last executing test programs:

3m42.642929012s ago: executing program 32 (id=120):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES16=r0], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x6, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x0, &(0x7f00000000c0)})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x13012, r3, 0x0)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r4, 0x0, &(0x7f0000002740)=""/4078}, 0x20)

1m4.009567753s ago: executing program 5 (id=2986):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="25ac83fcb80c8b1d09df503b85132483464b879e1aa37f79521609b6749396b628a44fd025aff7db68ca3f9cd28e412766f860fda8743d65beed02bf7a4196210955d2f99ea8854e7047ebb5a18cd732c26b134871cb76ef98d71dddbee307068b1de6b64a985e1d5e7ad024db0dbd481edc29745ea9", @ANYBLOB="8a450200000000002400128009000100626f6e6400000000140002800500010006000000080002001506"], 0x44}}, 0x40)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r5 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffd, 0x32c, 0x0, r5}, &(0x7f00000001c0), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001240)={[{@grpquota}], [{@func={'func', 0x3d, 'FILE_MMAP'}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@smackfsfloor}, {@appraise_type}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x2}, 0x18)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={<r6=>0x0, @in6={{0xa, 0x4e22, 0x52d9, @private0, 0x7}}, 0x74f, 0xd560, 0x1ff, 0xfffffffa, 0x8001}, &(0x7f00000000c0)=0x98)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000100)={r6, 0x53, 0x8000}, 0x8)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})

1m3.768147693s ago: executing program 5 (id=2990):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0xa)

1m2.609700366s ago: executing program 5 (id=3007):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x4000)
r4 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2(&(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x84000)
read$hiddev(r7, &(0x7f0000000140)=""/189, 0xbd)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1400000010"], 0x54}, 0x1, 0x0, 0x0, 0x40820}, 0x0)
r8 = socket(0x2, 0x80805, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r9, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000200)={<r10=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r9, 0x84, 0x7a, &(0x7f0000000340)={<r11=>r10, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r8, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r8, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={r11, 0x3}, &(0x7f0000000240)=0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xb0}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000ec0)=@bloom_filter={0x1e, 0x1, 0xfffffffe, 0x1ff, 0x460, r1, 0xbd19, '\x00', 0x0, r6, 0x4, 0x4, 0x3, 0xe}, 0x50)
writev(r5, &(0x7f0000000040), 0x2)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="91c7900000000020000000fe00000000bc695d811d60664785b58ffb0d9bfc2a8e8f0b39e4317ebfd691c6a5f3041c54254ed7f40b2f820c0d54feb5a65c9d242da35cf6cf64d512c2a68bc0eaa71f010d11b64c11878ef1d0826a5e8a4e4698aaeb4f881127d047fef4e3b552a45d72efab4296b5294989d91bb165e9"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)

1m2.501555865s ago: executing program 33 (id=3007):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x4000)
r4 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe2(&(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x84000)
read$hiddev(r7, &(0x7f0000000140)=""/189, 0xbd)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1400000010"], 0x54}, 0x1, 0x0, 0x0, 0x40820}, 0x0)
r8 = socket(0x2, 0x80805, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r9, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000200)={<r10=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r9, 0x84, 0x7a, &(0x7f0000000340)={<r11=>r10, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r8, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r8, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={r11, 0x3}, &(0x7f0000000240)=0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xb0}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000ec0)=@bloom_filter={0x1e, 0x1, 0xfffffffe, 0x1ff, 0x460, r1, 0xbd19, '\x00', 0x0, r6, 0x4, 0x4, 0x3, 0xe}, 0x50)
writev(r5, &(0x7f0000000040), 0x2)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="91c7900000000020000000fe00000000bc695d811d60664785b58ffb0d9bfc2a8e8f0b39e4317ebfd691c6a5f3041c54254ed7f40b2f820c0d54feb5a65c9d242da35cf6cf64d512c2a68bc0eaa71f010d11b64c11878ef1d0826a5e8a4e4698aaeb4f881127d047fef4e3b552a45d72efab4296b5294989d91bb165e9"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)

57.789054564s ago: executing program 34 (id=3055):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0x1, <r4=>0xffffffffffffffff}, &(0x7f0000000280), &(0x7f00000002c0)=r1}, 0x20)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={<r5=>0x0, @initdev, @remote}, &(0x7f0000000480)=0xc)
r6 = dup(0xffffffffffffffff)
write$binfmt_script(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r7 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000540)=@generic={&(0x7f0000000500)='./file0\x00'}, 0x18)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x3, '\x00', 0x0, r6, 0x4, 0x4, 0x5}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000600)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x10, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000100000000000000010000001d9153ff1000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000cd041000ffffffff01070100fdffffff18120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7010000000000009500000000000000420c61adcdbe60a7bf7f2f134fed220891fd859b8fc8497fcfe286440da8e5fc78263ca35b761178aae449ef29415b10bcc70a30670bdc77ea7f301e1aaf32dba8cbad08fe94c5dd45fc7acb5e2ad5fdb42a3963bacea4a6928c2bd4fc674467358c18865d3917afc044129bf29807d710730da6c0855497b69e240d17d620e59d38d1cd4d5f098b9ed6afc282127ce8c59df3567761396245c77f272d59f70f758bc56f2b9c795c0eeff7606784363a05e86e50da13087df732689846cd9b5cb3c0ae2e843da0b138cddf8f282b9f196f57ac0dd62b1569e37faba6695400000000000000"], &(0x7f00000003c0)='GPL\x00', 0xa, 0x14, &(0x7f0000000400)=""/20, 0x40f00, 0x7, '\x00', r5, 0x0, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x3, 0x1, 0x1, 0x7}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000700)=[0x1, 0xffffffffffffffff, r1, r7, r8, r9], &(0x7f0000000740)=[{0x2, 0x1, 0x3, 0x6}, {0x1, 0x5, 0x6, 0x6}], 0x10, 0x8000}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r10}, 0x10)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r12, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x6, @remote, 0xfffffffc}}, 0x0, 0x0, 0x6, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
r13 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r13, 0x40086610, &(0x7f0000000140)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000900)=[@in6={0xa, 0x4e20, 0x0, @loopback}]}, &(0x7f00000002c0)=0x10)

54.585504563s ago: executing program 35 (id=3093):
syz_open_dev$loop(&(0x7f0000000180), 0xffffffffffffff80, 0xc2600)
socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000080)=0x6, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000021c0)=ANY=[@ANYBLOB="c811000022000106"], 0x11c8}], 0x1}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000004c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2000003, 0x13, r0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

51.340874564s ago: executing program 8 (id=3127):
r0 = syz_io_uring_setup(0x66e, &(0x7f0000000940)={0x0, 0x0, 0x10100, 0x0, 0x2e9}, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x40, 0x0, 0x1})
io_uring_enter(r0, 0x567, 0xfffffffd, 0x28, 0x0, 0x0) (fail_nth: 3)

51.032694189s ago: executing program 8 (id=3129):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000401000004000000c5000000881480008eee8f16b218b275bee7edbdcdd44dee47fcdd5d27604968444d6596fc1e10fa3a9e0dac7edd733b1af45476b6d784c56b3a0a18338d1126996d1805199973210379be12", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x3, &(0x7f00000001c0)=[{0x200000000006, 0x80, 0x0, 0x7ffc1ffb}, {0x40, 0x6, 0x1, 0x1}, {0x2, 0x9, 0xa5}]})
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0xe, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x4, @perf_config_ext={0xacf8, 0xf3}, 0x1100, 0x5ddc, 0x3a68, 0x5, 0x0, 0x8, 0x8697, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r2, &(0x7f0000007940)={&(0x7f00000008c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="2c000000000000000000000007000000441c05eb", @ANYRESOCT=r2, @ANYRES8=r2], 0x30}, 0x40880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000009df7000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r7=>0x0})
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x3, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xbab, 0x0, 0x272, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x1, 0x7, 0x4, 0xc, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0xfffc, 0x6}, {0xff}, 0x0, 0x7f}}]}}]}, 0x45c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_io_uring_setup(0x116, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'ip_vti0\x00', &(0x7f00000005c0)={'erspan0\x00', 0x0, 0x700, 0x7800, 0x9, 0xffffffff, {{0x19, 0x4, 0x0, 0x28, 0x64, 0x68, 0x0, 0x7, 0x2b, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x19}, {[@timestamp_prespec={0x44, 0x4, 0x80, 0x3, 0x5}, @cipso={0x86, 0x45, 0x2, [{0x6, 0x6, "bdd28718"}, {0x1, 0xf, "03091e502f2282ec2b099e24a5"}, {0x6, 0x5, "a41dae"}, {0x7, 0x5, "e477ef"}, {0x7, 0x11, "a1c907c0ba31bfa48f02766ddcbce4"}, {0x1, 0xd, "81dd8beabcaef79a2909d0"}, {0x7, 0x2}]}, @end, @generic={0x44, 0x3, "c0"}]}}}}})
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r9=>0x0})
bind$can_raw(r8, &(0x7f0000000000)={0x1d, r9}, 0x10)
setsockopt$CAN_RAW_FILTER(r8, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bind$can_raw(r8, &(0x7f0000000080), 0x10)
getrusage(0x1, &(0x7f0000000040))

50.539495458s ago: executing program 8 (id=3136):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x1004000, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200000006c8b, 0x37}, 0x7, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

49.477571024s ago: executing program 36 (id=3145):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x48002)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

49.097043895s ago: executing program 37 (id=3147):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_devices(r1, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000002300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$netlink(0x10, 0x3, 0x0)
r2 = syz_io_uring_setup(0x24fc, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r7, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READ_FIXED)
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

48.961644006s ago: executing program 8 (id=3151):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="25ac83fcb80c8b1d09df503b85132483464b879e1aa37f79521609b6749396b628a44fd025aff7db68ca3f9cd28e412766f860fda8743d65beed02bf7a4196210955d2f99ea8854e7047ebb5a18cd732c26b134871cb76ef98d71dddbee307068b1de6b64a985e1d5e7ad024db0dbd481edc29745ea9", @ANYBLOB="8a450200000000002400128009000100626f6e6400000000140002800500010006000000080002001506"], 0x44}}, 0x40)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffd, 0x32c, 0x0, r4}, &(0x7f00000001c0), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e22, 0x52d9, @private0, 0x7}}, 0x74f, 0xd560, 0x1ff, 0xfffffffa, 0x8001}, &(0x7f00000000c0)=0x98)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})

48.698919437s ago: executing program 8 (id=3153):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000100000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, 0x0, 0x0, 0xcbfb, 0x1, 0x60, 0x0, 0x5c})

47.177433229s ago: executing program 8 (id=3159):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02002c000b35d25a806f8c6394f90324fc602f1b02000a740100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000040)={@private1}, &(0x7f0000000080)=0x14)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x2}, 0x18)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r5, 0x108000)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x80, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
setsockopt$inet_int(r7, 0x0, 0xb, &(0x7f0000000000)=0x4, 0x4)

47.1756761s ago: executing program 38 (id=3159):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02002c000b35d25a806f8c6394f90324fc602f1b02000a740100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000040)={@private1}, &(0x7f0000000080)=0x14)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x2}, 0x18)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r5, 0x108000)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x80, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
setsockopt$inet_int(r7, 0x0, 0xb, &(0x7f0000000000)=0x4, 0x4)

42.893395864s ago: executing program 5 (id=3160):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="25ac83fcb80c8b1d09df503b85132483464b879e1aa37f79521609b6749396b628a44fd025aff7db68ca3f9cd28e412766f860fda8743d65beed02bf7a4196210955d2f99ea8854e7047ebb5a18cd732c26b134871cb76ef98d71dddbee307068b1de6b64a985e1d5e7ad024db0dbd481edc29745ea9", @ANYBLOB="8a450200000000002400128009000100626f6e6400000000140002800500010006000000080002001506"], 0x44}}, 0x40)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffd, 0x32c, 0x0, r4}, &(0x7f00000001c0), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e22, 0x52d9, @private0, 0x7}}, 0x74f, 0xd560, 0x1ff, 0xfffffffa, 0x8001}, &(0x7f00000000c0)=0x98)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})

41.772405605s ago: executing program 5 (id=3201):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x1000}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000100000028000000", @ANYRES32, @ANYBLOB="000000c9d5122994a22700"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
openat$nci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00', <r9=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f00000000c0))
sendmsg$nl_route_sched(r7, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x2, 0x0, 0x1, [@NETEM_LOSS_GE={0x18}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x4, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x9c}}, 0x0)

41.599746769s ago: executing program 7 (id=3205):
r0 = syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYRES32, @ANYRES8, @ANYRES64], 0x8, 0x2f6, &(0x7f0000001cc0)="$eJzs3EtPE10YwPGnV9oSaBdv3jevieFEN7qZQHWtNAYSYxMJUuMlMRlgqk3HlnQaTI3xsnJr/BAuCEt2JMoXYONON27csTFxIQtjTedCoQwgbWkR/r+EzMOc88ycc1qa5zS0G3fePC7mLS2vVyUYUxIQEdkUSUlQPAH3GLTjqGz3Ui4Ofv909tbdezcy2ezEtFKTmZlLaaXU8Mj7J8/ibrfVAVlPPdj4lv66/u/6/xu/Zh4VLFWwVKlcVbqaLX+p6rOmoeYLVlFTaso0dMtQhZJlVJz2stOeN8sLCzWll+aHEgsVw7KUXqqpolFT1bKqVmoq9FAvlJSmaWooIThIbml6Ws+0mTzX5cHgiFQqGT0kIvFdLbmlvgwIAAD0VWv9HxTVzfp/+dxadfD2yrBb/69G/er/y5+da+2o/2Mi4lv/e/f3rf/1w9X/uyui06Wj+h/Hw0h016lAM2w0VjJ6wv37tb26vzxqB9T/AAAAAAAAAAAAAAAAAAAAAAD8DTbr9WS9Xk96R+9nQERiIuL97pMaEpGrfRgyuqiDxx8nQPODe+FhEfP1Ym4x5xzdDmsiYooho5KUn/bzwdWIvU8eqYaUfDBfOPkD7suDSCYvBTt/TJIRaeaH3HjyenZiTDma+Y1jRBLb89OSlH9a7+/kp33zo3Lh/LZ8TZLycU7KYsq8fe9m/vMxpa7dzLbkx+1+AAAAAACcBJraktq5/3X275q2V7uTv7W/bn1/INTcX4/67s/Dcibc37kDAAAAAHBaWLWnRd00jco+QVwO7tN+ED6iK3sz/NMs738Zjm6m+wTezXc0xdyTnVw54rcsgUMsyx5BUNrJGmnMRnW6Yt7bRnv1kanx3j+CdvDf23c/ureYV1ZiB8y0/SC0/xMg0rMXIAAAAAA90yz6vTPj/R0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACnUC++Ha3fcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOi98BAAD//xPfAEw=")
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = dup(r1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e24, 0x648, @local, 0x1}}, 0x13fffffe, 0x31, 0xffff1896, 0x1, 0xd4, 0x0, 0x1b}, 0x9c)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r5, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)

41.522260765s ago: executing program 7 (id=3206):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x200, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@noblock_validity}, {@jqfmt_vfsv1}, {@nodelalloc}, {@errors_remount}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@resgid, 0x32}]}, 0x1e, 0x4e0, &(0x7f0000001a40)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYX/AYIy10Kc+9aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4UuwQWUqtzweOdO7Rvfqeo4uO7rn3cBVA3zoVEacj4kG1Wj0bEcON8kwjxWY91da7f+/WTC0lUa1e/SyJSOpltdXGtrznkcZmByPir3+K+EfyZNzy+sbidLFYWG0s5ytLK/ny+sa5haXp+cJ8YXlycuLi1KWpC1PjHWnnUERc/sNH///Pa3+8/Navbrx/7ZOxfyaN8ohH7ei0etOz6WfRNBgRq3sRrEcG0xYCAPB90DzO/3lEnI3hGEiP5gAAAID9pPrbofgmiagCAAAA+1YmnQObZHKNeQBDkcnkcvU5vD+Ow5liqVz55VxpbXm2Pld2JLKZuYViYbwxV3gksklteSLNP1o+v215MiKORcT/hg+ly7mZUnG21yc/AAAAoE8c2Tb+/3K4Pv7f4uueVQ4AAADonJFeVwAAAADYc8b/AAAAsP8Z/wMAAMC+9ucrV2qp2vz/69nr62uLpevnZgvlxdzS2kxuprS6kpsvlebTe/Yt7fR+xVJp5dexvHYzXymUK/ny+sa1pdLacuXawmN/gQ0AAAB00bGf3XkviYjN3xxKU82BXlcK6IrBZ1n5w72rB9B9A72uANAzz/T7D+wr2V5XAOi5ZIfX207eebvzdQEAAPbG6E9aX/8f2PHcwGamS1UE9ojzf9C/XP+H/uX6P/SvbAyEgTz0t51uAfr81/+r1WeqEAAA0HFDaUoyuYj0PMBQZDK5XMTRdEyQTeYWioXxiPhhRLw7nP1BbXki3TLZcc4wAAAAAAAAAAAAAAAAAAAAAAAAAFBXrSZRBQAAAPa1iMzHSXo3/4jR4TND288PHEi+Gk6fI+LGK1dfujldqaxO1Mo/f1heeblRfr4XZzAAAACA7Zrj9OY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA66f69WzPN1M24n/4+IkZaxR+Mg+nzwchGxOEvkhjcsl0SEQMdiL95OyKOt4qf1KoVI41atIp/qMfxj3QgPvSzO7X+53etvn+ZOJU+t/7+XUx7qOfXvv/LPOz/BlrEr5Ud3WWME3ffyLeNfzvixGDr/qcZP2nT/5zeZfy//21jo91r1VcjRlv+/iSPxcpXllby5fWNcwtL0/OF+cLy5OTExalLUxemxvNzC8VC47FljP/+9M0HT2v/4TbxR3Zo/5ldtv/buzfv/aiezT7cPHkUf+x06/1/vE38TGP//6KRr70+2sxv1vNbnXz9nZNPa/9sm/bvtP/Hdtn+s3/59we7XBUA6ILy+sbidLFYWO3rzHN9GrXDoheiFS9mpva5vgDVaJn51x68c+3IvNft6kSmp90SAACwB54cAwMAAAAAAAAAAAAAAAAAAADd1o3biWW3xdxMHztx93wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM75LgAA///6fNJN") (fail_nth: 1)

41.271484565s ago: executing program 7 (id=3210):
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

41.202371701s ago: executing program 7 (id=3211):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="25ac83fcb80c8b1d09df503b85132483464b879e1aa37f79521609b6749396b628a44fd025aff7db68ca3f9cd28e412766f860fda8743d65beed02bf7a4196210955d2f99ea8854e7047ebb5a18cd732c26b134871cb76ef98d71dddbee307068b1de6b64a985e1d5e7ad024db0dbd481edc29745ea9", @ANYBLOB="8a450200000000002400128009000100626f6e6400000000140002800500010006000000080002001506"], 0x44}}, 0x40)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffd, 0x32c, 0x0, r4}, &(0x7f00000001c0), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e22, 0x52d9, @private0, 0x7}}, 0x74f, 0xd560, 0x1ff, 0xfffffffa, 0x8001}, &(0x7f00000000c0)=0x98)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})

40.935061622s ago: executing program 7 (id=3216):
r0 = syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYRES32, @ANYRES8, @ANYRES64], 0x8, 0x2f6, &(0x7f0000001cc0)="$eJzs3EtPE10YwPGnV9oSaBdv3jevieFEN7qZQHWtNAYSYxMJUuMlMRlgqk3HlnQaTI3xsnJr/BAuCEt2JMoXYONON27csTFxIQtjTedCoQwgbWkR/r+EzMOc88ycc1qa5zS0G3fePC7mLS2vVyUYUxIQEdkUSUlQPAH3GLTjqGz3Ui4Ofv909tbdezcy2ezEtFKTmZlLaaXU8Mj7J8/ibrfVAVlPPdj4lv66/u/6/xu/Zh4VLFWwVKlcVbqaLX+p6rOmoeYLVlFTaso0dMtQhZJlVJz2stOeN8sLCzWll+aHEgsVw7KUXqqpolFT1bKqVmoq9FAvlJSmaWooIThIbml6Ws+0mTzX5cHgiFQqGT0kIvFdLbmlvgwIAAD0VWv9HxTVzfp/+dxadfD2yrBb/69G/er/y5+da+2o/2Mi4lv/e/f3rf/1w9X/uyui06Wj+h/Hw0h016lAM2w0VjJ6wv37tb26vzxqB9T/AAAAAAAAAAAAAAAAAAAAAAD8DTbr9WS9Xk96R+9nQERiIuL97pMaEpGrfRgyuqiDxx8nQPODe+FhEfP1Ym4x5xzdDmsiYooho5KUn/bzwdWIvU8eqYaUfDBfOPkD7suDSCYvBTt/TJIRaeaH3HjyenZiTDma+Y1jRBLb89OSlH9a7+/kp33zo3Lh/LZ8TZLycU7KYsq8fe9m/vMxpa7dzLbkx+1+AAAAAACcBJraktq5/3X275q2V7uTv7W/bn1/INTcX4/67s/Dcibc37kDAAAAAHBaWLWnRd00jco+QVwO7tN+ED6iK3sz/NMs738Zjm6m+wTezXc0xdyTnVw54rcsgUMsyx5BUNrJGmnMRnW6Yt7bRnv1kanx3j+CdvDf23c/ureYV1ZiB8y0/SC0/xMg0rMXIAAAAAA90yz6vTPj/R0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACnUC++Ha3fcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOi98BAAD//xPfAEw=")
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = dup(r1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e24, 0x648, @local, 0x1}}, 0x13fffffe, 0x31, 0xffff1896, 0x1, 0xd4, 0x0, 0x1b}, 0x9c)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
pwritev2(r5, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)

40.357662209s ago: executing program 5 (id=3225):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000980)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000080000001b00000018000180140002007465616d5f736c6176655f3000"], 0x2c}}, 0x0)

40.357287739s ago: executing program 7 (id=3226):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="c3d7363e849542e392f39fd3f98cc44946ad72da52d39d08629a8c7824863a3a861f9d638d7ebfa445054fd3bb41907ef8bb962dbd1a19f0", 0x38}, {&(0x7f00000002c0)="66f9699c58446a60d138a77c79fe5e5b84ee1584a84592cb9a3afb2dbd7a9936fc9f41f029d9951e2013b3617e76c30173b4e2f62547af638c59119aeb96876b074b98", 0x43}, {&(0x7f00000004c0)="58c05dfa8952e65c11226a1466f3446f4fea96d8a4ced80123db874b214a7f5c0bf60762eeb496cca1b362bb89ce2684c08bdcac7246efbad84eb9f3b48f9d4445d6f718e299bba25c9ca6dc0ddd025152774a215e86c516dec5dee5361c59e93d99aba76d370d7922513c614f3659181f71c27f5f98fd09f1d157b40bc2c2ae6b3dc7f298220c882468c5dd7eb5c280afa4e8121b04753be050f37995d284146f877110ff8a7f763a6d5376eafdfcbc84a643fd80cb29c00ec94117425bf50f8999", 0xc2}, {&(0x7f0000000380)="66af35f089c944bab216b390db43a4ad3d7a31a4627c2d7c0ed8b21c1170dac3811a5b20e629782c99f5db5cc19481711a3a1210091d03fcea115863d441d4ee7d527bd1c4ac9a4a016eccc67f60f2eb34ad2de59dd6f3cf192e2445d51988e9787cc32c8551c778332243dd03a213e03b2252770eb15848df0ecb0e61b9e9224ca2bc70348f1ac57bae74c374b74d988b18f7f33b1852acf336b95c888b6c76e035fbb95ff3190bbf59ff570f52ce271783987f", 0xb4}], 0x4}, 0x48002)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

40.357039909s ago: executing program 39 (id=3225):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000980)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000080000001b00000018000180140002007465616d5f736c6176655f3000"], 0x2c}}, 0x0)

40.34175683s ago: executing program 40 (id=3226):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="c3d7363e849542e392f39fd3f98cc44946ad72da52d39d08629a8c7824863a3a861f9d638d7ebfa445054fd3bb41907ef8bb962dbd1a19f0", 0x38}, {&(0x7f00000002c0)="66f9699c58446a60d138a77c79fe5e5b84ee1584a84592cb9a3afb2dbd7a9936fc9f41f029d9951e2013b3617e76c30173b4e2f62547af638c59119aeb96876b074b98", 0x43}, {&(0x7f00000004c0)="58c05dfa8952e65c11226a1466f3446f4fea96d8a4ced80123db874b214a7f5c0bf60762eeb496cca1b362bb89ce2684c08bdcac7246efbad84eb9f3b48f9d4445d6f718e299bba25c9ca6dc0ddd025152774a215e86c516dec5dee5361c59e93d99aba76d370d7922513c614f3659181f71c27f5f98fd09f1d157b40bc2c2ae6b3dc7f298220c882468c5dd7eb5c280afa4e8121b04753be050f37995d284146f877110ff8a7f763a6d5376eafdfcbc84a643fd80cb29c00ec94117425bf50f8999", 0xc2}, {&(0x7f0000000380)="66af35f089c944bab216b390db43a4ad3d7a31a4627c2d7c0ed8b21c1170dac3811a5b20e629782c99f5db5cc19481711a3a1210091d03fcea115863d441d4ee7d527bd1c4ac9a4a016eccc67f60f2eb34ad2de59dd6f3cf192e2445d51988e9787cc32c8551c778332243dd03a213e03b2252770eb15848df0ecb0e61b9e9224ca2bc70348f1ac57bae74c374b74d988b18f7f33b1852acf336b95c888b6c76e035fbb95ff3190bbf59ff570f52ce271783987f", 0xb4}], 0x4}, 0x48002)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

37.251706159s ago: executing program 4 (id=3267):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r2, &(0x7f00000002c0)={&(0x7f0000000200)=@caif=@dgm={0x25, 0x12}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000140)="18", 0x1}], 0x1}, 0x0)

37.23563594s ago: executing program 4 (id=3268):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000085000000430000"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
msgsnd(0x0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)

37.221082611s ago: executing program 4 (id=3269):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2cff810026000506"], 0x2c}}, 0x0)

37.165146856s ago: executing program 4 (id=3270):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="25ac83fcb80c8b1d09df503b85132483464b879e1aa37f79521609b6749396b628a44fd025aff7db68ca3f9cd28e412766f860fda8743d65beed02bf7a4196210955d2f99ea8854e7047ebb5a18cd732c26b134871cb76ef98d71dddbee307068b1de6b64a985e1d5e7ad024db0dbd481edc29745ea9", @ANYBLOB="8a450200000000002400128009000100626f6e6400000000140002800500010006000000080002001506"], 0x44}}, 0x40)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x400, 0x7ffd, 0x32c, 0x0, r4}, &(0x7f00000001c0), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e22, 0x52d9, @private0, 0x7}}, 0x74f, 0xd560, 0x1ff, 0xfffffffa, 0x8001}, &(0x7f00000000c0)=0x98)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})

36.963279043s ago: executing program 4 (id=3272):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={0x38, r1, 0x10ada85e65c25359, 0xfffffff9, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x72}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}]}]}]}]}, 0x38}}, 0x0)

36.049618196s ago: executing program 4 (id=3281):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="25ac83fcb80c8b1d09df503b85132483464b879e1aa37f79521609b6749396b628a44fd025aff7db68ca3f9cd28e412766f860fda8743d65beed02bf7a4196210955d2f99ea8854e7047ebb5a18cd732c26b134871cb76ef98d71dddbee307068b1de6b64a985e1d5e7ad024db0dbd481edc29745ea9", @ANYBLOB="8a450200000000002400128009000100626f6e6400000000140002800500010006000000080002001506"], 0x44}}, 0x40)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e22, 0x52d9, @private0, 0x7}}, 0x74f, 0xd560, 0x1ff, 0xfffffffa, 0x8001}, &(0x7f00000000c0)=0x98)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})

36.049188806s ago: executing program 41 (id=3281):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="25ac83fcb80c8b1d09df503b85132483464b879e1aa37f79521609b6749396b628a44fd025aff7db68ca3f9cd28e412766f860fda8743d65beed02bf7a4196210955d2f99ea8854e7047ebb5a18cd732c26b134871cb76ef98d71dddbee307068b1de6b64a985e1d5e7ad024db0dbd481edc29745ea9", @ANYBLOB="8a450200000000002400128009000100626f6e6400000000140002800500010006000000080002001506"], 0x44}}, 0x40)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e22, 0x52d9, @private0, 0x7}}, 0x74f, 0xd560, 0x1ff, 0xfffffffa, 0x8001}, &(0x7f00000000c0)=0x98)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})

16.028378809s ago: executing program 2 (id=3613):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioprio_set$uid(0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000000000000800000000100000028003cc9c5bb450ffd3de5bf437887fbf3a1da910150f4d1e60342a3a344448d1722d2c1f38cd4b4288dc9914b13aad6582f3dd366de783cc9028809dd070c5f8a00000000000000000036de28d44287a48b98c1a6b68f32cc40e2b0f92590daa294df3f70be655caafa3082151319ead60047b5fde441a5493d76fca279d2b129fc00517624cf0a7ec42834698f520444600c57c90995a4dc11c680717f1395046b36204e0917e5dadab5024e9e287a47de177a581e54943aae97a91fec4efc", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1840004410120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x400)
r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000240)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000380)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@dev}, 0x0, @in=@multicast2}}, &(0x7f0000000480)=0xe8)
stat(&(0x7f00000004c0)='.\x02\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
fchownat(r7, &(0x7f0000000300)='.\x02\x00', r8, r9, 0x100)
sync_file_range(r1, 0x101, 0xa1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {<r10=>0xee00, 0xee00}}, './file0\x00'})
ioctl$BTRFS_IOC_DEFRAG(r0, 0x50009402, 0x0)
setresuid(r5, r8, r10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xa, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
socket$packet(0x11, 0x3, 0x300)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

15.677028648s ago: executing program 2 (id=3618):
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r3)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000640)={0x30, r4, 0x2, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x27}, @void, @val={0xc, 0x99, {0xffffffe5, 0x42}}}}}, 0x2e}, 0x1, 0x0, 0x0, 0x1}, 0x2000c800)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r2, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x4c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x1b}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x37}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x6c}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000010)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x28}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, r1, 0x800, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, r6}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4000800)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6)
r7 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r7, &(0x7f0000001200)={'#! ', './file0'}, 0xb)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0xd, &(0x7f0000000300)=@framed={{0x18, 0x2}, [@func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit, @printk={@s, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1fffffff}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}]}, &(0x7f0000000440)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl2\x00', <r9=>0x0, 0x10, 0x700, 0x9, 0x7, {{0x15, 0x4, 0x2, 0x5, 0x54, 0x64, 0x0, 0x4, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x41}, @multicast2, {[@timestamp_prespec={0x44, 0x14, 0x72, 0x3, 0x0, [{@rand_addr=0x64010100, 0x401}, {@remote, 0x3}]}, @generic={0x82, 0x9, "79698f4505f8cb"}, @lsrr={0x83, 0x1b, 0x55, [@multicast2, @remote, @remote, @private=0xa010100, @dev={0xac, 0x14, 0x14, 0x2c}, @private=0xa010101]}, @end, @generic={0x88, 0x5, "114015"}]}}}}})
sendmsg$nl_route(r7, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c0000005e0002002cbd7000fcdbdf25000000007925821eb85fb9ab5047b2ece5f44fb2b788dcff88c2bc3e8deb2518d2e0c330b115bddbda", @ANYRES32=r9, @ANYBLOB='\x00\x00\x00\x00'], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004044)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
mq_getsetattr(r7, &(0x7f00000003c0)={0x8000000000000000, 0x5, 0xd9a, 0x3}, &(0x7f0000000400))

15.632465131s ago: executing program 2 (id=3619):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
msgsnd(0x0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)

15.592038254s ago: executing program 2 (id=3620):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x41a1})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r3 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r4}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/diskstats\x00', 0x0, 0x0)
preadv(r5, &(0x7f00000006c0)=[{0x0}, {&(0x7f00000004c0)=""/149, 0x95}], 0x2, 0x31, 0x0)
ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000340)=0xf4240)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = syz_clone(0x6200, 0x0, 0x0, 0x0, 0x0, 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
getpgrp(r6)
fallocate(r3, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000040)={0xc, r3, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

15.189848647s ago: executing program 2 (id=3630):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xe}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1807000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
syz_read_part_table(0x5d1, &(0x7f0000000600)="$eJzs2z9o02kYB/Anaq6Hwrk4ORzWwclFcTSDlSQqCiHaRRwUFBEzRTiIEBB00AyKGaRjl1LI0j9T03B0uGtpoXMpHXoUOnQ62qXQpTnavkfvpvuT3IHw+cDL+755v28e3uE3PsFX7UT82u12MxHRHfjnt4db+cLtC6Ub5QcRmXgUEYM/fTd1cJJJid//9WLar6f92OjpzoedW9nW2v3dS4/nGyfS+Zs0zoy3h3t+HP+5idzC2bfvqsWPtdyL1WJ98/3K8r3J7Xy5fbfRnLqTvfk05RbTfCrNr6IWr+NlPIlKVOJZVPtUf6S1cWX/fLE18/z6XqHzae5qypV6fOffrf/z4OeHzfrQ5elzX67VZpfKWyePcpV/8XUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/m8gtnH37rlr8WMu9WC3WN9+vLN+b3M6X23cbzak72ZtP48eBg9xiyp9K86uoxet4GU+iEpV4FtU+1R9pbVzZP19szTy/vlfofJq7mnKl4yvf9vDcv6z/w+Dnh8360OXpc1+u1WaXylsnj3KVgX5WBQAAAAAAAAAAAAAAAAAAgD/LF25fKN0oP4jIxKOIaH8/dNjq3z3sd89EJuUupsV66oMfGz3d+bBzK9tau7976fF845f0+5s0zoy3h/9Y55vjZV/79+nNbwEAAP//54uW8A==")

14.949640016s ago: executing program 2 (id=3637):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
fchownat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) (fail_nth: 11)

14.927437968s ago: executing program 42 (id=3637):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
fchownat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) (fail_nth: 11)

1.818505364s ago: executing program 1 (id=3952):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r2, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r2, &(0x7f00000002c0)={&(0x7f0000000200)=@caif=@dgm={0x25, 0x12}, 0x80, &(0x7f0000000640)}, 0x0)

1.74561171s ago: executing program 1 (id=3953):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4, 0x2}, {0xc}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xfffffffffffffffe}}}]}, {0x25}, {0xc}, {0xc}}}]}]}, 0x8c}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e000000000000004c0200000614000000000000", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000300"/28], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000040000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getegid()
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
chroot(&(0x7f0000000040)='./cgroup\x00')

1.723898372s ago: executing program 1 (id=3954):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRESOCT], 0x48)
pipe(0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x9)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)

1.052854756s ago: executing program 9 (id=3967):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={0x28, r1, 0x10ada85e65c25359, 0xfffffff9, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x72}}}}}, 0x28}}, 0x0)

1.026712678s ago: executing program 0 (id=3969):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x88000, 0x0, 0x0, 0x0, &(0x7f0000000340))
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='nr_inodes=1'])
chdir(&(0x7f0000000300)='./file0\x00')
lsetxattr$security_selinux(&(0x7f0000000080)='.\x00', &(0x7f00000000c0), &(0x7f0000000100)='system_u:object_r:systemd_logger_exec_t:s0\x00', 0x2b, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
clock_getres(0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={0x0, 0x124}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r3, 0x0, 0x7}, 0x18)
unshare(0xa000200)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)

1.015266469s ago: executing program 9 (id=3970):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
unshare(0x2040400)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x10, 0x4, 0x8, 0x6}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, &(0x7f0000000180), &(0x7f0000000100)=r1}, 0x20)

1.013911249s ago: executing program 3 (id=3971):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="8c00000010001fff28bd70000000800000000000", @ANYRES32=0x0, @ANYBLOB="efb00000800000006c0012800b00010062726964676500005c00028008000500010000000c002e0001000000000000000600270005"], 0x8c}, 0x1, 0x0, 0x0, 0x4000084}, 0x14)

982.274062ms ago: executing program 9 (id=3972):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
mq_getsetattr(0xffffffffffffffff, &(0x7f00000003c0)={0x8000000000000000, 0x5, 0xd9a, 0x3}, &(0x7f0000000400))

978.842722ms ago: executing program 3 (id=3973):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000401000004000000c5000000881480008eee8f16b218b275bee7edbdcdd44dee47fcdd5d27604968444d6596fc1e10fa3a9e0dac7edd733b1af45476b6d784c56b3a0a18338d1126996d1805199973210379be12", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x3, &(0x7f00000001c0)=[{0x200000000006, 0x80, 0x0, 0x7ffc1ffb}, {0x40, 0x6, 0x1, 0x1}, {0x2, 0x9, 0xa5}]})
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0xe, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x4, @perf_config_ext={0xacf8, 0xf3}, 0x1100, 0x5ddc, 0x3a68, 0x5, 0x0, 0x8, 0x8697, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r2, &(0x7f0000007940)={&(0x7f00000008c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00', @ANYRESOCT=r2, @ANYRES8=r2], 0x30}, 0x40880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000009df7000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r7=>0x0})
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x3, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xbab, 0x0, 0x272, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x1, 0x7, 0x4, 0xc, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0xfffc, 0x6}, {0xff}, 0x0, 0x7f}}]}}]}, 0x45c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_io_uring_setup(0x116, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'ip_vti0\x00', &(0x7f00000005c0)={'erspan0\x00', 0x0, 0x700, 0x7800, 0x9, 0xffffffff, {{0x19, 0x4, 0x0, 0x28, 0x64, 0x68, 0x0, 0x7, 0x2b, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x19}, {[@timestamp_prespec={0x44, 0x4, 0x80, 0x3, 0x5}, @cipso={0x86, 0x45, 0x2, [{0x6, 0x6, "bdd28718"}, {0x1, 0xf, "03091e502f2282ec2b099e24a5"}, {0x6, 0x5, "a41dae"}, {0x7, 0x5, "e477ef"}, {0x7, 0x11, "a1c907c0ba31bfa48f02766ddcbce4"}, {0x1, 0xd, "81dd8beabcaef79a2909d0"}, {0x7, 0x2}]}, @end, @generic={0x44, 0x3, "c0"}]}}}}})
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r9=>0x0})
bind$can_raw(r8, &(0x7f0000000000)={0x1d, r9}, 0x10)
setsockopt$CAN_RAW_FILTER(r8, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bind$can_raw(r8, &(0x7f0000000080), 0x10)
getrusage(0x1, &(0x7f0000000040))

971.417993ms ago: executing program 0 (id=3974):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x4, {{0x43, 0x2}, 0x4}}, 0x10, 0x0}, 0x0)

914.823777ms ago: executing program 9 (id=3975):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000401000004000000c5000000881480008eee8f16b218b275bee7edbdcdd44dee47fcdd5d27604968444d6596fc1e10fa3a9e0dac7edd733b1af45476b6d784c56b3a0a18338d1126996d1805199973210379be12", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x3, &(0x7f00000001c0)=[{0x200000000006, 0x80, 0x0, 0x7ffc1ffb}, {0x40, 0x6, 0x1, 0x1}, {0x2, 0x9, 0xa5}]})
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0xe, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x4, @perf_config_ext={0xacf8, 0xf3}, 0x1100, 0x5ddc, 0x3a68, 0x5, 0x0, 0x8, 0x8697, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r2, &(0x7f0000007940)={&(0x7f00000008c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="2c000000000000000000000007000000441c05eb", @ANYRESOCT=r2, @ANYRES8=r2], 0x30}, 0x40880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
dup3(r4, r3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000009df7000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r7=>0x0})
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001240)=@newqdisc={0x434, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x3, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xbab, 0x0, 0x272, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x1, 0x7, 0x4, 0xc, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}]}}]}, 0x434}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_io_uring_setup(0x116, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'ip_vti0\x00', &(0x7f00000005c0)={'erspan0\x00', 0x0, 0x700, 0x7800, 0x9, 0xffffffff, {{0x19, 0x4, 0x0, 0x28, 0x64, 0x68, 0x0, 0x7, 0x2b, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x19}, {[@timestamp_prespec={0x44, 0x4, 0x80, 0x3, 0x5}, @cipso={0x86, 0x45, 0x2, [{0x6, 0x6, "bdd28718"}, {0x1, 0xf, "03091e502f2282ec2b099e24a5"}, {0x6, 0x5, "a41dae"}, {0x7, 0x5, "e477ef"}, {0x7, 0x11, "a1c907c0ba31bfa48f02766ddcbce4"}, {0x1, 0xd, "81dd8beabcaef79a2909d0"}, {0x7, 0x2}]}, @end, @generic={0x44, 0x3, "c0"}]}}}}})
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r9=>0x0})
bind$can_raw(r8, &(0x7f0000000000)={0x1d, r9}, 0x10)
setsockopt$CAN_RAW_FILTER(r8, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bind$can_raw(r8, &(0x7f0000000080), 0x10)
getrusage(0x1, &(0x7f0000000040))

914.467537ms ago: executing program 0 (id=3976):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x15, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x86}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup(r3)
getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x38, 0x6d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ip6_vti0\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

914.019296ms ago: executing program 0 (id=3977):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0xc6)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000080)={r1, r1, 0x0, r1}, 0x10)
dup2(r1, r1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_emit_ethernet(0x36, &(0x7f0000000400)={@local, @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0xd}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)

893.655099ms ago: executing program 6 (id=3978):
r0 = socket(0x840000000002, 0x3, 0xff)
sendmmsg$inet(r0, &(0x7f0000000280)=[{{&(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000240)="a905000000007464000100000000000000", 0x11}, {&(0x7f0000000200)="82f57c000200000000000000000000000004ac", 0x13}], 0x2}}], 0x1, 0x24004044)

856.033321ms ago: executing program 1 (id=3979):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
fchmod(r2, 0x2)

828.339414ms ago: executing program 6 (id=3980):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={0x28, r1, 0x10ada85e65c25359, 0xfffffff9, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x72}}}}}, 0x28}}, 0x0)

808.779545ms ago: executing program 1 (id=3981):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = getpid()
sched_getaffinity(r2, 0x8, &(0x7f0000000380))
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x6}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, &(0x7f0000000580)=""/202, 0x0, 0xca, 0x0, 0x6}, 0x28)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0)
recvmmsg(r3, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000000c0)=""/134, 0x86}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000200)=""/11, 0xb}, {&(0x7f0000000240)=""/208, 0xd0}, {&(0x7f0000000400)=""/25, 0x19}, {&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000000440)=""/71, 0x47}, {&(0x7f0000001a80)=""/193, 0xc1}, {&(0x7f00000004c0)=""/34, 0x22}, {&(0x7f0000000640)=""/130, 0x82}, {&(0x7f0000000700)=""/154, 0x9a}], 0x9, &(0x7f0000000880)=""/213, 0xd5}, 0x8}], 0x2, 0x1, 0x0)

763.579679ms ago: executing program 6 (id=3982):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="0001000000000000000000000000000000000000d9332cf456d834cf62edec7b0975787e6c7a0cfbaa35e8a223e561f60ee2729b22a3ee6aab6101901ae0dfa95f04a9f986635c7caa03b7a5094091c2480cf5f57944b9096888f67f136cf4cf0d", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

671.632026ms ago: executing program 6 (id=3983):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
unshare(0x2040400)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x10, 0x4, 0x8, 0x6}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, &(0x7f0000000180), &(0x7f0000000100)=r1}, 0x20)

625.54987ms ago: executing program 1 (id=3984):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket(0xa, 0x3, 0x3a)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$tipc(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='kfree_skb\x00', r3}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f00000007c0)=ANY=[@ANYBLOB="0a00000016000000b40000000300000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000de00000004000000000000000000cf4aae46ff01f494c28d3789984521dfa05a22323a998fcaeed088465ee01ce5b874ccd049092a3293667840acdd6b239339544685c79c02b1046dd219e3e34bc0503dd9ffc58f242938526e85505b086938faff5d7bd6f3a87a73e6eac286e033a85a96df3a27aa0b53c191f266542cc0b61dae46980b969b8e839816f12c56fba4192247100d3eb57fdbab138fc10752c6e09efab1d9995af600d888a3cfd7b9d2abb2a710184d68d261eafa046394fd6de2c569d1dc5e9960c64e68406e89eab368157583e750e6c0067760c9363d171359d43339224e023eb5fcff730a96888a372fff507dd912f0694ff2ca9f4bfc4b3802647cdc8791ed16775a25c9fd53832157ff790bf2eec83eb4db142a94e94f41c5f48e980236ce003b059e2169295522b6a5dcaeab745ecb5e9e82f2db769742"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000700)=@framed={{0x18, 0x8}}, 0x0, 0x2, 0xfe, &(0x7f0000000e00)=""/254}, 0x94)
write$cgroup_devices(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xa)
write$cgroup_devices(0xffffffffffffffff, &(0x7f00000000c0)={'b', ' *:* ', 'r\x00'}, 0x8)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000580)={'a', ' *:* ', 'w\x00'}, 0x8)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, 0x1, 0x4, 0x301, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x400}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x101}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x100}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40800}, 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
keyctl$set_reqkey_keyring(0xe, 0x7)

608.533792ms ago: executing program 6 (id=3985):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x41a1})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r3 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r4}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r5, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
fallocate(r3, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0xc028660f, &(0x7f0000000040)={0xc, r3, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

570.461235ms ago: executing program 3 (id=3986):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="8c00000010001fff28bd70000000800000000000", @ANYRES32=0x0, @ANYBLOB="efb00000800000006c0012800b00010062726964676500005c00028008000500010000000c002e0001000000000000000600270005"], 0x8c}, 0x1, 0x0, 0x0, 0x4000084}, 0x14)

517.652199ms ago: executing program 0 (id=3987):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x4, {{0x43, 0x2}, 0x4}}, 0x10, 0x0}, 0x0)

503.85959ms ago: executing program 0 (id=3988):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRESHEX, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000140)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@quota}, {@resuid}, {@lazytime}]}, 0x1, 0x445, &(0x7f0000000200)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r7, &(0x7f0000000740)="cc", 0x1)
sendfile(r7, r6, 0x0, 0x3ffff)
sendfile(r7, r6, 0x0, 0x7fffeffd)
openat(0xffffffffffffffff, &(0x7f0000000100)='./bus/file0\x00', 0x4c4c01, 0x28)
sync()
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f00000007c0), 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r8}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
setrlimit(0x40000000000008, &(0x7f0000000000)={0x4848, 0xfffffffffffff006})

432.282826ms ago: executing program 3 (id=3989):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[], &(0x7f0000000180)=""/218, 0x4e, 0xda, 0x1}, 0x28)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000180)={0x60, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0xa, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @private1}}}}]}]}, 0x60}}, 0x0) (fail_nth: 9)

403.626478ms ago: executing program 9 (id=3990):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000380)=0x1040, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x200008d4, &(0x7f000072e000)={0xa, 0x4e22, 0x0, @loopback, 0x1}, 0x1c)
r1 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000180)={[{@barrier}, {@orlov}, {@i_version}, {}]}, 0x1, 0x77c, &(0x7f0000001900)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2CYMWDCBYKerZdNttQs8mW7KY0IaBFBC+CigdBLz37o968+uOq/4UHsVRNixUPEpnNTrttdtNsmmSr+/nAJO/NzO6b776ZeW93HjMB9KzR9E8u4mBEfJBEDDfmJxExUE/1RxxfW+/GynIxnZJYXX3t96S+zvWV5WI0vSa1v5F5NCK+fzfiUG59udXFpZlCuVyab+THa7PnxquLS4fPzhamS9OluaMTk5NHjj1z7Oj2xfrnT0sHrnz48pNfHf/7nUcuv/9DEsfjQGNZcxzbZTRGG5/JQPoR3ual7S6sy5JubwBbkh6afWtHeRyM4eirpwCA/7O3ImIVAOgp/dp/AOg52e8A11eWi9nU3V8kdtfVFyNi71r82fXNtSX9jWt2e+vXQYeuJ7ddGUkiYmQbyh+NiM++eeOLdIodug4J0MrbFyPi9Mjo+vN/sm7MQqee2mDZnsb/0TvmO//B7vk27f8826r/l7vZ/4kW/Z/BFsfuVtz1+N+3DYVsIO3/Pd80tu1GU/wNI32N3AP1Pt9AcuZsuZSe2x6MiLEYGEzzE2vrthwGNXbtn2vtym/u//3x0Zufp+Wn/2+tkfu1f/D210wVaoV7jTtz9WLEY/2t4k9u1n/Spv97cpNlvPLce5+2W5bGn8abTevjj8bopJ2xeiniiZb1f6sqkw3HJ47Xd4fxbKdo4eufPxlqV35z/adTWn72XWA3pPU/tHH8I0nzeM1q52X8eGn4u3bL7h5/6/1/T/J6PZ31Iy4UarX5iYg9yavr5x+59dosn62fxj/2eOvjf6P9P/1OeHqT8fdf+e3Lrce/s9L4pzqq/84Tl2/M9LUrf3P1P1lPjTXmbOb8t9kNvJfPDgAAAAAAAAAAAAAAAAAAAAAAAAA2KxcRByLJ5W+mc7l8fu0Z3g/HUK5cqdYOnakszE1F/VnZIzGQy251Odx0P9SJxv3ws/yRO/JPR8RDEfHx4L4ku4/iVJdjBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM/jbP/0/9MtjtrQMAdszebm8AALDrtP8A0Hu0/wDQe7T/ANB7tP8A0Hu0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOywkydOpNPqXyvLxTQ/dX5xYaZy/vBUqTqTn10o5ouV+XP56UplulzKFyuzd3u/cqVybjLmFi6M10rV2nh1cenUbGVhrnbq7GxhunSqNLArUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ6qLSzOFcrk0L7GFxOr9sRndT/Q1dqc7FyUR0ekbvhBdD6ezRHJ/bMY2J7p8YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4j/g3AAD//5EOHsI=")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0x3, &(0x7f00000009c0)=ANY=[@ANYRESHEX=r1], &(0x7f0000000000)='GPL\x00', 0x9, 0xfffffffffffffda7, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
syz_open_dev$usbmon(&(0x7f0000000040), 0x3, 0x80000)

74.478684ms ago: executing program 6 (id=3991):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
fchmod(r2, 0x2)

21.714409ms ago: executing program 3 (id=3992):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={0x28, r1, 0x10ada85e65c25359, 0xfffffff9, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x72}}}}}, 0x28}}, 0x0)

8.81653ms ago: executing program 9 (id=3993):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2000002, 0x42032, 0xffffffffffffffff, 0x80000000)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

0s ago: executing program 3 (id=3994):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x2)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
fallocate(r2, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0xc, r2, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

kernel console output (not intermixed with test programs):

T13573] loop9: rw=2049, sector=273, nr_sectors = 8 limit=128
[  243.650302][T13595] loop2: detected capacity change from 0 to 512
[  243.665928][T13595] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  243.680879][T13573] syz.9.3400: attempt to access beyond end of device
[  243.680879][T13573] loop9: rw=2049, sector=289, nr_sectors = 9 limit=128
[  243.702529][T13595] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.811632][T13607] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3410'.
[  243.828895][T13607] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3410'.
[  243.840525][T13611] random: crng reseeded on system resumption
[  243.843588][T13607] bridge0: port 3(macvlan2) entered blocking state
[  243.853113][T13607] bridge0: port 3(macvlan2) entered disabled state
[  243.873776][T13607] macvlan2: entered allmulticast mode
[  243.879334][T13607] bridge0: entered allmulticast mode
[  243.887597][T13607] macvlan2: left allmulticast mode
[  243.892892][T13607] bridge0: left allmulticast mode
[  243.901763][T13007] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.944925][T13614] loop9: detected capacity change from 0 to 512
[  243.981866][T13614] ext4 filesystem being mounted at /48/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.008002][T13607] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #4: comm syz.9.3410: corrupted inode contents
[  244.017239][T13621] loop1: detected capacity change from 0 to 4096
[  244.034339][T13621] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3413: bg 0: block 137: padding at end of block bitmap is not set
[  244.035523][T13607] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #4: comm syz.9.3410: mark_inode_dirty error
[  244.082923][T13607] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #4: comm syz.9.3410: corrupted inode contents
[  244.093712][T13627] sch_tbf: peakrate 2147483643 is lower than or equals to rate 2831599472947593698 !
[  244.096017][T13607] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #4: comm syz.9.3410: mark_inode_dirty error
[  244.119410][T13607] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.3410: Failed to acquire dquot type 1
[  244.125668][T13629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3415'.
[  244.132387][T13614] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #4: comm syz.9.3410: corrupted inode contents
[  244.139716][T13629] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3415'.
[  244.156817][T13614] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #4: comm syz.9.3410: mark_inode_dirty error
[  244.179176][T13632] loop2: detected capacity change from 0 to 512
[  244.186423][T13632] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  244.195606][T13632] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  244.246642][T13634] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3417'.
[  244.265565][T13632] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  244.290820][T13632] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  244.299052][T13614] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #4: comm syz.9.3410: corrupted inode contents
[  244.304745][T13632] System zones: 0-2, 18-18, 34-35
[  244.320036][T13632] FAULT_INJECTION: forcing a failure.
[  244.320036][T13632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.333350][T13632] CPU: 1 UID: 0 PID: 13632 Comm: syz.2.3416 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  244.333398][T13632] Tainted: [W]=WARN
[  244.333408][T13632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  244.333425][T13632] Call Trace:
[  244.333434][T13632]  <TASK>
[  244.333449][T13632]  __dump_stack+0x1d/0x30
[  244.333477][T13632]  dump_stack_lvl+0xe8/0x140
[  244.333539][T13632]  dump_stack+0x15/0x1b
[  244.333562][T13632]  should_fail_ex+0x265/0x280
[  244.333605][T13632]  should_fail+0xb/0x20
[  244.333645][T13632]  should_fail_usercopy+0x1a/0x20
[  244.333728][T13632]  _copy_from_user+0x1c/0xb0
[  244.333826][T13632]  memdup_user+0x5e/0xd0
[  244.333861][T13632]  autofs_dev_ioctl+0x167/0x6a0
[  244.333965][T13632]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[  244.333996][T13632]  __se_sys_ioctl+0xce/0x140
[  244.334042][T13632]  __x64_sys_ioctl+0x43/0x50
[  244.334159][T13632]  x64_sys_call+0x1816/0x2ff0
[  244.334188][T13632]  do_syscall_64+0xd2/0x200
[  244.334275][T13632]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  244.334308][T13632]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  244.334338][T13632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.334366][T13632] RIP: 0033:0x7faae279eb69
[  244.334400][T13632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.334424][T13632] RSP: 002b:00007faae0dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  244.334507][T13632] RAX: ffffffffffffffda RBX: 00007faae29c5fa0 RCX: 00007faae279eb69
[  244.334520][T13632] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000006
[  244.334534][T13632] RBP: 00007faae0dff090 R08: 0000000000000000 R09: 0000000000000000
[  244.334547][T13632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.334560][T13632] R13: 0000000000000000 R14: 00007faae29c5fa0 R15: 00007ffddbc7a888
[  244.334581][T13632]  </TASK>
[  244.351039][T13614] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #4: comm syz.9.3410: mark_inode_dirty error
[  244.387328][T13645] loop3: detected capacity change from 0 to 2048
[  244.403517][T13614] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.3410: Failed to acquire dquot type 1
[  244.506838][   T29] kauditd_printk_skb: 487 callbacks suppressed
[  244.506858][   T29] audit: type=1400 audit(1754365375.780:21048): avc:  denied  { getopt } for  pid=13640 comm="syz.0.3421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  244.583395][   T29] audit: type=1400 audit(1754365375.800:21049): avc:  denied  { setattr } for  pid=13606 comm="syz.9.3410" name="file0" dev="loop9" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  244.655104][T13650] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3423'.
[  244.702626][T13657] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  244.712702][   T29] audit: type=1326 audit(1754365375.990:21050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13653 comm="syz.2.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faae279eb69 code=0x7ffc0000
[  244.736394][   T29] audit: type=1326 audit(1754365375.990:21051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13653 comm="syz.2.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faae279eb69 code=0x7ffc0000
[  244.738718][T13661] loop1: detected capacity change from 0 to 2048
[  244.795459][   T29] audit: type=1326 audit(1754365375.990:21052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.9.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a54deb69 code=0x7ffc0000
[  244.800940][T13667] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3431'.
[  244.819211][   T29] audit: type=1326 audit(1754365375.990:21053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.9.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a54deb69 code=0x7ffc0000
[  244.851717][   T29] audit: type=1326 audit(1754365375.990:21054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.9.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64a54deb69 code=0x7ffc0000
[  244.875547][   T29] audit: type=1326 audit(1754365375.990:21055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.9.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a54deb69 code=0x7ffc0000
[  244.899252][   T29] audit: type=1326 audit(1754365375.990:21056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.9.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f64a54deb69 code=0x7ffc0000
[  244.922897][   T29] audit: type=1326 audit(1754365375.990:21057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13651 comm="syz.9.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64a54deb69 code=0x7ffc0000
[  244.953973][T13670] loop0: detected capacity change from 0 to 512
[  244.962436][T13670] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  245.079724][T13670] EXT4-fs (loop0): 1 truncate cleaned up
[  245.178612][T13667] vhci_hcd: invalid port number 96
[  245.183844][T13667] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  245.219912][T13681] loop9: detected capacity change from 0 to 2048
[  245.340053][T13688] loop0: detected capacity change from 0 to 512
[  245.353845][T13689] loop1: detected capacity change from 0 to 2048
[  245.359235][T13688] ext4: Unknown parameter 'permit_directio'
[  245.407742][T13689]  loop1: p1 < > p4
[  245.412486][T13689] loop1: p4 size 8388608 extends beyond EOD, truncated
[  245.540927][T13713] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  245.655918][T13711] loop0: detected capacity change from 0 to 512
[  245.689266][T13711] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.772661][T13734] loop2: detected capacity change from 0 to 512
[  245.801542][T13734] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.876493][T13739] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  245.966146][T13733] loop3: detected capacity change from 0 to 4096
[  246.057038][T13733] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3455: bg 0: block 137: padding at end of block bitmap is not set
[  246.585865][T13753] FAULT_INJECTION: forcing a failure.
[  246.585865][T13753] name failslab, interval 1, probability 0, space 0, times 0
[  246.599006][T13753] CPU: 1 UID: 0 PID: 13753 Comm: syz.1.3461 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  246.599153][T13753] Tainted: [W]=WARN
[  246.599159][T13753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  246.599187][T13753] Call Trace:
[  246.599193][T13753]  <TASK>
[  246.599203][T13753]  __dump_stack+0x1d/0x30
[  246.599238][T13753]  dump_stack_lvl+0xe8/0x140
[  246.599264][T13753]  dump_stack+0x15/0x1b
[  246.599285][T13753]  should_fail_ex+0x265/0x280
[  246.599436][T13753]  should_failslab+0x8c/0xb0
[  246.599462][T13753]  kmem_cache_alloc_noprof+0x50/0x310
[  246.599566][T13753]  ? vm_area_alloc+0x2c/0xb0
[  246.599599][T13753]  vm_area_alloc+0x2c/0xb0
[  246.599677][T13753]  create_init_stack_vma+0x28/0x390
[  246.599716][T13753]  alloc_bprm+0x2b9/0x350
[  246.599745][T13753]  do_execveat_common+0x12e/0x750
[  246.599777][T13753]  __x64_sys_execve+0x5c/0x70
[  246.599883][T13753]  x64_sys_call+0x2716/0x2ff0
[  246.599907][T13753]  do_syscall_64+0xd2/0x200
[  246.599935][T13753]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  246.599987][T13753]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  246.600017][T13753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.600046][T13753] RIP: 0033:0x7f5a4ccaeb69
[  246.600065][T13753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.600162][T13753] RSP: 002b:00007f5a4b317038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  246.600187][T13753] RAX: ffffffffffffffda RBX: 00007f5a4ced5fa0 RCX: 00007f5a4ccaeb69
[  246.600264][T13753] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400
[  246.600277][T13753] RBP: 00007f5a4b317090 R08: 0000000000000000 R09: 0000000000000000
[  246.600331][T13753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.600348][T13753] R13: 0000000000000000 R14: 00007f5a4ced5fa0 R15: 00007ffdd53e4408
[  246.600374][T13753]  </TASK>
[  247.016851][T13776] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13776 comm=syz.1.3469
[  247.069022][T13776] loop1: detected capacity change from 0 to 2048
[  247.096398][T13772] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13772 comm=syz.9.3468
[  247.118870][T13776]  loop1: p1 < > p2 p3 < p5 p6 > p4
[  247.124212][T13776] loop1: partition table partially beyond EOD, truncated
[  247.142188][T13772] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3468'.
[  247.152467][T13776] loop1: p1 start 4278190080 is beyond EOD, truncated
[  247.159281][T13776] loop1: p2 start 16908800 is beyond EOD, truncated
[  247.188412][T13776] loop1: p5 start 16908800 is beyond EOD, truncated
[  247.296288][T13788] loop1: detected capacity change from 0 to 256
[  247.307482][T13786] FAULT_INJECTION: forcing a failure.
[  247.307482][T13786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.320779][T13786] CPU: 0 UID: 0 PID: 13786 Comm: syz.3.3460 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  247.320843][T13786] Tainted: [W]=WARN
[  247.320850][T13786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  247.320867][T13786] Call Trace:
[  247.320881][T13786]  <TASK>
[  247.320890][T13786]  __dump_stack+0x1d/0x30
[  247.320917][T13786]  dump_stack_lvl+0xe8/0x140
[  247.321012][T13786]  dump_stack+0x15/0x1b
[  247.321035][T13786]  should_fail_ex+0x265/0x280
[  247.321081][T13786]  should_fail+0xb/0x20
[  247.321150][T13786]  should_fail_usercopy+0x1a/0x20
[  247.321177][T13786]  _copy_to_user+0x20/0xa0
[  247.321211][T13786]  simple_read_from_buffer+0xb5/0x130
[  247.321248][T13786]  proc_fail_nth_read+0x10e/0x150
[  247.321357][T13786]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  247.321385][T13786]  vfs_read+0x19d/0x6f0
[  247.321483][T13786]  ? __rcu_read_unlock+0x4f/0x70
[  247.321513][T13786]  ? __fget_files+0x184/0x1c0
[  247.321548][T13786]  ksys_read+0xda/0x1a0
[  247.321575][T13786]  __x64_sys_read+0x40/0x50
[  247.321598][T13786]  x64_sys_call+0x27bc/0x2ff0
[  247.321697][T13786]  do_syscall_64+0xd2/0x200
[  247.321728][T13786]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  247.321778][T13786]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  247.321802][T13786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.321832][T13786] RIP: 0033:0x7f587711d57c
[  247.321870][T13786] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  247.321895][T13786] RSP: 002b:00007f587577f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  247.321918][T13786] RAX: ffffffffffffffda RBX: 00007f5877345fa0 RCX: 00007f587711d57c
[  247.321931][T13786] RDX: 000000000000000f RSI: 00007f587577f0a0 RDI: 0000000000000003
[  247.321965][T13786] RBP: 00007f587577f090 R08: 0000000000000000 R09: 0000000000000000
[  247.321982][T13786] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  247.321995][T13786] R13: 0000000000000000 R14: 00007f5877345fa0 R15: 00007ffcd4a46588
[  247.322084][T13786]  </TASK>
[  247.327676][T13788] FAT-fs (loop1): Directory bread(block 64) failed
[  247.491788][T13793] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  247.549616][T13788] FAT-fs (loop1): Directory bread(block 65) failed
[  247.556363][T13788] FAT-fs (loop1): Directory bread(block 66) failed
[  247.563074][T13788] FAT-fs (loop1): Directory bread(block 67) failed
[  247.563506][T13795] loop0: detected capacity change from 0 to 256
[  247.570092][T13788] FAT-fs (loop1): Directory bread(block 68) failed
[  247.582704][T13788] FAT-fs (loop1): Directory bread(block 69) failed
[  247.589442][T13788] FAT-fs (loop1): Directory bread(block 70) failed
[  247.596061][T13788] FAT-fs (loop1): Directory bread(block 71) failed
[  247.602661][T13788] FAT-fs (loop1): Directory bread(block 72) failed
[  247.609220][T13788] FAT-fs (loop1): Directory bread(block 73) failed
[  247.620589][T13795] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  247.638062][T13795] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  247.646689][T13795] FAT-fs (loop0): Filesystem has been set read-only
[  247.658977][T13807] __nla_validate_parse: 2 callbacks suppressed
[  247.658999][T13807] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3478'.
[  247.676249][T13788] syz.1.3473: attempt to access beyond end of device
[  247.676249][T13788] loop1: rw=2051, sector=1256, nr_sectors = 32 limit=256
[  247.691275][T13800] netlink: 476 bytes leftover after parsing attributes in process `syz.0.3475'.
[  247.778368][T13810] loop3: detected capacity change from 0 to 2048
[  247.827286][T13812] loop0: detected capacity change from 0 to 512
[  247.851648][T13812] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.017445][T13820] loop9: detected capacity change from 0 to 512
[  248.031427][T13820] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.103114][T13824] loop3: detected capacity change from 0 to 512
[  248.218521][T13824] EXT4-fs (loop3): orphan cleanup on readonly fs
[  248.226741][T13824] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3481: bg 0: block 248: padding at end of block bitmap is not set
[  248.242290][T13824] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3481: Failed to acquire dquot type 1
[  248.255506][T13824] EXT4-fs (loop3): 1 truncate cleaned up
[  248.418083][   T51] bio_check_eod: 397 callbacks suppressed
[  248.418105][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.418105][   T51] loop1: rw=1, sector=11880, nr_sectors = 32 limit=256
[  248.465114][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.465114][   T51] loop1: rw=1, sector=11944, nr_sectors = 32 limit=256
[  248.518882][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.518882][   T51] loop1: rw=1, sector=12008, nr_sectors = 32 limit=256
[  248.548479][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.548479][   T51] loop1: rw=1, sector=12072, nr_sectors = 32 limit=256
[  248.582668][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.582668][   T51] loop1: rw=1, sector=12136, nr_sectors = 32 limit=256
[  248.610415][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.610415][   T51] loop1: rw=1, sector=12200, nr_sectors = 32 limit=256
[  248.647594][T13833] loop0: detected capacity change from 0 to 1024
[  248.655732][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.655732][   T51] loop1: rw=1, sector=12264, nr_sectors = 32 limit=256
[  248.671851][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.671851][   T51] loop1: rw=1, sector=12328, nr_sectors = 32 limit=256
[  248.694430][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.694430][   T51] loop1: rw=1, sector=12392, nr_sectors = 32 limit=256
[  248.711703][   T51] kworker/u8:3: attempt to access beyond end of device
[  248.711703][   T51] loop1: rw=1, sector=12456, nr_sectors = 32 limit=256
[  248.813671][T13820] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3482'.
[  248.940883][T13858] loop1: detected capacity change from 0 to 128
[  248.969263][T13863] FAULT_INJECTION: forcing a failure.
[  248.969263][T13863] name failslab, interval 1, probability 0, space 0, times 0
[  248.969390][T13861] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  248.982231][T13863] CPU: 1 UID: 0 PID: 13863 Comm: syz.0.3497 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  248.982285][T13863] Tainted: [W]=WARN
[  248.982374][T13863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  248.982392][T13863] Call Trace:
[  248.982399][T13863]  <TASK>
[  248.982410][T13863]  __dump_stack+0x1d/0x30
[  248.982442][T13863]  dump_stack_lvl+0xe8/0x140
[  248.982470][T13863]  dump_stack+0x15/0x1b
[  248.982495][T13863]  should_fail_ex+0x265/0x280
[  248.982686][T13863]  should_failslab+0x8c/0xb0
[  248.982722][T13863]  __kmalloc_noprof+0xa5/0x3e0
[  248.982898][T13863]  ? alloc_trace_uprobe+0x2f/0x1e0
[  248.982975][T13863]  alloc_trace_uprobe+0x2f/0x1e0
[  248.983003][T13863]  ? create_local_trace_uprobe+0x91/0x2c0
[  248.983038][T13863]  create_local_trace_uprobe+0xb5/0x2c0
[  248.983106][T13863]  perf_uprobe_init+0xc0/0x150
[  248.983152][T13863]  perf_uprobe_event_init+0xc4/0x140
[  248.983199][T13863]  perf_try_init_event+0xd6/0x540
[  248.983240][T13863]  ? perf_event_alloc+0xb1c/0x1740
[  248.983363][T13863]  perf_event_alloc+0xb27/0x1740
[  248.983412][T13863]  __se_sys_perf_event_open+0x4a5/0x11c0
[  248.983509][T13863]  ? __rcu_read_unlock+0x4f/0x70
[  248.983551][T13863]  __x64_sys_perf_event_open+0x67/0x80
[  248.983606][T13863]  x64_sys_call+0x7bd/0x2ff0
[  248.983639][T13863]  do_syscall_64+0xd2/0x200
[  248.983675][T13863]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  248.983776][T13863]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  248.983844][T13863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.983876][T13863] RIP: 0033:0x7f84be14eb69
[  248.983899][T13863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.983969][T13863] RSP: 002b:00007f84bc7b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  248.983995][T13863] RAX: ffffffffffffffda RBX: 00007f84be375fa0 RCX: 00007f84be14eb69
[  248.984014][T13863] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000180
[  248.984032][T13863] RBP: 00007f84bc7b7090 R08: 0000000000000000 R09: 0000000000000000
[  248.984050][T13863] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  248.984070][T13863] R13: 0000000000000000 R14: 00007f84be375fa0 R15: 00007ffd57bf6228
[  248.984131][T13863]  </TASK>
[  248.984141][T13863] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[  249.260058][T13868] bridge: RTM_NEWNEIGH with invalid ether address
[  249.319311][T13877] FAULT_INJECTION: forcing a failure.
[  249.319311][T13877] name failslab, interval 1, probability 0, space 0, times 0
[  249.332118][T13877] CPU: 1 UID: 0 PID: 13877 Comm: syz.0.3503 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  249.332206][T13877] Tainted: [W]=WARN
[  249.332215][T13877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  249.332232][T13877] Call Trace:
[  249.332239][T13877]  <TASK>
[  249.332246][T13877]  __dump_stack+0x1d/0x30
[  249.332276][T13877]  dump_stack_lvl+0xe8/0x140
[  249.332297][T13877]  dump_stack+0x15/0x1b
[  249.332351][T13877]  should_fail_ex+0x265/0x280
[  249.332388][T13877]  should_failslab+0x8c/0xb0
[  249.332421][T13877]  kmem_cache_alloc_node_noprof+0x57/0x320
[  249.332498][T13877]  ? __alloc_skb+0x101/0x320
[  249.332603][T13877]  __alloc_skb+0x101/0x320
[  249.332656][T13877]  netlink_alloc_large_skb+0xba/0xf0
[  249.332710][T13877]  netlink_sendmsg+0x3cf/0x6b0
[  249.332761][T13877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.332805][T13877]  __sock_sendmsg+0x145/0x180
[  249.332879][T13877]  ____sys_sendmsg+0x31e/0x4e0
[  249.332920][T13877]  ___sys_sendmsg+0x17b/0x1d0
[  249.332992][T13877]  __x64_sys_sendmsg+0xd4/0x160
[  249.333041][T13877]  x64_sys_call+0x191e/0x2ff0
[  249.333133][T13877]  do_syscall_64+0xd2/0x200
[  249.333199][T13877]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  249.333225][T13877]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  249.333254][T13877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.333283][T13877] RIP: 0033:0x7f84be14eb69
[  249.333384][T13877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.333402][T13877] RSP: 002b:00007f84bc7b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  249.333422][T13877] RAX: ffffffffffffffda RBX: 00007f84be375fa0 RCX: 00007f84be14eb69
[  249.333497][T13877] RDX: 0000000000000840 RSI: 0000200000000280 RDI: 0000000000000005
[  249.333514][T13877] RBP: 00007f84bc7b7090 R08: 0000000000000000 R09: 0000000000000000
[  249.333575][T13877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.333647][T13877] R13: 0000000000000000 R14: 00007f84be375fa0 R15: 00007ffd57bf6228
[  249.333724][T13877]  </TASK>
[  249.560724][   T29] kauditd_printk_skb: 390 callbacks suppressed
[  249.560813][   T29] audit: type=1400 audit(1754365380.840:21444): avc:  denied  { create } for  pid=13879 comm="syz.3.3505" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  249.588318][   T29] audit: type=1326 audit(1754365380.840:21445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13883 comm="syz.1.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4ccaeb69 code=0x7ffc0000
[  249.612100][   T29] audit: type=1326 audit(1754365380.840:21446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13883 comm="syz.1.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4ccaeb69 code=0x7ffc0000
[  249.624647][T13886] loop0: detected capacity change from 0 to 2048
[  249.635837][   T29] audit: type=1326 audit(1754365380.840:21447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13883 comm="syz.1.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4ccaeb69 code=0x7ffc0000
[  249.665716][   T29] audit: type=1326 audit(1754365380.840:21448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13883 comm="syz.1.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4ccaeb69 code=0x7ffc0000
[  249.689378][   T29] audit: type=1326 audit(1754365380.840:21449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13883 comm="syz.1.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4ccaeb69 code=0x7ffc0000
[  249.713173][   T29] audit: type=1326 audit(1754365380.840:21450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13883 comm="syz.1.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4ccaeb69 code=0x7ffc0000
[  249.736779][   T29] audit: type=1326 audit(1754365380.870:21451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13883 comm="syz.1.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4ccaeb69 code=0x7ffc0000
[  249.760542][   T29] audit: type=1326 audit(1754365380.870:21452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13883 comm="syz.1.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4ccaeb69 code=0x7ffc0000
[  249.766196][T13884] loop1: detected capacity change from 0 to 512
[  249.787212][   T29] audit: type=1400 audit(1754365380.890:21453): avc:  denied  { read } for  pid=13871 comm="syz.9.3501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  249.818834][T13884] EXT4-fs (loop1): orphan cleanup on readonly fs
[  249.833850][T13884] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3504: bg 0: block 248: padding at end of block bitmap is not set
[  249.861439][T13884] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3504: Failed to acquire dquot type 1
[  249.883584][T13884] EXT4-fs (loop1): 1 truncate cleaned up
[  249.942405][T13884] syz.1.3504 (13884) used greatest stack depth: 9224 bytes left
[  249.962818][T13902] loop2: detected capacity change from 0 to 512
[  249.975252][T13902] EXT4-fs (loop2): failed to initialize system zone (-117)
[  249.984902][T13902] EXT4-fs (loop2): mount failed
[  250.011790][T13907] loop1: detected capacity change from 0 to 1024
[  250.023856][T13909] loop3: detected capacity change from 0 to 128
[  250.085498][T13907] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.3512: Allocating blocks 449-513 which overlap fs metadata
[  250.108557][T13906] EXT4-fs (loop1): pa ffff88810543fe00: logic 48, phys. 177, len 21
[  250.116790][T13906] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  250.205478][T13921] loop1: detected capacity change from 0 to 512
[  250.221289][T13921] EXT4-fs: Ignoring removed nobh option
[  250.250385][T13921] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.3517: corrupted inode contents
[  250.273877][T13921] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.3517: mark_inode_dirty error
[  250.296959][T13933] loop2: detected capacity change from 0 to 512
[  250.304551][T13921] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.3517: corrupted inode contents
[  250.318944][T13921] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.3517: mark_inode_dirty error
[  250.333565][T13933] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.348991][T13929] loop3: detected capacity change from 0 to 128
[  250.355486][T13921] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3517: Failed to acquire dquot type 0
[  250.369267][T13921] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3517: corrupted inode contents
[  250.389072][T13929] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  250.397085][T13944] loop9: detected capacity change from 0 to 164
[  250.427901][T13921] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.3517: mark_inode_dirty error
[  250.439555][T13944] isofs_fill_super: root inode is not a directory. Corrupted media?
[  250.477853][T13921] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3517: corrupted inode contents
[  250.502240][T13921] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.3517: mark_inode_dirty error
[  250.511353][T13948] loop9: detected capacity change from 0 to 2048
[  250.534580][T13921] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3517: corrupted inode contents
[  250.557571][T13921] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  250.577184][T13948] EXT4-fs error (device loop9): ext4_ext_precache:632: inode #2: comm syz.9.3528: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  250.609167][T13921] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3517: corrupted inode contents
[  250.626415][T13948] EXT4-fs (loop9): Remounting filesystem read-only
[  250.635326][T13921] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.3517: mark_inode_dirty error
[  250.647012][T13921] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  250.670374][T13921] EXT4-fs (loop1): 1 truncate cleaned up
[  250.676790][T13921] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.848258][T13975] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  250.945372][T13980] FAULT_INJECTION: forcing a failure.
[  250.945372][T13980] name failslab, interval 1, probability 0, space 0, times 0
[  250.958099][T13980] CPU: 0 UID: 0 PID: 13980 Comm: syz.1.3540 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  250.958197][T13980] Tainted: [W]=WARN
[  250.958206][T13980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  250.958222][T13980] Call Trace:
[  250.958231][T13980]  <TASK>
[  250.958240][T13980]  __dump_stack+0x1d/0x30
[  250.958268][T13980]  dump_stack_lvl+0xe8/0x140
[  250.958287][T13980]  dump_stack+0x15/0x1b
[  250.958304][T13980]  should_fail_ex+0x265/0x280
[  250.958342][T13980]  ? tcf_pedit_init+0x448/0x9a0
[  250.958382][T13980]  should_failslab+0x8c/0xb0
[  250.958431][T13980]  __kmalloc_cache_noprof+0x4c/0x320
[  250.958471][T13980]  tcf_pedit_init+0x448/0x9a0
[  250.958513][T13980]  ? should_fail_ex+0xdb/0x280
[  250.958582][T13980]  tcf_action_init_1+0x36a/0x4a0
[  250.958694][T13980]  tcf_action_init+0x267/0x6d0
[  250.958757][T13980]  tc_ctl_action+0x291/0x830
[  250.958830][T13980]  ? __pfx_tc_ctl_action+0x10/0x10
[  250.958855][T13980]  rtnetlink_rcv_msg+0x657/0x6d0
[  250.958886][T13980]  netlink_rcv_skb+0x120/0x220
[  250.958968][T13980]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  250.959002][T13980]  rtnetlink_rcv+0x1c/0x30
[  250.959076][T13980]  netlink_unicast+0x5c0/0x690
[  250.959112][T13980]  netlink_sendmsg+0x58b/0x6b0
[  250.959148][T13980]  ? __pfx_netlink_sendmsg+0x10/0x10
[  250.959254][T13980]  __sock_sendmsg+0x145/0x180
[  250.959359][T13980]  ____sys_sendmsg+0x31e/0x4e0
[  250.959401][T13980]  ___sys_sendmsg+0x17b/0x1d0
[  250.959484][T13980]  __x64_sys_sendmsg+0xd4/0x160
[  250.959672][T13980]  x64_sys_call+0x191e/0x2ff0
[  250.959694][T13980]  do_syscall_64+0xd2/0x200
[  250.959787][T13980]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  250.959820][T13980]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  250.959889][T13980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.959918][T13980] RIP: 0033:0x7f5a4ccaeb69
[  250.960018][T13980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.960044][T13980] RSP: 002b:00007f5a4b2f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  250.960070][T13980] RAX: ffffffffffffffda RBX: 00007f5a4ced6080 RCX: 00007f5a4ccaeb69
[  250.960122][T13980] RDX: 000000002400c800 RSI: 0000200000000000 RDI: 0000000000000006
[  250.960134][T13980] RBP: 00007f5a4b2f6090 R08: 0000000000000000 R09: 0000000000000000
[  250.960146][T13980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  250.960159][T13980] R13: 0000000000000000 R14: 00007f5a4ced6080 R15: 00007ffdd53e4408
[  250.960222][T13980]  </TASK>
[  251.439983][T13999] 9pnet: Could not find request transport: tcp��޿��$�G����ZR��9r�3�@��#h�qn��l����N�
[  251.446898][T13997] FAULT_INJECTION: forcing a failure.
[  251.446898][T13997] name failslab, interval 1, probability 0, space 0, times 0
[  251.463360][T13997] CPU: 0 UID: 0 PID: 13997 Comm: syz.2.3547 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  251.463396][T13997] Tainted: [W]=WARN
[  251.463405][T13997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  251.463422][T13997] Call Trace:
[  251.463430][T13997]  <TASK>
[  251.463438][T13997]  __dump_stack+0x1d/0x30
[  251.463461][T13997]  dump_stack_lvl+0xe8/0x140
[  251.463568][T13997]  dump_stack+0x15/0x1b
[  251.463590][T13997]  should_fail_ex+0x265/0x280
[  251.463900][T13997]  should_failslab+0x8c/0xb0
[  251.463927][T13997]  __kmalloc_noprof+0xa5/0x3e0
[  251.463959][T13997]  ? copy_splice_read+0xc2/0x5f0
[  251.464013][T13997]  copy_splice_read+0xc2/0x5f0
[  251.464128][T13997]  ? __pfx_copy_splice_read+0x10/0x10
[  251.464244][T13997]  splice_direct_to_actor+0x26c/0x680
[  251.464268][T13997]  ? __pfx_direct_splice_actor+0x10/0x10
[  251.464301][T13997]  do_splice_direct+0xda/0x150
[  251.464327][T13997]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  251.464408][T13997]  do_sendfile+0x380/0x650
[  251.464552][T13997]  __x64_sys_sendfile64+0x105/0x150
[  251.464587][T13997]  x64_sys_call+0x2bb0/0x2ff0
[  251.464654][T13997]  do_syscall_64+0xd2/0x200
[  251.464684][T13997]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  251.464739][T13997]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  251.464762][T13997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.464791][T13997] RIP: 0033:0x7faae279eb69
[  251.464821][T13997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.464862][T13997] RSP: 002b:00007faae0dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  251.464887][T13997] RAX: ffffffffffffffda RBX: 00007faae29c5fa0 RCX: 00007faae279eb69
[  251.464937][T13997] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  251.464985][T13997] RBP: 00007faae0dff090 R08: 0000000000000000 R09: 0000000000000000
[  251.465003][T13997] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000001
[  251.465018][T13997] R13: 0000000000000000 R14: 00007faae29c5fa0 R15: 00007ffddbc7a888
[  251.465105][T13997]  </TASK>
[  251.729237][T14004] loop1: detected capacity change from 0 to 2048
[  251.766999][T14010] loop3: detected capacity change from 0 to 512
[  251.779217][T14011] bridge: RTM_NEWNEIGH with invalid ether address
[  251.810513][T14010] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.946049][T14018] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  252.034913][T14021] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  252.394004][T14033] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  252.465169][T14037] loop2: detected capacity change from 0 to 2048
[  252.630719][T14046] netlink: 'syz.3.3564': attribute type 1 has an invalid length.
[  252.648092][T14046] nfs4: Bad value for 'source'
[  252.673784][T14050] loop2: detected capacity change from 0 to 2048
[  252.746581][T14054] loop3: detected capacity change from 0 to 512
[  252.778443][T14054] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.892391][T14061] loop3: detected capacity change from 0 to 512
[  252.911280][T14061] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.997224][T14067] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3571'.
[  253.094828][T14076] netlink: 'syz.3.3574': attribute type 1 has an invalid length.
[  253.124134][T14076] bond1: entered promiscuous mode
[  253.129522][T14076] 8021q: adding VLAN 0 to HW filter on device bond1
[  253.184232][T14076] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14076 comm=syz.3.3574
[  253.201762][T14083] loop1: detected capacity change from 0 to 2048
[  253.236364][T14076] 8021q: adding VLAN 0 to HW filter on device bond1
[  253.262586][T14076] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  253.272942][T14076] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  253.332889][T14076] bond1: (slave ip6gre1): making interface the new active one
[  253.340543][T14076] ip6gre1: entered promiscuous mode
[  253.371051][T14076] bond1: (slave ip6gre1): Enslaving as an active interface with an up link
[  253.516464][T14091] FAULT_INJECTION: forcing a failure.
[  253.516464][T14091] name failslab, interval 1, probability 0, space 0, times 0
[  253.529271][T14091] CPU: 0 UID: 0 PID: 14091 Comm: syz.3.3580 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  253.529314][T14091] Tainted: [W]=WARN
[  253.529322][T14091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  253.529336][T14091] Call Trace:
[  253.529343][T14091]  <TASK>
[  253.529390][T14091]  __dump_stack+0x1d/0x30
[  253.529480][T14091]  dump_stack_lvl+0xe8/0x140
[  253.529503][T14091]  dump_stack+0x15/0x1b
[  253.529523][T14091]  should_fail_ex+0x265/0x280
[  253.529562][T14091]  should_failslab+0x8c/0xb0
[  253.529616][T14091]  kmem_cache_alloc_noprof+0x50/0x310
[  253.529652][T14091]  ? skb_clone+0x151/0x1f0
[  253.529676][T14091]  skb_clone+0x151/0x1f0
[  253.529698][T14091]  nfnetlink_rcv+0x305/0x1690
[  253.529778][T14091]  ? nlmon_xmit+0x4f/0x60
[  253.529806][T14091]  ? consume_skb+0x49/0x150
[  253.529843][T14091]  ? nlmon_xmit+0x4f/0x60
[  253.529871][T14091]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  253.529916][T14091]  ? __dev_queue_xmit+0x1200/0x2000
[  253.530033][T14091]  ? __dev_queue_xmit+0x182/0x2000
[  253.530078][T14091]  ? ref_tracker_free+0x37d/0x3e0
[  253.530133][T14091]  netlink_unicast+0x5c0/0x690
[  253.530173][T14091]  netlink_sendmsg+0x58b/0x6b0
[  253.530249][T14091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.530313][T14091]  __sock_sendmsg+0x145/0x180
[  253.530371][T14091]  ____sys_sendmsg+0x31e/0x4e0
[  253.530434][T14091]  ___sys_sendmsg+0x17b/0x1d0
[  253.530493][T14091]  __x64_sys_sendmsg+0xd4/0x160
[  253.530607][T14091]  x64_sys_call+0x191e/0x2ff0
[  253.530635][T14091]  do_syscall_64+0xd2/0x200
[  253.530665][T14091]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  253.530696][T14091]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  253.530731][T14091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.530758][T14091] RIP: 0033:0x7f587711eb69
[  253.530778][T14091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.530832][T14091] RSP: 002b:00007f587577f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.530856][T14091] RAX: ffffffffffffffda RBX: 00007f5877345fa0 RCX: 00007f587711eb69
[  253.530873][T14091] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  253.530889][T14091] RBP: 00007f587577f090 R08: 0000000000000000 R09: 0000000000000000
[  253.530905][T14091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.530921][T14091] R13: 0000000000000000 R14: 00007f5877345fa0 R15: 00007ffcd4a46588
[  253.530944][T14091]  </TASK>
[  253.906687][T14099] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3584'.
[  253.998403][T14106] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  254.188997][T14120] loop1: detected capacity change from 0 to 512
[  254.241130][T14120] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.295708][T14128] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3594'.
[  254.342511][T14128] FAULT_INJECTION: forcing a failure.
[  254.342511][T14128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.355728][T14128] CPU: 0 UID: 0 PID: 14128 Comm: syz.2.3594 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  254.355772][T14128] Tainted: [W]=WARN
[  254.355781][T14128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  254.355833][T14128] Call Trace:
[  254.355840][T14128]  <TASK>
[  254.355848][T14128]  __dump_stack+0x1d/0x30
[  254.355869][T14128]  dump_stack_lvl+0xe8/0x140
[  254.355889][T14128]  dump_stack+0x15/0x1b
[  254.355910][T14128]  should_fail_ex+0x265/0x280
[  254.355995][T14128]  should_fail+0xb/0x20
[  254.356090][T14128]  should_fail_usercopy+0x1a/0x20
[  254.356109][T14128]  _copy_from_user+0x1c/0xb0
[  254.356205][T14128]  ___sys_sendmsg+0xc1/0x1d0
[  254.356265][T14128]  __x64_sys_sendmsg+0xd4/0x160
[  254.356390][T14128]  x64_sys_call+0x191e/0x2ff0
[  254.356511][T14128]  do_syscall_64+0xd2/0x200
[  254.356536][T14128]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  254.356604][T14128]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  254.356634][T14128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.356662][T14128] RIP: 0033:0x7faae279eb69
[  254.356680][T14128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.356738][T14128] RSP: 002b:00007faae0dff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.356758][T14128] RAX: ffffffffffffffda RBX: 00007faae29c5fa0 RCX: 00007faae279eb69
[  254.356771][T14128] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[  254.356783][T14128] RBP: 00007faae0dff090 R08: 0000000000000000 R09: 0000000000000000
[  254.356836][T14128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.356887][T14128] R13: 0000000000000000 R14: 00007faae29c5fa0 R15: 00007ffddbc7a888
[  254.356926][T14128]  </TASK>
[  254.671586][T14137] FAULT_INJECTION: forcing a failure.
[  254.671586][T14137] name failslab, interval 1, probability 0, space 0, times 0
[  254.684356][T14137] CPU: 1 UID: 0 PID: 14137 Comm: syz.3.3599 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  254.684399][T14137] Tainted: [W]=WARN
[  254.684423][T14137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  254.684440][T14137] Call Trace:
[  254.684448][T14137]  <TASK>
[  254.684458][T14137]  __dump_stack+0x1d/0x30
[  254.684485][T14137]  dump_stack_lvl+0xe8/0x140
[  254.684511][T14137]  dump_stack+0x15/0x1b
[  254.684533][T14137]  should_fail_ex+0x265/0x280
[  254.684577][T14137]  should_failslab+0x8c/0xb0
[  254.684672][T14137]  kmem_cache_alloc_node_noprof+0x57/0x320
[  254.684787][T14137]  ? __alloc_skb+0x101/0x320
[  254.684824][T14137]  __alloc_skb+0x101/0x320
[  254.684853][T14137]  alloc_skb_with_frags+0x7d/0x470
[  254.684892][T14137]  ? avc_has_perm_noaudit+0x1b1/0x200
[  254.684966][T14137]  ? ref_tracker_alloc+0x1f2/0x2f0
[  254.685080][T14137]  sock_alloc_send_pskb+0x43a/0x4f0
[  254.685160][T14137]  ? __rcu_read_unlock+0x4f/0x70
[  254.685183][T14137]  dgram_sendmsg+0x390/0x720
[  254.685262][T14137]  ieee802154_sock_sendmsg+0x4e/0x60
[  254.685315][T14137]  ? __pfx_ieee802154_sock_sendmsg+0x10/0x10
[  254.685376][T14137]  __sock_sendmsg+0x145/0x180
[  254.685408][T14137]  ____sys_sendmsg+0x31e/0x4e0
[  254.685456][T14137]  ___sys_sendmsg+0x17b/0x1d0
[  254.685559][T14137]  __x64_sys_sendmsg+0xd4/0x160
[  254.685609][T14137]  x64_sys_call+0x191e/0x2ff0
[  254.685639][T14137]  do_syscall_64+0xd2/0x200
[  254.685671][T14137]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  254.685764][T14137]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  254.685792][T14137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.685821][T14137] RIP: 0033:0x7f587711eb69
[  254.685841][T14137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.685939][T14137] RSP: 002b:00007f587577f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.685964][T14137] RAX: ffffffffffffffda RBX: 00007f5877345fa0 RCX: 00007f587711eb69
[  254.685981][T14137] RDX: 0000000004000000 RSI: 00002000000006c0 RDI: 0000000000000004
[  254.685998][T14137] RBP: 00007f587577f090 R08: 0000000000000000 R09: 0000000000000000
[  254.686014][T14137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.686031][T14137] R13: 0000000000000000 R14: 00007f5877345fa0 R15: 00007ffcd4a46588
[  254.686064][T14137]  </TASK>
[  254.931487][T14141] loop2: detected capacity change from 0 to 512
[  254.938950][   T29] kauditd_printk_skb: 552 callbacks suppressed
[  254.938967][   T29] audit: type=1400 audit(1754365386.220:22002): avc:  denied  { write } for  pid=14138 comm="syz.0.3597" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  254.975564][T14139] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3597'.
[  254.995045][   T29] audit: type=1400 audit(1754365386.250:22003): avc:  denied  { connect } for  pid=14138 comm="syz.0.3597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  255.015212][T14141] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  255.015246][T14141] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  255.015301][T14141] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.3600: Corrupt directory, running e2fsck is recommended
[  255.015690][T14141] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  255.015813][T14141] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.3600: corrupted in-inode xattr: invalid ea_ino
[  255.015991][T14141] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3600: couldn't read orphan inode 15 (err -117)
[  255.031403][T14141] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  255.031483][T14141] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  255.031504][T14141] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.3600: Corrupt directory, running e2fsck is recommended
[  255.031761][T14141] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.3600: path /58/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  255.032069][T14141] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 64: comm syz.2.3600: path /58/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  255.057862][   T29] audit: type=1400 audit(1754365386.310:22004): avc:  denied  { ioctl } for  pid=14147 comm="syz.3.3602" path="socket:[49579]" dev="sockfs" ino=49579 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  255.057936][   T29] audit: type=1400 audit(1754365386.310:22005): avc:  denied  { ioctl } for  pid=14147 comm="syz.3.3602" path="socket:[49578]" dev="sockfs" ino=49578 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  255.057995][   T29] audit: type=1400 audit(1754365386.320:22006): avc:  denied  { nlmsg_write } for  pid=14142 comm="syz.1.3601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  255.058028][   T29] audit: type=1400 audit(1754365386.330:22007): avc:  denied  { name_connect } for  pid=14142 comm="syz.1.3601" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  255.078498][   T29] audit: type=1400 audit(1754365386.360:22008): avc:  denied  { bind } for  pid=14147 comm="syz.3.3602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  255.123671][   T29] audit: type=1326 audit(1754365386.400:22009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14154 comm=77DEA105FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f587711eb69 code=0x7ffc0000
[  255.125664][   T29] audit: type=1326 audit(1754365386.400:22010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14154 comm=77DEA105FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f587711eb69 code=0x7ffc0000
[  255.125700][   T29] audit: type=1326 audit(1754365386.400:22011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14154 comm=77DEA105FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f587711eb69 code=0x7ffc0000
[  255.136015][T14153] loop0: detected capacity change from 0 to 512
[  255.162308][T14153] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.397154][T14167] loop3: detected capacity change from 0 to 128
[  255.401929][T14167] ext4 filesystem being mounted at /68/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  255.419713][T14170] loop9: detected capacity change from 0 to 128
[  255.440742][T14170] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  255.572163][T14170] FAT-fs (loop9): Filesystem has been set read-only
[  255.576190][T14170] bio_check_eod: 75 callbacks suppressed
[  255.576212][T14170] syz.9.3609: attempt to access beyond end of device
[  255.576212][T14170] loop9: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  255.599886][T14170] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  255.599926][T14170] FAT-fs (loop9): error, invalid access to FAT (entry 0x00000100)
[  255.600247][T14170] syz.9.3609: attempt to access beyond end of device
[  255.600247][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.600569][T14170] syz.9.3609: attempt to access beyond end of device
[  255.600569][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.600749][T14170] syz.9.3609: attempt to access beyond end of device
[  255.600749][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.600899][T14170] syz.9.3609: attempt to access beyond end of device
[  255.600899][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.600947][T14170] syz.9.3609: attempt to access beyond end of device
[  255.600947][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.601006][T14170] syz.9.3609: attempt to access beyond end of device
[  255.601006][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.601054][T14170] syz.9.3609: attempt to access beyond end of device
[  255.601054][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.601095][T14170] syz.9.3609: attempt to access beyond end of device
[  255.601095][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.601199][T14170] syz.9.3609: attempt to access beyond end of device
[  255.601199][T14170] loop9: rw=0, sector=2065, nr_sectors = 8 limit=128
[  255.602533][T14171] Buffer I/O error on dev loop9, logical block 2065, async page read
[  255.602553][T14171] Buffer I/O error on dev loop9, logical block 2066, async page read
[  255.602570][T14171] Buffer I/O error on dev loop9, logical block 2067, async page read
[  255.730302][T14174] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3611'.
[  255.803060][T14171] Buffer I/O error on dev loop9, logical block 2068, async page read
[  255.827069][T14176] loop1: detected capacity change from 0 to 512
[  255.844255][T14176] EXT4-fs: Ignoring removed nobh option
[  255.845147][T14171] Buffer I/O error on dev loop9, logical block 2069, async page read
[  255.877021][T14181] loop2: detected capacity change from 0 to 2048
[  255.888080][T14171] Buffer I/O error on dev loop9, logical block 2070, async page read
[  255.896501][T14171] Buffer I/O error on dev loop9, logical block 2071, async page read
[  255.899515][T14183] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3614'.
[  255.906786][T14171] Buffer I/O error on dev loop9, logical block 2072, async page read
[  255.925120][T14170] Buffer I/O error on dev loop9, logical block 2065, async page read
[  255.934117][T14181]  loop2: p1 < > p4
[  255.939381][T14170] Buffer I/O error on dev loop9, logical block 2066, async page read
[  255.947765][T14181] loop2: p4 size 8388608 extends beyond EOD, truncated
[  255.959662][T14176] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.3612: corrupted inode contents
[  255.987407][T14181] netlink: 'syz.2.3613': attribute type 39 has an invalid length.
[  255.996464][T14188] loop0: detected capacity change from 0 to 128
[  256.004393][T14176] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.3612: mark_inode_dirty error
[  256.057034][T14176] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.3612: corrupted inode contents
[  256.090322][T14190] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  256.110210][T14176] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.3612: mark_inode_dirty error
[  256.163524][T14176] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3612: Failed to acquire dquot type 0
[  256.190431][T14176] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3612: corrupted inode contents
[  256.219199][T14176] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.3612: mark_inode_dirty error
[  256.257738][T14176] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3612: corrupted inode contents
[  256.296919][T14176] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.3612: mark_inode_dirty error
[  256.310116][T14176] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3612: corrupted inode contents
[  256.322604][T14176] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  256.333457][T14176] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3612: corrupted inode contents
[  256.357833][T14201] loop2: detected capacity change from 0 to 512
[  256.382264][T14201] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.396259][T14176] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.3612: mark_inode_dirty error
[  256.419801][T14176] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  256.430723][T14176] EXT4-fs (loop1): 1 truncate cleaned up
[  256.437092][T14176] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.456277][T14211] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3625'.
[  256.466667][T14209] loop9: detected capacity change from 0 to 2048
[  256.497041][T14216] loop0: detected capacity change from 0 to 128
[  256.521538][T14216] ext4 filesystem being mounted at /126/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  256.823346][T14234] loop1: detected capacity change from 0 to 256
[  256.840283][T14234] vfat: Unknown parameter 'shor�name'
[  256.884031][T14238] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3636'.
[  256.902270][ T1728] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.982412][ T1728] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.030845][ T1728] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.074348][T14247] loop3: detected capacity change from 0 to 512
[  257.103183][ T1728] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.125237][T14243] loop0: detected capacity change from 0 to 512
[  257.133872][T14247] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.165744][T14243] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.210714][ T1728] bridge_slave_1: left allmulticast mode
[  257.216415][ T1728] bridge_slave_1: left promiscuous mode
[  257.222245][ T1728] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.250127][ T1728] bridge_slave_0: left allmulticast mode
[  257.255937][ T1728] bridge_slave_0: left promiscuous mode
[  257.261700][ T1728] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.278612][T14262] loop9: detected capacity change from 0 to 512
[  257.285915][T14262] EXT4-fs: Ignoring removed nobh option
[  257.299887][T14262] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #3: comm syz.9.3643: corrupted inode contents
[  257.313320][T14262] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #3: comm syz.9.3643: mark_inode_dirty error
[  257.325668][T14262] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #3: comm syz.9.3643: corrupted inode contents
[  257.347155][T14262] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #3: comm syz.9.3643: mark_inode_dirty error
[  257.368199][T14262] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.3643: Failed to acquire dquot type 0
[  257.397259][T14262] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #16: comm syz.9.3643: corrupted inode contents
[  257.409877][T14262] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #16: comm syz.9.3643: mark_inode_dirty error
[  257.422486][T14262] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #16: comm syz.9.3643: corrupted inode contents
[  257.437367][T14262] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #16: comm syz.9.3643: mark_inode_dirty error
[  257.458809][T14262] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #16: comm syz.9.3643: corrupted inode contents
[  257.494928][T14273] loop3: detected capacity change from 0 to 4096
[  257.498014][T14262] EXT4-fs error (device loop9) in ext4_orphan_del:305: Corrupt filesystem
[  257.511122][T14262] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #16: comm syz.9.3643: corrupted inode contents
[  257.512694][T14277] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3649'.
[  257.525109][T14262] EXT4-fs error (device loop9): ext4_truncate:4666: inode #16: comm syz.9.3643: mark_inode_dirty error
[  257.545613][ T1728] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  257.552712][T14273] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3648: bg 0: block 137: padding at end of block bitmap is not set
[  257.567243][T14262] EXT4-fs error (device loop9) in ext4_process_orphan:347: Corrupt filesystem
[  257.580814][ T1728] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  257.591108][T14262] EXT4-fs (loop9): 1 truncate cleaned up
[  257.599295][T14262] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.599665][ T1728] bond0 (unregistering): Released all slaves
[  257.685768][ T1728] hsr_slave_0: left promiscuous mode
[  257.694218][ T1728] hsr_slave_1: left promiscuous mode
[  257.700251][T14291] FAULT_INJECTION: forcing a failure.
[  257.700251][T14291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.713433][T14291] CPU: 0 UID: 0 PID: 14291 Comm: syz.1.3654 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  257.713539][T14291] Tainted: [W]=WARN
[  257.713547][T14291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  257.713562][T14291] Call Trace:
[  257.713570][T14291]  <TASK>
[  257.713579][T14291]  __dump_stack+0x1d/0x30
[  257.713648][T14291]  dump_stack_lvl+0xe8/0x140
[  257.713673][T14291]  dump_stack+0x15/0x1b
[  257.713726][T14291]  should_fail_ex+0x265/0x280
[  257.713838][T14291]  should_fail+0xb/0x20
[  257.713873][T14291]  should_fail_usercopy+0x1a/0x20
[  257.713970][T14291]  _copy_from_iter+0xcf/0xe40
[  257.713997][T14291]  ? __build_skb_around+0x1a0/0x200
[  257.714034][T14291]  ? __alloc_skb+0x223/0x320
[  257.714065][T14291]  netlink_sendmsg+0x471/0x6b0
[  257.714170][ T1728] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.714160][T14291]  ? __pfx_netlink_sendmsg+0x10/0x10
[  257.714204][T14291]  __sock_sendmsg+0x145/0x180
[  257.714233][T14291]  ____sys_sendmsg+0x31e/0x4e0
[  257.714445][T14291]  ___sys_sendmsg+0x17b/0x1d0
[  257.714570][T14291]  __x64_sys_sendmsg+0xd4/0x160
[  257.714624][T14291]  x64_sys_call+0x191e/0x2ff0
[  257.714657][T14291]  do_syscall_64+0xd2/0x200
[  257.714757][T14291]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  257.714793][T14291]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  257.714823][T14291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.714856][T14291] RIP: 0033:0x7f5a4ccaeb69
[  257.714877][T14291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.714960][T14291] RSP: 002b:00007f5a4b317038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  257.714987][T14291] RAX: ffffffffffffffda RBX: 00007f5a4ced5fa0 RCX: 00007f5a4ccaeb69
[  257.715006][T14291] RDX: 0000000020050890 RSI: 00002000000000c0 RDI: 0000000000000006
[  257.715024][T14291] RBP: 00007f5a4b317090 R08: 0000000000000000 R09: 0000000000000000
[  257.715042][T14291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.715058][T14291] R13: 0000000000000000 R14: 00007f5a4ced5fa0 R15: 00007ffdd53e4408
[  257.715164][T14291]  </TASK>
[  257.785362][T14292] loop9: detected capacity change from 0 to 512
[  257.789781][ T1728] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.802234][T14296] loop3: detected capacity change from 0 to 1024
[  257.915858][T14304] loop0: detected capacity change from 0 to 4096
[  257.922901][T14292] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.926864][ T1728] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.973742][ T1728] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.989970][ T1728] veth1_macvtap: left promiscuous mode
[  257.995504][ T1728] veth0_macvtap: left promiscuous mode
[  258.001920][T14304] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3660: bg 0: block 137: padding at end of block bitmap is not set
[  258.002193][T14311] loop1: detected capacity change from 0 to 128
[  258.016471][ T1728] veth1_vlan: left promiscuous mode
[  258.032988][ T1728] veth0_vlan: left promiscuous mode
[  258.079428][T14314] loop1: detected capacity change from 0 to 1024
[  258.093466][T14314] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.105403][T14318] FAULT_INJECTION: forcing a failure.
[  258.105403][T14318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.118607][T14318] CPU: 1 UID: 0 PID: 14318 Comm: syz.3.3663 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  258.118656][T14318] Tainted: [W]=WARN
[  258.118662][T14318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  258.118675][T14318] Call Trace:
[  258.118682][T14318]  <TASK>
[  258.118749][T14318]  __dump_stack+0x1d/0x30
[  258.118777][T14318]  dump_stack_lvl+0xe8/0x140
[  258.118843][T14318]  dump_stack+0x15/0x1b
[  258.118860][T14318]  should_fail_ex+0x265/0x280
[  258.118900][T14318]  should_fail+0xb/0x20
[  258.118941][T14318]  should_fail_usercopy+0x1a/0x20
[  258.118969][T14318]  _copy_from_user+0x1c/0xb0
[  258.119027][T14318]  memdup_user+0x5e/0xd0
[  258.119063][T14318]  sctp_getsockopt_connectx3+0x173/0x300
[  258.119099][T14318]  sctp_getsockopt+0x910/0xaa0
[  258.119173][T14318]  sock_common_getsockopt+0x5d/0x70
[  258.119211][T14318]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  258.119247][T14318]  do_sock_getsockopt+0x1fd/0x240
[  258.119321][T14318]  __x64_sys_getsockopt+0x11e/0x1a0
[  258.119387][T14318]  x64_sys_call+0x2bc6/0x2ff0
[  258.119418][T14318]  do_syscall_64+0xd2/0x200
[  258.119511][T14318]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  258.119537][T14318]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  258.119558][T14318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.119586][T14318] RIP: 0033:0x7f587711eb69
[  258.119607][T14318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.119693][T14318] RSP: 002b:00007f587577f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  258.119713][T14318] RAX: ffffffffffffffda RBX: 00007f5877345fa0 RCX: 00007f587711eb69
[  258.119802][T14318] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000006
[  258.119820][T14318] RBP: 00007f587577f090 R08: 0000200000000100 R09: 0000000000000000
[  258.119838][T14318] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  258.119855][T14318] R13: 0000000000000000 R14: 00007f5877345fa0 R15: 00007ffcd4a46588
[  258.119881][T14318]  </TASK>
[  258.143336][T14314] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3662'.
[  258.345095][ T1728] team0 (unregistering): Port device team_slave_1 removed
[  258.359613][T14321] netlink: 'syz.3.3665': attribute type 10 has an invalid length.
[  258.371264][T14326] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3664'.
[  258.372176][ T1728] team0 (unregistering): Port device team_slave_0 removed
[  258.420522][ T2955] infiniband syz1: ib_query_port failed (-19)
[  258.435339][T14321] team0: Device hsr_slave_0 failed to register rx_handler
[  258.497762][T14335] loop9: detected capacity change from 0 to 512
[  258.520759][T14335] EXT4-fs mount: 83 callbacks suppressed
[  258.520775][T14335] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.543757][T14244] chnl_net:caif_netlink_parms(): no params data found
[  258.557937][T14335] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.569467][T14342] loop0: detected capacity change from 0 to 2048
[  258.598381][T14244] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.605471][T14244] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.609549][T14342] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.612834][T14244] bridge_slave_0: entered allmulticast mode
[  258.632617][T14244] bridge_slave_0: entered promiscuous mode
[  258.639502][T14348] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  258.677556][T14244] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.684681][T14244] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.724652][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.736158][T14244] bridge_slave_1: entered allmulticast mode
[  258.755005][T14244] bridge_slave_1: entered promiscuous mode
[  258.765546][T14351] loop9: detected capacity change from 0 to 128
[  258.809588][T14244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  258.834133][T14244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  258.860182][T14244] team0: Port device team_slave_0 added
[  258.871460][T14244] team0: Port device team_slave_1 added
[  258.884488][T14353] loop9: detected capacity change from 0 to 512
[  258.903920][T14353] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.918154][T14355] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3674'.
[  258.931453][T14353] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.943316][T14244] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.950340][T14244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.976279][T14244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.987360][T13013] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.987891][T14244] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.003408][T14244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.029528][T14244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.083705][T14244] hsr_slave_0: entered promiscuous mode
[  259.089996][T14244] hsr_slave_1: entered promiscuous mode
[  259.097558][T14244] debugfs: 'hsr0' already exists in 'hsr'
[  259.103374][T14244] Cannot create hsr debugfs directory
[  259.114892][T12603] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.115161][T14362] loop1: detected capacity change from 0 to 512
[  259.156574][T14362] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.169459][T14362] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.268277][T14385] 9pnet_fd: Insufficient options for proto=fd
[  259.374465][T13013] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.439034][T14244] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  259.448687][T14244] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  259.462498][T14244] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  259.471913][T14244] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  259.493942][T14244] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.501079][T14244] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.508569][T14244] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.515697][T14244] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.515789][T14400] loop0: detected capacity change from 0 to 4096
[  259.535005][ T1728] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.543005][ T1728] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.548370][T14400] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.570115][T14400] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3686: bg 0: block 137: padding at end of block bitmap is not set
[  259.582266][T14244] 8021q: adding VLAN 0 to HW filter on device bond0
[  259.599525][T14244] 8021q: adding VLAN 0 to HW filter on device team0
[  259.607290][T12603] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.617554][ T9443] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.624631][ T9443] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.633672][ T9443] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.640804][ T9443] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.732667][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.743239][T14244] 8021q: adding VLAN 0 to HW filter on device batadv0
[  259.807756][T14428] loop9: detected capacity change from 0 to 512
[  259.830338][T14432] loop0: detected capacity change from 0 to 128
[  259.839150][T14428] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.852183][T14428] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.865310][T14432] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  259.889468][T14432] ext4 filesystem being mounted at /150/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  259.918514][T14244] veth0_vlan: entered promiscuous mode
[  259.931564][T14244] veth1_vlan: entered promiscuous mode
[  259.950993][T14244] veth0_macvtap: entered promiscuous mode
[  259.959031][T14244] veth1_macvtap: entered promiscuous mode
[  259.971235][T14244] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.988808][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.002204][T14244] batman_adv: batadv0: Interface activated: batadv_slave_1
[  260.031153][   T31] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.070683][   T31] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.086698][T14447] netlink: 36 bytes leftover after parsing attributes in process `syz.9.3696'.
[  260.095821][   T31] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.095846][   T29] kauditd_printk_skb: 439 callbacks suppressed
[  260.095863][   T29] audit: type=1400 audit(1754365391.360:22447): avc:  denied  { mounton } for  pid=14244 comm="syz-executor" path="/root/syzkaller.upkkcp/syz-tmp" dev="sda1" ino=2075 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  260.113275][   T31] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.135373][   T29] audit: type=1400 audit(1754365391.360:22448): avc:  denied  { mount } for  pid=14244 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  260.135412][   T29] audit: type=1400 audit(1754365391.360:22449): avc:  denied  { mounton } for  pid=14244 comm="syz-executor" path="/root/syzkaller.upkkcp/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  260.135458][   T29] audit: type=1400 audit(1754365391.360:22450): avc:  denied  { mounton } for  pid=14244 comm="syz-executor" path="/root/syzkaller.upkkcp/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=52318 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  260.161503][   T29] audit: type=1400 audit(1754365391.440:22451): avc:  denied  { mounton } for  pid=14244 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  260.203850][T14449] bond_slave_1: entered promiscuous mode
[  260.221311][   T29] audit: type=1400 audit(1754365391.440:22452): avc:  denied  { mount } for  pid=14244 comm="syz-executor" name="/" dev="gadgetfs" ino=3784 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  260.245087][T14447] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14447 comm=syz.9.3696
[  260.250171][   T29] audit: type=1400 audit(1754365391.480:22453): avc:  denied  { mounton } for  pid=14448 comm="syz.3.3698" path="/syzcgroup/net/syz3/cgroup.procs" dev="cgroup" ino=61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  260.292035][T14453] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3698'.
[  260.341932][   T29] audit: type=1326 audit(1754365391.620:22454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14454 comm="syz.6.3638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f558eb69 code=0x7ffc0000
[  260.365586][   T29] audit: type=1326 audit(1754365391.620:22455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14454 comm="syz.6.3638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f558eb69 code=0x7ffc0000
[  260.389376][   T29] audit: type=1326 audit(1754365391.620:22456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14454 comm="syz.6.3638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f46f558eb69 code=0x7ffc0000
[  260.414500][T14453] bond0: (slave bond_slave_1): Releasing backup interface
[  260.423609][T14453] bond_slave_1 (unregistering): left promiscuous mode
[  260.532708][T12603] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  260.612476][T14472] loop6: detected capacity change from 0 to 4096
[  260.629754][T14484] loop0: detected capacity change from 0 to 512
[  260.630977][T14472] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.656292][T14487] loop1: detected capacity change from 0 to 512
[  260.671928][T14487] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.687163][T14484] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.701708][T14487] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.712838][T14472] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3705: bg 0: block 137: padding at end of block bitmap is not set
[  260.714004][T14484] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.731540][T14501] loop9: detected capacity change from 0 to 512
[  260.775305][T14244] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.796003][T14501] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.807738][T14484] FAULT_INJECTION: forcing a failure.
[  260.807738][T14484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.821772][T14484] CPU: 1 UID: 0 PID: 14484 Comm: syz.0.3711 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  260.821818][T14484] Tainted: [W]=WARN
[  260.821828][T14484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  260.821845][T14484] Call Trace:
[  260.821852][T14484]  <TASK>
[  260.821921][T14484]  __dump_stack+0x1d/0x30
[  260.821953][T14484]  dump_stack_lvl+0xe8/0x140
[  260.822010][T14484]  dump_stack+0x15/0x1b
[  260.822030][T14484]  should_fail_ex+0x265/0x280
[  260.822065][T14484]  should_fail+0xb/0x20
[  260.822099][T14484]  should_fail_usercopy+0x1a/0x20
[  260.822198][T14484]  _copy_from_user+0x1c/0xb0
[  260.822226][T14484]  ext4_ioctl+0x5ac/0x2080
[  260.822253][T14484]  ? file_ioctl+0x146/0x530
[  260.822272][T14484]  ? ioctl_has_perm+0x257/0x2a0
[  260.822295][T14484]  ? do_vfs_ioctl+0x7ca/0xe10
[  260.822370][T14484]  ? selinux_file_ioctl+0x308/0x3a0
[  260.822407][T14484]  ? __fget_files+0x184/0x1c0
[  260.822435][T14484]  ? __pfx_ext4_ioctl+0x10/0x10
[  260.822499][T14484]  __se_sys_ioctl+0xce/0x140
[  260.822536][T14484]  __x64_sys_ioctl+0x43/0x50
[  260.822571][T14484]  x64_sys_call+0x1816/0x2ff0
[  260.822594][T14484]  do_syscall_64+0xd2/0x200
[  260.822728][T14484]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  260.822755][T14484]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  260.822777][T14484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.822832][T14484] RIP: 0033:0x7f84be14eb69
[  260.822961][T14484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.822992][T14484] RSP: 002b:00007f84bc7b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  260.823012][T14484] RAX: ffffffffffffffda RBX: 00007f84be375fa0 RCX: 00007f84be14eb69
[  260.823025][T14484] RDX: 0000200000000040 RSI: 00000000c028660f RDI: 0000000000000009
[  260.823083][T14484] RBP: 00007f84bc7b7090 R08: 0000000000000000 R09: 0000000000000000
[  260.823098][T14484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.823152][T14484] R13: 0000000000000000 R14: 00007f84be375fa0 R15: 00007ffd57bf6228
[  260.823172][T14484]  </TASK>
[  261.043567][T14501] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.045364][T13013] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.066489][T12603] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.122650][T14512] loop1: detected capacity change from 0 to 512
[  261.136731][T14514] loop0: detected capacity change from 0 to 4096
[  261.146342][T14514] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.167297][T14512] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.170000][T14514] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3720: bg 0: block 137: padding at end of block bitmap is not set
[  261.184167][T14512] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.225156][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.292475][T12603] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.346135][T14538] loop6: detected capacity change from 0 to 128
[  261.363709][T14538] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  261.373197][T14541] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3728'.
[  261.386294][T14538] ext4 filesystem being mounted at /8/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  261.479866][T13013] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.657278][T14244] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  261.962070][T14555] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  261.973787][T14555] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3734'.
[  262.030343][T14563] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  262.102570][T14567] loop0: detected capacity change from 0 to 4096
[  262.121167][T14567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.170212][T14567] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3737: bg 0: block 137: padding at end of block bitmap is not set
[  262.209965][T14579] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3742'.
[  262.238986][T14577] loop1: detected capacity change from 0 to 512
[  262.259747][T12603] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.266595][T14577] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.304110][T14583] loop9: detected capacity change from 0 to 128
[  262.320357][T14577] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.354335][T14583] bio_check_eod: 17949 callbacks suppressed
[  262.354355][T14583] syz.9.3744: attempt to access beyond end of device
[  262.354355][T14583] loop9: rw=2049, sector=145, nr_sectors = 16 limit=128
[  262.383163][T14583] syz.9.3744: attempt to access beyond end of device
[  262.383163][T14583] loop9: rw=2049, sector=169, nr_sectors = 16 limit=128
[  262.398635][T14583] syz.9.3744: attempt to access beyond end of device
[  262.398635][T14583] loop9: rw=2049, sector=193, nr_sectors = 8 limit=128
[  262.398774][T14583] syz.9.3744: attempt to access beyond end of device
[  262.398774][T14583] loop9: rw=2049, sector=209, nr_sectors = 8 limit=128
[  262.398820][T14583] syz.9.3744: attempt to access beyond end of device
[  262.398820][T14583] loop9: rw=2049, sector=225, nr_sectors = 8 limit=128
[  262.398864][T14583] syz.9.3744: attempt to access beyond end of device
[  262.398864][T14583] loop9: rw=2049, sector=241, nr_sectors = 8 limit=128
[  262.398911][T14583] syz.9.3744: attempt to access beyond end of device
[  262.398911][T14583] loop9: rw=2049, sector=257, nr_sectors = 8 limit=128
[  262.399021][T14583] syz.9.3744: attempt to access beyond end of device
[  262.399021][T14583] loop9: rw=2049, sector=273, nr_sectors = 8 limit=128
[  262.399117][T14583] syz.9.3744: attempt to access beyond end of device
[  262.399117][T14583] loop9: rw=2049, sector=289, nr_sectors = 9 limit=128
[  262.572763][T13013] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.631510][T14604] loop3: detected capacity change from 0 to 4096
[  262.655894][T14604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.685578][T14604] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3753: bg 0: block 137: padding at end of block bitmap is not set
[  262.688035][T14615] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  262.784594][T13212] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.857685][T14625] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  262.860790][T14626] loop3: detected capacity change from 0 to 128
[  262.939654][T14626] syz.3.3758: attempt to access beyond end of device
[  262.939654][T14626] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[  262.962864][T14624] C: renamed from team_slave_0 (while UP)
[  262.971739][T14624] netlink: 'syz.6.3759': attribute type 1 has an invalid length.
[  262.979567][T14624] netlink: 152 bytes leftover after parsing attributes in process `syz.6.3759'.
[  262.988656][T14624] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  263.056267][T14627] infiniband syz2: set down
[  263.060893][T14627] infiniband syz2: added syzkaller0
[  263.079005][T14627] RDS/IB: syz2: added
[  263.083114][T14627] smc: adding ib device syz2 with port count 1
[  263.092310][T14627] smc:    ib device syz2 port 1 has pnetid 
[  263.153878][T14633] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  263.431291][T14647] loop0: detected capacity change from 0 to 4096
[  263.443648][T14647] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.476941][T14647] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3768: bg 0: block 137: padding at end of block bitmap is not set
[  263.534701][T12603] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.572467][T14654] loop1: detected capacity change from 0 to 512
[  263.620983][T14654] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.660177][T14662] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  263.712078][T14654] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.768731][   T31] smc: removing ib device syz2
[  263.800169][T14668] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  263.927687][T13013] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.976838][T14677] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  264.015080][T14679] loop3: detected capacity change from 0 to 1024
[  264.038604][T14679] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  264.064018][T14679] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  264.074998][T14679] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  264.107490][T14679] JBD2: no valid journal superblock found
[  264.113354][T14679] EXT4-fs (loop3): Could not load journal inode
[  264.180998][T14689] netlink: 'syz.3.3784': attribute type 6 has an invalid length.
[  264.366328][T14710] loop3: detected capacity change from 0 to 512
[  264.414430][T14710] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.431884][T14717] loop6: detected capacity change from 0 to 2048
[  264.440038][T14698] FAULT_INJECTION: forcing a failure.
[  264.440038][T14698] name failslab, interval 1, probability 0, space 0, times 0
[  264.440282][T14710] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.452699][T14698] CPU: 0 UID: 0 PID: 14698 Comm: syz.1.3788 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  264.452778][T14698] Tainted: [W]=WARN
[  264.452788][T14698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  264.452807][T14698] Call Trace:
[  264.452819][T14698]  <TASK>
[  264.452830][T14698]  __dump_stack+0x1d/0x30
[  264.452863][T14698]  dump_stack_lvl+0xe8/0x140
[  264.452893][T14698]  dump_stack+0x15/0x1b
[  264.452918][T14698]  should_fail_ex+0x265/0x280
[  264.453005][T14698]  should_failslab+0x8c/0xb0
[  264.453042][T14698]  kmem_cache_alloc_noprof+0x50/0x310
[  264.453084][T14698]  ? __kernfs_new_node+0x6d/0x350
[  264.453161][T14698]  __kernfs_new_node+0x6d/0x350
[  264.453198][T14698]  ? __rcu_read_unlock+0x4f/0x70
[  264.453227][T14698]  ? __rcu_read_unlock+0x4f/0x70
[  264.453258][T14698]  ? __rcu_read_unlock+0x4f/0x70
[  264.453288][T14698]  ? kernfs_next_descendant_post+0xd3/0x110
[  264.453396][T14698]  kernfs_new_node+0xd0/0x140
[  264.453428][T14698]  kernfs_create_link+0x70/0x130
[  264.453510][T14698]  sysfs_do_create_link_sd+0x6a/0x100
[  264.453543][T14698]  sysfs_create_link+0x51/0x70
[  264.453630][T14698]  driver_sysfs_add+0x98/0x160
[  264.453660][T14698]  really_probe+0xf6/0x5c0
[  264.453692][T14698]  ? __driver_probe_device+0x116/0x190
[  264.453726][T14698]  __driver_probe_device+0x121/0x190
[  264.453780][T14698]  driver_probe_device+0x37/0x2f0
[  264.453816][T14698]  __device_attach_driver+0x205/0x310
[  264.453848][T14698]  ? __pfx___device_attach_driver+0x10/0x10
[  264.453922][T14698]  bus_for_each_drv+0x1bd/0x230
[  264.453968][T14698]  __device_attach+0x1c7/0x290
[  264.453999][T14698]  device_attach+0x17/0x20
[  264.454047][T14698]  proc_ioctl+0x2f7/0x400
[  264.454123][T14698]  proc_ioctl_default+0x71/0xa0
[  264.454161][T14698]  usbdev_ioctl+0xe97/0x1710
[  264.454195][T14698]  ? __pfx_usbdev_ioctl+0x10/0x10
[  264.454230][T14698]  __se_sys_ioctl+0xce/0x140
[  264.454343][T14698]  __x64_sys_ioctl+0x43/0x50
[  264.454467][T14698]  x64_sys_call+0x1816/0x2ff0
[  264.454499][T14698]  do_syscall_64+0xd2/0x200
[  264.454533][T14698]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  264.454568][T14698]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  264.454600][T14698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.454658][T14698] RIP: 0033:0x7f5a4ccaeb69
[  264.454679][T14698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.454706][T14698] RSP: 002b:00007f5a4b317038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  264.454733][T14698] RAX: ffffffffffffffda RBX: 00007f5a4ced5fa0 RCX: 00007f5a4ccaeb69
[  264.454753][T14698] RDX: 0000200000000040 RSI: 00000000c0105512 RDI: 0000000000000006
[  264.454811][T14698] RBP: 00007f5a4b317090 R08: 0000000000000000 R09: 0000000000000000
[  264.454880][T14698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.454950][T14698] R13: 0000000000000000 R14: 00007f5a4ced5fa0 R15: 00007ffdd53e4408
[  264.454978][T14698]  </TASK>
[  264.455604][T14698] hub 6-0:1.0: really_probe: driver_sysfs_add failed
[  264.549294][T14717] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.664683][T14732] loop9: detected capacity change from 0 to 512
[  264.788460][T13212] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.800673][T14732] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.831486][T14732] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.884194][T14743] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  264.906964][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.988420][T14752] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3808'.
[  265.005571][T14244] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.031991][T14756] loop0: detected capacity change from 0 to 1024
[  265.054028][T14756] EXT4-fs: Ignoring removed mblk_io_submit option
[  265.092132][T14756] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.126433][   T29] kauditd_printk_skb: 355 callbacks suppressed
[  265.126453][   T29] audit: type=1326 audit(1754365396.400:22810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14755 comm="syz.0.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.161883][   T29] audit: type=1326 audit(1754365396.410:22811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14755 comm="syz.0.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.186004][   T29] audit: type=1326 audit(1754365396.410:22812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14755 comm="syz.0.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.209850][   T29] audit: type=1326 audit(1754365396.410:22813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14755 comm="syz.0.3812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.239682][T14772] loop3: detected capacity change from 0 to 512
[  265.255126][   T29] audit: type=1400 audit(1754365396.530:22814): avc:  denied  { connect } for  pid=14773 comm="syz.6.3819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  265.286047][T12603] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.305591][T14772] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.319424][T14772] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.338395][T14781] FAULT_INJECTION: forcing a failure.
[  265.338395][T14781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.338429][T14781] CPU: 0 UID: 0 PID: 14781 Comm: syz.0.3821 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  265.338574][T14781] Tainted: [W]=WARN
[  265.338613][T14781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  265.338630][T14781] Call Trace:
[  265.338638][T14781]  <TASK>
[  265.338648][T14781]  __dump_stack+0x1d/0x30
[  265.338675][T14781]  dump_stack_lvl+0xe8/0x140
[  265.338696][T14781]  dump_stack+0x15/0x1b
[  265.338729][T14781]  should_fail_ex+0x265/0x280
[  265.338767][T14781]  should_fail+0xb/0x20
[  265.338797][T14781]  should_fail_usercopy+0x1a/0x20
[  265.338878][T14781]  strncpy_from_user+0x25/0x230
[  265.339044][T14781]  ? kmem_cache_alloc_noprof+0x186/0x310
[  265.339100][T14781]  ? getname_flags+0x80/0x3b0
[  265.339137][T14781]  getname_flags+0xae/0x3b0
[  265.339175][T14781]  user_path_at+0x28/0x130
[  265.339209][T14781]  __se_sys_pivot_root+0x111/0x710
[  265.339265][T14781]  __x64_sys_pivot_root+0x31/0x40
[  265.339437][T14781]  x64_sys_call+0x144/0x2ff0
[  265.339473][T14781]  do_syscall_64+0xd2/0x200
[  265.339506][T14781]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  265.339537][T14781]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  265.339578][T14781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.339600][T14781] RIP: 0033:0x7f84be14eb69
[  265.339678][T14781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.339700][T14781] RSP: 002b:00007f84bc7b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000009b
[  265.339730][T14781] RAX: ffffffffffffffda RBX: 00007f84be375fa0 RCX: 00007f84be14eb69
[  265.339747][T14781] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000007b00
[  265.339764][T14781] RBP: 00007f84bc7b7090 R08: 0000000000000000 R09: 0000000000000000
[  265.339780][T14781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.339797][T14781] R13: 0000000000000000 R14: 00007f84be375fa0 R15: 00007ffd57bf6228
[  265.339820][T14781]  </TASK>
[  265.371795][T14783] loop9: detected capacity change from 0 to 2048
[  265.375241][T13212] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.444271][T14783] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.558267][T14793] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  265.595098][T14786] loop6: detected capacity change from 0 to 4096
[  265.644425][   T29] audit: type=1326 audit(1754365396.910:22815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14784 comm="syz.0.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.668154][   T29] audit: type=1326 audit(1754365396.910:22816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14784 comm="syz.0.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.691784][   T29] audit: type=1326 audit(1754365396.910:22817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14784 comm="syz.0.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.715633][   T29] audit: type=1326 audit(1754365396.910:22818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14784 comm="syz.0.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.739361][   T29] audit: type=1326 audit(1754365396.910:22819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14784 comm="syz.0.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  265.804777][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.824709][T14805] FAULT_INJECTION: forcing a failure.
[  265.824709][T14805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.838109][T14805] CPU: 0 UID: 0 PID: 14805 Comm: syz.9.3828 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  265.838153][T14805] Tainted: [W]=WARN
[  265.838221][T14805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  265.838269][T14805] Call Trace:
[  265.838276][T14805]  <TASK>
[  265.838286][T14805]  __dump_stack+0x1d/0x30
[  265.838314][T14805]  dump_stack_lvl+0xe8/0x140
[  265.838340][T14805]  dump_stack+0x15/0x1b
[  265.838361][T14805]  should_fail_ex+0x265/0x280
[  265.838428][T14805]  should_fail+0xb/0x20
[  265.838495][T14805]  should_fail_usercopy+0x1a/0x20
[  265.838547][T14805]  strncpy_from_user+0x25/0x230
[  265.838583][T14805]  strncpy_from_bpfptr+0x43/0x50
[  265.838690][T14805]  bpf_prog_load+0x884/0x1070
[  265.838754][T14805]  ? security_bpf+0x2b/0x90
[  265.838785][T14805]  __sys_bpf+0x462/0x7b0
[  265.838874][T14805]  __x64_sys_bpf+0x41/0x50
[  265.838968][T14805]  x64_sys_call+0x2aea/0x2ff0
[  265.838990][T14805]  do_syscall_64+0xd2/0x200
[  265.839013][T14805]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  265.839073][T14805]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  265.839119][T14805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.839145][T14805] RIP: 0033:0x7f64a54deb69
[  265.839203][T14805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.839228][T14805] RSP: 002b:00007f64a3b47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  265.839314][T14805] RAX: ffffffffffffffda RBX: 00007f64a5705fa0 RCX: 00007f64a54deb69
[  265.839330][T14805] RDX: 000000000000002a RSI: 0000200000000240 RDI: 0000000000000005
[  265.839343][T14805] RBP: 00007f64a3b47090 R08: 0000000000000000 R09: 0000000000000000
[  265.839355][T14805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.839367][T14805] R13: 0000000000000001 R14: 00007f64a5705fa0 R15: 00007ffc0c9f0fd8
[  265.839387][T14805]  </TASK>
[  266.051486][T14807] loop1: detected capacity change from 0 to 1024
[  266.058642][T14807] EXT4-fs: Ignoring removed nomblk_io_submit option
[  266.065362][T14807] ext4: Unknown parameter 'mask'
[  266.099776][T14811] loop9: detected capacity change from 0 to 7
[  266.110602][T14811] buffer_io_error: 17886 callbacks suppressed
[  266.110642][T14811] Buffer I/O error on dev loop9, logical block 0, async page read
[  266.136199][T14811] Buffer I/O error on dev loop9, logical block 0, async page read
[  266.144109][T14811]  loop9: unable to read partition table
[  266.157417][T14811] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  266.157417][T14811] 
) failed (rc=-5)
[  266.176180][T14817] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3834'.
[  266.282833][T14826] loop9: detected capacity change from 0 to 2048
[  266.285610][T14828] loop0: detected capacity change from 0 to 512
[  266.308009][T14828] EXT4-fs: Ignoring removed bh option
[  266.315752][T14828] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  266.324934][T14828] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  266.334393][T14826] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.349858][T14830] loop6: detected capacity change from 0 to 4096
[  266.356921][T14828] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  266.366241][T14828] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  266.376869][T14828] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.393186][T14830] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.410393][T14830] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3840: bg 0: block 137: padding at end of block bitmap is not set
[  266.441245][T14244] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.477028][T12603] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.535078][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.592635][T14851] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3847'.
[  266.651110][T14855] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  266.710122][T14861] loop6: detected capacity change from 0 to 512
[  266.725727][T14861] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  266.735450][T14861] EXT4-fs (loop6): group descriptors corrupted!
[  266.754091][T14863] loop9: detected capacity change from 0 to 4096
[  266.765668][T14863] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.765747][T14861] random: crng reseeded on system resumption
[  266.782155][T14863] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.3852: bg 0: block 137: padding at end of block bitmap is not set
[  266.813713][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.890991][T14875] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3858'.
[  266.932222][T14880] loop9: detected capacity change from 0 to 128
[  266.973443][T14882] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3861'.
[  266.982514][T14882] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3861'.
[  267.058586][T14868] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3856'.
[  267.115117][T14888] loop9: detected capacity change from 0 to 4096
[  267.124333][T14888] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.140481][T14888] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.3864: bg 0: block 137: padding at end of block bitmap is not set
[  267.180973][T12650] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.261892][T14901] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  267.341863][T14908] loop9: detected capacity change from 0 to 2048
[  267.350670][T14909] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3870'.
[  267.370547][T14908] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.413943][T14911] loop3: detected capacity change from 0 to 4096
[  267.436010][T14911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.481087][T14911] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3872: bg 0: block 137: padding at end of block bitmap is not set
[  267.541606][T13212] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.586542][T14918] loop1: detected capacity change from 0 to 128
[  267.601854][T14920] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3874'.
[  267.610874][T14920] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3874'.
[  267.630945][T14918] ext4 filesystem being mounted at /118/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  267.759722][T14929] FAULT_INJECTION: forcing a failure.
[  267.759722][T14929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.772996][T14929] CPU: 1 UID: 0 PID: 14929 Comm: syz.9.3878 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  267.773042][T14929] Tainted: [W]=WARN
[  267.773051][T14929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  267.773068][T14929] Call Trace:
[  267.773077][T14929]  <TASK>
[  267.773086][T14929]  __dump_stack+0x1d/0x30
[  267.773108][T14929]  dump_stack_lvl+0xe8/0x140
[  267.773175][T14929]  dump_stack+0x15/0x1b
[  267.773197][T14929]  should_fail_ex+0x265/0x280
[  267.773241][T14929]  should_fail+0xb/0x20
[  267.773304][T14929]  should_fail_usercopy+0x1a/0x20
[  267.773324][T14929]  _copy_to_user+0x20/0xa0
[  267.773355][T14929]  simple_read_from_buffer+0xb5/0x130
[  267.773390][T14929]  proc_fail_nth_read+0x10e/0x150
[  267.773447][T14929]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  267.773481][T14929]  vfs_read+0x19d/0x6f0
[  267.773507][T14929]  ? __rcu_read_unlock+0x4f/0x70
[  267.773534][T14929]  ? __fget_files+0x184/0x1c0
[  267.773614][T14929]  ksys_read+0xda/0x1a0
[  267.773644][T14929]  __x64_sys_read+0x40/0x50
[  267.773673][T14929]  x64_sys_call+0x27bc/0x2ff0
[  267.773779][T14929]  do_syscall_64+0xd2/0x200
[  267.773806][T14929]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  267.773838][T14929]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  267.774001][T14929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.774037][T14929] RIP: 0033:0x7f64a54dd57c
[  267.774063][T14929] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  267.774092][T14929] RSP: 002b:00007f64a3b47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  267.774115][T14929] RAX: ffffffffffffffda RBX: 00007f64a5705fa0 RCX: 00007f64a54dd57c
[  267.774128][T14929] RDX: 000000000000000f RSI: 00007f64a3b470a0 RDI: 0000000000000006
[  267.774160][T14929] RBP: 00007f64a3b47090 R08: 0000000000000000 R09: 0000000000000000
[  267.774208][T14929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  267.774224][T14929] R13: 0000000000000000 R14: 00007f64a5705fa0 R15: 00007ffc0c9f0fd8
[  267.774243][T14929]  </TASK>
[  267.784299][T14937] FAULT_INJECTION: forcing a failure.
[  267.784299][T14937] name failslab, interval 1, probability 0, space 0, times 0
[  267.793083][T14938] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  267.795431][T14937] CPU: 0 UID: 0 PID: 14937 Comm: syz.1.3883 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  267.795549][T14937] Tainted: [W]=WARN
[  267.795561][T14937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  267.795579][T14937] Call Trace:
[  267.795587][T14937]  <TASK>
[  267.795597][T14937]  __dump_stack+0x1d/0x30
[  267.795701][T14937]  dump_stack_lvl+0xe8/0x140
[  267.795730][T14937]  dump_stack+0x15/0x1b
[  267.795754][T14937]  should_fail_ex+0x265/0x280
[  267.795803][T14937]  ? nf_tables_newtable+0x375/0xea0
[  267.795873][T14937]  should_failslab+0x8c/0xb0
[  267.795933][T14937]  __kmalloc_cache_noprof+0x4c/0x320
[  267.796067][T14937]  ? __nla_validate_parse+0x1652/0x1d00
[  267.796099][T14937]  nf_tables_newtable+0x375/0xea0
[  267.796165][T14937]  nfnetlink_rcv+0xb99/0x1690
[  267.796245][T14937]  netlink_unicast+0x5c0/0x690
[  267.796353][T14937]  netlink_sendmsg+0x58b/0x6b0
[  267.796402][T14937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  267.796478][T14937]  __sock_sendmsg+0x145/0x180
[  267.796513][T14937]  ____sys_sendmsg+0x31e/0x4e0
[  267.796565][T14937]  ___sys_sendmsg+0x17b/0x1d0
[  267.796677][T14937]  __x64_sys_sendmsg+0xd4/0x160
[  267.796787][T14937]  x64_sys_call+0x191e/0x2ff0
[  267.796818][T14937]  do_syscall_64+0xd2/0x200
[  267.796913][T14937]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  267.796949][T14937]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  267.796982][T14937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.797013][T14937] RIP: 0033:0x7f5a4ccaeb69
[  267.797034][T14937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.797111][T14937] RSP: 002b:00007f5a4b317038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  267.797139][T14937] RAX: ffffffffffffffda RBX: 00007f5a4ced5fa0 RCX: 00007f5a4ccaeb69
[  267.797158][T14937] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  267.797241][T14937] RBP: 00007f5a4b317090 R08: 0000000000000000 R09: 0000000000000000
[  267.797260][T14937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.797285][T14937] R13: 0000000000000000 R14: 00007f5a4ced5fa0 R15: 00007ffdd53e4408
[  267.797357][T14937]  </TASK>
[  268.324508][T14957] loop6: detected capacity change from 0 to 2048
[  268.425576][T14969] loop9: detected capacity change from 0 to 512
[  268.456641][T14969] EXT4-fs (loop9): inodes count not valid: 16 vs 32
[  268.632277][T14981] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  268.675712][T14980] loop9: detected capacity change from 0 to 8192
[  268.785768][T14993] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  268.798404][T14991] loop0: detected capacity change from 0 to 164
[  268.860481][T14998] loop1: detected capacity change from 0 to 164
[  268.944486][T15011] loop0: detected capacity change from 0 to 2048
[  269.053253][T15020] loop9: detected capacity change from 0 to 2048
[  269.173013][T15035] syzkaller0: entered promiscuous mode
[  269.179382][T15035] syzkaller0: entered allmulticast mode
[  269.193499][T15035] batman_adv: batadv0: Adding interface: dummy0
[  269.199821][T15035] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.235914][T15035] batman_adv: batadv0: Interface activated: dummy0
[  269.247437][T15035] batadv0: mtu less than device minimum
[  269.253465][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.264425][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.275233][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.286132][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.296968][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.307762][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.318600][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.329306][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.340139][T15035] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  269.366276][T15041] loop0: detected capacity change from 0 to 512
[  269.388395][T15041] EXT4-fs (loop0): too many log groups per flexible block group
[  269.396190][T15041] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  269.403081][T15041] EXT4-fs (loop0): mount failed
[  269.442264][T15058] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  269.499488][T15060] loop3: detected capacity change from 0 to 2048
[  269.529896][T15064] loop9: detected capacity change from 0 to 2048
[  269.609122][T15072] loop3: detected capacity change from 0 to 2048
[  269.619621][T15074] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  269.626219][T15074] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  269.633736][T15074] vhci_hcd vhci_hcd.0: Device attached
[  269.659263][T15075] vhci_hcd: cannot find a urb of seqnum 7510 max seqnum 0
[  269.671326][ T1728] vhci_hcd: stop threads
[  269.675665][ T1728] vhci_hcd: release socket
[  269.680230][ T1728] vhci_hcd: disconnect device
[  269.849612][T15088] veth1_to_bridge: entered promiscuous mode
[  269.857418][T15088] veth1_to_bridge: left promiscuous mode
[  269.987096][T15100] loop1: detected capacity change from 0 to 2048
[  270.015631][T15106] __nla_validate_parse: 7 callbacks suppressed
[  270.015777][T15106] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3950'.
[  270.057767][T15109] loop6: detected capacity change from 0 to 2048
[  270.088708][T15116] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3953'.
[  270.097698][T15116] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3953'.
[  270.207683][T15120] loop0: detected capacity change from 0 to 4096
[  270.219063][T15120] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3955: bg 0: block 137: padding at end of block bitmap is not set
[  270.326285][T15133] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3960'.
[  270.421376][   T29] kauditd_printk_skb: 754 callbacks suppressed
[  270.421394][   T29] audit: type=1326 audit(1754365401.700:23574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.460692][   T29] audit: type=1326 audit(1754365401.730:23575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.484472][   T29] audit: type=1326 audit(1754365401.730:23576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.508136][   T29] audit: type=1326 audit(1754365401.730:23577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.531829][   T29] audit: type=1326 audit(1754365401.730:23578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.548405][T15140] netlink: 'syz.6.3963': attribute type 3 has an invalid length.
[  270.555446][   T29] audit: type=1326 audit(1754365401.730:23579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.586868][   T29] audit: type=1326 audit(1754365401.730:23580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.610391][   T29] audit: type=1326 audit(1754365401.730:23581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.634043][   T29] audit: type=1326 audit(1754365401.730:23582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.657663][   T29] audit: type=1326 audit(1754365401.730:23583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15134 comm="syz.0.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f84be14eb69 code=0x7ffc0000
[  270.720525][T15146] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3965'.
[  270.729696][T15146] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3965'.
[  270.729905][T15148] loop9: detected capacity change from 0 to 2048
[  270.763269][T15148] EXT4-fs error (device loop9): ext4_find_extent:939: inode #2: comm syz.9.3964: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  270.780364][T15148] EXT4-fs error (device loop9): ext4_find_extent:939: inode #2: comm syz.9.3964: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  270.858930][T15165] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3971'.
[  270.954483][T15177] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  271.081449][T15189] netlink: 165 bytes leftover after parsing attributes in process `syz.1.3981'.
[  271.129446][T15191] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3982'.
[  271.247274][T15195] loop1: detected capacity change from 0 to 1024
[  271.259473][T15195] EXT4-fs: Ignoring removed orlov option
[  271.310348][T15201] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3986'.
[  271.358419][T15204] loop6: detected capacity change from 0 to 512
[  271.385591][T15204] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.392219][T15207] loop0: detected capacity change from 0 to 512
[  271.408296][T15207] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  271.434569][T15207] EXT4-fs (loop0): 1 truncate cleaned up
[  271.485514][T15216] tipc: Started in network mode
[  271.490565][T15216] tipc: Node identity type_len, cluster identity 4711
[  271.497432][T15216] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  271.515914][T15215] loop9: detected capacity change from 0 to 2048
[  271.522824][T15215] EXT4-fs: Ignoring removed orlov option
[  271.528677][T15215] EXT4-fs: Ignoring removed i_version option
[  271.535681][T15216] FAULT_INJECTION: forcing a failure.
[  271.535681][T15216] name failslab, interval 1, probability 0, space 0, times 0
[  271.548477][T15216] CPU: 0 UID: 0 PID: 15216 Comm: syz.3.3989 Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  271.548563][T15216] Tainted: [W]=WARN
[  271.548636][T15216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  271.548655][T15216] Call Trace:
[  271.548664][T15216]  <TASK>
[  271.548675][T15216]  __dump_stack+0x1d/0x30
[  271.548703][T15216]  dump_stack_lvl+0xe8/0x140
[  271.548728][T15216]  dump_stack+0x15/0x1b
[  271.548746][T15216]  should_fail_ex+0x265/0x280
[  271.548788][T15216]  should_failslab+0x8c/0xb0
[  271.548900][T15216]  kmem_cache_alloc_node_noprof+0x57/0x320
[  271.548959][T15216]  ? __alloc_skb+0x101/0x320
[  271.549004][T15216]  __alloc_skb+0x101/0x320
[  271.549042][T15216]  netlink_ack+0xfd/0x500
[  271.549137][T15216]  ? __pfx_tipc_nl_bearer_enable+0x10/0x10
[  271.549186][T15216]  netlink_rcv_skb+0x192/0x220
[  271.549225][T15216]  ? __pfx_genl_rcv_msg+0x10/0x10
[  271.549325][T15216]  genl_rcv+0x28/0x40
[  271.549347][T15216]  netlink_unicast+0x5c0/0x690
[  271.549378][T15216]  netlink_sendmsg+0x58b/0x6b0
[  271.549445][T15216]  ? __pfx_netlink_sendmsg+0x10/0x10
[  271.549489][T15216]  __sock_sendmsg+0x145/0x180
[  271.549521][T15216]  ____sys_sendmsg+0x31e/0x4e0
[  271.549601][T15216]  ___sys_sendmsg+0x17b/0x1d0
[  271.549714][T15216]  __x64_sys_sendmsg+0xd4/0x160
[  271.549765][T15216]  x64_sys_call+0x191e/0x2ff0
[  271.549795][T15216]  do_syscall_64+0xd2/0x200
[  271.549859][T15216]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  271.549892][T15216]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  271.549921][T15216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.549998][T15216] RIP: 0033:0x7f587711eb69
[  271.550019][T15216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.550043][T15216] RSP: 002b:00007f587577f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  271.550236][T15216] RAX: ffffffffffffffda RBX: 00007f5877345fa0 RCX: 00007f587711eb69
[  271.550252][T15216] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  271.550267][T15216] RBP: 00007f587577f090 R08: 0000000000000000 R09: 0000000000000000
[  271.550279][T15216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.550291][T15216] R13: 0000000000000000 R14: 00007f5877345fa0 R15: 00007ffcd4a46588
[  271.550333][T15216]  </TASK>
[  271.814689][T15215] EXT4-fs error (device loop9): ext4_free_inode:354: comm syz.9.3990: bit already cleared for inode 15
[  271.869004][T12650] ==================================================================
[  271.874671][T15227] loop3: detected capacity change from 0 to 512
[  271.877136][T12650] BUG: KCSAN: data-race in find_get_block_common / has_bh_in_lru
[  271.891166][T12650] 
[  271.893512][T12650] read-write to 0xffff888237d26f50 of 8 bytes by task 15226 on cpu 1:
[  271.901760][T12650]  find_get_block_common+0x4f0/0x960
[  271.907081][T12650]  bdev_getblk+0x83/0x3b0
[  271.911514][T12650]  __ext4_get_inode_loc+0x303/0x930
[  271.916740][T12650]  ext4_reserve_inode_write+0xd7/0x250
[  271.922217][T12650]  __ext4_mark_inode_dirty+0x8c/0x3f0
[  271.927607][T12650]  ext4_dirty_inode+0x92/0xc0
[  271.932289][T12650]  __mark_inode_dirty+0x15f/0x760
[  271.937364][T12650]  touch_atime+0x229/0x340
[  271.941799][T12650]  ext4_file_mmap_prepare+0x13a/0x1a0
[  271.947199][T12650]  mmap_region+0x8de/0x1630
[  271.951711][T12650]  do_mmap+0x9b3/0xbe0
[  271.955802][T12650]  vm_mmap_pgoff+0x17a/0x2e0
[  271.960421][T12650]  ksys_mmap_pgoff+0x268/0x310
[  271.965331][T12650]  x64_sys_call+0x14a3/0x2ff0
[  271.970024][T12650]  do_syscall_64+0xd2/0x200
[  271.974632][T12650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.980542][T12650] 
[  271.982879][T12650] read to 0xffff888237d26f50 of 8 bytes by task 12650 on cpu 0:
[  271.990518][T12650]  has_bh_in_lru+0x35/0x1f0
[  271.995050][T12650]  smp_call_function_many_cond+0x2a6/0xc60
[  272.000864][T12650]  on_each_cpu_cond_mask+0x3c/0x80
[  272.005999][T12650]  invalidate_bh_lrus+0x2a/0x30
[  272.010868][T12650]  blkdev_flush_mapping+0x9a/0x1a0
[  272.015996][T12650]  bdev_release+0x2bf/0x3d0
[  272.020776][T12650]  blkdev_release+0x15/0x20
[  272.025304][T12650]  __fput+0x29b/0x650
[  272.029304][T12650]  ____fput+0x1c/0x30
[  272.033309][T12650]  task_work_run+0x131/0x1a0
[  272.037917][T12650]  exit_to_user_mode_loop+0xe4/0x100
[  272.043215][T12650]  do_syscall_64+0x1d6/0x200
[  272.047826][T12650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.053728][T12650] 
[  272.056140][T12650] value changed: 0x0000000000000000 -> 0xffff88810543bc30
[  272.063246][T12650] 
[  272.065583][T12650] Reported by Kernel Concurrency Sanitizer on:
[  272.071824][T12650] CPU: 0 UID: 0 PID: 12650 Comm: syz-executor Tainted: G        W           6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(voluntary) 
[  272.085812][T12650] Tainted: [W]=WARN
[  272.089619][T12650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  272.099680][T12650] ==================================================================
[  272.141072][T15227] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff)