz.0.3819': attribute type 2 has an invalid length.
[  477.131631][T14733] netlink: 'syz.0.3819': attribute type 8 has an invalid length.
[  477.204539][T14713] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  477.235886][T14735] loop2: detected capacity change from 0 to 512
[  477.304717][T14735] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3820: corrupted in-inode xattr: invalid ea_ino
[  477.517459][T14738] loop0: detected capacity change from 0 to 512
[  477.546203][T14735] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3820: couldn't read orphan inode 15 (err -117)
[  477.571920][T14738] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.3821: corrupted in-inode xattr: invalid ea_ino
[  477.607632][T14735] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  477.641362][T14738] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3821: couldn't read orphan inode 15 (err -117)
[  477.697811][T14738] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  477.718750][T12129] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  477.814599][T14743] bond5: entered promiscuous mode
[  477.819697][T14743] bond5: entered allmulticast mode
[  477.838933][T12995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  477.848704][T14748] __nla_validate_parse: 2 callbacks suppressed
[  477.848721][T14748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3823'.
[  477.878615][T14743] 8021q: adding VLAN 0 to HW filter on device bond5
[  477.982409][T14757] loop2: detected capacity change from 0 to 512
[  477.991455][T14756] loop5: detected capacity change from 0 to 512
[  478.030534][T14756] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  478.051543][T14757] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3828: corrupted in-inode xattr: invalid ea_ino
[  478.085026][T14756] EXT4-fs (loop5): 1 truncate cleaned up
[  478.095087][T14757] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3828: couldn't read orphan inode 15 (err -117)
[  478.107635][T14756] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  478.121355][T14757] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  478.287002][T14764] loop1: detected capacity change from 0 to 512
[  478.300693][T14764] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  478.341051][ T9713] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.353572][T14764] EXT4-fs (loop1): orphan cleanup on readonly fs
[  478.365895][T14764] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3830: bg 0: block 248: padding at end of block bitmap is not set
[  478.380596][T14764] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3830: Failed to acquire dquot type 1
[  478.392563][T14764] EXT4-fs (loop1): 1 truncate cleaned up
[  478.399007][T14764] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  478.428134][T12129] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.543444][T14767] loop6: detected capacity change from 0 to 128
[  478.697876][T14767] bio_check_eod: 218 callbacks suppressed
[  478.697898][T14767] syz.6.3831: attempt to access beyond end of device
[  478.697898][T14767] loop6: rw=2049, sector=137, nr_sectors = 8 limit=128
[  478.808690][T14767] syz.6.3831: attempt to access beyond end of device
[  478.808690][T14767] loop6: rw=2049, sector=153, nr_sectors = 8 limit=128
[  478.911569][T14773] bond5: entered promiscuous mode
[  478.916796][T14773] bond5: entered allmulticast mode
[  478.928846][T14767] syz.6.3831: attempt to access beyond end of device
[  478.928846][T14767] loop6: rw=2049, sector=169, nr_sectors = 8 limit=128
[  478.958613][T14773] 8021q: adding VLAN 0 to HW filter on device bond5
[  478.980256][T14775] loop0: detected capacity change from 0 to 512
[  479.000698][T14775] EXT4-fs: Ignoring removed nomblk_io_submit option
[  479.016655][T14767] syz.6.3831: attempt to access beyond end of device
[  479.016655][T14767] loop6: rw=2049, sector=185, nr_sectors = 8 limit=128
[  479.032179][T14775] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  479.054358][T14775] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  479.064808][T14767] syz.6.3831: attempt to access beyond end of device
[  479.064808][T14767] loop6: rw=2049, sector=201, nr_sectors = 8 limit=128
[  479.153062][   T29] kauditd_printk_skb: 368 callbacks suppressed
[  479.153076][   T29] audit: type=1326 audit(1749929996.393:7193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.193741][T14767] syz.6.3831: attempt to access beyond end of device
[  479.193741][T14767] loop6: rw=2049, sector=217, nr_sectors = 8 limit=128
[  479.216775][T14782] loop2: detected capacity change from 0 to 512
[  479.262601][T14782] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3833: corrupted in-inode xattr: invalid ea_ino
[  479.321961][   T29] audit: type=1326 audit(1749929996.430:7194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.345615][   T29] audit: type=1326 audit(1749929996.449:7195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.369285][   T29] audit: type=1326 audit(1749929996.449:7196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.392885][   T29] audit: type=1326 audit(1749929996.449:7197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.416541][   T29] audit: type=1326 audit(1749929996.449:7198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.440595][   T29] audit: type=1326 audit(1749929996.449:7199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.464229][   T29] audit: type=1326 audit(1749929996.449:7200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.487765][   T29] audit: type=1326 audit(1749929996.449:7201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.511409][   T29] audit: type=1326 audit(1749929996.449:7202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14779 comm="syz.5.3832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  479.553884][T14767] syz.6.3831: attempt to access beyond end of device
[  479.553884][T14767] loop6: rw=2049, sector=233, nr_sectors = 8 limit=128
[  479.609989][T14782] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3833: couldn't read orphan inode 15 (err -117)
[  479.631851][T14767] syz.6.3831: attempt to access beyond end of device
[  479.631851][T14767] loop6: rw=2049, sector=249, nr_sectors = 8 limit=128
[  479.656208][T14790] program syz.5.3837 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  479.684699][T14767] syz.6.3831: attempt to access beyond end of device
[  479.684699][T14767] loop6: rw=2049, sector=265, nr_sectors = 8 limit=128
[  479.702163][T14782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  479.736540][T14767] syz.6.3831: attempt to access beyond end of device
[  479.736540][T14767] loop6: rw=2049, sector=281, nr_sectors = 8 limit=128
[  479.767415][T14792] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3839'.
[  479.777571][T12995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.795306][T12129] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.803145][T11394] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.822403][T14794] loop5: detected capacity change from 0 to 512
[  479.856329][T14794] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3841: corrupted in-inode xattr: invalid ea_ino
[  479.897846][T14794] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3841: couldn't read orphan inode 15 (err -117)
[  479.900622][T14801] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=48 sclass=netlink_audit_socket pid=14801 comm=syz.1.3842
[  479.990070][T14794] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  480.020410][T14807] bond7: entered promiscuous mode
[  480.025523][T14807] bond7: entered allmulticast mode
[  480.052483][T14812] loop0: detected capacity change from 0 to 512
[  480.063367][T14807] 8021q: adding VLAN 0 to HW filter on device bond7
[  480.076835][T14794] Invalid ELF header magic: != ELF
[  480.086151][T14807] loop1: detected capacity change from 0 to 512
[  480.093445][T14807] EXT4-fs: Ignoring removed nomblk_io_submit option
[  480.175325][T14807] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.176297][T14812] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.3846: corrupted in-inode xattr: invalid ea_ino
[  480.202223][ T9713] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.208231][T14815] bond5: entered promiscuous mode
[  480.216428][T14815] bond5: entered allmulticast mode
[  480.217437][T14807] ext4 filesystem being mounted at /235/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  480.223046][T14812] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3846: couldn't read orphan inode 15 (err -117)
[  480.232707][T14815] 8021q: adding VLAN 0 to HW filter on device bond5
[  480.269217][T14815] loop2: detected capacity change from 0 to 512
[  480.276182][T14815] EXT4-fs: Ignoring removed nomblk_io_submit option
[  480.286774][T14812] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  480.309493][T14815] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.322317][T14815] ext4 filesystem being mounted at /199/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  480.344921][T12995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.355839][T12129] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.384251][T11394] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.420513][T14832] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3852'.
[  480.464288][T14836] loop6: detected capacity change from 0 to 512
[  480.492596][T14838] bond8: entered promiscuous mode
[  480.497817][T14838] bond8: entered allmulticast mode
[  480.506063][T14847] program syz.2.3858 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  480.515692][T14838] 8021q: adding VLAN 0 to HW filter on device bond8
[  480.516746][T14836] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.549836][T14836] ext4 filesystem being mounted at /271/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  480.577264][T14849] bond6: entered promiscuous mode
[  480.577286][T14849] bond6: entered allmulticast mode
[  480.579288][T14849] 8021q: adding VLAN 0 to HW filter on device bond6
[  480.600385][T14838] loop1: detected capacity change from 0 to 512
[  480.600979][T14838] EXT4-fs: Ignoring removed nomblk_io_submit option
[  480.638255][T14838] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.638345][T14838] ext4 filesystem being mounted at /236/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  480.683886][T11394] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.706936][T14849] loop2: detected capacity change from 0 to 512
[  480.737560][T14849] EXT4-fs: Ignoring removed nomblk_io_submit option
[  480.747905][T14859] loop1: detected capacity change from 0 to 512
[  480.757334][T14859] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.3862: corrupted in-inode xattr: invalid ea_ino
[  480.757476][T14859] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.3862: couldn't read orphan inode 15 (err -117)
[  480.758022][T14859] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  480.761374][T14849] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.794395][T14864] loop0: detected capacity change from 0 to 512
[  480.808232][T14849] ext4 filesystem being mounted at /203/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  480.861554][T11394] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.886568][T14864] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  480.888712][T14864] EXT4-fs (loop0): 1 truncate cleaned up
[  480.921053][T14864] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  481.098895][T12995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.185163][T12129] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.202028][T14873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  481.202227][T14873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  481.206247][T14873] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3865'.
[  481.206333][T14873] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3865'.
[  481.331584][T14875] loop5: detected capacity change from 0 to 512
[  481.339301][T14875] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  481.366278][T14875] EXT4-fs (loop5): 1 truncate cleaned up
[  481.367683][T14875] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  481.370404][T14875] hub 6-0:1.0: USB hub found
[  481.370462][T14875] hub 6-0:1.0: 8 ports detected
[  482.011188][T14878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3870'.
[  482.087805][ T9713] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  482.112264][T10727] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  482.152356][T14880] loop0: detected capacity change from 0 to 2048
[  482.211737][T14880] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  482.303723][T14890] loop6: detected capacity change from 0 to 512
[  482.313708][T14888] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3871'.
[  482.340650][T14890] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.3872: corrupted in-inode xattr: invalid ea_ino
[  482.368174][T14890] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.3872: couldn't read orphan inode 15 (err -117)
[  482.394538][T14890] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  482.423829][T10727] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  482.473265][T14894] loop2: detected capacity change from 0 to 2048
[  482.480062][T14894] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  482.755548][T14902] loop0: detected capacity change from 0 to 512
[  482.781997][T14902] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  482.808694][T14902] EXT4-fs (loop0): 1 truncate cleaned up
[  482.818706][T14902] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  482.889227][T12995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  482.937036][T14910] bond9: entered promiscuous mode
[  482.942224][T14910] bond9: entered allmulticast mode
[  482.948088][T14910] 8021q: adding VLAN 0 to HW filter on device bond9
[  482.959470][T14912] loop6: detected capacity change from 0 to 512
[  482.966763][T14912] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  482.976508][T14912] EXT4-fs (loop6): orphan cleanup on readonly fs
[  482.983672][T14912] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3877: bg 0: block 248: padding at end of block bitmap is not set
[  482.998447][T14912] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.3877: Failed to acquire dquot type 1
[  483.010293][T14912] EXT4-fs (loop6): 1 truncate cleaned up
[  483.082879][T14910] loop1: detected capacity change from 0 to 512
[  483.115717][T14910] EXT4-fs: Ignoring removed nomblk_io_submit option
[  483.179155][T14910] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.223895][T14910] ext4 filesystem being mounted at /240/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  483.274868][T14927] loop5: detected capacity change from 0 to 512
[  483.284021][T14928] loop2: detected capacity change from 0 to 512
[  483.309866][T14928] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  483.320611][T14927] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3885: corrupted in-inode xattr: invalid ea_ino
[  483.364332][T14928] EXT4-fs (loop2): 1 truncate cleaned up
[  483.391703][T14927] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3885: couldn't read orphan inode 15 (err -117)
[  483.404179][T14928] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.426097][T14927] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  483.473331][T14928] hub 6-0:1.0: USB hub found
[  483.490890][T14928] hub 6-0:1.0: 8 ports detected
[  483.915759][T14912] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  483.932378][ T9713] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  483.943294][T11394] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.136368][T14941] loop0: detected capacity change from 0 to 512
[  484.163622][T14941] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  484.175860][T14936] loop5: detected capacity change from 0 to 128
[  484.199864][T14944] loop1: detected capacity change from 0 to 512
[  484.210674][T12129] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.242189][T14941] EXT4-fs (loop0): 1 truncate cleaned up
[  484.248275][T14941] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.271963][T14944] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  484.331357][T14944] EXT4-fs (loop1): 1 truncate cleaned up
[  484.348287][T14944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.371854][T14941] hub 6-0:1.0: USB hub found
[  484.387636][T14941] hub 6-0:1.0: 8 ports detected
[  484.446752][T11394] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.491722][T14936] bio_check_eod: 104 callbacks suppressed
[  484.491742][T14936] syz.5.3887: attempt to access beyond end of device
[  484.491742][T14936] loop5: rw=2049, sector=137, nr_sectors = 8 limit=128
[  484.517510][T14936] syz.5.3887: attempt to access beyond end of device
[  484.517510][T14936] loop5: rw=2049, sector=153, nr_sectors = 8 limit=128
[  484.526514][T10727] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.531023][T14936] syz.5.3887: attempt to access beyond end of device
[  484.531023][T14936] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  484.553696][T14936] syz.5.3887: attempt to access beyond end of device
[  484.553696][T14936] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[  484.568690][T14936] syz.5.3887: attempt to access beyond end of device
[  484.568690][T14936] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  484.583215][T14936] syz.5.3887: attempt to access beyond end of device
[  484.583215][T14936] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[  484.613541][T14936] syz.5.3887: attempt to access beyond end of device
[  484.613541][T14936] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  484.630457][T14954] loop6: detected capacity change from 0 to 512
[  484.650031][   T29] kauditd_printk_skb: 317 callbacks suppressed
[  484.650061][   T29] audit: type=1326 audit(1749930011.540:7518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14955 comm="syz.1.3894" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x0
[  484.651754][T14954] ext4 filesystem being mounted at /278/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  484.703467][T14936] syz.5.3887: attempt to access beyond end of device
[  484.703467][T14936] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[  484.731952][T14959] program syz.1.3894 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  484.763371][T14936] syz.5.3887: attempt to access beyond end of device
[  484.763371][T14936] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128
[  484.806095][T14936] syz.5.3887: attempt to access beyond end of device
[  484.806095][T14936] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128
[  485.147082][T14963] loop5: detected capacity change from 0 to 512
[  485.149591][T14963] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3896: corrupted in-inode xattr: invalid ea_ino
[  485.174804][T14966] loop0: detected capacity change from 0 to 512
[  485.175758][T14966] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  485.192136][T14966] EXT4-fs (loop0): 1 truncate cleaned up
[  485.206759][T14963] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3896: couldn't read orphan inode 15 (err -117)
[  485.212546][T14966] hub 6-0:1.0: USB hub found
[  485.235361][T14966] hub 6-0:1.0: 8 ports detected
[  485.302551][   T29] audit: type=1326 audit(1749930012.148:7519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.302684][   T29] audit: type=1326 audit(1749930012.148:7520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.302948][   T29] audit: type=1326 audit(1749930012.148:7521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.303370][   T29] audit: type=1326 audit(1749930012.148:7522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.303587][   T29] audit: type=1326 audit(1749930012.148:7523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.303759][   T29] audit: type=1326 audit(1749930012.148:7524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.303948][   T29] audit: type=1326 audit(1749930012.148:7525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.304308][   T29] audit: type=1326 audit(1749930012.148:7526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.304497][   T29] audit: type=1326 audit(1749930012.148:7527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14970 comm="syz.5.3900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x7ffc0000
[  485.443677][T14979] loop5: detected capacity change from 0 to 512
[  485.521578][T14981] loop0: detected capacity change from 0 to 512
[  485.565207][T14981] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  485.566066][T14981] EXT4-fs (loop0): orphan cleanup on readonly fs
[  485.566531][T14981] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3899: bg 0: block 248: padding at end of block bitmap is not set
[  485.567027][T14981] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3899: Failed to acquire dquot type 1
[  485.577302][T14981] EXT4-fs (loop0): 1 truncate cleaned up
[  485.590688][T14979] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  485.590713][T14979] EXT4-fs (loop5): failed to open journal device unknown-block(8,3) -6
[  485.631516][T14984] loop2: detected capacity change from 0 to 512
[  485.634700][T14984] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3904: corrupted in-inode xattr: invalid ea_ino
[  485.634869][T14984] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3904: couldn't read orphan inode 15 (err -117)
[  485.646008][T14979] lo speed is unknown, defaulting to 1000
[  485.653325][T14986] sctp: [Deprecated]: syz.1.3905 (pid 14986) Use of struct sctp_assoc_value in delayed_ack socket option.
[  485.653325][T14986] Use struct sctp_sack_info instead
[  485.672610][T14984] Invalid ELF header magic: != ELF
[  485.694448][T14979] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3903'.
[  485.694959][T14986] loop1: detected capacity change from 0 to 2048
[  485.697545][T14986] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (61694!=46274)
[  485.697641][T14986] EXT4-fs (loop1): group descriptors corrupted!
[  485.719437][T14979] SELinux: syz.5.3903 (14979) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  485.726679][T14979] loop5: detected capacity change from 0 to 512
[  485.758153][T14991] netlink: 'syz.1.3907': attribute type 2 has an invalid length.
[  485.758188][T14991] netlink: 'syz.1.3907': attribute type 8 has an invalid length.
[  485.758231][T14991] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3907'.
[  485.762544][T14979] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  485.775111][T14979] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3903: invalid indirect mapped block 4294967295 (level 1)
[  485.775954][T14979] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3903: invalid indirect mapped block 4294967295 (level 1)
[  485.778382][T14979] EXT4-fs (loop5): 2 truncates cleaned up
[  485.819719][T14997] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3908'.
[  485.896488][T15003] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3912'.
[  485.981094][T15007] loop1: detected capacity change from 0 to 2048
[  486.050007][T15007] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  486.108095][T15012] loop5: detected capacity change from 0 to 512
[  486.149201][T15012] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  486.162429][T15012] EXT4-fs (loop5): 1 truncate cleaned up
[  486.173742][T15019] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  486.182678][T15019] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  486.192877][T15019] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3918'.
[  486.201952][T15019] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3918'.
[  486.248706][T15021] netlink: 'syz.5.3919': attribute type 2 has an invalid length.
[  486.256737][T15021] netlink: 'syz.5.3919': attribute type 8 has an invalid length.
[  486.264600][T15021] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3919'.
[  486.312032][T15027] loop5: detected capacity change from 0 to 512
[  486.329243][T15027] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3922: corrupted in-inode xattr: invalid ea_ino
[  486.357818][T15027] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3922: couldn't read orphan inode 15 (err -117)
[  486.376786][T15030] loop0: detected capacity change from 0 to 512
[  486.384514][T15030] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  486.428120][T15030] EXT4-fs (loop0): orphan cleanup on readonly fs
[  486.435273][T15030] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3920: bg 0: block 248: padding at end of block bitmap is not set
[  486.452248][T15030] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3920: Failed to acquire dquot type 1
[  486.464728][T15030] EXT4-fs (loop0): 1 truncate cleaned up
[  487.708731][T15040] bond7: entered promiscuous mode
[  487.713897][T15040] bond7: entered allmulticast mode
[  487.721014][T15035] loop6: detected capacity change from 0 to 128
[  487.737026][T15040] 8021q: adding VLAN 0 to HW filter on device bond7
[  487.757013][T15048] loop5: detected capacity change from 0 to 512
[  487.788720][T15040] loop2: detected capacity change from 0 to 512
[  487.795572][T15040] EXT4-fs: Ignoring removed nomblk_io_submit option
[  487.854367][T15048] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3923: corrupted in-inode xattr: invalid ea_ino
[  487.874196][T15040] ext4 filesystem being mounted at /213/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  487.936433][T15048] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3923: couldn't read orphan inode 15 (err -117)
[  488.239782][T15065] loop2: detected capacity change from 0 to 512
[  488.252184][T15065] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  488.271798][T15065] EXT4-fs (loop2): 1 truncate cleaned up
[  488.309209][T15067] bond10: entered promiscuous mode
[  488.314560][T15067] bond10: entered allmulticast mode
[  488.333291][T15067] 8021q: adding VLAN 0 to HW filter on device bond10
[  488.364941][T15067] loop1: detected capacity change from 0 to 512
[  488.372357][T15067] EXT4-fs: Ignoring removed nomblk_io_submit option
[  488.408356][T15067] ext4 filesystem being mounted at /252/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  488.593625][T15084] bond6: entered promiscuous mode
[  488.598745][T15084] bond6: entered allmulticast mode
[  488.617727][T15084] 8021q: adding VLAN 0 to HW filter on device bond6
[  488.635731][T15089] loop1: detected capacity change from 0 to 512
[  488.653854][T15084] loop5: detected capacity change from 0 to 512
[  488.661004][T15084] EXT4-fs: Ignoring removed nomblk_io_submit option
[  488.668365][T15089] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  488.697189][T15089] EXT4-fs (loop1): 1 truncate cleaned up
[  488.714984][T15084] ext4 filesystem being mounted at /451/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  488.763350][T15094] bond11: entered promiscuous mode
[  488.768551][T15094] bond11: entered allmulticast mode
[  488.774235][T15094] 8021q: adding VLAN 0 to HW filter on device bond11
[  488.821584][T15094] loop1: detected capacity change from 0 to 512
[  488.844058][T15094] EXT4-fs: Ignoring removed nomblk_io_submit option
[  488.874668][T15104] loop5: detected capacity change from 0 to 512
[  488.883841][T15104] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3947: corrupted in-inode xattr: invalid ea_ino
[  488.898686][T15104] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3947: couldn't read orphan inode 15 (err -117)
[  488.905183][T15094] ext4 filesystem being mounted at /255/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  488.941435][T15104] Invalid ELF header magic: != ELF
[  488.957397][T15109] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3948'.
[  489.079330][T15117] loop1: detected capacity change from 0 to 2048
[  489.110630][T15116] loop0: detected capacity change from 0 to 8192
[  489.112843][T15117] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  489.233533][T15123] loop5: detected capacity change from 0 to 128
[  489.310147][T15121] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  489.321595][T15121] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.335460][T15121] loop6: detected capacity change from 0 to 1024
[  489.342754][T15121] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  489.366791][T15130] loop2: detected capacity change from 0 to 512
[  489.401814][T15130] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3956: corrupted in-inode xattr: invalid ea_ino
[  489.432058][T15130] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3956: couldn't read orphan inode 15 (err -117)
[  489.464277][T15130] Invalid ELF header magic: != ELF
[  489.504527][T15133] loop2: detected capacity change from 0 to 512
[  489.524115][T15133] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3957: corrupted in-inode xattr: invalid ea_ino
[  489.558597][T15133] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3957: couldn't read orphan inode 15 (err -117)
[  489.631167][T15139] bond8: entered promiscuous mode
[  489.636446][T15139] bond8: entered allmulticast mode
[  489.642291][T15139] 8021q: adding VLAN 0 to HW filter on device bond8
[  489.664117][T15139] loop2: detected capacity change from 0 to 512
[  489.671239][T15139] EXT4-fs: Ignoring removed nomblk_io_submit option
[  489.694388][T15139] ext4 filesystem being mounted at /220/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  489.949667][T15155] loop5: detected capacity change from 0 to 512
[  489.956847][T15155] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  489.968644][T15155] EXT4-fs (loop5): 1 truncate cleaned up
[  489.975951][T15155] hub 6-0:1.0: USB hub found
[  489.981376][T15155] hub 6-0:1.0: 8 ports detected
[  489.992485][T15157] program syz.2.3962 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  490.057459][T15163] loop6: detected capacity change from 0 to 512
[  490.065191][T15163] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  490.106027][T15169] loop0: detected capacity change from 0 to 512
[  490.112266][T15171] loop1: detected capacity change from 0 to 512
[  490.119946][T15163] EXT4-fs (loop6): 1 truncate cleaned up
[  490.136720][T15169] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.3969: corrupted in-inode xattr: invalid ea_ino
[  490.159929][T15169] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3969: couldn't read orphan inode 15 (err -117)
[  490.161263][T15171] ext4 filesystem being mounted at /259/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  490.272063][T15178] bond6: entered promiscuous mode
[  490.272087][T15178] bond6: entered allmulticast mode
[  490.272261][T15178] 8021q: adding VLAN 0 to HW filter on device bond6
[  490.293655][T15178] loop0: detected capacity change from 0 to 512
[  490.294200][T15178] EXT4-fs: Ignoring removed nomblk_io_submit option
[  490.310010][T15178] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  490.390177][T15186] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3974'.
[  490.490513][T15188] loop6: detected capacity change from 0 to 2048
[  490.490888][T15188] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  490.603031][T15196] bond7: entered promiscuous mode
[  490.603053][T15196] bond7: entered allmulticast mode
[  490.603255][T15196] 8021q: adding VLAN 0 to HW filter on device bond7
[  490.637229][T15196] loop0: detected capacity change from 0 to 512
[  490.637718][T15196] EXT4-fs: Ignoring removed nomblk_io_submit option
[  490.671376][T15196] ext4 filesystem being mounted at /138/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  490.802648][T15202] bond9: entered promiscuous mode
[  490.802671][T15202] bond9: entered allmulticast mode
[  490.802814][T15202] 8021q: adding VLAN 0 to HW filter on device bond9
[  490.825018][T15202] loop2: detected capacity change from 0 to 512
[  490.825382][T15202] EXT4-fs: Ignoring removed nomblk_io_submit option
[  490.859710][T15202] ext4 filesystem being mounted at /224/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  490.906276][T15207] FAULT_INJECTION: forcing a failure.
[  490.906276][T15207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  490.906302][T15207] CPU: 0 UID: 0 PID: 15207 Comm: syz.5.3979 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  490.906345][T15207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  490.906360][T15207] Call Trace:
[  490.906366][T15207]  <TASK>
[  490.906372][T15207]  __dump_stack+0x1d/0x30
[  490.906392][T15207]  dump_stack_lvl+0xe8/0x140
[  490.906417][T15207]  dump_stack+0x15/0x1b
[  490.906508][T15207]  should_fail_ex+0x265/0x280
[  490.906597][T15207]  should_fail+0xb/0x20
[  490.906701][T15207]  should_fail_usercopy+0x1a/0x20
[  490.906755][T15207]  _copy_from_user+0x1c/0xb0
[  490.906775][T15207]  __sys_bpf+0x178/0x790
[  490.906937][T15207]  __x64_sys_bpf+0x41/0x50
[  490.906970][T15207]  x64_sys_call+0x2478/0x2fb0
[  490.907005][T15207]  do_syscall_64+0xd2/0x200
[  490.907024][T15207]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  490.907054][T15207]  ? clear_bhb_loop+0x40/0x90
[  490.907075][T15207]  ? clear_bhb_loop+0x40/0x90
[  490.907101][T15207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.907168][T15207] RIP: 0033:0x7f9587a0e929
[  490.907187][T15207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.907209][T15207] RSP: 002b:00007f9586077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  490.907232][T15207] RAX: ffffffffffffffda RBX: 00007f9587c35fa0 RCX: 00007f9587a0e929
[  490.907248][T15207] RDX: 0000000000000020 RSI: 00002000000003c0 RDI: 0000000000000002
[  490.907263][T15207] RBP: 00007f9586077090 R08: 0000000000000000 R09: 0000000000000000
[  490.907277][T15207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.907313][T15207] R13: 0000000000000000 R14: 00007f9587c35fa0 R15: 00007ffe164d0668
[  490.907337][T15207]  </TASK>
[  490.986974][T15213] loop2: detected capacity change from 0 to 512
[  491.014177][T15213] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3982: corrupted in-inode xattr: invalid ea_ino
[  491.172501][T15213] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3982: couldn't read orphan inode 15 (err -117)
[  491.184824][T15219] loop0: detected capacity change from 0 to 512
[  491.208103][T15219] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  491.214903][T15219] EXT4-fs (loop0): 1 truncate cleaned up
[  491.314263][T15230] loop2: detected capacity change from 0 to 512
[  491.314425][T15222] bond7: entered promiscuous mode
[  491.325743][T15222] bond7: entered allmulticast mode
[  491.337517][T15222] 8021q: adding VLAN 0 to HW filter on device bond7
[  491.356745][T15230] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  491.385788][T15222] loop5: detected capacity change from 0 to 512
[  491.410654][T15238] loop0: detected capacity change from 0 to 512
[  491.411809][T15222] EXT4-fs: Ignoring removed nomblk_io_submit option
[  491.428200][T15238] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  491.447665][T15238] EXT4-fs (loop0): 1 truncate cleaned up
[  491.450467][T15238] hub 6-0:1.0: USB hub found
[  491.450617][T15238] hub 6-0:1.0: 8 ports detected
[  491.464529][T15240] loop1: detected capacity change from 0 to 512
[  491.480477][T15240] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  491.495326][T15222] ext4 filesystem being mounted at /463/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  491.496132][T15240] EXT4-fs (loop1): failed to open journal device unknown-block(8,3) -6
[  491.548018][   T29] kauditd_printk_skb: 314 callbacks suppressed
[  491.548033][   T29] audit: type=1326 audit(1749930017.985:7838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15239 comm="syz.1.3992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  491.548245][   T29] audit: type=1326 audit(1749930017.985:7839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15239 comm="syz.1.3992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2de02e0847 code=0x7ffc0000
[  491.548524][   T29] audit: type=1326 audit(1749930017.985:7840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15239 comm="syz.1.3992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  491.590788][T15240] lo speed is unknown, defaulting to 1000
[  491.602028][   T29] audit: type=1326 audit(1749930018.022:7841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15239 comm="syz.1.3992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  491.679292][T15249] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3992'.
[  491.691676][   T29] audit: type=1326 audit(1749930018.116:7842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15239 comm="syz.1.3992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  491.691773][   T29] audit: type=1326 audit(1749930018.116:7843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15239 comm="syz.1.3992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  491.726745][T15251] loop5: detected capacity change from 0 to 512
[  491.740246][T15251] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3995: corrupted in-inode xattr: invalid ea_ino
[  491.775336][T15251] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3995: couldn't read orphan inode 15 (err -117)
[  491.836161][T15256] loop5: detected capacity change from 0 to 512
[  491.842472][T15254] dummy0: entered promiscuous mode
[  491.861646][T15256] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  491.868190][T15256] EXT4-fs (loop5): 1 truncate cleaned up
[  491.922306][T15259] FAULT_INJECTION: forcing a failure.
[  491.922306][T15259] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  491.935635][T15259] CPU: 1 UID: 0 PID: 15259 Comm: syz.5.3998 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  491.935662][T15259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  491.935675][T15259] Call Trace:
[  491.935682][T15259]  <TASK>
[  491.935691][T15259]  __dump_stack+0x1d/0x30
[  491.935730][T15259]  dump_stack_lvl+0xe8/0x140
[  491.935754][T15259]  dump_stack+0x15/0x1b
[  491.935775][T15259]  should_fail_ex+0x265/0x280
[  491.935809][T15259]  should_fail+0xb/0x20
[  491.935855][T15259]  should_fail_usercopy+0x1a/0x20
[  491.935902][T15259]  _copy_from_user+0x1c/0xb0
[  491.935926][T15259]  __sys_bpf+0x178/0x790
[  491.935969][T15259]  __x64_sys_bpf+0x41/0x50
[  491.936004][T15259]  x64_sys_call+0x2478/0x2fb0
[  491.936094][T15259]  do_syscall_64+0xd2/0x200
[  491.936137][T15259]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  491.936171][T15259]  ? clear_bhb_loop+0x40/0x90
[  491.936205][T15259]  ? clear_bhb_loop+0x40/0x90
[  491.936302][T15259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.936332][T15259] RIP: 0033:0x7f9587a0e929
[  491.936360][T15259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.936382][T15259] RSP: 002b:00007f9586077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  491.936405][T15259] RAX: ffffffffffffffda RBX: 00007f9587c35fa0 RCX: 00007f9587a0e929
[  491.936420][T15259] RDX: 0000000000000018 RSI: 0000200000000040 RDI: 0000000000000009
[  491.936484][T15259] RBP: 00007f9586077090 R08: 0000000000000000 R09: 0000000000000000
[  491.936520][T15259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  491.936533][T15259] R13: 0000000000000000 R14: 00007f9587c35fa0 R15: 00007ffe164d0668
[  491.936558][T15259]  </TASK>
[  491.992665][T15263] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4000'.
[  492.073770][T15264] bond12: entered promiscuous mode
[  492.131734][T15264] bond12: entered allmulticast mode
[  492.132256][T15264] 8021q: adding VLAN 0 to HW filter on device bond12
[  492.147645][T15261] loop1: detected capacity change from 0 to 512
[  492.157729][T15269] loop5: detected capacity change from 0 to 2048
[  492.165148][T15269] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  492.183608][T15261] EXT4-fs: Ignoring removed nomblk_io_submit option
[  492.203715][T15261] ext4 filesystem being mounted at /263/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  492.334129][   T29] audit: type=1326 audit(1749930018.724:7844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15275 comm="syz.0.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b52be929 code=0x7ffc0000
[  492.334171][   T29] audit: type=1326 audit(1749930018.724:7845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15275 comm="syz.0.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b52be929 code=0x7ffc0000
[  492.334399][T15274] loop6: detected capacity change from 0 to 512
[  492.335179][T15274] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  492.335295][T15274] EXT4-fs (loop6): failed to open journal device unknown-block(8,3) -6
[  492.338813][   T29] audit: type=1326 audit(1749930018.724:7846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15273 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a7735e929 code=0x7ffc0000
[  492.340625][   T29] audit: type=1326 audit(1749930018.724:7847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15273 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4a77360847 code=0x7ffc0000
[  492.349761][T15274] lo speed is unknown, defaulting to 1000
[  492.389855][T15274] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4002'.
[  492.453393][T15278] SELinux: syz.6.4002 (15278) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  492.627750][T15286] loop0: detected capacity change from 0 to 512
[  492.634271][T15290] loop2: detected capacity change from 0 to 512
[  492.663220][T15290] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4007: corrupted in-inode xattr: invalid ea_ino
[  492.687483][T15290] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4007: couldn't read orphan inode 15 (err -117)
[  492.720629][T15286] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  492.828941][T15303] bond3: entered promiscuous mode
[  492.828965][T15303] bond3: entered allmulticast mode
[  492.829281][T15303] 8021q: adding VLAN 0 to HW filter on device bond3
[  492.846459][T15305] bond10: entered promiscuous mode
[  492.856357][T15305] bond10: entered allmulticast mode
[  492.856604][T15305] 8021q: adding VLAN 0 to HW filter on device bond10
[  492.868793][T15303] loop6: detected capacity change from 0 to 512
[  492.878218][T15303] EXT4-fs: Ignoring removed nomblk_io_submit option
[  492.900534][T15303] ext4 filesystem being mounted at /297/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  492.913879][T15305] loop2: detected capacity change from 0 to 512
[  492.916470][T15305] EXT4-fs: Ignoring removed nomblk_io_submit option
[  492.976642][T15305] ext4 filesystem being mounted at /231/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  493.188556][T15331] netlink: 'syz.5.4022': attribute type 2 has an invalid length.
[  493.188596][T15331] netlink: 'syz.5.4022': attribute type 8 has an invalid length.
[  493.188623][T15331] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4022'.
[  493.221018][T15334] loop2: detected capacity change from 0 to 512
[  493.226868][T15334] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4024: corrupted in-inode xattr: invalid ea_ino
[  493.227109][T15334] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4024: couldn't read orphan inode 15 (err -117)
[  493.306748][T15341] bond8: entered promiscuous mode
[  493.306766][T15341] bond8: entered allmulticast mode
[  493.306943][T15341] 8021q: adding VLAN 0 to HW filter on device bond8
[  493.333095][T15337] loop5: detected capacity change from 0 to 512
[  493.333667][T15337] EXT4-fs: Ignoring removed nomblk_io_submit option
[  493.357258][T15337] ext4 filesystem being mounted at /473/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  493.456984][T15345] loop2: detected capacity change from 0 to 128
[  493.523172][T15357] bond9: entered promiscuous mode
[  493.523198][T15357] bond9: entered allmulticast mode
[  493.523444][T15357] 8021q: adding VLAN 0 to HW filter on device bond9
[  493.579298][T15368] netlink: 'syz.6.4035': attribute type 2 has an invalid length.
[  493.579342][T15368] netlink: 'syz.6.4035': attribute type 8 has an invalid length.
[  493.579364][T15368] netlink: 132 bytes leftover after parsing attributes in process `syz.6.4035'.
[  493.607174][T15369] loop5: detected capacity change from 0 to 512
[  493.665984][T15373] loop1: detected capacity change from 0 to 512
[  493.667181][T15369] EXT4-fs: Ignoring removed nomblk_io_submit option
[  493.678434][T15373] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.4037: corrupted in-inode xattr: invalid ea_ino
[  493.678750][T15373] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.4037: couldn't read orphan inode 15 (err -117)
[  493.711738][T15369] ext4 filesystem being mounted at /474/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  493.808707][T15383] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4040'.
[  493.839201][T15385] loop1: detected capacity change from 0 to 512
[  493.840205][T15385] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  493.840223][T15385] EXT4-fs (loop1): failed to open journal device unknown-block(8,3) -6
[  493.901717][T15385] lo speed is unknown, defaulting to 1000
[  493.943620][T15389] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4041'.
[  493.962233][T15389] SELinux: syz.1.4041 (15389) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  493.975750][T15345] bio_check_eod: 316 callbacks suppressed
[  493.975771][T15345] syz.2.4027: attempt to access beyond end of device
[  493.975771][T15345] loop2: rw=2049, sector=137, nr_sectors = 8 limit=128
[  494.044965][T15345] syz.2.4027: attempt to access beyond end of device
[  494.044965][T15345] loop2: rw=2049, sector=153, nr_sectors = 8 limit=128
[  494.065809][T15345] syz.2.4027: attempt to access beyond end of device
[  494.065809][T15345] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[  494.079561][T15345] syz.2.4027: attempt to access beyond end of device
[  494.079561][T15345] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[  494.101390][T15345] syz.2.4027: attempt to access beyond end of device
[  494.101390][T15345] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[  494.120651][T15398] netlink: 'syz.6.4046': attribute type 2 has an invalid length.
[  494.128733][T15398] netlink: 'syz.6.4046': attribute type 8 has an invalid length.
[  494.136666][T15398] netlink: 132 bytes leftover after parsing attributes in process `syz.6.4046'.
[  494.159390][T15345] syz.2.4027: attempt to access beyond end of device
[  494.159390][T15345] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[  494.191726][T15345] syz.2.4027: attempt to access beyond end of device
[  494.191726][T15345] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[  494.215553][T15345] syz.2.4027: attempt to access beyond end of device
[  494.215553][T15345] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[  494.229416][T15345] syz.2.4027: attempt to access beyond end of device
[  494.229416][T15345] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[  494.232582][T15401] loop1: detected capacity change from 0 to 512
[  494.243104][T15345] syz.2.4027: attempt to access beyond end of device
[  494.243104][T15345] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[  494.300706][T15401] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  494.309535][T15401] EXT4-fs (loop1): failed to open journal device unknown-block(8,3) -6
[  494.361255][T15401] lo speed is unknown, defaulting to 1000
[  494.406797][T15411] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4047'.
[  494.432489][T15411] SELinux: syz.1.4047 (15411) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  494.512321][T15414] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4052'.
[  494.561523][T15417] loop1: detected capacity change from 0 to 512
[  494.575780][T15417] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  494.592959][T15420] loop6: detected capacity change from 0 to 512
[  494.604156][T15417] EXT4-fs (loop1): 1 truncate cleaned up
[  494.633366][T15420] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  494.643167][T15420] EXT4-fs (loop6): failed to open journal device unknown-block(8,3) -6
[  494.667875][T15417] hub 6-0:1.0: USB hub found
[  494.675266][T15420] lo speed is unknown, defaulting to 1000
[  494.679534][T15417] hub 6-0:1.0: 8 ports detected
[  494.760159][T15431] loop6: detected capacity change from 0 to 512
[  494.774513][T15431] ext4 filesystem being mounted at /317/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  495.232402][T15440] loop5: detected capacity change from 0 to 512
[  495.233057][T15440] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  495.249418][T15440] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4060: invalid indirect mapped block 4294967295 (level 1)
[  495.249630][T15440] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4060: invalid indirect mapped block 4294967295 (level 1)
[  495.249951][T15440] EXT4-fs (loop5): 2 truncates cleaned up
[  495.267299][T15435] loop0: detected capacity change from 0 to 128
[  495.727033][T15464] loop6: detected capacity change from 0 to 512
[  495.755160][T15464] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  495.764022][T15464] EXT4-fs (loop6): failed to open journal device unknown-block(8,3) -6
[  495.774161][T15462] loop1: detected capacity change from 0 to 128
[  495.960579][T15464] lo speed is unknown, defaulting to 1000
[  496.010495][T15470] SELinux: syz.6.4067 (15470) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  496.251199][T15489] loop6: detected capacity change from 0 to 512
[  496.283153][T15489] ext4 filesystem being mounted at /321/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  496.399226][T15496] loop0: detected capacity change from 0 to 512
[  496.401083][T15496] EXT4-fs: Ignoring removed nomblk_io_submit option
[  496.427976][T15497] program syz.5.4080 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  496.442162][T15496] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  496.507362][T15501] bond8: entered promiscuous mode
[  496.507386][T15501] bond8: entered allmulticast mode
[  496.507918][T15501] 8021q: adding VLAN 0 to HW filter on device bond8
[  496.541419][T15501] loop0: detected capacity change from 0 to 512
[  496.542043][T15501] EXT4-fs: Ignoring removed nomblk_io_submit option
[  496.559011][T15501] ext4 filesystem being mounted at /151/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  496.964564][   T29] kauditd_printk_skb: 433 callbacks suppressed
[  496.964578][   T29] audit: type=1326 audit(1749930053.056:8281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15515 comm="syz.2.4088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f60c538e929 code=0x7ffc0000
[  496.976488][   T29] audit: type=1326 audit(1749930053.056:8282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.2.4088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c538e929 code=0x7ffc0000
[  497.041726][   T29] audit: type=1326 audit(1749930053.093:8283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.2.4088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c538e929 code=0x7ffc0000
[  497.063378][   T29] audit: type=1326 audit(1749930053.131:8284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15524 comm="syz.0.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f17b52be929 code=0x7ffc0000
[  497.090118][   T29] audit: type=1326 audit(1749930053.131:8285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15522 comm="syz.0.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b52be929 code=0x7ffc0000
[  497.113728][   T29] audit: type=1326 audit(1749930053.131:8286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15522 comm="syz.0.4091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b52be929 code=0x7ffc0000
[  497.173416][T15532] __nla_validate_parse: 5 callbacks suppressed
[  497.173434][T15532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4094'.
[  497.192268][T15532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4094'.
[  497.211053][T15532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4094'.
[  497.231970][   T29] audit: type=1326 audit(1749930053.299:8287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15535 comm="syz.2.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c538e929 code=0x7ffc0000
[  497.255656][   T29] audit: type=1326 audit(1749930053.299:8288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15535 comm="syz.2.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c538e929 code=0x7ffc0000
[  497.279458][   T29] audit: type=1326 audit(1749930053.308:8289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15535 comm="syz.2.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60c538e929 code=0x7ffc0000
[  497.279493][   T29] audit: type=1326 audit(1749930053.308:8290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15535 comm="syz.2.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60c538e929 code=0x7ffc0000
[  497.348728][T15544] loop0: detected capacity change from 0 to 512
[  497.349988][T15544] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  497.350011][T15544] EXT4-fs (loop0): failed to open journal device unknown-block(8,3) -6
[  497.404064][T15544] lo speed is unknown, defaulting to 1000
[  497.441266][T15552] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4099'.
[  497.447419][T15547] bond4: entered promiscuous mode
[  497.455446][T15547] bond4: entered allmulticast mode
[  497.461479][T15547] 8021q: adding VLAN 0 to HW filter on device bond4
[  497.481392][T15552] SELinux: syz.0.4099 (15552) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  497.502526][T15554] bond11: entered promiscuous mode
[  497.507776][T15554] bond11: entered allmulticast mode
[  497.513169][T15554] 8021q: adding VLAN 0 to HW filter on device bond11
[  497.527234][T15547] loop6: detected capacity change from 0 to 512
[  497.536997][T15554] loop2: detected capacity change from 0 to 512
[  497.543971][T15554] EXT4-fs: Ignoring removed nomblk_io_submit option
[  497.552341][T15547] EXT4-fs: Ignoring removed nomblk_io_submit option
[  497.559565][T15556] program syz.5.4101 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  497.579688][T15554] ext4 filesystem being mounted at /246/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  497.592683][T15547] ext4 filesystem being mounted at /324/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  497.734477][T15567] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4105'.
[  497.765326][T15571] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4107'.
[  497.820648][T15577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4110'.
[  497.880013][T15584] loop2: detected capacity change from 0 to 512
[  497.890967][T15584] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  497.899951][T15585] loop0: detected capacity change from 0 to 512
[  497.907074][T15584] EXT4-fs (loop2): failed to open journal device unknown-block(8,3) -6
[  497.907799][T15585] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  497.944307][T15584] lo speed is unknown, defaulting to 1000
[  497.954400][T15585] EXT4-fs (loop0): 1 truncate cleaned up
[  498.019637][T15575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.028183][T15575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.044184][T15575] loop6: detected capacity change from 0 to 1024
[  498.045743][T15588] loop0: detected capacity change from 0 to 512
[  498.051120][T15575] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  498.086922][T15588] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  498.125738][T15590] bond12: entered promiscuous mode
[  498.131004][T15590] bond12: entered allmulticast mode
[  498.143610][T15590] 8021q: adding VLAN 0 to HW filter on device bond12
[  498.151372][T15590] loop2: detected capacity change from 0 to 512
[  498.153522][T15590] EXT4-fs: Ignoring removed nomblk_io_submit option
[  498.188232][T15590] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  498.534189][T15616] loop2: detected capacity change from 0 to 128
[  498.784874][T15629] loop5: detected capacity change from 0 to 512
[  498.801297][T15629] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  498.801418][T15629] EXT4-fs (loop5): orphan cleanup on readonly fs
[  498.801566][T15629] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  498.801764][T15629] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  498.802119][T15629] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4131: bg 0: block 40: padding at end of block bitmap is not set
[  498.802292][T15629] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  498.802596][T15629] EXT4-fs (loop5): 1 truncate cleaned up
[  498.814679][T15629] pimreg3: entered allmulticast mode
[  498.815468][T15628] pimreg3: left allmulticast mode
[  498.938207][T15636] Invalid ELF header magic: != ELF
[  499.084719][T15646] loop1: detected capacity change from 0 to 512
[  499.120735][T15646] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  499.143144][T15648] loop5: detected capacity change from 0 to 128
[  499.164374][T15646] EXT4-fs (loop1): 1 truncate cleaned up
[  499.208662][T15646] hub 6-0:1.0: USB hub found
[  499.218158][T15658] loop5: detected capacity change from 0 to 512
[  499.221359][T15660] lo speed is unknown, defaulting to 1000
[  499.235311][T15646] hub 6-0:1.0: 8 ports detected
[  499.256036][T15658] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  499.286470][T15658] EXT4-fs (loop5): failed to open journal device unknown-block(8,3) -6
[  499.297236][T15660] netlink: 'syz.0.4143': attribute type 10 has an invalid length.
[  499.305162][T15660] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4143'.
[  499.314645][T15660] team0: entered promiscuous mode
[  499.323707][T15660] team_slave_0: entered promiscuous mode
[  499.329464][T15660] team_slave_1: entered promiscuous mode
[  499.335345][T15660] team0: entered allmulticast mode
[  499.346857][T15660] team_slave_0: entered allmulticast mode
[  499.352757][T15660] team_slave_1: entered allmulticast mode
[  499.357959][T15665] netlink: 'syz.2.4144': attribute type 1 has an invalid length.
[  499.360764][T15660] bridge0: port 3(team0) entered blocking state
[  499.372750][T15660] bridge0: port 3(team0) entered disabled state
[  499.381262][T15660] bridge0: port 3(team0) entered blocking state
[  499.387639][T15660] bridge0: port 3(team0) entered forwarding state
[  499.400040][T15655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  499.410869][T15668] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4142'.
[  499.420248][T15655] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  499.433193][T15655] loop6: detected capacity change from 0 to 1024
[  499.453813][T15655] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  499.470662][T15669] SELinux: syz.5.4142 (15669) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  499.494319][T15658] lo speed is unknown, defaulting to 1000
[  499.630355][T15680] loop2: detected capacity change from 0 to 512
[  499.660479][T15680] ext4 filesystem being mounted at /258/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  499.760886][T15695] bond9: entered promiscuous mode
[  499.760911][T15695] bond9: entered allmulticast mode
[  499.761045][T15695] 8021q: adding VLAN 0 to HW filter on device bond9
[  499.780925][T15684] loop5: detected capacity change from 0 to 128
[  499.792622][T15695] loop0: detected capacity change from 0 to 512
[  499.809921][T15695] EXT4-fs: Ignoring removed nomblk_io_submit option
[  499.821250][T15695] ext4 filesystem being mounted at /171/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  500.000477][T15705] loop5: detected capacity change from 0 to 128
[  500.189249][T15723] loop6: detected capacity change from 0 to 512
[  500.197478][T15723] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  500.197504][T15723] EXT4-fs (loop6): failed to open journal device unknown-block(8,3) -6
[  500.207938][T15722] loop1: detected capacity change from 0 to 512
[  500.220922][T15723] lo speed is unknown, defaulting to 1000
[  500.225087][T15722] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  500.254163][T15722] EXT4-fs (loop1): failed to open journal device unknown-block(8,3) -6
[  500.274372][T15722] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4165'.
[  500.321471][T15727] loop1: detected capacity change from 0 to 512
[  500.322332][T15727] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  500.323771][T15727] EXT4-fs (loop1): 1 truncate cleaned up
[  500.354149][T15725] loop0: detected capacity change from 0 to 128
[  500.400562][T15723] SELinux: syz.6.4166 (15723) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  500.419699][T15733] loop0: detected capacity change from 0 to 512
[  500.441806][T15733] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4169: corrupted in-inode xattr: invalid ea_ino
[  500.442036][T15733] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4169: couldn't read orphan inode 15 (err -117)
[  500.505537][T15733] Invalid ELF header magic: != ELF
[  500.648847][T15746] loop2: detected capacity change from 0 to 512
[  500.655819][T15746] EXT4-fs: Ignoring removed nomblk_io_submit option
[  500.683351][T15746] ext4 filesystem being mounted at /262/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  500.718003][T15750] loop2: detected capacity change from 0 to 512
[  500.727998][T15750] EXT4-fs: Ignoring removed nomblk_io_submit option
[  500.764234][T15750] ext4 filesystem being mounted at /263/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  500.808997][T15741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  500.831553][T15705] bio_check_eod: 442 callbacks suppressed
[  500.831572][T15705] syz.5.4159: attempt to access beyond end of device
[  500.831572][T15705] loop5: rw=2049, sector=137, nr_sectors = 8 limit=128
[  500.851155][T15741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  500.853699][T15705] syz.5.4159: attempt to access beyond end of device
[  500.853699][T15705] loop5: rw=2049, sector=153, nr_sectors = 8 limit=128
[  500.876952][T15705] syz.5.4159: attempt to access beyond end of device
[  500.876952][T15705] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  500.879266][T15741] loop0: detected capacity change from 0 to 1024
[  500.899975][T15705] syz.5.4159: attempt to access beyond end of device
[  500.899975][T15705] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[  500.900195][T15741] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  500.913721][T15705] syz.5.4159: attempt to access beyond end of device
[  500.913721][T15705] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  500.936890][T15705] syz.5.4159: attempt to access beyond end of device
[  500.936890][T15705] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[  500.950854][T15705] syz.5.4159: attempt to access beyond end of device
[  500.950854][T15705] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  500.964428][T15705] syz.5.4159: attempt to access beyond end of device
[  500.964428][T15705] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[  500.978007][T15705] syz.5.4159: attempt to access beyond end of device
[  500.978007][T15705] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128
[  500.991593][T15705] syz.5.4159: attempt to access beyond end of device
[  500.991593][T15705] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128
[  501.091519][T15768] loop5: detected capacity change from 0 to 512
[  501.121580][T15768] ext4 filesystem being mounted at /501/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  501.124385][T15774] loop2: detected capacity change from 0 to 512
[  501.159611][T15774] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4183: corrupted in-inode xattr: invalid ea_ino
[  501.173745][T15774] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4183: couldn't read orphan inode 15 (err -117)
[  501.202026][T15774] Invalid ELF header magic: != ELF
[  501.277389][T15779] loop2: detected capacity change from 0 to 512
[  501.288736][T15779] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  501.289769][T15781] loop1: detected capacity change from 0 to 512
[  501.306396][T15779] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4185: invalid indirect mapped block 4294967295 (level 1)
[  501.306560][T15779] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4185: invalid indirect mapped block 4294967295 (level 1)
[  501.306854][T15779] EXT4-fs (loop2): 2 truncates cleaned up
[  501.308392][T15781] EXT4-fs: Ignoring removed nomblk_io_submit option
[  501.411132][T15784] bond13: entered promiscuous mode
[  501.411149][T15784] bond13: entered allmulticast mode
[  501.411343][T15784] 8021q: adding VLAN 0 to HW filter on device bond13
[  501.415534][T15781] ext4 filesystem being mounted at /299/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  501.451474][T15784] loop2: detected capacity change from 0 to 512
[  501.451922][T15784] EXT4-fs: Ignoring removed nomblk_io_submit option
[  501.497189][T15784] ext4 filesystem being mounted at /270/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  501.511438][T15799] loop6: detected capacity change from 0 to 512
[  501.536026][T15799] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  501.536046][T15799] EXT4-fs (loop6): failed to open journal device unknown-block(8,3) -6
[  501.560305][T15799] lo speed is unknown, defaulting to 1000
[  501.584048][T15804] netlink: 'syz.0.4194': attribute type 2 has an invalid length.
[  501.596803][T15804] netlink: 'syz.0.4194': attribute type 8 has an invalid length.
[  501.696654][T15811] loop1: detected capacity change from 0 to 512
[  501.719685][T15811] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.4196: corrupted in-inode xattr: invalid ea_ino
[  501.823379][T15822] FAULT_INJECTION: forcing a failure.
[  501.823379][T15822] name failslab, interval 1, probability 0, space 0, times 0
[  501.835487][T15811] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.4196: couldn't read orphan inode 15 (err -117)
[  501.836106][T15822] CPU: 1 UID: 0 PID: 15822 Comm: syz.0.4200 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  501.836162][T15822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  501.836180][T15822] Call Trace:
[  501.836191][T15822]  <TASK>
[  501.836202][T15822]  __dump_stack+0x1d/0x30
[  501.836231][T15822]  dump_stack_lvl+0xe8/0x140
[  501.836260][T15822]  dump_stack+0x15/0x1b
[  501.836283][T15822]  should_fail_ex+0x265/0x280
[  501.836347][T15822]  should_failslab+0x8c/0xb0
[  501.836381][T15822]  kmem_cache_alloc_node_noprof+0x57/0x320
[  501.836418][T15822]  ? __alloc_skb+0x101/0x320
[  501.836536][T15822]  __alloc_skb+0x101/0x320
[  501.836573][T15822]  ? avc_has_perm+0xd3/0x150
[  501.836612][T15822]  alloc_skb_with_frags+0x7d/0x470
[  501.836704][T15822]  ? selinux_file_open+0x2df/0x330
[  501.836738][T15822]  ? __rcu_read_unlock+0x4f/0x70
[  501.836811][T15822]  sock_alloc_send_pskb+0x43a/0x4f0
[  501.836845][T15822]  ? terminate_walk+0x27f/0x2a0
[  501.836936][T15822]  tun_get_user+0x8d3/0x2500
[  501.836982][T15822]  ? ref_tracker_alloc+0x1f2/0x2f0
[  501.837027][T15822]  ? selinux_file_permission+0x1e4/0x320
[  501.837062][T15822]  tun_chr_write_iter+0x15e/0x210
[  501.837144][T15822]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  501.837179][T15822]  vfs_write+0x4a0/0x8e0
[  501.837230][T15822]  ksys_write+0xda/0x1a0
[  501.837335][T15822]  __x64_sys_write+0x40/0x50
[  501.837359][T15822]  x64_sys_call+0x2cdd/0x2fb0
[  501.837390][T15822]  do_syscall_64+0xd2/0x200
[  501.837481][T15822]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  501.837518][T15822]  ? clear_bhb_loop+0x40/0x90
[  501.837549][T15822]  ? clear_bhb_loop+0x40/0x90
[  501.837658][T15822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.837687][T15822] RIP: 0033:0x7f17b52be929
[  501.837707][T15822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.837733][T15822] RSP: 002b:00007f17b3927038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  501.837792][T15822] RAX: ffffffffffffffda RBX: 00007f17b54e5fa0 RCX: 00007f17b52be929
[  501.837810][T15822] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8
[  501.837835][T15822] RBP: 00007f17b3927090 R08: 0000000000000000 R09: 0000000000000000
[  501.837853][T15822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.837870][T15822] R13: 0000000000000000 R14: 00007f17b54e5fa0 R15: 00007ffe0a3a8f78
[  501.837896][T15822]  </TASK>
[  501.892599][T15828] loop2: detected capacity change from 0 to 512
[  501.920238][T15811] Invalid ELF header magic: != ELF
[  502.003938][T15828] EXT4-fs: Ignoring removed nomblk_io_submit option
[  502.137512][T15828] ext4 filesystem being mounted at /272/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  502.213027][T15844] loop6: detected capacity change from 0 to 512
[  502.229556][T15847] netlink: 'syz.5.4208': attribute type 2 has an invalid length.
[  502.237495][T15847] netlink: 'syz.5.4208': attribute type 8 has an invalid length.
[  502.252110][T15848] loop0: detected capacity change from 0 to 2048
[  502.267897][T15844] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  502.269628][T15848] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  502.303158][T15844] EXT4-fs (loop6): failed to open journal device unknown-block(8,3) -6
[  502.339662][T15855] loop2: detected capacity change from 0 to 512
[  502.355996][T15855] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  502.383097][   T29] kauditd_printk_skb: 274 callbacks suppressed
[  502.383115][   T29] audit: type=1326 audit(1749930088.123:8564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15852 comm="syz.5.4212" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9587a0e929 code=0x0
[  502.386296][T15855] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4213: invalid indirect mapped block 4294967295 (level 1)
[  502.413957][T15844] lo speed is unknown, defaulting to 1000
[  502.441066][T15855] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4213: invalid indirect mapped block 4294967295 (level 1)
[  502.463992][   T29] audit: type=1326 audit(1749930088.198:8565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.487671][   T29] audit: type=1326 audit(1749930088.198:8566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.498614][T15855] EXT4-fs (loop2): 2 truncates cleaned up
[  502.511433][   T29] audit: type=1326 audit(1749930088.198:8567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.531116][T15861] program syz.5.4212 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  502.540725][   T29] audit: type=1326 audit(1749930088.198:8568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.573828][   T29] audit: type=1326 audit(1749930088.198:8569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.583832][T15855] __nla_validate_parse: 7 callbacks suppressed
[  502.583855][T15855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4213'.
[  502.598174][   T29] audit: type=1326 audit(1749930088.217:8570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.636625][   T29] audit: type=1326 audit(1749930088.217:8571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.660279][   T29] audit: type=1326 audit(1749930088.217:8572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.683844][   T29] audit: type=1326 audit(1749930088.217:8573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15859 comm="syz.1.4214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f2de02de929 code=0x7ffc0000
[  502.715874][T15863] bond13: entered promiscuous mode
[  502.721036][T15863] bond13: entered allmulticast mode
[  502.726658][T15863] 8021q: adding VLAN 0 to HW filter on device bond13
[  502.774615][T15863] loop1: detected capacity change from 0 to 512
[  502.777892][T15867] loop2: detected capacity change from 0 to 512
[  502.785531][T15863] EXT4-fs: Ignoring removed nomblk_io_submit option
[  502.803893][T15867] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4216: corrupted in-inode xattr: invalid ea_ino
[  502.820236][T15867] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4216: couldn't read orphan inode 15 (err -117)
[  502.825821][T15869] bond5: entered promiscuous mode
[  502.837509][T15869] bond5: entered allmulticast mode
[  502.843285][T15869] 8021q: adding VLAN 0 to HW filter on device bond5
[  502.857392][T15863] ext4 filesystem being mounted at /306/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  502.874950][T15869] loop6: detected capacity change from 0 to 512
[  502.891413][T15869] EXT4-fs: Ignoring removed nomblk_io_submit option
[  502.900225][T15867] Invalid ELF header magic: != ELF
[  502.928835][T15869] ext4 filesystem being mounted at /345/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  502.965775][T15879] loop0: detected capacity change from 0 to 512
[  502.997904][T15879] ext4 filesystem being mounted at /183/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  503.276026][T15895] loop6: detected capacity change from 0 to 512
[  503.284804][T15895] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  503.284827][T15895] EXT4-fs (loop6): failed to open journal device unknown-block(8,3) -6
[  503.305484][T15899] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4226'.
[  503.334457][T15895] lo speed is unknown, defaulting to 1000
[  503.382286][T15903] loop5: detected capacity change from 0 to 512
[  503.389632][T15903] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  503.426041][T15895] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4224'.
[  503.451773][T15895] SELinux: syz.6.4224 (15895) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  503.470668][T15903] EXT4-fs (loop5): orphan cleanup on readonly fs
[  503.471231][T15903] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4225: bg 0: block 248: padding at end of block bitmap is not set
[  503.471652][T15903] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4225: Failed to acquire dquot type 1
[  503.473760][T15903] EXT4-fs (loop5): 1 truncate cleaned up
[  503.625384][T15908] bond14: entered promiscuous mode
[  503.625409][T15908] bond14: entered allmulticast mode
[  503.625587][T15908] 8021q: adding VLAN 0 to HW filter on device bond14
[  503.644941][T15911] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4229'.
[  503.707565][T15913] loop1: detected capacity change from 0 to 512
[  503.708117][T15913] EXT4-fs: Ignoring removed nomblk_io_submit option
[  503.721203][T15913] ext4 filesystem being mounted at /310/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  503.808692][T15916] loop6: detected capacity change from 0 to 2048
[  503.835373][T15916] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  504.554868][T15926] program syz.1.4232 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  504.685350][T15930] loop0: detected capacity change from 0 to 512
[  504.731747][T15930] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  504.794879][T15930] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4235: invalid indirect mapped block 4294967295 (level 1)
[  504.838189][T15940] loop1: detected capacity change from 0 to 512
[  504.873184][T15940] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  504.894675][T15930] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4235: invalid indirect mapped block 4294967295 (level 1)
[  504.941587][T15940] EXT4-fs (loop1): failed to open journal device unknown-block(8,3) -6
[  504.977184][T15930] EXT4-fs (loop0): 2 truncates cleaned up
[  504.997651][T15944] loop2: detected capacity change from 0 to 512
[  505.009339][T15930] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4235'.
[  505.046963][T15944] ext4 filesystem being mounted at /277/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  505.092417][T15940] lo speed is unknown, defaulting to 1000
[  505.106637][T15952] program syz.6.4244 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  505.126752][T15953] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4239'.
[  505.145018][T15955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4243'.
[  505.186551][T15940] SELinux: syz.1.4239 (15940) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  505.217761][T15959] netlink: 'syz.2.4245': attribute type 10 has an invalid length.
[  505.236386][T15959] team0: Port device dummy0 added
[  505.263298][T15968] loop1: detected capacity change from 0 to 512
[  505.266376][T15961] netlink: 'syz.2.4245': attribute type 10 has an invalid length.
[  505.283233][T15959] netlink: 'syz.2.4245': attribute type 10 has an invalid length.
[  505.291491][T15964] loop0: detected capacity change from 0 to 2048
[  505.292179][T15961] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  505.303870][T15964] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  505.318476][T15968] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.336875][T15971] loop6: detected capacity change from 0 to 512
[  505.343650][T15961] team0: Failed to send options change via netlink (err -105)
[  505.351287][T15961] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  505.360555][T15961] team0: Port device dummy0 removed
[  505.368540][T15961] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  505.399161][T15971] ext4 filesystem being mounted at /356/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.423683][T15975] FAULT_INJECTION: forcing a failure.
[  505.423683][T15975] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  505.437482][T15975] CPU: 1 UID: 0 PID: 15975 Comm: syz.2.4249 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  505.437517][T15975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  505.437534][T15975] Call Trace:
[  505.437541][T15975]  <TASK>
[  505.437550][T15975]  __dump_stack+0x1d/0x30
[  505.437605][T15975]  dump_stack_lvl+0xe8/0x140
[  505.437624][T15975]  dump_stack+0x15/0x1b
[  505.437784][T15975]  should_fail_ex+0x265/0x280
[  505.437820][T15975]  should_fail+0xb/0x20
[  505.437846][T15975]  should_fail_usercopy+0x1a/0x20
[  505.437962][T15975]  strncpy_from_user+0x25/0x230
[  505.437999][T15975]  path_setxattrat+0xeb/0x310
[  505.438046][T15975]  __x64_sys_fsetxattr+0x6b/0x80
[  505.438068][T15975]  x64_sys_call+0x2f7c/0x2fb0
[  505.438164][T15975]  do_syscall_64+0xd2/0x200
[  505.438182][T15975]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  505.438208][T15975]  ? clear_bhb_loop+0x40/0x90
[  505.438232][T15975]  ? clear_bhb_loop+0x40/0x90
[  505.438319][T15975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.438345][T15975] RIP: 0033:0x7f60c538e929
[  505.438364][T15975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.438385][T15975] RSP: 002b:00007f60c39f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  505.438408][T15975] RAX: ffffffffffffffda RBX: 00007f60c55b5fa0 RCX: 00007f60c538e929
[  505.438421][T15975] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000000000000008
[  505.438433][T15975] RBP: 00007f60c39f7090 R08: 0000000000000000 R09: 0000000000000000
[  505.438499][T15975] R10: 000000000000001e R11: 0000000000000246 R12: 0000000000000001
[  505.438515][T15975] R13: 0000000000000000 R14: 00007f60c55b5fa0 R15: 00007ffe747f8e48
[  505.438537][T15975]  </TASK>
[  505.656736][ T3507] ==================================================================
[  505.664888][ T3507] BUG: KCSAN: data-race in fill_mg_cmtime / shmem_symlink
[  505.672054][ T3507] 
[  505.674400][ T3507] write to 0xffff88810459bb14 of 4 bytes by task 6895 on cpu 1:
[  505.682080][ T3507]  shmem_symlink+0x387/0x3d0
[  505.686709][ T3507]  vfs_symlink+0xd1/0x1e0
[  505.691087][ T3507]  do_symlinkat+0xc7/0x3c0
[  505.695549][ T3507]  __x64_sys_symlink+0x50/0x60
[  505.700344][ T3507]  x64_sys_call+0x2d8d/0x2fb0
[  505.705054][ T3507]  do_syscall_64+0xd2/0x200
[  505.709568][ T3507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.715479][ T3507] 
[  505.717813][ T3507] read to 0xffff88810459bb14 of 4 bytes by task 3507 on cpu 0:
[  505.725367][ T3507]  fill_mg_cmtime+0x5b/0x260
[  505.729973][ T3507]  generic_fillattr+0x24a/0x340
[  505.734844][ T3507]  shmem_getattr+0x181/0x200
[  505.739450][ T3507]  vfs_getattr_nosec+0x146/0x1e0
[  505.744405][ T3507]  vfs_statx+0x113/0x390
[  505.748663][ T3507]  vfs_fstatat+0x115/0x170
[  505.753094][ T3507]  __se_sys_newfstatat+0x55/0x260
[  505.758157][ T3507]  __x64_sys_newfstatat+0x55/0x70
[  505.763202][ T3507]  x64_sys_call+0x2c22/0x2fb0
[  505.767895][ T3507]  do_syscall_64+0xd2/0x200
[  505.772408][ T3507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.778316][ T3507] 
[  505.780647][ T3507] value changed: 0x0b6edeab -> 0x0ba99172
[  505.786372][ T3507] 
[  505.788702][ T3507] Reported by Kernel Concurrency Sanitizer on:
[  505.794950][ T3507] CPU: 0 UID: 0 PID: 3507 Comm: udevd Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(voluntary) 
[  505.806941][ T3507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  505.817009][ T3507] ==================================================================
[  505.854011][T15977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  505.867908][T15977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  505.881735][T15977] loop5: detected capacity change from 0 to 1024
[  505.888861][T15977] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  505.964510][T15979] loop2: detected capacity change from 0 to 128