last executing test programs:

3.712741203s ago: executing program 2 (id=1299):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000732c355fd36f1bf8366c95327c52c9eb2619cc2bbef3b9190c"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth1_to_bridge\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r3, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
sendmsg$nl_route_sched(r1, 0x0, 0x0)

3.609681134s ago: executing program 2 (id=1300):
open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mount$9p_fd(0x2010, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[])

3.351758596s ago: executing program 2 (id=1305):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f00000002c0)=0x9)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x800}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team_slave_1\x00'})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)

3.269900906s ago: executing program 2 (id=1307):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127b, &(0x7f00000011c0)="$eJzs3c1rI2UcB/Bf2vR17Yu6ru6C+KAXRYjbHjx5KbILYkGpdkEFYdamGpompQmFiNh68iT4Z4h69CaI/0AvXjwLgkgvHvcgjqTJrk2Tdt3tm8jnc5mHZ57v88x0mIEp8yN7r3y5vrbaKK1mzRgqFKK4MRLFOylSDMVwdOzEC7d+/uXpt9559/WFxcUbSyndXHh77uWU0vQzP7z3ybfP/ti8dOu76e/HYnf2/b0/5n/dvbJ7de+vb6LSSJVGqtWbKUu36/VmdrtaTiuVxloppTer5axRTpVao7zZs3+1Wt/YaKWstjI1ubFZbjRSVmultXIrNQupudlK2YdZpZZKpVKamgxOYvnrO3meR+T5SIxGnuf5REzGpXgkpmI6ZmI2Ho3H4vG4HE/ElXgyhiL2R130cQMAAAAAAAAAAAAAAAAAAMD/y33q/wu99f9PxVX1/wAAAAAAAAAAAAAAAAAAAHDqDtf/FyPu1f8XihHq/wEAAAAAAAAAAAAAAAAAAODs3ef3/w/V/7+o/h8AAAAAAAAAAAAAAAAAAADOwnhns5TSeMT651vLW8udbad/YTUqUY1yXI+Z+DP2q/87Ou2bry3euJ72zcZL69vd/PbW8nBvfm5kJmYLA/NznXzqzY/F5MH8fMzE5cHrzw/Mj8fzz7Xzn3XypZiJnz6IelRjJaLQPfv9/KdzKb36xuJEb/5ae9yRhs/4sgAAAMBpKqV7+t/fd7qDBu7v7Oq+n6fuyMIx/x849H5ejGvFizpr7mq0Pl7LqtXy5kM2Ro+eZ/RkM/c1ChGRxcGe6cnfltqLn9oSD9sYPtdFR44fc4JrGsX/wB9zYGPogVK/f3WgZzzO+VC7t0RWbT8//10qdvL8pKsPHbfWwJtx7LgJj35mtG/E7XN4NnH2/rnoF30kAAAAAAAAAAAAPIiBX/9NRETf94Af9fXc/Ty8N94/89Grf3EOZwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzNDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+CgAA////TtAs")
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xb8, 0x24, 0xf0b, 0x4, 0x1000000, {0x0, 0x0, 0x12, r2, {0x0, 0x300}, {0xffff, 0xffff}, {0x0, 0x4}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x3a, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x2], 0x0, [0x8, 0x4, 0x0, 0x0, 0x1000], [0x0, 0x0, 0x0, 0x0, 0xd645, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffff]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x24, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x3f0000}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x4}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xbff3}]}]}]}}]}, 0xb8}, 0x1, 0x7a00}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000040), 0x208e24b)
ioperm(0x1, 0x5a, 0x1000)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r6, 0x0, 0x80000000, 0x0)

3.229586457s ago: executing program 4 (id=1308):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
tgkill(0x0, 0x0, 0x2c)

3.116256758s ago: executing program 4 (id=1311):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000732c355fd36f1bf8366c95327c52c9eb2619cc2bbef3b9190c"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth1_to_bridge\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r3, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
sendmsg$nl_route_sched(r1, 0x0, 0x0)

3.111212328s ago: executing program 4 (id=1312):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c0005800500190003"], 0x4c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1200000004000000040000000400000004000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000366ad1f40000000000000000"], 0x50)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001240)=ANY=[@ANYBLOB="4c00000010000d0000000000000000bc1393fb90dcd92627b7890000000000", @ANYRES32, @ANYBLOB="00300000c04800002c001280110001006272696467655f736c6176650000000014000580050019000100000005001e0001000000"], 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x7, 0x0, 0x0, 0x0, 0x40008, 0x590, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x4c58, 0x1, 0x0, 0x0, 0x8, 0x4ac, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
io_uring_setup(0x7f34, &(0x7f00000003c0)={0x0, 0xa912, 0x30c9d, 0x0, 0xfe})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x10001, 0x5, 0x4, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r6 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x5, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x10}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8000000}, {}, {}, {}, {}, {0xfffffff7, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, {}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {}, {}, {0x8}, {}, {}, {}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x80, 0xfffffffd}, {}, {}, {0x0, 0x0, 0x8, 0x40}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0x0, 0x200}, {0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x4000000}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x20000000}, {0x0, 0x2000000, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, {}, {}, {}, {0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x2, 0x0, 0x20000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2004}, {}, {0x10000000, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000}], [{}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {0x1}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = syz_io_uring_setup(0x27f3, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=<r8=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000003c0)={0x0, 0xffffffff, 0x2}, &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r9, r8, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r7, 0x184c, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
personality(0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x3, [@func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x0, 0x2}, {0xd, 0x4}, {0x0, 0x1}, {0x1, 0x3}, {0x6, 0x2}]}]}, {0x0, [0x2e]}}, &(0x7f0000000300)=""/74, 0x4f, 0x4a, 0x1, 0x2, 0x0, @void, @value}, 0x28)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r2, 0x0)

2.650227581s ago: executing program 2 (id=1314):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

2.606716161s ago: executing program 4 (id=1315):
r0 = socket(0x1, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000600), &(0x7f0000001380)=@udp=r0}, 0x20)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
recvmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001240)=""/113, 0x71}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x8000}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
dup2(r4, r6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r6, @ANYBLOB="0000000000000000b708000000000000"], 0x0, 0x6577, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a08403, &(0x7f0000000280)={[], [{@subj_role={'subj_role', 0x3d, '/dev/sg#\x00'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@seclabel}]}, 0x2, 0x5c9, &(0x7f0000001000)="$eJzs3c1vVFUbAPDnTqfTlr6vrcSouDCNhkCitLSAqR8L2BOCHxvjxkoLQYaP0BotmlgS3JgYNy5IXLkQ/wR3SnTrysSFCzeuDAkaw0ZjcMyduTMMZaadlk5v6fx+yfSec8+9PedCn54z957TCaBnjaVfChG7IuJCEjHSVFaMrHCsdtytPz84kb6SqFRe/SOJJNtXPz7JtsPZybdHIn78LomdfffWO7946cxMuTx3MctPLJy9MDG/eGnf6bMzp+ZOzZ2bem5q+nbl0PTk/vu6vkJT+uiVt98d+fjYG19+/k8y+dUvx5I4HL+frJU1X8dGGYux+KtS+XD5/vTfdXqjK8tJX+Pn5I5k+Q62rGIWI6WIeCxGoq/pf3MkPno518YBXVVJIipAj0rEP/So+jig/t6+s/fBhS6PSoDNcPNI+rW/RfwXa/cGYzT6I2L3svNa3NJbl7SOH74/diV9RZfuwwGtLV0eyFLL4z+pxuZoDFZzO24V7rrPm44AjmfbdP8r66x/bFle/MPmWbocEY+3Gv+vHv9vNsX/W+usX/wDAAAAAADAxrl+JCKebfX8r5A9mxuMp6rP/5La87+f7qwQPLwB9a/+/K9wYwOqAVq4eSTipZbzfxtzfEf7stz/a7MBk5Ony3P7I+KhiNgb/QNpfnKFOvZ9svNqu7Lm+X/pK62/Phcwa8eN4sDd58zOLMzczzUDNTcvRzxRbD//J+3/k+b+P5P+PrjQYR07d1873q5s9fgHuqXyRcSelv1/0jgmaff3OQ4dPDQ9uX+iOh6YqI8K7vXk+59+065+8Q/5Sfv/HSvH/2jS/Pd65tf2/UsRcWCxWGlXvt7xfyl5ra/+/VPvzSwsXJyMKCVH790/tbY2w3ZVj4d6vKTxv/fple//Ncb/TXE4FBFLHdb56L/Dv7YrWyH+++/vSoHVpPE/u6b+f+2JqWuj37arv7P+/2C1T9+b7XH/D1bWaYDm3U4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBAVIuJ/kRTGG+lCYXw8YjgiHokdhfL5+YVnTp5/59xsWlb9/P9C/ZN+R2r5pP75/6NN+all+QMR8XBEfNY3VM2Pnzhfns374gEAAAAAAAAAAAAAAAAAAGCLGG6z/j/1W1+7swY2sYVAVxWzbdt4B7atYt4NAHIj/qF3iX/oXeIfepf4h961zvj3uAC2Af0/9Kr+zg4brG2+rnS1McAm0/8DAAAAAMC2cv3F568mEbH0wlD1lSplZY0Hg0N5tQ7opkLeDQByYw4v9C5Tf6B3dTj5F9jGkkbq75YT/Ac7OBMAAAAAAAAAAAAA6K49u67/vOr6f2Bbsv4fepf1/9C7rP+H3uU9PrDaKn7r/wEAAAAAAAAAAAAgf/OLl87MlMtzFx+0xOulLdEMiS4m+iNiCzQjh0Qp//DM+RcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ8F8AAAD//+L5J9k=")
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x2010, 0xffffffffffffffff, 0x2000)
r7 = io_uring_setup(0x51d2, &(0x7f0000000400)={0x0, 0x631d, 0x1000, 0x1, 0x2d6})
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r9, 0x2285, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r9, 0x3304)
io_uring_register$IORING_REGISTER_BUFFERS2(r7, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000300)=0x40, 0x8)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
r10 = accept4$unix(r0, &(0x7f00000003c0)=@abs, &(0x7f0000000340)=0x6e, 0x80000)
connect$unix(r10, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000240)={0x10}, 0x1)
clock_nanosleep(0x3, 0x1, &(0x7f0000000000)={0x0, 0x3938700}, 0x0)

2.550716112s ago: executing program 2 (id=1317):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b80)=ANY=[@ANYBLOB="a00000001a00010000000000000000001c00000000000000000000008400130000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008015209dd77a6163c29ce33fb76d1e547aec634cf2598a24356f95871f15aa2038b099dca5abcbd381d716aafe6fd30d0a3b609f351e77f7b13d8b82aadf5adc99a63d5cf131d2d2ddb9c74bec04838dd7f8030ab3b060c40f4a00a50fef476ba7617277da923aed687c9afc2bee20afe25e92412d5320f7621508afbd1c1bdc2700"], 0xa0}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r2, &(0x7f00000000c0)=""/44, 0x2c)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xa9385e, &(0x7f0000000a00)={[], [{@smackfshat={'smackfshat', 0x3d, '\xb4\xc7\x8f\xa4\x17\x0fY\xbba\'x\xe4\xe73\x1d\x93\xe8\x00\x00\x00\x00\xf4\xf3#\xa8\x9e\xcd'}}, {@context={'context', 0x3d, 'staff_u'}}, {@seclabel}]}, 0x0, 0x50b, &(0x7f00000016c0)="$eJzs3c9vI1cdAPDveOPEu802aekBENClFBa0WmfjbaOqBygnhFAlRI8gbUPijaLYcRQ7pQl7SP8HJCpxgiM3Lpx74s4FwY1LOSDxIwI1lUAaNONJahI7yZJsZok/H2k0896bzPc9J/Ne/PzjBTC2bkXEbkRMRsTbETFT5CfFFm/0t+y8j/YeLe3vPVpKIk3f+luSl2d5MfAzmWeKa9Yi4nvfivhhcjxud3tnbbHVam4W6blee2Ouu71zd7W9uNJcaa43GgvzC/deu/9q48La+mJ7sjj6/Ie/3f3aj7NqTRc5g+24SP2mVw/jRPGYf2fIY/L/6FpETBR/P4WbZdaHx1OJiOcj4qX8/p+Ja/lvEwC4ytJ0JtKZwTQAcNVV8jmwpFIv5gKmo1Kp1/tzeC/EjUqr0+3dedjZWl/uz5XNRrXycLXVvFfMFc5GNcnS8/nxJ+nGkfT9iHguIn4ydT1P15c6reUy//EBgDH2zJHx/59T/fEfALjiamVXAAC4TPn7Uo3/ADB+jP8AMH6M/wAwfoz/ADB+jP8AMH6M/wAwVr775pvZlu4X33+9/M721lrnnbvLze5avb21VF/qbG7UVzqdlfw7e9qnXa/V6WzMvxJb785+faPbm+tu7zxod7bWew/y7/V+0KxeSqsAgJM89+IHf0giYvf16/kWA2s5VONXpdYNeLIqZVcAKM21sisAlObfZVcAKM055uNN5cMVcdpytLWIuH40M03T9MlVCXjCbn/mpPl/4CobmP/3LmAYM+b/YXxNjCo49mQfuGrSNDnrmv9x1hMBgKebOX5gxOv/zxf7XxYvDvxg+egZ7x/N8IkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxsfB+r/1YuWO6ahU6vWImxExG9Xk4WqreS8ino2I309Vp7L0fMl1BgDOq/LnpFj/6/bMy9NHSyeTj6fyfUT86Gdv/fTdxV5v83dZ/t8P83vvF/mNMuoPAJyqGKfz8XrgifxHe4+WDrbLrM5fvhkRtX78/b3J2D+MPxET+b4W1Yi48Y+kSPclA3MX57H7XkR8elj7k5jO50D6K58ejZ/Fvnmp8Sv/Fb+Sl/X32WPxqQuoC4ybD7L+541h918lbuX74fd/Le+hzq/o/7JLLe3nfeAn8Q/6v2sj+r9bZ43xym++3T+6frzsvYjPTkQcxN4f6H8O4icj4r98/HJD/fFzX3hpVFn684jbMTz+YKy5Xntjrru9c3e1vbjSXGmuNxoL8wv3Xrv/amMun6OeGz0a/PX1O8+OKsvaf2NE/Nop7f/y2Zofv/jX29//4gnxv/qlYfEr8UI//uzBuYPxszHxK2eMv3jj17VRZVn85RHtP+33f+eM8T/8086xZcMBgPJ0t3fWFlut5qYDB0//QfYnW0r0g2cjJ5zzjUupT5rsTMZj/VSa/k+xRvUYFzHrBjwNDm/6iPi47MoAAAAAAAAAAAAAAABDXcYnqMpuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfXfwIAAP//VD7PZA==")
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000340)={<r4=>0x0})
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/rcu_normal', 0x1e1642, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000180)={r4, 0x0, 0x7f})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f000001b000)=ANY=[@ANYBLOB="380000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="d49ddf91ac1c1800128008000100150000"], 0x38}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r7}, 0x10)
sendmsg$nl_route_sched_retired(r5, &(0x7f0000000d80)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000dc0)=@newqdisc={0x164, 0x24, 0x200, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x2, 0xc}, {0x8, 0x4}, {0x7, 0xfff1}}, [@q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9985}]}}, @q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4a773aacf39a657b}]}}, @q_dsmark={{0xb}, {0x38, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x8}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x5}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x34}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x28, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x20}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0xc}]}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x11}]}}, @q_dsmark={{0xb}, {0x18, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x24}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}]}}, @q_dsmark={{0xb}, {0x40, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x5}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x5}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x200}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0xb4bd2c1b7291da6b}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1a}]}}]}, 0x164}, 0x1, 0x0, 0x0, 0x40004}, 0x4000040)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendfile(r8, r8, 0x0, 0x40000f63c)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000002780)={<r9=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r9, 0x3, r3})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@minixdf}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")

1.744502078s ago: executing program 3 (id=1347):
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x40}}, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x80a, &(0x7f0000000000), 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, &(0x7f00000000c0))
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xfffffffffffffffd}, 0x0)
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x2501)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000580)={{0xf}, 'port1\x00', 0x1, 0x0, 0x800, 0x7ff, 0x4, 0x7, 0xa, 0x0, 0x4, 0x3})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000732c355fd36f1bf8366c95327c52c9eb2619cc2bbef3b9190c83e5831f8f1b"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x61)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
shutdown(0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth1_to_bridge\x00', <r6=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r4, r6, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x1000000, 0x0, {0x0, 0x0, 0x74, r6, {0x0, 0x7}, {}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

1.723204288s ago: executing program 4 (id=1348):
r0 = socket(0x1, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000600), &(0x7f0000001380)=@udp=r0}, 0x20)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
recvmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001240)=""/113, 0x71}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x8000}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
dup2(r4, r6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r6, @ANYRES16=r6], 0x0, 0x6577, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a08403, &(0x7f0000000280)={[], [{@subj_role={'subj_role', 0x3d, '/dev/sg#\x00'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@seclabel}]}, 0x2, 0x5c9, &(0x7f0000001000)="$eJzs3c1vVFUbAPDnTqfTlr6vrcSouDCNhkCitLSAqR8L2BOCHxvjxkoLQYaP0BotmlgS3JgYNy5IXLkQ/wR3SnTrysSFCzeuDAkaw0ZjcMyduTMMZaadlk5v6fx+yfSec8+9PedCn54z957TCaBnjaVfChG7IuJCEjHSVFaMrHCsdtytPz84kb6SqFRe/SOJJNtXPz7JtsPZybdHIn78LomdfffWO7946cxMuTx3MctPLJy9MDG/eGnf6bMzp+ZOzZ2bem5q+nbl0PTk/vu6vkJT+uiVt98d+fjYG19+/k8y+dUvx5I4HL+frJU1X8dGGYux+KtS+XD5/vTfdXqjK8tJX+Pn5I5k+Q62rGIWI6WIeCxGoq/pf3MkPno518YBXVVJIipAj0rEP/So+jig/t6+s/fBhS6PSoDNcPNI+rW/RfwXa/cGYzT6I2L3svNa3NJbl7SOH74/diV9RZfuwwGtLV0eyFLL4z+pxuZoDFZzO24V7rrPm44AjmfbdP8r66x/bFle/MPmWbocEY+3Gv+vHv9vNsX/W+usX/wDAAAAAADAxrl+JCKebfX8r5A9mxuMp6rP/5La87+f7qwQPLwB9a/+/K9wYwOqAVq4eSTipZbzfxtzfEf7stz/a7MBk5Ony3P7I+KhiNgb/QNpfnKFOvZ9svNqu7Lm+X/pK62/Phcwa8eN4sDd58zOLMzczzUDNTcvRzxRbD//J+3/k+b+P5P+PrjQYR07d1873q5s9fgHuqXyRcSelv1/0jgmaff3OQ4dPDQ9uX+iOh6YqI8K7vXk+59+065+8Q/5Sfv/HSvH/2jS/Pd65tf2/UsRcWCxWGlXvt7xfyl5ra/+/VPvzSwsXJyMKCVH790/tbY2w3ZVj4d6vKTxv/fple//Ncb/TXE4FBFLHdb56L/Dv7YrWyH+++/vSoHVpPE/u6b+f+2JqWuj37arv7P+/2C1T9+b7XH/D1bWaYDm3U4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBAVIuJ/kRTGG+lCYXw8YjgiHokdhfL5+YVnTp5/59xsWlb9/P9C/ZN+R2r5pP75/6NN+all+QMR8XBEfNY3VM2Pnzhfns374gEAAAAAAAAAAAAAAAAAAGCLGG6z/j/1W1+7swY2sYVAVxWzbdt4B7atYt4NAHIj/qF3iX/oXeIfepf4h961zvj3uAC2Af0/9Kr+zg4brG2+rnS1McAm0/8DAAAAAMC2cv3F568mEbH0wlD1lSplZY0Hg0N5tQ7opkLeDQByYw4v9C5Tf6B3dTj5F9jGkkbq75YT/Ac7OBMAAAAAAAAAAAAA6K49u67/vOr6f2Bbsv4fepf1/9C7rP+H3uU9PrDaKn7r/wEAAAAAAAAAAAAgf/OLl87MlMtzFx+0xOulLdEMiS4m+iNiCzQjh0Qp//DM+RcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ8F8AAAD//+L5J9k=")
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x2010, 0xffffffffffffffff, 0x2000)
r8 = io_uring_setup(0x51d2, &(0x7f0000000400)={0x0, 0x631d, 0x1000, 0x1, 0x2d6})
r9 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$SG_IO(r10, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x48, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNAPSHOT_ATOMIC_RESTORE(r10, 0x3304)
io_uring_register$IORING_REGISTER_BUFFERS2(r8, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
r11 = accept4$unix(r0, &(0x7f00000003c0)=@abs, &(0x7f0000000340)=0x6e, 0x80000)
connect$unix(r11, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000240)={0x10}, 0x1)
clock_nanosleep(0x3, 0x1, &(0x7f0000000000)={0x0, 0x3938700}, 0x0)

1.659425958s ago: executing program 3 (id=1349):
r0 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="00001700000000001c0037800b0003006970768a616e00000c0002800600"], 0x44}}, 0x814)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0), 0x4)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x1c, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x7fff, 0x9b, &(0x7f00000002c0)=""/155, 0x41000, 0x1111909bc979077b, '\x00', 0x0, 0x25, r5, 0x8, &(0x7f0000000400)={0x4, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000640)=[r0, r0, r0], &(0x7f0000000680)=[{0x1, 0x4, 0x10, 0xb}, {0x1, 0x3, 0x4, 0x7}, {0x4, 0x5, 0x8}, {0x1, 0x4, 0x1}], 0x10, 0x4, @value=r6}, 0x94)
recvmmsg(r2, &(0x7f0000001140), 0x700, 0x2, 0x0)

1.530802939s ago: executing program 3 (id=1352):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001500)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000900000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000086dd96847d3f869501000000"], &(0x7f00000000c0)='syzkaller\x00', 0x3eef, 0xe2, &(0x7f0000000100)=""/226, 0x0, 0x47, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0x8, 0x10000, 0xb}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000400)=[r0], &(0x7f00000014c0)=[{0x0, 0x3, 0xf, 0x4}], 0x10, 0xa39a, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000015c0)={&(0x7f0000000040)='bcache_read\x00', r1, 0x0, 0x2}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x5b26}, 0x18)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f0000000240)={[{@bh}]}, 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000300)={0x1f, 0x82, @none, 0xffff, 0x2}, 0xe)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000180)={0x40000000})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x7000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8)
gettid()
timer_settime(0x0, 0x1, 0x0, 0x0)
r4 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r5, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r6}], 0x2c, 0xffffffffffbffff8)
dup2(r5, r6)
tkill(r4, 0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
flock(0xffffffffffffffff, 0x2)

1.378384381s ago: executing program 3 (id=1355):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000840)=@generic={&(0x7f0000000800)='./file0\x00', 0x0, 0x18}, 0x18)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000002c0)='syzkaller\x00', 0x9, 0x72, &(0x7f0000000780)=""/114, 0x41100, 0x7c, '\x00', r1, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000700)={0x5, 0xa, 0x7, 0x6}, 0x10, 0x2e26, 0xffffffffffffffff, 0x7, &(0x7f0000000900)=[r2, r3], &(0x7f0000000940)=[{0x0, 0x2, 0x4, 0xb}, {0x4, 0x1, 0xb, 0x5}, {0x1, 0x3, 0x1, 0xa}, {0x1, 0x1, 0xffffffff, 0xb}, {0x5, 0x3, 0x0, 0x8}, {0x5, 0x1, 0x2, 0x1}, {0x2, 0x5, 0xa, 0x4}], 0x10, 0x300000, @void, @value}, 0x94)
close(r0)

1.322696641s ago: executing program 3 (id=1359):
r0 = socket(0x1, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000600), &(0x7f0000001380)=@udp=r0}, 0x20)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
recvmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001240)=""/113, 0x71}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x8000}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
dup2(r4, r6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r6, @ANYBLOB="0000000000000000b708000000000000"], 0x0, 0x6577, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a08403, &(0x7f0000000280)={[], [{@subj_role={'subj_role', 0x3d, '/dev/sg#\x00'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@seclabel}]}, 0x2, 0x5c9, &(0x7f0000001000)="$eJzs3c1vVFUbAPDnTqfTlr6vrcSouDCNhkCitLSAqR8L2BOCHxvjxkoLQYaP0BotmlgS3JgYNy5IXLkQ/wR3SnTrysSFCzeuDAkaw0ZjcMyduTMMZaadlk5v6fx+yfSec8+9PedCn54z957TCaBnjaVfChG7IuJCEjHSVFaMrHCsdtytPz84kb6SqFRe/SOJJNtXPz7JtsPZybdHIn78LomdfffWO7946cxMuTx3MctPLJy9MDG/eGnf6bMzp+ZOzZ2bem5q+nbl0PTk/vu6vkJT+uiVt98d+fjYG19+/k8y+dUvx5I4HL+frJU1X8dGGYux+KtS+XD5/vTfdXqjK8tJX+Pn5I5k+Q62rGIWI6WIeCxGoq/pf3MkPno518YBXVVJIipAj0rEP/So+jig/t6+s/fBhS6PSoDNcPNI+rW/RfwXa/cGYzT6I2L3svNa3NJbl7SOH74/diV9RZfuwwGtLV0eyFLL4z+pxuZoDFZzO24V7rrPm44AjmfbdP8r66x/bFle/MPmWbocEY+3Gv+vHv9vNsX/W+usX/wDAAAAAADAxrl+JCKebfX8r5A9mxuMp6rP/5La87+f7qwQPLwB9a/+/K9wYwOqAVq4eSTipZbzfxtzfEf7stz/a7MBk5Ony3P7I+KhiNgb/QNpfnKFOvZ9svNqu7Lm+X/pK62/Phcwa8eN4sDd58zOLMzczzUDNTcvRzxRbD//J+3/k+b+P5P+PrjQYR07d1873q5s9fgHuqXyRcSelv1/0jgmaff3OQ4dPDQ9uX+iOh6YqI8K7vXk+59+065+8Q/5Sfv/HSvH/2jS/Pd65tf2/UsRcWCxWGlXvt7xfyl5ra/+/VPvzSwsXJyMKCVH790/tbY2w3ZVj4d6vKTxv/fple//Ncb/TXE4FBFLHdb56L/Dv7YrWyH+++/vSoHVpPE/u6b+f+2JqWuj37arv7P+/2C1T9+b7XH/D1bWaYDm3U4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBAVIuJ/kRTGG+lCYXw8YjgiHokdhfL5+YVnTp5/59xsWlb9/P9C/ZN+R2r5pP75/6NN+all+QMR8XBEfNY3VM2Pnzhfns374gEAAAAAAAAAAAAAAAAAAGCLGG6z/j/1W1+7swY2sYVAVxWzbdt4B7atYt4NAHIj/qF3iX/oXeIfepf4h961zvj3uAC2Af0/9Kr+zg4brG2+rnS1McAm0/8DAAAAAMC2cv3F568mEbH0wlD1lSplZY0Hg0N5tQ7opkLeDQByYw4v9C5Tf6B3dTj5F9jGkkbq75YT/Ac7OBMAAAAAAAAAAAAA6K49u67/vOr6f2Bbsv4fepf1/9C7rP+H3uU9PrDaKn7r/wEAAAAAAAAAAAAgf/OLl87MlMtzFx+0xOulLdEMiS4m+iNiCzQjh0Qp//DM+RcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ8F8AAAD//+L5J9k=")
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x2010, 0xffffffffffffffff, 0x2000)
r7 = io_uring_setup(0x51d2, &(0x7f0000000400)={0x0, 0x631d, 0x1000, 0x1, 0x2d6})
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x48, 0x0, 0x0}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNAPSHOT_ATOMIC_RESTORE(r9, 0x3304)
io_uring_register$IORING_REGISTER_BUFFERS2(r7, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000300)=0x40, 0x8)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
r10 = accept4$unix(r0, &(0x7f00000003c0)=@abs, &(0x7f0000000340)=0x6e, 0x80000)
connect$unix(r10, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000240)={0x10}, 0x1)
clock_nanosleep(0x3, 0x1, &(0x7f0000000000)={0x0, 0x3938700}, 0x0)

832.190774ms ago: executing program 4 (id=1366):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001500)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000900000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000086dd96847d3f869501000000"], &(0x7f00000000c0)='syzkaller\x00', 0x3eef, 0xe2, &(0x7f0000000100)=""/226, 0x0, 0x47, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0x8, 0x10000, 0xb}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000400)=[r0], &(0x7f00000014c0)=[{0x0, 0x3, 0xf, 0x4}], 0x10, 0xa39a, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000015c0)={&(0x7f0000000040)='bcache_read\x00', r1, 0x0, 0x2}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x5b26}, 0x18)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f0000000240)={[{@bh}]}, 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000300)={0x1f, 0x82, @none, 0xffff, 0x2}, 0xe)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000180)={0x40000000})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
fallocate(r3, 0x20, 0x0, 0x7000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8)
gettid()
timer_settime(0x0, 0x1, 0x0, 0x0)
r4 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r5, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r6}], 0x2c, 0xffffffffffbffff8)
dup2(r5, r6)
tkill(r4, 0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
flock(0xffffffffffffffff, 0x2)

824.611125ms ago: executing program 1 (id=1367):
r0 = getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6ad1, &(0x7f0000000940)={0x0, 0x3, 0x80, 0x0, 0x235}, &(0x7f00000009c0), &(0x7f00000003c0))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f0000001c80)={0x8, 0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000000680)=""/128, 0x80}, {&(0x7f0000000d80)=""/81, 0x51}, {&(0x7f0000000e00)=""/184, 0xb8}, {&(0x7f0000000ec0)=""/95, 0x5f}, {&(0x7f0000000f40)=""/204, 0xcc}, {&(0x7f0000001040)=""/209, 0xd2}, {&(0x7f0000000540)=""/52, 0xfffffffffffffe14}, {&(0x7f0000000700)=""/25, 0x19}], &(0x7f0000000540)}, 0x20)
setreuid(0xee00, 0x0)
syz_pidfd_open(r0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x16, &(0x7f0000000180)={@multicast, @local, @void, {@llc={0x4, {@snap={0xaa, 0xaa, '=', "e32935", 0x800}}}}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x40, r5, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x7}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x40}}, 0x0)
setns(0xffffffffffffffff, 0x40000000)
syz_clone3(&(0x7f00000008c0)={0x14860000, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, 0x0}, 0x58)

771.111135ms ago: executing program 1 (id=1369):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x40d, 0x70bd28, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x84}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x3ff}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4086}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf523", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)

736.338095ms ago: executing program 1 (id=1370):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)={0x2c, r2, 0x2cb3b0415539fbbb, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x32}, @void, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffff81}]}, 0x2c}}, 0x20040004)

713.769485ms ago: executing program 1 (id=1372):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x40d, 0x70bd28, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x84}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x3ff}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4086}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)

686.146016ms ago: executing program 1 (id=1373):
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x40}}, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x80a, &(0x7f0000000000), 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, &(0x7f00000000c0))
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xfffffffffffffffd}, 0x0)
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x2501)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000580)={{0xf}, 'port1\x00', 0x1, 0x0, 0x800, 0x7ff, 0x4, 0x7, 0xa, 0x0, 0x4, 0x3})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000732c355fd36f1bf8366c95327c52c9eb2619cc2bbef3b9190c83e5831f8f1b"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x61)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
shutdown(0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth1_to_bridge\x00', <r6=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r4, r6, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x1000000, 0x0, {0x0, 0x0, 0x74, r6, {0x0, 0x7}, {}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

579.461176ms ago: executing program 1 (id=1376):
r0 = socket(0x1, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000600), &(0x7f0000001380)=@udp=r0}, 0x20)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
recvmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001240)=""/113, 0x71}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x8000}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
dup2(r4, r6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r6, @ANYRES16=r6], 0x0, 0x6577, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a08403, &(0x7f0000000280)={[], [{@subj_role={'subj_role', 0x3d, '/dev/sg#\x00'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@seclabel}]}, 0x2, 0x5c9, &(0x7f0000001000)="$eJzs3c1vVFUbAPDnTqfTlr6vrcSouDCNhkCitLSAqR8L2BOCHxvjxkoLQYaP0BotmlgS3JgYNy5IXLkQ/wR3SnTrysSFCzeuDAkaw0ZjcMyduTMMZaadlk5v6fx+yfSec8+9PedCn54z957TCaBnjaVfChG7IuJCEjHSVFaMrHCsdtytPz84kb6SqFRe/SOJJNtXPz7JtsPZybdHIn78LomdfffWO7946cxMuTx3MctPLJy9MDG/eGnf6bMzp+ZOzZ2bem5q+nbl0PTk/vu6vkJT+uiVt98d+fjYG19+/k8y+dUvx5I4HL+frJU1X8dGGYux+KtS+XD5/vTfdXqjK8tJX+Pn5I5k+Q62rGIWI6WIeCxGoq/pf3MkPno518YBXVVJIipAj0rEP/So+jig/t6+s/fBhS6PSoDNcPNI+rW/RfwXa/cGYzT6I2L3svNa3NJbl7SOH74/diV9RZfuwwGtLV0eyFLL4z+pxuZoDFZzO24V7rrPm44AjmfbdP8r66x/bFle/MPmWbocEY+3Gv+vHv9vNsX/W+usX/wDAAAAAADAxrl+JCKebfX8r5A9mxuMp6rP/5La87+f7qwQPLwB9a/+/K9wYwOqAVq4eSTipZbzfxtzfEf7stz/a7MBk5Ony3P7I+KhiNgb/QNpfnKFOvZ9svNqu7Lm+X/pK62/Phcwa8eN4sDd58zOLMzczzUDNTcvRzxRbD//J+3/k+b+P5P+PrjQYR07d1873q5s9fgHuqXyRcSelv1/0jgmaff3OQ4dPDQ9uX+iOh6YqI8K7vXk+59+065+8Q/5Sfv/HSvH/2jS/Pd65tf2/UsRcWCxWGlXvt7xfyl5ra/+/VPvzSwsXJyMKCVH790/tbY2w3ZVj4d6vKTxv/fple//Ncb/TXE4FBFLHdb56L/Dv7YrWyH+++/vSoHVpPE/u6b+f+2JqWuj37arv7P+/2C1T9+b7XH/D1bWaYDm3U4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBAVIuJ/kRTGG+lCYXw8YjgiHokdhfL5+YVnTp5/59xsWlb9/P9C/ZN+R2r5pP75/6NN+all+QMR8XBEfNY3VM2Pnzhfns374gEAAAAAAAAAAAAAAAAAAGCLGG6z/j/1W1+7swY2sYVAVxWzbdt4B7atYt4NAHIj/qF3iX/oXeIfepf4h961zvj3uAC2Af0/9Kr+zg4brG2+rnS1McAm0/8DAAAAAMC2cv3F568mEbH0wlD1lSplZY0Hg0N5tQ7opkLeDQByYw4v9C5Tf6B3dTj5F9jGkkbq75YT/Ac7OBMAAAAAAAAAAAAA6K49u67/vOr6f2Bbsv4fepf1/9C7rP+H3uU9PrDaKn7r/wEAAAAAAAAAAAAgf/OLl87MlMtzFx+0xOulLdEMiS4m+iNiCzQjh0Qp//DM+RcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ8F8AAAD//+L5J9k=")
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x2010, 0xffffffffffffffff, 0x2000)
r8 = io_uring_setup(0x51d2, &(0x7f0000000400)={0x0, 0x631d, 0x1000, 0x1, 0x2d6})
r9 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$SG_IO(r10, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x48, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNAPSHOT_ATOMIC_RESTORE(r10, 0x3304)
io_uring_register$IORING_REGISTER_BUFFERS2(r8, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
r11 = accept4$unix(r0, &(0x7f00000003c0)=@abs, &(0x7f0000000340)=0x6e, 0x80000)
connect$unix(r11, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000240)={0x10}, 0x1)
clock_nanosleep(0x3, 0x1, &(0x7f0000000000)={0x0, 0x3938700}, 0x0)

323.961738ms ago: executing program 3 (id=1378):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000"], 0x48)
syz_open_dev$usbfs(&(0x7f0000000080), 0x1a, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r2 = epoll_create1(0x0)
epoll_pwait2(r2, &(0x7f0000000040)=[{}], 0x1, 0x0, &(0x7f00000000c0)={[0x8]}, 0x8)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = syz_open_procfs(0x0, &(0x7f0000000300)='timerslack_ns\x00')
pread64(r3, &(0x7f0000000180)=""/116, 0x74, 0x3)
signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x8]}, 0x8)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0xff, @remote}, 0x80, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1bfc000000"], 0x18}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xf7}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x42, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

228.915339ms ago: executing program 0 (id=1380):
r0 = getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6ad1, &(0x7f0000000940)={0x0, 0x3, 0x80, 0x0, 0x235}, &(0x7f00000009c0), &(0x7f00000003c0))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f0000001c80)={0x8, 0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000000680)=""/128, 0x80}, {&(0x7f0000000d80)=""/81, 0x51}, {&(0x7f0000000e00)=""/184, 0xb8}, {&(0x7f0000000ec0)=""/95, 0x5f}, {&(0x7f0000000f40)=""/204, 0xcc}, {&(0x7f0000001040)=""/209, 0xd2}, {&(0x7f0000000540)=""/52, 0xfffffffffffffe14}, {&(0x7f0000000700)=""/25, 0x19}], &(0x7f0000000540)}, 0x20)
setreuid(0xee00, 0x0)
syz_pidfd_open(r0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x16, &(0x7f0000000180)={@multicast, @local, @void, {@llc={0x4, {@snap={0xaa, 0xaa, '=', "e32935", 0x800}}}}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x40, r5, 0x1, 0x70bd27, 0x25dfdbf9, {}, [@NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x7}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x40}}, 0x0)
setns(0xffffffffffffffff, 0x40000000)
syz_clone3(&(0x7f00000008c0)={0x14860000, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, 0x0}, 0x58)

205.046309ms ago: executing program 0 (id=1381):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x40d, 0x70bd28, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x84}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x3ff}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4086}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf523", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)

176.13579ms ago: executing program 0 (id=1382):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x402, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000680)={0x2, 0x0, @multicast2}, 0x2d)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r3}, 0x10)
ioctl$SG_GET_REQUEST_TABLE(r2, 0x2275, &(0x7f00000018c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./bus\x00', 0x100c000, &(0x7f0000000840)={[{@nolazytime}, {}, {@barrier_val}, {@debug}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@min_batch_time={'min_batch_time', 0x3d, 0x7}}]}, 0xfc, 0x57c, &(0x7f0000000100)="$eJzs3V1rHNUbAPBnNpv0/d8USvnrhRR6YaV20yS+VBCsl6LFgt7XJZmGkk23ZDeliQXbC3vjjRRBxIL4Abz3svgF/BQFLRQpQS9EiMxmNt0ku3nrxk27vx9Mcs7OTM48e+aZnLOzywbQt05mPwoRL0XE10nEUMu6YuQrTy5vt/jk1kS2JLG09MkfSST5Y83tk/z3obzy/4j45cuIM4X17dbmF6bLlUo6m9dH6jPXR2rzC2evzpSn0qn02tj4+Pk3x8feefutrsX62qW/vvv4wQfnvzq1+O1Pj47dS+JCHM7XtcbxDG63Vk6W/8lLg3FhzYajXWhsL0l6fQDsyECe54ORXQOOxkCe9cCL74uIWAL6VCL/oU81xwHNuX2X5sHPjcfvL0+AGrEPtcZfXH5tJPY35kYHF5NVM6NsvjvchfazNn7+/f69bImNX4c4sEkdYFtu34mIc8Xi+ut/kl//du5c48Xjja1to9/+/0AvPcjGP6+3G/8VVsY/0Wb8c6hN7u7E5vlfeNSFZjrKxn/vth3/rly6hgfy2pHGmG8wuXK1kp6LiP9FxOkY3JfVN7qfc37x4VKnda3jv2zJ2m+OBfPjeFTct3qfyXK9HKtv1e3Y4zsRLxfbxZ+s9H/Spv+z5+PSFts4kd5/pdO6NfEnxXXx766lHyNebdv/T+9oJRvfnxxpnA8jzbNivT/vnvi1U/ub9//uyvr/4MbxDyet92tr22/jh/1/p53W7fT8H0o+bZSbSXCzXK/PjkYMJR+tf3zs6b7NenP7LP7Tpza+/rU7/7PJ12dbjP/u8bsdN10d/5HoRf9Pbqv/t194+OHn33dqf2v9/0ajdDp/JL/+tZefK1s9wGd9/gAAAAAAAGAvKUTE4UgKpZVyoVAqLb+/43gcLFSqtfqZK9W5a5PR+KzscAwWmne6j7a8H2I0fz9ssz62pj4eEcci4puBA416aaJamex18AAAAAAAAAAAAAAAAAAAALBHHOrw+f/MbwO9Pjpg1zW+2GBfr48C6IVNv/K/G9/0BOxJm+Y/8MKS/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAAXXXp4sVsWVp8cmsiq0/emJ+brt44O5nWpkszcxOliers9dJUtTpVSUsT1ZnN/l6lWr0+OhZzN0fqaa0+UptfuDxTnbtWv3x1pjyVXk4H/5OoAAAAAAAAAAAAAAAAAAAA4PlSm1+YLlcq6axCx8J7sScOYzcDXLaj3Yt7JQqFDoU7efdub68eXpQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYI1/AwAA///VDy/N")
unlink(&(0x7f0000000000)='./file0/file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x105)

110.93121ms ago: executing program 0 (id=1383):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)={0x2c, r2, 0x2cb3b0415539fbbb, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x32}, @void, @void}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffff81}]}, 0x2c}}, 0x20040004)

88.21169ms ago: executing program 0 (id=1384):
setreuid(0xee00, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
accept4$inet(r3, &(0x7f0000000400)={0x2, 0x0, @empty}, &(0x7f0000000440)=0x10, 0x800)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/reserved_size', 0x80802, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000500)=ANY=[@ANYBLOB='\v\x00\x00\x00sy'], 0x1c7)
mlockall(0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=2'])
chdir(&(0x7f0000000140)='./file0\x00')
syz_emit_ethernet(0x49, &(0x7f0000000580)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @val={@val={0x88a8, 0x6, 0x0, 0x2}, {0x8100, 0x2, 0x1, 0x3}}, {@arp={0x806, @generic={0x301, 0x4, 0x6, 0x10, 0x9, @remote, "25d59f21b1aee7071803f262d5fa916a", @random="affba9dafdc0", "335b583ba41338cdeecb193e8b6e54"}}}}, &(0x7f0000000480)={0x1, 0x4, [0x750, 0x50c, 0xd9a, 0x993]})
r7 = creat(&(0x7f0000000040)='./file0\x00', 0x1e)
setns(r1, 0x24020000)
syz_clone3(&(0x7f00000006c0)={0x192142100, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000000640)={'ip_vti0\x00', &(0x7f0000000600)={'tunl0\x00', <r8=>0x0, 0x80, 0x8008, 0x400, 0x100, {{0x6, 0x4, 0x1, 0x15, 0x18, 0x66, 0x0, 0x6, 0x4, 0x0, @private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ra={0x94, 0x4}]}}}}})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000740)={@mcast2, @mcast1, @local, 0x4, 0xa00, 0x9, 0x500, 0x5, 0x10183, r8})

0s ago: executing program 0 (id=1385):
r0 = socket(0x1, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000600), &(0x7f0000001380)=@udp=r0}, 0x20)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
recvmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001240)=""/113, 0x71}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x8000}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
dup2(r4, r6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r6, @ANYRES16=r6, @ANYBLOB="0000000000000000b7080000000000"], 0x0, 0x6577, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a08403, &(0x7f0000000280)={[], [{@subj_role={'subj_role', 0x3d, '/dev/sg#\x00'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@seclabel}]}, 0x2, 0x5c9, &(0x7f0000001000)="$eJzs3c1vVFUbAPDnTqfTlr6vrcSouDCNhkCitLSAqR8L2BOCHxvjxkoLQYaP0BotmlgS3JgYNy5IXLkQ/wR3SnTrysSFCzeuDAkaw0ZjcMyduTMMZaadlk5v6fx+yfSec8+9PedCn54z957TCaBnjaVfChG7IuJCEjHSVFaMrHCsdtytPz84kb6SqFRe/SOJJNtXPz7JtsPZybdHIn78LomdfffWO7946cxMuTx3MctPLJy9MDG/eGnf6bMzp+ZOzZ2bem5q+nbl0PTk/vu6vkJT+uiVt98d+fjYG19+/k8y+dUvx5I4HL+frJU1X8dGGYux+KtS+XD5/vTfdXqjK8tJX+Pn5I5k+Q62rGIWI6WIeCxGoq/pf3MkPno518YBXVVJIipAj0rEP/So+jig/t6+s/fBhS6PSoDNcPNI+rW/RfwXa/cGYzT6I2L3svNa3NJbl7SOH74/diV9RZfuwwGtLV0eyFLL4z+pxuZoDFZzO24V7rrPm44AjmfbdP8r66x/bFle/MPmWbocEY+3Gv+vHv9vNsX/W+usX/wDAAAAAADAxrl+JCKebfX8r5A9mxuMp6rP/5La87+f7qwQPLwB9a/+/K9wYwOqAVq4eSTipZbzfxtzfEf7stz/a7MBk5Ony3P7I+KhiNgb/QNpfnKFOvZ9svNqu7Lm+X/pK62/Phcwa8eN4sDd58zOLMzczzUDNTcvRzxRbD//J+3/k+b+P5P+PrjQYR07d1873q5s9fgHuqXyRcSelv1/0jgmaff3OQ4dPDQ9uX+iOh6YqI8K7vXk+59+065+8Q/5Sfv/HSvH/2jS/Pd65tf2/UsRcWCxWGlXvt7xfyl5ra/+/VPvzSwsXJyMKCVH790/tbY2w3ZVj4d6vKTxv/fple//Ncb/TXE4FBFLHdb56L/Dv7YrWyH+++/vSoHVpPE/u6b+f+2JqWuj37arv7P+/2C1T9+b7XH/D1bWaYDm3U4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBAVIuJ/kRTGG+lCYXw8YjgiHokdhfL5+YVnTp5/59xsWlb9/P9C/ZN+R2r5pP75/6NN+all+QMR8XBEfNY3VM2Pnzhfns374gEAAAAAAAAAAAAAAAAAAGCLGG6z/j/1W1+7swY2sYVAVxWzbdt4B7atYt4NAHIj/qF3iX/oXeIfepf4h961zvj3uAC2Af0/9Kr+zg4brG2+rnS1McAm0/8DAAAAAMC2cv3F568mEbH0wlD1lSplZY0Hg0N5tQ7opkLeDQByYw4v9C5Tf6B3dTj5F9jGkkbq75YT/Ac7OBMAAAAAAAAAAAAA6K49u67/vOr6f2Bbsv4fepf1/9C7rP+H3uU9PrDaKn7r/wEAAAAAAAAAAAAgf/OLl87MlMtzFx+0xOulLdEMiS4m+iNiCzQjh0Qp//DM+RcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ8F8AAAD//+L5J9k=")
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x2010, 0xffffffffffffffff, 0x2000)
r7 = io_uring_setup(0x51d2, &(0x7f0000000400)={0x0, 0x631d, 0x1000, 0x1, 0x2d6})
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x48, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNAPSHOT_ATOMIC_RESTORE(r9, 0x3304)
io_uring_register$IORING_REGISTER_BUFFERS2(r7, 0xf, &(0x7f0000002700)={0x119f, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}, {&(0x7f0000002a00)=""/88, 0x8}], 0x0}, 0x20)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000300)=0x40, 0x8)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000240)={0x10}, 0x1)
clock_nanosleep(0x3, 0x1, &(0x7f0000000000)={0x0, 0x3938700}, 0x0)

kernel console output (not intermixed with test programs):

T4735] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   72.061044][ T5277] capability: warning: `syz.0.600' uses deprecated v2 capabilities in a way that may be insecure
[   72.061493][ T4735] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   72.073978][ T5276] validate_nla: 3 callbacks suppressed
[   72.073997][ T5276] netlink: 'syz.4.602': attribute type 4 has an invalid length.
[   72.083780][ T4735] EXT4-fs (loop2): This should not happen!! Data will be lost
[   72.083780][ T4735] 
[   72.106840][ T4735] EXT4-fs (loop2): Total free blocks count 0
[   72.113281][ T4735] EXT4-fs (loop2): Free/Dirty block details
[   72.119272][ T4735] EXT4-fs (loop2): free_blocks=2415919104
[   72.125182][ T4735] EXT4-fs (loop2): dirty_blocks=8224
[   72.130509][ T4735] EXT4-fs (loop2): Block reservation details
[   72.133767][ T5277] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5277 comm=syz.0.600
[   72.136510][ T4735] EXT4-fs (loop2): i_reserved_data_blocks=514
[   72.155855][ T4735] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   72.259169][ T5292] usb usb5: usbfs: process 5292 (syz.4.608) did not claim interface 0 before use
[   72.308145][ T5298] loop2: detected capacity change from 0 to 512
[   72.315022][ T5298] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   72.327091][ T5298] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   72.343773][ T5298] EXT4-fs (loop2): 1 truncate cleaned up
[   72.350137][ T5298] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.399289][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.450014][ T5309] netlink: 'syz.0.615': attribute type 30 has an invalid length.
[   72.541800][ T5318] IPv6: sit1: Disabled Multicast RS
[   72.548265][ T5318] sit1: entered allmulticast mode
[   72.562346][ T5320] loop3: detected capacity change from 0 to 2048
[   72.579076][ T5320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.593308][ T5320] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.620: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   72.613425][ T5320] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   72.634837][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.654540][ T5326] FAULT_INJECTION: forcing a failure.
[   72.654540][ T5326] name failslab, interval 1, probability 0, space 0, times 0
[   72.667343][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.622 Not tainted 6.14.0-rc7-syzkaller #0
[   72.667373][ T5326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   72.667388][ T5326] Call Trace:
[   72.667395][ T5326]  <TASK>
[   72.667404][ T5326]  dump_stack_lvl+0xf2/0x150
[   72.667435][ T5326]  dump_stack+0x15/0x1a
[   72.667489][ T5326]  should_fail_ex+0x24a/0x260
[   72.667579][ T5326]  ? sctp_add_bind_addr+0x6f/0x1e0
[   72.667615][ T5326]  should_failslab+0x8f/0xb0
[   72.667648][ T5326]  __kmalloc_cache_noprof+0x4e/0x320
[   72.667678][ T5326]  sctp_add_bind_addr+0x6f/0x1e0
[   72.667729][ T5326]  sctp_copy_local_addr_list+0x19b/0x220
[   72.667775][ T5326]  sctp_copy_one_addr+0x82/0x270
[   72.667907][ T5326]  sctp_bind_addr_copy+0x81/0x2b0
[   72.667948][ T5326]  sctp_assoc_set_bind_addr_from_ep+0xc0/0xd0
[   72.667979][ T5326]  sctp_connect_new_asoc+0x1d0/0x3b0
[   72.668059][ T5326]  sctp_sendmsg+0xefb/0x18f0
[   72.668097][ T5326]  ? __pfx_sctp_sendmsg+0x10/0x10
[   72.668125][ T5326]  inet_sendmsg+0xc5/0xd0
[   72.668224][ T5326]  __sock_sendmsg+0x102/0x180
[   72.668257][ T5326]  ____sys_sendmsg+0x326/0x4b0
[   72.668293][ T5326]  __sys_sendmsg+0x19d/0x230
[   72.668383][ T5326]  __x64_sys_sendmsg+0x46/0x50
[   72.668409][ T5326]  x64_sys_call+0x2734/0x2dc0
[   72.668448][ T5326]  do_syscall_64+0xc9/0x1c0
[   72.668483][ T5326]  ? clear_bhb_loop+0x55/0xb0
[   72.668510][ T5326]  ? clear_bhb_loop+0x55/0xb0
[   72.668610][ T5326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.668643][ T5326] RIP: 0033:0x7f72507cd169
[   72.668662][ T5326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.668705][ T5326] RSP: 002b:00007f724ee31038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.668728][ T5326] RAX: ffffffffffffffda RBX: 00007f72509e5fa0 RCX: 00007f72507cd169
[   72.668809][ T5326] RDX: 0000000000000041 RSI: 0000400000000600 RDI: 0000000000000005
[   72.668823][ T5326] RBP: 00007f724ee31090 R08: 0000000000000000 R09: 0000000000000000
[   72.668838][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   72.668852][ T5326] R13: 0000000000000000 R14: 00007f72509e5fa0 R15: 00007ffd981622d8
[   72.668874][ T5326]  </TASK>
[   72.937207][ T5334] loop3: detected capacity change from 0 to 2048
[   72.943918][ T5334] EXT4-fs: Ignoring removed bh option
[   72.958046][ T5334] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.043370][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.068422][ T5346] netlink: 24 bytes leftover after parsing attributes in process `syz.3.628'.
[   73.085164][ T5348] netlink: 'syz.0.630': attribute type 30 has an invalid length.
[   73.145726][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.180287][ T5352] loop2: detected capacity change from 0 to 2048
[   73.187672][ T5354] loop0: detected capacity change from 0 to 2048
[   73.194263][ T5354] EXT4-fs: Ignoring removed bh option
[   73.198537][ T5352] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.213687][ T5352] EXT4-fs error (device loop2): ext4_find_extent:938: inode #2: comm syz.2.632: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   73.241813][ T5354] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.270825][ T5352] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   73.301303][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.303905][ T5365] loop3: detected capacity change from 0 to 1024
[   73.333203][ T5369] netlink: 8 bytes leftover after parsing attributes in process `syz.2.636'.
[   73.342959][ T5365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.343197][ T5369] IPVS: Error joining to the multicast group
[   73.364030][ T5369] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16433 sclass=netlink_route_socket pid=5369 comm=syz.2.636
[   73.393068][ T5365] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4115: comm syz.3.634: Allocating blocks 385-513 which overlap fs metadata
[   73.411884][ T5365] EXT4-fs (loop3): pa ffff888104d65690: logic 16, phys. 129, len 24
[   73.419945][ T5365] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 8
[   73.452093][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.547532][ T5392] loop2: detected capacity change from 0 to 512
[   73.555665][ T5392] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   73.572762][ T5394] IPv6: sit1: Disabled Multicast RS
[   73.580071][ T5392] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   73.596022][ T5394] sit1: entered allmulticast mode
[   73.603310][ T5392] EXT4-fs (loop2): 1 truncate cleaned up
[   73.610689][ T5392] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.637468][ T5401] loop1: detected capacity change from 0 to 2048
[   73.644200][ T5401] EXT4-fs: Ignoring removed bh option
[   73.658986][ T5401] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.701825][ T5409] netlink: 4 bytes leftover after parsing attributes in process `syz.4.650'.
[   73.754577][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.757778][ T5418] netlink: 'syz.4.654': attribute type 30 has an invalid length.
[   73.787799][   T30] kauditd_printk_skb: 427 callbacks suppressed
[   73.787815][   T30] audit: type=1400 audit(1742228953.039:3305): avc:  denied  { create } for  pid=5419 comm="syz.3.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   73.820567][ T5420] infiniband syz0: set down
[   73.825212][ T5420] infiniband syz0: added bond0
[   73.825737][   T30] audit: type=1400 audit(1742228953.039:3306): avc:  denied  { write } for  pid=5419 comm="syz.3.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   73.851193][ T5426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.859865][ T5426] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.866546][   T30] audit: type=1400 audit(1742228953.109:3307): avc:  denied  { ioctl } for  pid=5419 comm="syz.3.653" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   73.895083][ T5420] RDS/IB: syz0: added
[   73.900280][ T5420] smc: adding ib device syz0 with port count 1
[   73.908614][ T5420] smc:    ib device syz0 port 1 has pnetid 
[   73.914593][   T30] audit: type=1400 audit(1742228953.159:3308): avc:  denied  { name_bind } for  pid=5427 comm="syz.4.656" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   73.936234][   T30] audit: type=1400 audit(1742228953.159:3309): avc:  denied  { write } for  pid=5427 comm="GPL" path="socket:[10431]" dev="sockfs" ino=10431 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   73.959581][   T30] audit: type=1400 audit(1742228953.159:3310): avc:  denied  { read } for  pid=5427 comm="GPL" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   74.040353][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.108482][ T5438] netem: change failed
[   74.112771][ T5436] loop4: detected capacity change from 0 to 256
[   74.142251][ T5436] block device autoloading is deprecated and will be removed.
[   74.151251][ T5436] syz.4.659: attempt to access beyond end of device
[   74.151251][ T5436] md30: rw=2048, sector=0, nr_sectors = 8 limit=0
[   74.168509][ T5436] syz.4.659: attempt to access beyond end of device
[   74.168509][ T5436] loop4: rw=2049, sector=256, nr_sectors = 4 limit=256
[   74.201988][ T5440] loop1: detected capacity change from 0 to 2048
[   74.230693][ T5442] sctp: [Deprecated]: syz.0.662 (pid 5442) Use of int in max_burst socket option deprecated.
[   74.230693][ T5442] Use struct sctp_assoc_value instead
[   74.249026][ T5440] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.275501][   T30] audit: type=1400 audit(1742228953.519:3311): avc:  denied  { read append open } for  pid=5439 comm="syz.1.661" path="/119/file1/memory.swap.current" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   74.300714][ T5442] loop0: detected capacity change from 0 to 8192
[   74.310161][ T5447] IPv6: sit1: Disabled Multicast RS
[   74.316460][ T5447] sit1: entered allmulticast mode
[   74.323780][   T30] audit: type=1400 audit(1742228953.569:3312): avc:  denied  { map } for  pid=5439 comm="syz.1.661" path="/119/file1/memory.swap.current" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   74.347740][   T30] audit: type=1400 audit(1742228953.569:3313): avc:  denied  { write } for  pid=5439 comm="syz.1.661" path="/119/file1/memory.swap.current" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   74.386970][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.403530][ T5426] smc: removing ib device syz0
[   74.499061][ T5440] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   74.520585][ T5449] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1)
[   74.525571][ T5440] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 558 with error 28
[   74.528529][ T5449] FAT-fs (loop0): Filesystem has been set read-only
[   74.540984][ T5440] EXT4-fs (loop1): This should not happen!! Data will be lost
[   74.540984][ T5440] 
[   74.549919][ T5449] __nla_validate_parse: 3 callbacks suppressed
[   74.549938][ T5449] netlink: 140 bytes leftover after parsing attributes in process `syz.0.662'.
[   74.560261][ T5440] EXT4-fs (loop1): Total free blocks count 0
[   74.578864][ T5440] EXT4-fs (loop1): Free/Dirty block details
[   74.584862][ T5440] EXT4-fs (loop1): free_blocks=2415919504
[   74.590630][ T5440] EXT4-fs (loop1): dirty_blocks=560
[   74.595840][ T5440] EXT4-fs (loop1): Block reservation details
[   74.601868][ T5440] EXT4-fs (loop1): i_reserved_data_blocks=35
[   74.672776][ T5452] netlink: 24 bytes leftover after parsing attributes in process `syz.2.664'.
[   74.714523][ T5457] netlink: 8 bytes leftover after parsing attributes in process `syz.2.666'.
[   74.724152][ T5457] netlink: 'syz.2.666': attribute type 30 has an invalid length.
[   74.733099][ T5459] netlink: 16 bytes leftover after parsing attributes in process `syz.1.661'.
[   74.752364][ T5460] netlink: 8 bytes leftover after parsing attributes in process `syz.4.665'.
[   74.785289][ T5454] netlink: 44 bytes leftover after parsing attributes in process `syz.4.665'.
[   74.862400][ T5467] loop2: detected capacity change from 0 to 2048
[   74.872380][ T5467] EXT4-fs: Ignoring removed bh option
[   74.893211][ T1834] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   74.908836][ T5467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.938901][   T30] audit: type=1326 audit(1742228954.189:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5466 comm="syz.2.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[   75.013393][ T5476] netlink: 'syz.1.671': attribute type 4 has an invalid length.
[   75.064858][ T5481] netlink: 'syz.4.674': attribute type 10 has an invalid length.
[   75.072801][ T5481] netlink: 40 bytes leftover after parsing attributes in process `syz.4.674'.
[   75.084950][ T5483] FAULT_INJECTION: forcing a failure.
[   75.084950][ T5483] name failslab, interval 1, probability 0, space 0, times 0
[   75.097800][ T5483] CPU: 1 UID: 0 PID: 5483 Comm: syz.1.675 Not tainted 6.14.0-rc7-syzkaller #0
[   75.097829][ T5483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   75.097843][ T5483] Call Trace:
[   75.097851][ T5483]  <TASK>
[   75.097858][ T5483]  dump_stack_lvl+0xf2/0x150
[   75.097886][ T5483]  dump_stack+0x15/0x1a
[   75.097968][ T5483]  should_fail_ex+0x24a/0x260
[   75.097999][ T5483]  should_failslab+0x8f/0xb0
[   75.098048][ T5483]  kmem_cache_alloc_noprof+0x52/0x320
[   75.098095][ T5483]  ? security_file_alloc+0x32/0x100
[   75.098133][ T5483]  security_file_alloc+0x32/0x100
[   75.098161][ T5483]  init_file+0x5d/0x1b0
[   75.098181][ T5483]  alloc_empty_file+0xea/0x200
[   75.098263][ T5483]  path_openat+0x6a/0x1fc0
[   75.098293][ T5483]  ? xas_load+0x3ae/0x3d0
[   75.098329][ T5483]  ? xas_load+0x3ae/0x3d0
[   75.098382][ T5483]  ? __rcu_read_unlock+0x4e/0x70
[   75.098406][ T5483]  ? should_fail_ex+0xd7/0x260
[   75.098434][ T5483]  ? should_failslab+0x8f/0xb0
[   75.098463][ T5483]  ? kmem_cache_alloc_noprof+0x18e/0x320
[   75.098560][ T5483]  ? getname_kernel+0x3d/0x1f0
[   75.098582][ T5483]  do_file_open_root+0x1c8/0x3e0
[   75.098675][ T5483]  file_open_root+0xf9/0x120
[   75.098699][ T5483]  kernel_read_file_from_path_initns+0xe7/0x180
[   75.098803][ T5483]  _request_firmware+0x740/0xa00
[   75.098879][ T5483]  request_firmware+0x36/0x50
[   75.098914][ T5483]  devlink_compat_flash_update+0xaf/0x1b0
[   75.099015][ T5483]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[   75.099111][ T5483]  dev_ethtool+0x138b/0x14c0
[   75.099138][ T5483]  ? __rcu_read_unlock+0x4e/0x70
[   75.099166][ T5483]  dev_ioctl+0x854/0xab0
[   75.099196][ T5483]  sock_do_ioctl+0x11c/0x260
[   75.099260][ T5483]  sock_ioctl+0x40f/0x600
[   75.099342][ T5483]  ? __pfx_sock_ioctl+0x10/0x10
[   75.099379][ T5483]  __se_sys_ioctl+0xc9/0x140
[   75.099410][ T5483]  __x64_sys_ioctl+0x43/0x50
[   75.099441][ T5483]  x64_sys_call+0x1690/0x2dc0
[   75.099492][ T5483]  do_syscall_64+0xc9/0x1c0
[   75.099525][ T5483]  ? clear_bhb_loop+0x55/0xb0
[   75.099615][ T5483]  ? clear_bhb_loop+0x55/0xb0
[   75.099648][ T5483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.099686][ T5483] RIP: 0033:0x7fbabb6cd169
[   75.099701][ T5483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.099719][ T5483] RSP: 002b:00007fbab9d37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.099755][ T5483] RAX: ffffffffffffffda RBX: 00007fbabb8e5fa0 RCX: 00007fbabb6cd169
[   75.099771][ T5483] RDX: 0000400000000340 RSI: 0000000000008946 RDI: 0000000000000004
[   75.099852][ T5483] RBP: 00007fbab9d37090 R08: 0000000000000000 R09: 0000000000000000
[   75.099864][ T5483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   75.099875][ T5483] R13: 0000000000000000 R14: 00007fbabb8e5fa0 R15: 00007ffe13f3a2d8
[   75.099953][ T5483]  </TASK>
[   75.380449][ T5483] netdevsim netdevsim1: loading /lib/firmware/updates/6.14.0-rc7-syzkaller/. failed with error -12
[   75.391528][ T5483] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   75.395781][ T5481] team0: Port device geneve1 added
[   75.399826][ T5483] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   75.472922][ T5487] netlink: 24 bytes leftover after parsing attributes in process `syz.4.677'.
[   75.485416][ T5489] netlink: 8 bytes leftover after parsing attributes in process `syz.0.678'.
[   75.494371][ T5489] netlink: 'syz.0.678': attribute type 30 has an invalid length.
[   75.547516][ T5495] FAULT_INJECTION: forcing a failure.
[   75.547516][ T5495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.560751][ T5495] CPU: 0 UID: 0 PID: 5495 Comm: syz.0.681 Not tainted 6.14.0-rc7-syzkaller #0
[   75.560922][ T5495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   75.560938][ T5495] Call Trace:
[   75.560947][ T5495]  <TASK>
[   75.560957][ T5495]  dump_stack_lvl+0xf2/0x150
[   75.560992][ T5495]  dump_stack+0x15/0x1a
[   75.561018][ T5495]  should_fail_ex+0x24a/0x260
[   75.561119][ T5495]  should_fail+0xb/0x10
[   75.561153][ T5495]  should_fail_usercopy+0x1a/0x20
[   75.561231][ T5495]  _copy_from_iter+0xd5/0xd00
[   75.561275][ T5495]  ? alloc_pages_mpol+0x208/0x260
[   75.561308][ T5495]  copy_page_from_iter+0x14f/0x280
[   75.561361][ T5495]  tun_get_user+0x68b/0x25c0
[   75.561389][ T5495]  ? avc_has_perm+0xd4/0x160
[   75.561410][ T5495]  ? ref_tracker_alloc+0x1f5/0x2f0
[   75.561466][ T5495]  tun_chr_write_iter+0x188/0x240
[   75.561495][ T5495]  vfs_write+0x77b/0x920
[   75.561528][ T5495]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   75.561560][ T5495]  ksys_write+0xe8/0x1b0
[   75.561635][ T5495]  __x64_sys_write+0x42/0x50
[   75.561746][ T5495]  x64_sys_call+0x287e/0x2dc0
[   75.561870][ T5495]  do_syscall_64+0xc9/0x1c0
[   75.561909][ T5495]  ? clear_bhb_loop+0x55/0xb0
[   75.562013][ T5495]  ? clear_bhb_loop+0x55/0xb0
[   75.562048][ T5495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.562081][ T5495] RIP: 0033:0x7f72507cbc1f
[   75.562157][ T5495] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   75.562175][ T5495] RSP: 002b:00007f724ee31000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   75.562210][ T5495] RAX: ffffffffffffffda RBX: 00007f72509e5fa0 RCX: 00007f72507cbc1f
[   75.562295][ T5495] RDX: 000000000000004a RSI: 0000400000000080 RDI: 00000000000000c8
[   75.562310][ T5495] RBP: 00007f724ee31090 R08: 0000000000000000 R09: 0000000000000000
[   75.562325][ T5495] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[   75.562339][ T5495] R13: 0000000000000000 R14: 00007f72509e5fa0 R15: 00007ffd981622d8
[   75.562362][ T5495]  </TASK>
[   75.781704][ T5485] loop1: detected capacity change from 0 to 512
[   75.800125][ T5493] loop4: detected capacity change from 0 to 512
[   75.808574][ T5493] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   75.832988][ T5485] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   75.841241][ T5485] EXT4-fs (loop1): orphan cleanup on readonly fs
[   75.849623][ T5493] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #17: comm syz.4.680: iget: bad i_size value: -6917529027641081756
[   75.861163][ T5485] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   75.863260][ T5493] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.680: couldn't read orphan inode 17 (err -117)
[   75.888474][ T5485] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   75.900548][ T5514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.683'.
[   75.904732][ T5493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.923946][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.935385][ T5500] loop3: detected capacity change from 0 to 2048
[   75.968252][ T5485] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.676: bg 0: block 40: padding at end of block bitmap is not set
[   75.972128][ T5500] EXT4-fs: Ignoring removed oldalloc option
[   75.992569][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.001774][ T5485] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   76.011814][ T5485] EXT4-fs (loop1): 1 truncate cleaned up
[   76.017943][ T5485] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   76.047849][ T5500] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.060302][ T5500] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   76.098328][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.153649][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.170827][ T5534] loop4: detected capacity change from 0 to 1024
[   76.177577][ T5534] ext4: Unknown parameter 'subj_role'
[   76.194041][ T5533] netlink: 'syz.0.690': attribute type 30 has an invalid length.
[   76.308118][ T5544] loop3: detected capacity change from 0 to 2048
[   76.314950][ T5544] EXT4-fs: Ignoring removed bh option
[   76.374845][ T5544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.398807][ T5528] serio: Serial port ptm0
[   76.500419][ T5564] loop2: detected capacity change from 0 to 2048
[   76.515287][ T5567] FAULT_INJECTION: forcing a failure.
[   76.515287][ T5567] name failslab, interval 1, probability 0, space 0, times 0
[   76.518372][ T5564] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.528056][ T5567] CPU: 0 UID: 0 PID: 5567 Comm: syz.0.701 Not tainted 6.14.0-rc7-syzkaller #0
[   76.528087][ T5567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   76.528103][ T5567] Call Trace:
[   76.528113][ T5567]  <TASK>
[   76.528123][ T5567]  dump_stack_lvl+0xf2/0x150
[   76.528162][ T5567]  dump_stack+0x15/0x1a
[   76.528244][ T5567]  should_fail_ex+0x24a/0x260
[   76.528284][ T5567]  should_failslab+0x8f/0xb0
[   76.528323][ T5567]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   76.528356][ T5567]  ? security_context_to_sid_core+0x66/0x3b0
[   76.528450][ T5567]  ? avc_has_perm_noaudit+0x1cc/0x210
[   76.528477][ T5567]  kmemdup_nul+0x35/0xc0
[   76.528520][ T5567]  security_context_to_sid_core+0x66/0x3b0
[   76.528635][ T5567]  security_context_str_to_sid+0x33/0x40
[   76.528694][ T5567]  selinux_add_opt+0x1da/0x280
[   76.528735][ T5567]  selinux_fs_context_parse_param+0x7c/0xb0
[   76.528792][ T5567]  security_fs_context_parse_param+0x65/0x130
[   76.528822][ T5567]  vfs_parse_fs_param+0xff/0x290
[   76.528859][ T5567]  vfs_parse_fs_string+0x90/0xd0
[   76.528897][ T5567]  nfs_fs_context_parse_monolithic+0xd3a/0x14a0
[   76.528974][ T5567]  parse_monolithic_mount_data+0x43/0x50
[   76.529014][ T5567]  do_new_mount+0x1fa/0x690
[   76.529062][ T5567]  path_mount+0x49b/0xb30
[   76.529101][ T5567]  __se_sys_mount+0x27f/0x2d0
[   76.529138][ T5567]  ? fput+0x1c4/0x200
[   76.529167][ T5567]  __x64_sys_mount+0x67/0x80
[   76.529207][ T5567]  x64_sys_call+0x2c84/0x2dc0
[   76.529300][ T5567]  do_syscall_64+0xc9/0x1c0
[   76.529339][ T5567]  ? clear_bhb_loop+0x55/0xb0
[   76.529373][ T5567]  ? clear_bhb_loop+0x55/0xb0
[   76.529433][ T5567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.529473][ T5567] RIP: 0033:0x7f72507cd169
[   76.529494][ T5567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.529593][ T5567] RSP: 002b:00007f724ee31038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   76.529616][ T5567] RAX: ffffffffffffffda RBX: 00007f72509e5fa0 RCX: 00007f72507cd169
[   76.529631][ T5567] RDX: 00004000000000c0 RSI: 0000400000000240 RDI: 0000000000000000
[   76.529647][ T5567] RBP: 00007f724ee31090 R08: 0000400000000000 R09: 0000000000000000
[   76.529662][ T5567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   76.529677][ T5567] R13: 0000000000000000 R14: 00007f72509e5fa0 R15: 00007ffd981622d8
[   76.529702][ T5567]  </TASK>
[   76.529712][ T5567] SELinux: security_context_str_to_sid (u) failed with errno=-12
[   76.652222][ T5562] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   76.803444][ T5562] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1754 with error 28
[   76.816149][ T5562] EXT4-fs (loop2): This should not happen!! Data will be lost
[   76.816149][ T5562] 
[   76.825976][ T5562] EXT4-fs (loop2): Total free blocks count 0
[   76.832152][ T5562] EXT4-fs (loop2): Free/Dirty block details
[   76.838106][ T5562] EXT4-fs (loop2): free_blocks=2415919504
[   76.844004][ T5562] EXT4-fs (loop2): dirty_blocks=1760
[   76.849345][ T5562] EXT4-fs (loop2): Block reservation details
[   76.855589][ T5562] EXT4-fs (loop2): i_reserved_data_blocks=110
[   76.929619][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   77.140258][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.175424][ T5601] 
: renamed from bond0 (while UP)
[   77.253767][ T5608] netlink: 'syz.4.716': attribute type 30 has an invalid length.
[   77.288962][ T5609] loop1: detected capacity change from 0 to 1024
[   77.295659][ T5609] ext4: Unknown parameter 'subj_role'
[   77.547099][ T5617] xt_CT: You must specify a L4 protocol and not use inversions on it
[   77.614914][ T5620] loop4: detected capacity change from 0 to 2048
[   77.621538][ T5620] EXT4-fs: Ignoring removed bh option
[   77.637779][ T5620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.039184][ T5626] loop3: detected capacity change from 0 to 2048
[   78.045891][ T5626] EXT4-fs: Ignoring removed bh option
[   78.070971][ T5626] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.095586][ T5630] loop1: detected capacity change from 0 to 2048
[   78.102318][ T5630] EXT4-fs: Ignoring removed bh option
[   78.128408][ T5630] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.873929][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.947033][ T5644] netlink: 'syz.0.729': attribute type 4 has an invalid length.
[   79.031150][ T5649] loop0: detected capacity change from 0 to 1024
[   79.037788][ T5649] ext4: Unknown parameter 'subj_role'
[   79.315257][ T5659] loop3: detected capacity change from 0 to 2048
[   79.338247][ T5659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.353777][ T5659] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.735: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   79.378984][ T5659] bridge_slave_1 (unregistering): left allmulticast mode
[   79.386133][ T5659] bridge_slave_1 (unregistering): left promiscuous mode
[   79.393227][ T5659] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.470652][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.611726][   T30] kauditd_printk_skb: 199 callbacks suppressed
[   79.611743][   T30] audit: type=1400 audit(1742228958.859:3513): avc:  denied  { listen } for  pid=5669 comm="syz.2.739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   79.637934][   T30] audit: type=1400 audit(1742228958.859:3514): avc:  denied  { getopt } for  pid=5669 comm="syz.2.739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   79.704010][ T5674] __nla_validate_parse: 16 callbacks suppressed
[   79.704025][ T5674] netlink: 12 bytes leftover after parsing attributes in process `syz.2.741'.
[   79.845659][ T5681] loop0: detected capacity change from 0 to 2048
[   79.853683][ T5681] EXT4-fs: Ignoring removed bh option
[   79.868333][ T5681] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.888715][   T30] audit: type=1326 audit(1742228959.139:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5680 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72507cd169 code=0x7ffc0000
[   79.912192][   T30] audit: type=1326 audit(1742228959.139:3516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5680 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72507cd169 code=0x7ffc0000
[   79.935816][   T30] audit: type=1326 audit(1742228959.139:3517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5680 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72507cd169 code=0x7ffc0000
[   79.959191][   T30] audit: type=1326 audit(1742228959.139:3518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5680 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72507cd169 code=0x7ffc0000
[   79.982893][   T30] audit: type=1326 audit(1742228959.139:3519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5680 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f72507cd169 code=0x7ffc0000
[   80.006466][   T30] audit: type=1326 audit(1742228959.139:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5680 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72507cd169 code=0x7ffc0000
[   80.030172][   T30] audit: type=1326 audit(1742228959.139:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5680 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f72507cd169 code=0x7ffc0000
[   80.053541][   T30] audit: type=1326 audit(1742228959.139:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5680 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72507cd169 code=0x7ffc0000
[   80.080923][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.105641][ T5697] netlink: 8 bytes leftover after parsing attributes in process `syz.2.750'.
[   80.114534][ T5697] netlink: 'syz.2.750': attribute type 30 has an invalid length.
[   80.159791][ T5702] loop2: detected capacity change from 0 to 2048
[   80.168122][ T5702] EXT4-fs: Ignoring removed bh option
[   80.188485][ T5702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.242372][ T5700] loop0: detected capacity change from 0 to 512
[   80.265419][ T5700] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   80.296126][ T5700] EXT4-fs (loop0): 1 truncate cleaned up
[   80.312685][ T5700] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.351551][ T5709] netlink: 12 bytes leftover after parsing attributes in process `syz.3.753'.
[   80.469313][ T4735] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   80.484315][ T5712] loop3: detected capacity change from 0 to 1024
[   80.486428][ T4735] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   80.492154][ T5712] ext4: Unknown parameter 'subj_role'
[   80.502922][ T4735] EXT4-fs (loop2): This should not happen!! Data will be lost
[   80.502922][ T4735] 
[   80.517980][ T4735] EXT4-fs (loop2): Total free blocks count 0
[   80.524032][ T4735] EXT4-fs (loop2): Free/Dirty block details
[   80.529965][ T4735] EXT4-fs (loop2): free_blocks=2415919104
[   80.535705][ T4735] EXT4-fs (loop2): dirty_blocks=8224
[   80.541036][ T4735] EXT4-fs (loop2): Block reservation details
[   80.541885][ T5712] netlink: 14 bytes leftover after parsing attributes in process `syz.3.754'.
[   80.547075][ T4735] EXT4-fs (loop2): i_reserved_data_blocks=514
[   80.566419][ T1834] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   80.618074][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.640587][ T5715] SELinux: failed to load policy
[   80.678687][ T5721] netlink: 4 bytes leftover after parsing attributes in process `syz.2.758'.
[   80.774658][ T5732] loop4: detected capacity change from 0 to 512
[   80.784319][ T5732] netlink: 24 bytes leftover after parsing attributes in process `syz.4.761'.
[   81.059915][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.100668][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.127190][ T5739] netlink: 8 bytes leftover after parsing attributes in process `syz.1.765'.
[   81.149529][ T5739] netlink: 44 bytes leftover after parsing attributes in process `syz.1.765'.
[   81.198124][ T5739] netlink: 28 bytes leftover after parsing attributes in process `syz.1.765'.
[   81.207174][ T5739] netlink: 28 bytes leftover after parsing attributes in process `syz.1.765'.
[   81.304057][ T5746] loop3: detected capacity change from 0 to 512
[   81.311639][ T5746] EXT4-fs (loop3): filesystem is read-only
[   81.317940][ T5746] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   81.330109][ T5746] EXT4-fs (loop3): filesystem is read-only
[   81.336110][ T5746] EXT4-fs (loop3): orphan cleanup on readonly fs
[   81.344233][ T5746] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.768: bg 0: block 64: padding at end of block bitmap is not set
[   81.359300][ T5746] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   81.368417][ T5746] EXT4-fs (loop3): 1 orphan inode deleted
[   81.375009][ T5746] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   81.403238][ T5749] loop1: detected capacity change from 0 to 1024
[   81.417189][ T5749] EXT4-fs: Ignoring removed nobh option
[   81.423268][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.423281][ T5749] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   81.434935][ T5749] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.769: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   81.461685][ T5749] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.769: couldn't read orphan inode 11 (err -117)
[   81.474590][ T5749] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.488192][ T5749] FAULT_INJECTION: forcing a failure.
[   81.488192][ T5749] name failslab, interval 1, probability 0, space 0, times 0
[   81.500920][ T5749] CPU: 1 UID: 0 PID: 5749 Comm: syz.1.769 Not tainted 6.14.0-rc7-syzkaller #0
[   81.500995][ T5749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   81.501009][ T5749] Call Trace:
[   81.501015][ T5749]  <TASK>
[   81.501022][ T5749]  dump_stack_lvl+0xf2/0x150
[   81.501095][ T5749]  dump_stack+0x15/0x1a
[   81.501116][ T5749]  should_fail_ex+0x24a/0x260
[   81.501151][ T5749]  should_failslab+0x8f/0xb0
[   81.501185][ T5749]  kmem_cache_alloc_noprof+0x52/0x320
[   81.501250][ T5749]  ? __es_insert_extent+0x563/0xed0
[   81.501353][ T5749]  __es_insert_extent+0x563/0xed0
[   81.501384][ T5749]  ? fixup_exception+0x7c0/0xca0
[   81.501404][ T5749]  ? blk_mq_plug_issue_direct+0x3de/0x570
[   81.501433][ T5749]  ? xas_load+0x3ae/0x3d0
[   81.501511][ T5749]  ext4_es_cache_extent+0x294/0x3a0
[   81.501547][ T5749]  ext4_find_extent+0x34f/0x7c0
[   81.501573][ T5749]  ext4_ext_map_blocks+0x11f/0x35c0
[   81.501599][ T5749]  ? xas_load+0x3ae/0x3d0
[   81.501649][ T5749]  ? down_read+0x171/0x4b0
[   81.501685][ T5749]  ext4_map_query_blocks+0x71/0x180
[   81.501719][ T5749]  ext4_map_blocks+0x23c/0xd20
[   81.501782][ T5749]  ? avc_has_perm+0xd4/0x160
[   81.501808][ T5749]  ? avc_has_perm_noaudit+0x1cc/0x210
[   81.501834][ T5749]  ext4_getblk+0x11f/0x530
[   81.501869][ T5749]  ext4_bread_batch+0x5b/0x360
[   81.501951][ T5749]  __ext4_find_entry+0x822/0xef0
[   81.501974][ T5749]  ? mod_objcg_state+0x2ea/0x4f0
[   81.501999][ T5749]  ? __memcg_slab_post_alloc_hook+0x510/0x660
[   81.502029][ T5749]  ? kmem_cache_alloc_lru_noprof+0x230/0x320
[   81.502069][ T5749]  ? __d_alloc+0x3d/0x350
[   81.502093][ T5749]  ? d_set_d_op+0xa0/0x1f0
[   81.502114][ T5749]  ext4_lookup+0xba/0x390
[   81.502199][ T5749]  lookup_one_qstr_excl+0xca/0x1c0
[   81.502222][ T5749]  filename_create+0x14d/0x2b0
[   81.502256][ T5749]  do_mkdirat+0x63/0x2c0
[   81.502297][ T5749]  __x64_sys_mkdir+0x42/0x50
[   81.502331][ T5749]  x64_sys_call+0x1b2b/0x2dc0
[   81.502356][ T5749]  do_syscall_64+0xc9/0x1c0
[   81.502392][ T5749]  ? clear_bhb_loop+0x55/0xb0
[   81.502460][ T5749]  ? clear_bhb_loop+0x55/0xb0
[   81.502492][ T5749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.502524][ T5749] RIP: 0033:0x7fbabb6cd169
[   81.502541][ T5749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.502559][ T5749] RSP: 002b:00007fbab9d37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   81.502633][ T5749] RAX: ffffffffffffffda RBX: 00007fbabb8e5fa0 RCX: 00007fbabb6cd169
[   81.502649][ T5749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000000
[   81.502663][ T5749] RBP: 00007fbab9d37090 R08: 0000000000000000 R09: 0000000000000000
[   81.502678][ T5749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.502692][ T5749] R13: 0000000000000000 R14: 00007fbabb8e5fa0 R15: 00007ffe13f3a2d8
[   81.502715][ T5749]  </TASK>
[   81.505849][ T5749] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.769: Invalid block bitmap block 0 in block_group 0
[   81.546541][ T5758] loop0: detected capacity change from 0 to 2048
[   81.560011][ T5749] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.769: Failed to acquire dquot type 0
[   81.593128][ T5760] netlink: 'syz.3.774': attribute type 30 has an invalid length.
[   81.637517][ T5758] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.646380][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.656835][ T5758] EXT4-fs error (device loop0): ext4_read_inline_dir:1566: inode #12: block 9: comm syz.0.772: path /197/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=24, inode=13, rec_len=21, size=80 fake=0
[   81.885535][ T5758] EXT4-fs (loop0): Remounting filesystem read-only
[   81.912458][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.039130][ T5780] loop3: detected capacity change from 0 to 256
[   82.075896][ T5786] loop0: detected capacity change from 0 to 1024
[   82.098954][ T5780] syz.3.779: attempt to access beyond end of device
[   82.098954][ T5780] loop3: rw=2049, sector=256, nr_sectors = 4 limit=256
[   82.113668][ T5786] ext4: Unknown parameter 'subj_role'
[   82.514274][ T5808] loop3: detected capacity change from 0 to 2048
[   82.567203][ T5808] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.781: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   82.788492][ T5823] loop1: detected capacity change from 0 to 512
[   82.800103][ T5823] netlink: 'syz.1.786': attribute type 1 has an invalid length.
[   82.952675][ T5823] loop1: detected capacity change from 0 to 128
[   82.959259][ T5834] loop2: detected capacity change from 0 to 2048
[   82.966157][ T5834] EXT4-fs: Ignoring removed bh option
[   82.973152][ T5823] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.092332][ T5843] loop2: detected capacity change from 0 to 256
[   83.109198][ T5843] syz.2.792: attempt to access beyond end of device
[   83.109198][ T5843] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256
[   83.237104][ T5849] vxcan3: entered promiscuous mode
[   83.315062][ T5853] netlink: 'syz.2.797': attribute type 4 has an invalid length.
[   83.399460][ T5856] loop2: detected capacity change from 0 to 1024
[   83.406014][ T5856] ext4: Unknown parameter 'subj_role'
[   83.594932][ T5858] loop3: detected capacity change from 0 to 128
[   83.659625][ T5860] loop1: detected capacity change from 0 to 1024
[   83.695950][ T5860] EXT4-fs error (device loop1): ext4_xattr_block_find:1877: inode #15: comm syz.1.800: corrupted xattr block 145: invalid header
[   83.709539][ T5865] loop3: detected capacity change from 0 to 2048
[   83.716784][ T5865] EXT4-fs: Ignoring removed bh option
[   83.803662][ T5883] loop3: detected capacity change from 0 to 512
[   83.812351][ T5883] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   83.842076][ T5883] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   83.863746][ T5883] EXT4-fs (loop3): 1 truncate cleaned up
[   83.878610][ T5878] loop4: detected capacity change from 0 to 512
[   83.898030][ T5878] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   83.934868][ T5878] EXT4-fs (loop4): 1 truncate cleaned up
[   83.985678][ T5890] loop1: detected capacity change from 0 to 256
[   84.002047][ T5890] syz.1.805: attempt to access beyond end of device
[   84.002047][ T5890] loop1: rw=2049, sector=256, nr_sectors = 4 limit=256
[   84.550419][ T5909] loop2: detected capacity change from 0 to 512
[   84.619152][ T5910] loop2: detected capacity change from 0 to 512
[   84.636389][ T5910] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   84.680895][ T5916] loop3: detected capacity change from 0 to 512
[   84.687452][ T5910] EXT4-fs (loop2): 1 truncate cleaned up
[   84.705764][ T5916] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   84.718607][ T5919] __nla_validate_parse: 11 callbacks suppressed
[   84.718622][ T5919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.817'.
[   84.733798][ T5919] netlink: 'syz.0.817': attribute type 30 has an invalid length.
[   84.751891][ T5916] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   84.776835][ T5916] EXT4-fs (loop3): 1 truncate cleaned up
[   84.798498][ T5926] FAULT_INJECTION: forcing a failure.
[   84.798498][ T5926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.806382][   T30] kauditd_printk_skb: 227 callbacks suppressed
[   84.806402][   T30] audit: type=1400 audit(1742228964.049:3748): avc:  denied  { write } for  pid=5925 comm="syz.0.820" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   84.811654][ T5926] CPU: 0 UID: 0 PID: 5926 Comm: syz.0.820 Not tainted 6.14.0-rc7-syzkaller #0
[   84.811684][ T5926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   84.811703][ T5926] Call Trace:
[   84.811712][ T5926]  <TASK>
[   84.811722][ T5926]  dump_stack_lvl+0xf2/0x150
[   84.811758][ T5926]  dump_stack+0x15/0x1a
[   84.811785][ T5926]  should_fail_ex+0x24a/0x260
[   84.811824][ T5926]  should_fail+0xb/0x10
[   84.811858][ T5926]  should_fail_usercopy+0x1a/0x20
[   84.812007][ T5926]  _copy_to_user+0x20/0xa0
[   84.812031][ T5926]  simple_read_from_buffer+0xa0/0x110
[   84.812145][ T5926]  proc_fail_nth_read+0xf9/0x140
[   84.812185][ T5926]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   84.812222][ T5926]  vfs_read+0x19b/0x6f0
[   84.812266][ T5926]  ? __rcu_read_unlock+0x4e/0x70
[   84.812370][ T5926]  ? __fget_files+0x17c/0x1c0
[   84.812434][ T5926]  ksys_read+0xe8/0x1b0
[   84.812463][ T5926]  __x64_sys_read+0x42/0x50
[   84.812497][ T5926]  x64_sys_call+0x2874/0x2dc0
[   84.812537][ T5926]  do_syscall_64+0xc9/0x1c0
[   84.812580][ T5926]  ? clear_bhb_loop+0x55/0xb0
[   84.812615][ T5926]  ? clear_bhb_loop+0x55/0xb0
[   84.812649][ T5926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.812683][ T5926] RIP: 0033:0x7f72507cbb7c
[   84.812770][ T5926] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   84.812793][ T5926] RSP: 002b:00007f724ee31030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   84.812817][ T5926] RAX: ffffffffffffffda RBX: 00007f72509e5fa0 RCX: 00007f72507cbb7c
[   84.812833][ T5926] RDX: 000000000000000f RSI: 00007f724ee310a0 RDI: 0000000000000004
[   84.812848][ T5926] RBP: 00007f724ee31090 R08: 0000000000000000 R09: 0000000000000000
[   84.812880][ T5926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.812895][ T5926] R13: 0000000000000000 R14: 00007f72509e5fa0 R15: 00007ffd981622d8
[   84.812918][ T5926]  </TASK>
[   84.826747][ T5924] loop4: detected capacity change from 0 to 256
[   85.068382][ T5924] syz.4.819: attempt to access beyond end of device
[   85.068382][ T5924] loop4: rw=2049, sector=256, nr_sectors = 4 limit=256
[   85.106880][ T5934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.824'.
[   85.106933][   T30] audit: type=1400 audit(1742228964.359:3749): avc:  denied  { write } for  pid=5933 comm="syz.1.824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   85.177796][ T5939] loop1: detected capacity change from 0 to 512
[   85.185723][   T30] audit: type=1400 audit(1742228964.429:3750): avc:  denied  { create } for  pid=5938 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   85.204711][   T30] audit: type=1400 audit(1742228964.429:3751): avc:  denied  { ioctl } for  pid=5938 comm="+}[@" path="socket:[11241]" dev="sockfs" ino=11241 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   85.228934][   T30] audit: type=1400 audit(1742228964.429:3752): avc:  denied  { bind } for  pid=5938 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   85.268289][ T5939] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   85.338264][   T30] audit: type=1400 audit(1742228964.499:3753): avc:  denied  { execmem } for  pid=5942 comm="syz.0.828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   85.370404][ T5939] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.826: invalid indirect mapped block 4294967295 (level 0)
[   85.405143][ T5939] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.826: invalid indirect mapped block 4294967295 (level 1)
[   85.531565][ T5939] EXT4-fs (loop1): 1 orphan inode deleted
[   85.537387][ T5939] EXT4-fs (loop1): 1 truncate cleaned up
[   85.597531][ T5939] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   85.972365][   T30] audit: type=1400 audit(1742228964.839:3754): avc:  denied  { create } for  pid=5937 comm="syz.1.826" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   86.039539][ T5951] loop2: detected capacity change from 0 to 2048
[   86.089224][ T5951] EXT4-fs: Ignoring removed bh option
[   86.121296][ T5949] netlink: 16 bytes leftover after parsing attributes in process `syz.1.831'.
[   86.131641][ T5957] netlink: 'syz.3.833': attribute type 4 has an invalid length.
[   86.159795][   T30] audit: type=1326 audit(1742228965.399:3755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[   86.183228][   T30] audit: type=1326 audit(1742228965.399:3756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[   86.206635][   T30] audit: type=1326 audit(1742228965.399:3757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[   86.242801][ T5949] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   86.260950][ T5949] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   86.348830][ T5940] serio: Serial port ptm0
[   86.445325][ T5975] loop0: detected capacity change from 0 to 1024
[   86.547404][ T5975] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[   86.557433][ T5975] System zones: 0-1, 3-12
[   86.631060][ T5988] loop4: detected capacity change from 0 to 2048
[   86.654850][ T5988] EXT4-fs: Ignoring removed bh option
[   86.670363][ T5991] loop0: detected capacity change from 0 to 2048
[   86.677602][ T5991] EXT4-fs: Ignoring removed bh option
[   86.733723][ T6003] loop1: detected capacity change from 0 to 4096
[   86.744189][ T6003] FAULT_INJECTION: forcing a failure.
[   86.744189][ T6003] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   86.757653][ T6003] CPU: 0 UID: 0 PID: 6003 Comm: syz.1.849 Not tainted 6.14.0-rc7-syzkaller #0
[   86.757693][ T6003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.757719][ T6003] Call Trace:
[   86.757728][ T6003]  <TASK>
[   86.757737][ T6003]  dump_stack_lvl+0xf2/0x150
[   86.757771][ T6003]  dump_stack+0x15/0x1a
[   86.757801][ T6003]  should_fail_ex+0x24a/0x260
[   86.757837][ T6003]  should_fail_alloc_page+0xfd/0x110
[   86.757896][ T6003]  __alloc_frozen_pages_noprof+0x109/0x340
[   86.757966][ T6003]  alloc_pages_mpol+0xb4/0x260
[   86.757997][ T6003]  folio_alloc_noprof+0xee/0x140
[   86.758025][ T6003]  filemap_alloc_folio_noprof+0x69/0x220
[   86.758060][ T6003]  __filemap_get_folio+0x298/0x630
[   86.758119][ T6003]  ext4_write_begin+0x18c/0xc30
[   86.758146][ T6003]  ? __brelse+0x30/0x60
[   86.758171][ T6003]  ? ext4_mark_iloc_dirty+0xd1c/0xd60
[   86.758254][ T6003]  ? __ext4_journal_get_write_access+0x1d1/0x350
[   86.758285][ T6003]  ? ext4_reserve_inode_write+0x184/0x200
[   86.758313][ T6003]  ext4_da_write_begin+0x1b6/0x540
[   86.758405][ T6003]  generic_perform_write+0x1a8/0x4a0
[   86.758434][ T6003]  ? __mark_inode_dirty+0x45e/0x7e0
[   86.758475][ T6003]  ext4_buffered_write_iter+0x1ed/0x3c0
[   86.758597][ T6003]  ext4_file_write_iter+0x383/0xf20
[   86.758629][ T6003]  ? 0xffffffff81000000
[   86.758642][ T6003]  ? selinux_file_permission+0x22a/0x360
[   86.758675][ T6003]  ? __rcu_read_unlock+0x4e/0x70
[   86.758714][ T6003]  ? avc_policy_seqno+0x15/0x20
[   86.758737][ T6003]  ? selinux_file_permission+0x22a/0x360
[   86.758816][ T6003]  vfs_write+0x77b/0x920
[   86.758846][ T6003]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   86.758883][ T6003]  __x64_sys_pwrite64+0xf6/0x150
[   86.758936][ T6003]  x64_sys_call+0xab0/0x2dc0
[   86.758967][ T6003]  do_syscall_64+0xc9/0x1c0
[   86.758998][ T6003]  ? clear_bhb_loop+0x55/0xb0
[   86.759028][ T6003]  ? clear_bhb_loop+0x55/0xb0
[   86.759112][ T6003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.759145][ T6003] RIP: 0033:0x7fbabb6cd169
[   86.759180][ T6003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.759201][ T6003] RSP: 002b:00007fbab9d37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   86.759224][ T6003] RAX: ffffffffffffffda RBX: 00007fbabb8e5fa0 RCX: 00007fbabb6cd169
[   86.759238][ T6003] RDX: 0000000000000001 RSI: 0000400000000140 RDI: 0000000000000004
[   86.759252][ T6003] RBP: 00007fbab9d37090 R08: 0000000000000000 R09: 0000000000000000
[   86.759266][ T6003] R10: 0000000008000c61 R11: 0000000000000246 R12: 0000000000000001
[   86.759280][ T6003] R13: 0000000000000000 R14: 00007fbabb8e5fa0 R15: 00007ffe13f3a2d8
[   86.759381][ T6003]  </TASK>
[   87.049758][ T6010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.850'.
[   87.073033][ T6010] netlink: 44 bytes leftover after parsing attributes in process `syz.1.850'.
[   87.082468][ T6011] loop4: detected capacity change from 0 to 4096
[   87.090463][ T6011] ext4: Unknown parameter 'obj_role'
[   87.109315][ T6011] loop4: detected capacity change from 0 to 1024
[   87.125399][ T6010] netlink: 28 bytes leftover after parsing attributes in process `syz.1.850'.
[   87.134426][ T6010] netlink: 28 bytes leftover after parsing attributes in process `syz.1.850'.
[   87.243828][ T6018] loop3: detected capacity change from 0 to 512
[   87.270829][ T6018] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.852: bg 0: block 248: padding at end of block bitmap is not set
[   87.296841][ T6018] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.852: Failed to acquire dquot type 1
[   87.311863][ T6018] EXT4-fs (loop3): 1 truncate cleaned up
[   87.332171][ T6023] netlink: 8 bytes leftover after parsing attributes in process `syz.1.854'.
[   87.352612][ T6018] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   87.369377][ T6027] usb usb5: usbfs: process 6027 (syz.2.855) did not claim interface 0 before use
[   87.400103][ T6023] netlink: 44 bytes leftover after parsing attributes in process `syz.1.854'.
[   87.434179][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.857'.
[   87.558813][ T6043] loop2: detected capacity change from 0 to 1024
[   87.565491][ T6043] ext4: Unknown parameter 'subj_role'
[   87.604952][ T6049] usb usb5: usbfs: process 6049 (syz.3.862) did not claim interface 0 before use
[   87.653264][ T6055] loop1: detected capacity change from 0 to 256
[   87.668683][ T6055] /dev/loop1: Can't open blockdev
[   87.910129][ T6076] loop4: detected capacity change from 0 to 512
[   87.987844][ T6076] netlink: 'syz.4.871': attribute type 1 has an invalid length.
[   88.180109][ T6076] loop4: detected capacity change from 0 to 128
[   88.189822][ T6076] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.305187][ T6093] loop3: detected capacity change from 0 to 512
[   88.354230][ T6093] EXT4-fs (loop3): orphan cleanup on readonly fs
[   88.377826][ T6093] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.878: bg 0: block 248: padding at end of block bitmap is not set
[   88.397237][ T6093] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.878: Failed to acquire dquot type 1
[   88.409167][ T6093] EXT4-fs (loop3): 1 truncate cleaned up
[   88.418113][ T6093] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   88.447743][ T6093] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   88.686614][ T6110] loop0: detected capacity change from 0 to 128
[   88.833767][ T6115] serio: Serial port ptm0
[   88.850797][ T6115] loop0: detected capacity change from 0 to 512
[   88.907575][ T6115] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.890: bg 0: block 248: padding at end of block bitmap is not set
[   88.926431][ T6119] loop1: detected capacity change from 0 to 128
[   88.944904][ T6115] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.890: Failed to acquire dquot type 1
[   88.959189][ T6115] EXT4-fs (loop0): 1 truncate cleaned up
[   88.966198][ T6115] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.979279][ T6115] netlink: 'syz.0.890': attribute type 1 has an invalid length.
[   88.996229][ T6115] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.012213][ T6115] EXT4-fs error (device loop0): ext4_lookup:1817: inode #2: comm syz.0.890: deleted inode referenced: 12
[   89.025444][ T6125] loop4: detected capacity change from 0 to 1024
[   89.032241][ T6125] ext4: Unknown parameter 'subj_role'
[   89.046720][ T6115] 8021q: adding VLAN 0 to HW filter on device batadv1
[   89.057470][ T6115] bond0: (slave batadv1): making interface the new active one
[   89.066440][ T6115] bond0: (slave batadv1): Enslaving as an active interface with an up link
[   89.084107][ T6127] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=3088 sclass=netlink_xfrm_socket pid=6127 comm=+}[@
[   89.133280][ T6129] loop1: detected capacity change from 0 to 1024
[   89.140055][ T6129] EXT4-fs: Ignoring removed nobh option
[   89.145768][ T6129] ext4: Unknown parameter 'nouser_xattr'
[   89.249973][ T6133] loop0: detected capacity change from 0 to 256
[   89.309069][ T6133] syz.0.894: attempt to access beyond end of device
[   89.309069][ T6133] loop0: rw=2049, sector=256, nr_sectors = 4 limit=256
[   89.417852][ T6145] serio: Serial port ptm0
[   89.462103][ T6147] loop0: detected capacity change from 0 to 2048
[   89.472406][ T6149] netlink: 'syz.3.900': attribute type 4 has an invalid length.
[   89.501643][ T6151] netlink: 'syz.3.901': attribute type 30 has an invalid length.
[   89.738374][ T6157] loop0: detected capacity change from 0 to 2048
[   89.745191][ T6157] EXT4-fs: Ignoring removed bh option
[   89.816471][ T6160] loop3: detected capacity change from 0 to 128
[   90.225027][ T6155] syz.3.902: attempt to access beyond end of device
[   90.225027][ T6155] loop3: rw=2049, sector=169, nr_sectors = 848 limit=128
[   90.241295][ T6155] __nla_validate_parse: 8 callbacks suppressed
[   90.241314][ T6155] netlink: 24 bytes leftover after parsing attributes in process `syz.3.902'.
[   90.283872][   T30] kauditd_printk_skb: 135 callbacks suppressed
[   90.283889][   T30] audit: type=1400 audit(1742228969.529:3886): avc:  denied  { name_connect } for  pid=6169 comm="syz.1.905" dest=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[   90.339839][   T30] audit: type=1400 audit(1742228969.529:3887): avc:  denied  { shutdown } for  pid=6169 comm="syz.1.905" lport=50993 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   90.360724][   T30] audit: type=1400 audit(1742228969.529:3888): avc:  denied  { getopt } for  pid=6169 comm="syz.1.905" lport=50993 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   90.466340][   T30] audit: type=1400 audit(1742228969.639:3889): avc:  denied  { create } for  pid=6162 comm="syz.4.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   90.525514][ T6176] loop1: detected capacity change from 0 to 256
[   90.550130][ T6176] syz.1.908: attempt to access beyond end of device
[   90.550130][ T6176] loop1: rw=2049, sector=256, nr_sectors = 4 limit=256
[   90.572056][ T5793] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   90.614014][ T5793] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   90.620610][ T6180] loop1: detected capacity change from 0 to 512
[   90.626435][ T5793] EXT4-fs (loop0): This should not happen!! Data will be lost
[   90.626435][ T5793] 
[   90.642320][ T5793] EXT4-fs (loop0): Total free blocks count 0
[   90.648394][ T5793] EXT4-fs (loop0): Free/Dirty block details
[   90.654288][ T5793] EXT4-fs (loop0): free_blocks=2415919104
[   90.660096][ T5793] EXT4-fs (loop0): dirty_blocks=8224
[   90.665408][ T5793] EXT4-fs (loop0): Block reservation details
[   90.669264][ T6180] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   90.671513][ T5793] EXT4-fs (loop0): i_reserved_data_blocks=514
[   90.691161][ T5793] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   90.703747][ T5793] EXT4-fs (loop0): This should not happen!! Data will be lost
[   90.703747][ T5793] 
[   90.715809][ T6180] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   90.790161][ T6180] EXT4-fs (loop1): 1 truncate cleaned up
[   90.822208][ T6184] loop3: detected capacity change from 0 to 1024
[   90.829029][ T6184] ext4: Unknown parameter 'subj_role'
[   90.894153][ T6184] netlink: 14 bytes leftover after parsing attributes in process `syz.3.912'.
[   91.070473][ T6189] netlink: 'syz.4.914': attribute type 4 has an invalid length.
[   91.219796][ T6195] loop4: detected capacity change from 0 to 164
[   91.256601][ T6199] loop0: detected capacity change from 0 to 1024
[   91.279791][ T6199] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[   91.288670][ T6199] System zones: 0-1, 3-12
[   91.309748][ T6203] loop4: detected capacity change from 0 to 1024
[   91.330120][ T6203] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[   91.340530][ T6203] System zones: 0-1, 3-12
[   91.360982][ T6209] loop2: detected capacity change from 0 to 2048
[   91.367794][ T6209] EXT4-fs: Ignoring removed bh option
[   91.491770][   T30] audit: type=1400 audit(1742228970.739:3890): avc:  denied  { create } for  pid=6206 comm="syz.0.921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   91.518690][   T30] audit: type=1400 audit(1742228970.739:3891): avc:  denied  { connect } for  pid=6206 comm="syz.0.921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   91.611839][ T6229] netlink: 48 bytes leftover after parsing attributes in process `syz.0.929'.
[   91.642296][ T6231] loop3: detected capacity change from 0 to 2048
[   91.649101][ T6231] EXT4-fs: Ignoring removed bh option
[   91.655450][ T6233] loop4: detected capacity change from 0 to 256
[   91.773828][ T6244] loop0: detected capacity change from 0 to 512
[   91.800993][ T6244] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   91.822003][ T6247] loop4: detected capacity change from 0 to 1024
[   91.831184][ T6247] ext4: Unknown parameter 'subj_role'
[   91.878195][ T6244] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   91.896656][ T6244] EXT4-fs (loop0): 1 truncate cleaned up
[   91.904506][ T6247] netlink: 14 bytes leftover after parsing attributes in process `syz.4.933'.
[   91.932144][ T5795] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   91.949638][ T5795] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   91.961948][ T5795] EXT4-fs (loop2): This should not happen!! Data will be lost
[   91.961948][ T5795] 
[   91.971712][ T5795] EXT4-fs (loop2): Total free blocks count 0
[   91.977785][ T5795] EXT4-fs (loop2): Free/Dirty block details
[   91.983757][ T5795] EXT4-fs (loop2): free_blocks=2415919104
[   91.989550][ T5795] EXT4-fs (loop2): dirty_blocks=8224
[   91.994861][ T5795] EXT4-fs (loop2): Block reservation details
[   92.000851][ T5795] EXT4-fs (loop2): i_reserved_data_blocks=514
[   92.009270][ T4737] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   92.011472][ T5795] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   92.026766][ T4737] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   92.036609][ T5795] EXT4-fs (loop2): This should not happen!! Data will be lost
[   92.036609][ T5795] 
[   92.058463][ T4737] EXT4-fs (loop3): This should not happen!! Data will be lost
[   92.058463][ T4737] 
[   92.068360][ T4737] EXT4-fs (loop3): Total free blocks count 0
[   92.074464][ T4737] EXT4-fs (loop3): Free/Dirty block details
[   92.080401][ T4737] EXT4-fs (loop3): free_blocks=2415919104
[   92.086210][ T4737] EXT4-fs (loop3): dirty_blocks=8224
[   92.091529][ T4737] EXT4-fs (loop3): Block reservation details
[   92.097647][ T4737] EXT4-fs (loop3): i_reserved_data_blocks=514
[   92.108095][ T4737] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   92.120699][ T4737] EXT4-fs (loop3): This should not happen!! Data will be lost
[   92.120699][ T4737] 
[   92.173401][ T6256] loop1: detected capacity change from 0 to 2048
[   92.180530][ T6256] EXT4-fs: Ignoring removed bh option
[   92.218365][ T6260] loop3: detected capacity change from 0 to 1024
[   92.225416][   T30] audit: type=1326 audit(1742228971.469:3892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6255 comm="syz.1.941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   92.248832][   T30] audit: type=1326 audit(1742228971.469:3893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6255 comm="syz.1.941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   92.272278][   T30] audit: type=1326 audit(1742228971.469:3894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6255 comm="syz.1.941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   92.295638][   T30] audit: type=1326 audit(1742228971.469:3895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6255 comm="syz.1.941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   92.363878][ T6268] loop3: detected capacity change from 0 to 256
[   92.412493][ T6270] netlink: 8 bytes leftover after parsing attributes in process `syz.3.944'.
[   92.412625][ T6274] loop2: detected capacity change from 0 to 1024
[   92.438168][ T6270] netlink: 44 bytes leftover after parsing attributes in process `syz.3.944'.
[   92.479272][ T6270] netlink: 28 bytes leftover after parsing attributes in process `syz.3.944'.
[   92.488254][ T6270] netlink: 28 bytes leftover after parsing attributes in process `syz.3.944'.
[   92.541598][ T6284] loop2: detected capacity change from 0 to 2048
[   92.548424][ T6284] EXT4-fs: Ignoring removed bh option
[   92.601735][ T6288] loop4: detected capacity change from 0 to 512
[   92.646732][ T6291] netlink: 24 bytes leftover after parsing attributes in process `syz.0.950'.
[   92.672802][ T6293] usb usb5: usbfs: process 6293 (syz.3.951) did not claim interface 0 before use
[   92.757981][ T6302] FAULT_INJECTION: forcing a failure.
[   92.757981][ T6302] name failslab, interval 1, probability 0, space 0, times 0
[   92.770651][ T6302] CPU: 1 UID: 0 PID: 6302 Comm: syz.3.955 Not tainted 6.14.0-rc7-syzkaller #0
[   92.770677][ T6302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   92.770753][ T6302] Call Trace:
[   92.770762][ T6302]  <TASK>
[   92.770771][ T6302]  dump_stack_lvl+0xf2/0x150
[   92.770837][ T6302]  dump_stack+0x15/0x1a
[   92.770864][ T6302]  should_fail_ex+0x24a/0x260
[   92.770978][ T6302]  ? rtnl_newlink+0x5d/0x1250
[   92.771010][ T6302]  should_failslab+0x8f/0xb0
[   92.771060][ T6302]  __kmalloc_cache_noprof+0x4e/0x320
[   92.771106][ T6302]  ? __pfx_rtnl_newlink+0x10/0x10
[   92.771140][ T6302]  rtnl_newlink+0x5d/0x1250
[   92.771173][ T6302]  ? free_frozen_page_commit+0x67/0x270
[   92.771343][ T6302]  ? xas_load+0x3ae/0x3d0
[   92.771429][ T6302]  ? xas_load+0x3ae/0x3d0
[   92.771465][ T6302]  ? __rcu_read_unlock+0x4e/0x70
[   92.771493][ T6302]  ? xa_load+0xb9/0xe0
[   92.771538][ T6302]  ? mod_objcg_state+0x2d1/0x4f0
[   92.771587][ T6302]  ? sysvec_irq_work+0xe/0x80
[   92.771680][ T6302]  ? __rcu_read_unlock+0x4e/0x70
[   92.771709][ T6302]  ? avc_has_perm_noaudit+0x1cc/0x210
[   92.771738][ T6302]  ? selinux_capable+0x1f2/0x260
[   92.771772][ T6302]  ? security_capable+0x81/0x90
[   92.771815][ T6302]  ? ns_capable+0x7d/0xb0
[   92.771922][ T6302]  ? __pfx_rtnl_newlink+0x10/0x10
[   92.771957][ T6302]  rtnetlink_rcv_msg+0x651/0x710
[   92.771992][ T6302]  ? avc_has_perm_noaudit+0x1cc/0x210
[   92.772091][ T6302]  netlink_rcv_skb+0x12c/0x230
[   92.772172][ T6302]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   92.772212][ T6302]  rtnetlink_rcv+0x1c/0x30
[   92.772243][ T6302]  netlink_unicast+0x599/0x670
[   92.772286][ T6302]  netlink_sendmsg+0x5cc/0x6e0
[   92.772393][ T6302]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.772435][ T6302]  __sock_sendmsg+0x140/0x180
[   92.772467][ T6302]  ____sys_sendmsg+0x326/0x4b0
[   92.772567][ T6302]  __sys_sendmsg+0x19d/0x230
[   92.772615][ T6302]  __x64_sys_sendmsg+0x46/0x50
[   92.772645][ T6302]  x64_sys_call+0x2734/0x2dc0
[   92.772676][ T6302]  do_syscall_64+0xc9/0x1c0
[   92.772794][ T6302]  ? clear_bhb_loop+0x55/0xb0
[   92.772829][ T6302]  ? clear_bhb_loop+0x55/0xb0
[   92.772877][ T6302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.772985][ T6302] RIP: 0033:0x7f90d737d169
[   92.773046][ T6302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.773067][ T6302] RSP: 002b:00007f90d59e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.773088][ T6302] RAX: ffffffffffffffda RBX: 00007f90d7595fa0 RCX: 00007f90d737d169
[   92.773102][ T6302] RDX: 0000000004008088 RSI: 0000400000000140 RDI: 0000000000000005
[   92.773117][ T6302] RBP: 00007f90d59e7090 R08: 0000000000000000 R09: 0000000000000000
[   92.773129][ T6302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.773183][ T6302] R13: 0000000000000000 R14: 00007f90d7595fa0 R15: 00007ffef9f27248
[   92.773203][ T6302]  </TASK>
[   92.787215][ T6299] dccp_v4_rcv: dropped packet with invalid checksum
[   92.930505][ T6316] netlink: 14 bytes leftover after parsing attributes in process `syz.3.960'.
[   93.082418][ T4104] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   93.107435][ T4104] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   93.115145][ T6322] FAULT_INJECTION: forcing a failure.
[   93.115145][ T6322] name failslab, interval 1, probability 0, space 0, times 0
[   93.119841][ T4104] EXT4-fs (loop2): This should not happen!! Data will be lost
[   93.119841][ T4104] 
[   93.132600][ T6322] CPU: 0 UID: 0 PID: 6322 Comm: syz.0.962 Not tainted 6.14.0-rc7-syzkaller #0
[   93.132627][ T6322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   93.132645][ T6322] Call Trace:
[   93.132654][ T6322]  <TASK>
[   93.132663][ T6322]  dump_stack_lvl+0xf2/0x150
[   93.132708][ T6322]  dump_stack+0x15/0x1a
[   93.132815][ T6322]  should_fail_ex+0x24a/0x260
[   93.132855][ T6322]  should_failslab+0x8f/0xb0
[   93.132895][ T6322]  kmem_cache_alloc_noprof+0x52/0x320
[   93.132927][ T6322]  ? skb_clone+0x154/0x1f0
[   93.132963][ T6322]  skb_clone+0x154/0x1f0
[   93.133004][ T6322]  __netlink_deliver_tap+0x2bd/0x4f0
[   93.133112][ T6322]  netlink_unicast+0x64a/0x670
[   93.133154][ T6322]  netlink_sendmsg+0x5cc/0x6e0
[   93.133216][ T6322]  ? __pfx_netlink_sendmsg+0x10/0x10
[   93.133259][ T6322]  __sock_sendmsg+0x140/0x180
[   93.133365][ T6322]  ____sys_sendmsg+0x326/0x4b0
[   93.133396][ T6322]  __sys_sendmsg+0x19d/0x230
[   93.133449][ T6322]  __x64_sys_sendmsg+0x46/0x50
[   93.133483][ T6322]  x64_sys_call+0x2734/0x2dc0
[   93.133567][ T6322]  do_syscall_64+0xc9/0x1c0
[   93.133678][ T6322]  ? clear_bhb_loop+0x55/0xb0
[   93.133729][ T6322]  ? clear_bhb_loop+0x55/0xb0
[   93.133789][ T6322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.133824][ T6322] RIP: 0033:0x7f72507cd169
[   93.133843][ T6322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.133881][ T6322] RSP: 002b:00007f724ee10038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.133942][ T6322] RAX: ffffffffffffffda RBX: 00007f72509e6080 RCX: 00007f72507cd169
[   93.133958][ T6322] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 000000000000000c
[   93.133990][ T6322] RBP: 00007f724ee10090 R08: 0000000000000000 R09: 0000000000000000
[   93.134006][ T6322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.134021][ T6322] R13: 0000000000000000 R14: 00007f72509e6080 R15: 00007ffd981622d8
[   93.134045][ T6322]  </TASK>
[   93.340931][ T4104] EXT4-fs (loop2): Total free blocks count 0
[   93.347090][ T4104] EXT4-fs (loop2): Free/Dirty block details
[   93.353035][ T4104] EXT4-fs (loop2): free_blocks=2415919104
[   93.358828][ T4104] EXT4-fs (loop2): dirty_blocks=8224
[   93.364120][ T4104] EXT4-fs (loop2): Block reservation details
[   93.370334][ T4104] EXT4-fs (loop2): i_reserved_data_blocks=514
[   93.381506][ T4104] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   93.394483][ T4104] EXT4-fs (loop2): This should not happen!! Data will be lost
[   93.394483][ T4104] 
[   93.458420][ T6338] netlink: 'syz.1.967': attribute type 4 has an invalid length.
[   93.653717][ T6353] loop2: detected capacity change from 0 to 4096
[   93.666105][ T6353] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #15: comm syz.2.972: corrupted inode contents
[   93.678367][ T6353] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #15: comm syz.2.972: mark_inode_dirty error
[   93.690295][ T6353] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #15: comm syz.2.972: corrupted inode contents
[   93.702512][ T6353] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.972: mark_inode_dirty error
[   93.713998][ T6353] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #15: comm syz.2.972: corrupted inode contents
[   93.726451][ T6353] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.972: mark_inode_dirty error
[   93.738061][ T6353] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #15: comm syz.2.972: corrupted inode contents
[   93.751062][ T6353] EXT4-fs error (device loop2): ext4_truncate:4240: inode #15: comm syz.2.972: mark_inode_dirty error
[   93.762532][ T6353] EXT4-fs error (device loop2) in ext4_setattr:5569: Corrupt filesystem
[   93.771185][ T6357] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #15: comm syz.2.972: corrupted inode contents
[   93.916756][ T6365] FAULT_INJECTION: forcing a failure.
[   93.916756][ T6365] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.929854][ T6365] CPU: 1 UID: 0 PID: 6365 Comm: syz.0.976 Not tainted 6.14.0-rc7-syzkaller #0
[   93.929948][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   93.929964][ T6365] Call Trace:
[   93.929971][ T6365]  <TASK>
[   93.929978][ T6365]  dump_stack_lvl+0xf2/0x150
[   93.930040][ T6365]  dump_stack+0x15/0x1a
[   93.930058][ T6365]  should_fail_ex+0x24a/0x260
[   93.930084][ T6365]  should_fail+0xb/0x10
[   93.930159][ T6365]  should_fail_usercopy+0x1a/0x20
[   93.930186][ T6365]  _copy_to_user+0x20/0xa0
[   93.930203][ T6365]  simple_read_from_buffer+0xa0/0x110
[   93.930227][ T6365]  proc_fail_nth_read+0xf9/0x140
[   93.930272][ T6365]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   93.930296][ T6365]  vfs_read+0x19b/0x6f0
[   93.930348][ T6365]  ? ipv6_setsockopt+0xd1/0x130
[   93.930376][ T6365]  ? __rcu_read_unlock+0x4e/0x70
[   93.930395][ T6365]  ? __fget_files+0x17c/0x1c0
[   93.930486][ T6365]  ksys_read+0xe8/0x1b0
[   93.930584][ T6365]  __x64_sys_read+0x42/0x50
[   93.930632][ T6365]  x64_sys_call+0x2874/0x2dc0
[   93.930708][ T6365]  do_syscall_64+0xc9/0x1c0
[   93.930734][ T6365]  ? clear_bhb_loop+0x55/0xb0
[   93.930757][ T6365]  ? clear_bhb_loop+0x55/0xb0
[   93.930833][ T6365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.930925][ T6365] RIP: 0033:0x7f72507cbb7c
[   93.930939][ T6365] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   93.930955][ T6365] RSP: 002b:00007f724ee31030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   93.930973][ T6365] RAX: ffffffffffffffda RBX: 00007f72509e5fa0 RCX: 00007f72507cbb7c
[   93.931023][ T6365] RDX: 000000000000000f RSI: 00007f724ee310a0 RDI: 0000000000000004
[   93.931037][ T6365] RBP: 00007f724ee31090 R08: 0000000000000000 R09: 0000000000000000
[   93.931049][ T6365] R10: 0000400000000040 R11: 0000000000000246 R12: 0000000000000001
[   93.931077][ T6365] R13: 0000000000000000 R14: 00007f72509e5fa0 R15: 00007ffd981622d8
[   93.931094][ T6365]  </TASK>
[   94.172692][ T6371] loop3: detected capacity change from 0 to 128
[   94.310147][ T6378] loop2: detected capacity change from 0 to 512
[   94.321276][ T6378] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   94.339955][ T6378] EXT4-fs (loop2): 1 orphan inode deleted
[   94.345756][ T6378] EXT4-fs (loop2): 1 truncate cleaned up
[   94.399695][ T6378] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   94.416610][ T6378] EXT4-fs (loop2): Remounting filesystem read-only
[   94.556583][ T6389] loop0: detected capacity change from 0 to 512
[   94.843977][ T6397] loop1: detected capacity change from 0 to 1024
[   94.866508][ T6397] ext4: Unknown parameter 'subj_role'
[   95.042964][ T6399] loop3: detected capacity change from 0 to 256
[   95.103095][ T6399] syz.3.988: attempt to access beyond end of device
[   95.103095][ T6399] loop3: rw=2049, sector=256, nr_sectors = 4 limit=256
[   95.290902][ T6415] netlink: 'syz.2.994': attribute type 4 has an invalid length.
[   95.300000][ T6417] usb usb5: usbfs: process 6417 (syz.4.995) did not claim interface 0 before use
[   95.364594][ T6423] usb usb5: usbfs: process 6423 (syz.4.998) did not claim interface 0 before use
[   95.394504][ T6426] loop4: detected capacity change from 0 to 128
[   95.676113][ T6443] netlink: 'syz.2.1006': attribute type 4 has an invalid length.
[   95.727636][ T6450] __nla_validate_parse: 8 callbacks suppressed
[   95.727652][ T6450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1009'.
[   95.768652][ T6450] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1009'.
[   95.820959][ T6450] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1009'.
[   95.830129][ T6450] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1009'.
[   95.831348][ T6454] loop2: detected capacity change from 0 to 1024
[   95.853062][ T6454] ext4: Unknown parameter 'subj_role'
[   95.884243][ T6454] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1010'.
[   95.970031][ T6457] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1011'.
[   96.141665][ T6468] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1015'.
[   96.172562][ T6472] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1016'.
[   96.194750][ T6472] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.216692][ T6472] bridge_slave_1 (unregistering): left allmulticast mode
[   96.223867][ T6472] bridge_slave_1 (unregistering): left promiscuous mode
[   96.230910][ T6472] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.448983][ T6488] serio: Serial port ptm0
[   96.467345][ T6493] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1024'.
[   96.535616][ T6496] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6496 comm=syz.1.1026
[   96.632097][   T30] kauditd_printk_skb: 34 callbacks suppressed
[   96.632116][   T30] audit: type=1400 audit(18139566.884:3928): avc:  denied  { create } for  pid=6497 comm="syz.2.1027" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   96.660422][ T6500] loop1: detected capacity change from 0 to 164
[   96.677090][ T6500] Unable to read rock-ridge attributes
[   96.690189][ T6502] loop2: detected capacity change from 0 to 512
[   96.697768][ T6502] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   96.720986][ T6502] audit: audit_backlog=65 > audit_backlog_limit=64
[   96.727713][ T6502] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[   96.735358][ T6502] audit: backlog limit exceeded
[   96.740448][   T30] audit: type=1326 audit(18139566.894:3929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.1.1028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   96.763769][   T30] audit: type=1326 audit(18139566.894:3930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.1.1028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   96.787112][   T30] audit: type=1326 audit(18139566.894:3931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.1.1028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   96.810492][   T30] audit: type=1326 audit(18139566.894:3932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.1.1028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   96.833866][   T30] audit: type=1326 audit(18139566.894:3933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.1.1028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   96.849343][ T6507] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1029'.
[   96.857263][   T30] audit: type=1326 audit(18139566.894:3934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.1.1028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fbabb6cd169 code=0x7ffc0000
[   97.095293][ T6513] loop1: detected capacity change from 0 to 128
[   97.388113][ T6530] loop4: detected capacity change from 0 to 2048
[   97.394791][ T6530] EXT4-fs: Ignoring removed bh option
[   97.565384][ T6544] loop3: detected capacity change from 0 to 1024
[   97.574592][ T6544] ext4: Unknown parameter 'subj_role'
[   97.626782][ T5775] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   97.641817][ T5775] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   97.654091][ T5775] EXT4-fs (loop4): This should not happen!! Data will be lost
[   97.654091][ T5775] 
[   97.663871][ T5775] EXT4-fs (loop4): Total free blocks count 0
[   97.669911][ T5775] EXT4-fs (loop4): Free/Dirty block details
[   97.675813][ T5775] EXT4-fs (loop4): free_blocks=2415919104
[   97.681657][ T5775] EXT4-fs (loop4): dirty_blocks=8224
[   97.687046][ T5775] EXT4-fs (loop4): Block reservation details
[   97.693073][ T5775] EXT4-fs (loop4): i_reserved_data_blocks=514
[   97.703581][ T5775] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[   97.716303][ T5775] EXT4-fs (loop4): This should not happen!! Data will be lost
[   97.716303][ T5775] 
[   97.811184][ T6554] netlink: 'syz.4.1045': attribute type 4 has an invalid length.
[   97.831751][ T6556] loop2: detected capacity change from 0 to 164
[   97.842641][ T6556] syz.2.1047: attempt to access beyond end of device
[   97.842641][ T6556] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   97.857186][ T6556] syz.2.1047: attempt to access beyond end of device
[   97.857186][ T6556] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   98.070195][ T6584] loop2: detected capacity change from 0 to 256
[   98.100233][ T6588] loop1: detected capacity change from 0 to 128
[   98.109355][ T6584] syz.2.1061: attempt to access beyond end of device
[   98.109355][ T6584] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256
[   98.200023][ T6599] loop1: detected capacity change from 0 to 128
[   98.388089][ T6617] syz.3.1075 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   98.415133][ T6620] loop0: detected capacity change from 0 to 128
[   98.428466][ T6623] loop4: detected capacity change from 0 to 256
[   98.444207][ T6623] syz.4.1078: attempt to access beyond end of device
[   98.444207][ T6623] loop4: rw=2049, sector=256, nr_sectors = 4 limit=256
[   98.520004][ T6633] loop4: detected capacity change from 0 to 1024
[   98.525786][ T6631] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=6631 comm=syz.2.1080
[   98.539220][ T6633] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[   98.547886][ T6633] System zones: 0-1, 3-12
[   98.552925][ T6633] EXT4-fs mount: 68 callbacks suppressed
[   98.552937][ T6633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.587133][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.610439][ T6628] serio: Serial port ptm0
[   98.716225][ T6653] loop1: detected capacity change from 0 to 1024
[   98.722878][ T6653] ext4: Unknown parameter 'subj_role'
[   98.846393][ T6658] loop4: detected capacity change from 0 to 2048
[   98.853020][ T6658] EXT4-fs: Ignoring removed bh option
[   98.870917][ T6658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.959284][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.989051][ T6676] loop4: detected capacity change from 0 to 1024
[   99.007564][ T6676] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[   99.015767][ T6676] System zones: 0-1, 3-12
[   99.021797][ T6676] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.046413][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.129475][ T6680] serio: Serial port ptm0
[   99.351206][ T6693] loop2: detected capacity change from 0 to 256
[   99.368738][ T6693] syz.2.1099: attempt to access beyond end of device
[   99.368738][ T6693] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256
[   99.698586][ T6718] loop3: detected capacity change from 0 to 512
[   99.758413][ T6718] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   99.799728][ T6718] EXT4-fs (loop3): 1 orphan inode deleted
[   99.805632][ T6718] EXT4-fs (loop3): 1 truncate cleaned up
[   99.823510][ T6718] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.842326][ T6718] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   99.858334][ T6718] EXT4-fs (loop3): Remounting filesystem read-only
[  100.012033][ T6727] FAULT_INJECTION: forcing a failure.
[  100.012033][ T6727] name failslab, interval 1, probability 0, space 0, times 0
[  100.024752][ T6727] CPU: 0 UID: 0 PID: 6727 Comm: syz.4.1112 Not tainted 6.14.0-rc7-syzkaller #0
[  100.024781][ T6727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  100.024797][ T6727] Call Trace:
[  100.024805][ T6727]  <TASK>
[  100.024838][ T6727]  dump_stack_lvl+0xf2/0x150
[  100.024874][ T6727]  dump_stack+0x15/0x1a
[  100.024899][ T6727]  should_fail_ex+0x24a/0x260
[  100.024941][ T6727]  should_failslab+0x8f/0xb0
[  100.025047][ T6727]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  100.025079][ T6727]  ? ip6_setup_cork+0x30d/0x7f0
[  100.025171][ T6727]  kmemdup_noprof+0x2b/0x70
[  100.025207][ T6727]  ip6_setup_cork+0x30d/0x7f0
[  100.025234][ T6727]  ip6_make_skb+0x102/0x510
[  100.025288][ T6727]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  100.025313][ T6727]  udpv6_sendmsg+0x14c7/0x15b0
[  100.025354][ T6727]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  100.025390][ T6727]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  100.025499][ T6727]  inet6_sendmsg+0xaf/0xd0
[  100.025535][ T6727]  __sock_sendmsg+0x8b/0x180
[  100.025649][ T6727]  ____sys_sendmsg+0x326/0x4b0
[  100.025682][ T6727]  __sys_sendmsg+0x19d/0x230
[  100.025721][ T6727]  __x64_sys_sendmsg+0x46/0x50
[  100.025779][ T6727]  x64_sys_call+0x2734/0x2dc0
[  100.025805][ T6727]  do_syscall_64+0xc9/0x1c0
[  100.025838][ T6727]  ? clear_bhb_loop+0x55/0xb0
[  100.025871][ T6727]  ? clear_bhb_loop+0x55/0xb0
[  100.025961][ T6727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.025992][ T6727] RIP: 0033:0x7f9b13add169
[  100.026011][ T6727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.026031][ T6727] RSP: 002b:00007f9b12147038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.026050][ T6727] RAX: ffffffffffffffda RBX: 00007f9b13cf5fa0 RCX: 00007f9b13add169
[  100.026063][ T6727] RDX: 0000000000000000 RSI: 0000400000000600 RDI: 0000000000000004
[  100.026111][ T6727] RBP: 00007f9b12147090 R08: 0000000000000000 R09: 0000000000000000
[  100.026122][ T6727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.026202][ T6727] R13: 0000000000000000 R14: 00007f9b13cf5fa0 R15: 00007ffe218730a8
[  100.026221][ T6727]  </TASK>
[  100.316744][ T6729] loop1: detected capacity change from 0 to 2048
[  100.333584][ T6729] EXT4-fs: Ignoring removed bh option
[  100.372235][ T6729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.409287][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.504774][ T6745] loop3: detected capacity change from 0 to 128
[  100.667659][ T6761] loop4: detected capacity change from 0 to 1024
[  100.687399][ T6761] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[  100.695574][ T6761] System zones: 0-1, 3-12
[  100.701529][ T6761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.732058][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.846978][ T6776] loop4: detected capacity change from 0 to 1024
[  100.853784][ T6776] EXT4-fs: Ignoring removed nomblk_io_submit option
[  100.864543][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.881982][ T6776] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.899374][ T6776] FAULT_INJECTION: forcing a failure.
[  100.899374][ T6776] name failslab, interval 1, probability 0, space 0, times 0
[  100.912117][ T6776] CPU: 1 UID: 0 PID: 6776 Comm: syz.4.1128 Not tainted 6.14.0-rc7-syzkaller #0
[  100.912218][ T6776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  100.912234][ T6776] Call Trace:
[  100.912242][ T6776]  <TASK>
[  100.912250][ T6776]  dump_stack_lvl+0xf2/0x150
[  100.912289][ T6776]  dump_stack+0x15/0x1a
[  100.912315][ T6776]  should_fail_ex+0x24a/0x260
[  100.912352][ T6776]  should_failslab+0x8f/0xb0
[  100.912423][ T6776]  kmem_cache_alloc_noprof+0x52/0x320
[  100.912449][ T6776]  ? getname_flags+0x81/0x3b0
[  100.912489][ T6776]  ? should_fail_ex+0xd7/0x260
[  100.912524][ T6776]  getname_flags+0x81/0x3b0
[  100.912589][ T6776]  user_path_at+0x26/0x120
[  100.912617][ T6776]  __se_sys_mount+0x24b/0x2d0
[  100.912669][ T6776]  ? do_mkdirat+0x27f/0x2c0
[  100.912702][ T6776]  __x64_sys_mount+0x67/0x80
[  100.912816][ T6776]  x64_sys_call+0x2c84/0x2dc0
[  100.912848][ T6776]  do_syscall_64+0xc9/0x1c0
[  100.912897][ T6776]  ? clear_bhb_loop+0x55/0xb0
[  100.913004][ T6776]  ? clear_bhb_loop+0x55/0xb0
[  100.913037][ T6776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.913071][ T6776] RIP: 0033:0x7f9b13ade90a
[  100.913089][ T6776] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.913148][ T6776] RSP: 002b:00007f9b12146e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  100.913244][ T6776] RAX: ffffffffffffffda RBX: 00007f9b12146ef0 RCX: 00007f9b13ade90a
[  100.913256][ T6776] RDX: 0000400000000f40 RSI: 0000400000000f00 RDI: 0000000000000000
[  100.913268][ T6776] RBP: 0000400000000f40 R08: 00007f9b12146ef0 R09: 000000000384a038
[  100.913280][ T6776] R10: 000000000384a038 R11: 0000000000000246 R12: 0000400000000f00
[  100.913293][ T6776] R13: 00007f9b12146eb0 R14: 0000000000000000 R15: 00004000000008c0
[  100.913311][ T6776]  </TASK>
[  101.116033][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.134867][ T6784] __nla_validate_parse: 20 callbacks suppressed
[  101.134887][ T6784] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1132'.
[  101.148826][ T6788] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1131'.
[  101.159180][ T6788] netlink: 'syz.4.1131': attribute type 30 has an invalid length.
[  101.180846][ T6792] loop0: detected capacity change from 0 to 256
[  101.194272][ T6794] netlink: 'syz.1.1135': attribute type 4 has an invalid length.
[  101.200771][ T6796] loop4: detected capacity change from 0 to 512
[  101.231795][ T6798] loop1: detected capacity change from 0 to 1024
[  101.242430][ T6796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.258752][ T6796] sd 0:0:1:0: device reset
[  101.268119][ T6796] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.278753][ T6796] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.300587][ T6802] loop0: detected capacity change from 0 to 2048
[  101.307263][ T6802] EXT4-fs: Ignoring removed bh option
[  101.326069][ T6798] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[  101.336304][ T6798] System zones: 
[  101.336275][ T6802] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.352296][ T6798] 0-1, 3-12
[  101.356546][ T6798] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.383191][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.415420][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.484682][ T6816] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1142'.
[  101.593419][ T6831] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1148'.
[  101.607293][ T6831] IPv6: sit1: Disabled Multicast RS
[  101.613460][ T6831] sit1: entered allmulticast mode
[  101.681300][ T6816] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1142'.
[  101.690399][ T6816] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1142'.
[  101.711385][ T6837] loop2: detected capacity change from 0 to 128
[  101.830133][ T6852] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1154'.
[  101.861367][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.892033][   T30] kauditd_printk_skb: 213 callbacks suppressed
[  101.892050][   T30] audit: type=1326 audit(18139572.144:4148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  101.968123][   T30] audit: type=1326 audit(18139572.184:4149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  101.991497][   T30] audit: type=1326 audit(18139572.184:4150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  102.015324][   T30] audit: type=1326 audit(18139572.184:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  102.039072][   T30] audit: type=1326 audit(18139572.184:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  102.062435][   T30] audit: type=1326 audit(18139572.184:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  102.087047][   T30] audit: type=1326 audit(18139572.184:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  102.110280][   T30] audit: type=1326 audit(18139572.184:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  102.133803][   T30] audit: type=1326 audit(18139572.184:4156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9b13adbc1f code=0x7ffc0000
[  102.157052][   T30] audit: type=1326 audit(18139572.184:4157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6859 comm="syz.4.1157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b13add169 code=0x7ffc0000
[  102.235474][ T6898] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1172'.
[  102.244490][ T6898] netlink: 'syz.1.1172': attribute type 30 has an invalid length.
[  102.265106][ T6895] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1171'.
[  102.322439][ T6907] loop2: detected capacity change from 0 to 512
[  102.342499][ T6907] EXT4-fs (loop2): 1 orphan inode deleted
[  102.354905][ T6895] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1171'.
[  102.360051][ T6908] loop0: detected capacity change from 0 to 2048
[  102.372186][ T6907] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.385407][ T6908] EXT4-fs: Ignoring removed bh option
[  102.387900][ T5793] EXT4-fs error (device loop2): ext4_release_dquot:6950: comm kworker/u8:25: Failed to release dquot type 1
[  102.408976][ T6908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.424386][ T6907] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.438147][ T6916] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1544 sclass=netlink_route_socket pid=6916 comm=syz.1.1177
[  102.461416][ T6916] netem: change failed
[  102.528724][ T6918] infiniband syz!: set active
[  102.533521][ T6918] infiniband syz!: added team_slave_0
[  102.550732][ T6918] RDS/IB: syz!: added
[  102.561916][ T6918] smc: adding ib device syz! with port count 1
[  102.575418][ T6918] smc:    ib device syz! port 1 has pnetid 
[  102.653600][ T6939] loop1: detected capacity change from 0 to 128
[  102.908747][ T6948] loop1: detected capacity change from 0 to 8192
[  102.930536][ T6949] loop3: detected capacity change from 0 to 1024
[  102.937352][ T6949] ext4: Unknown parameter 'subj_role'
[  103.398280][ T6958] SELinux:  Context system_u:object_r:utempter_exec_t:s0 is not valid (left unmapped).
[  103.410606][ T6958] Cannot find del_set index 0 as target
[  103.562284][ T6975] loop1: detected capacity change from 0 to 2048
[  103.569460][ T6975] EXT4-fs: Ignoring removed bh option
[  103.599645][ T6975] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.667137][ T6984] netlink: 'syz.2.1203': attribute type 4 has an invalid length.
[  103.690077][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.379851][ T7000] serio: Serial port ptm0
[  104.413518][ T7012] loop4: detected capacity change from 0 to 2048
[  104.420682][ T7012] EXT4-fs: Ignoring removed bh option
[  104.437880][ T7012] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.522273][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.655574][ T7037] geneve0: entered allmulticast mode
[  104.669252][ T7037] loop1: detected capacity change from 0 to 512
[  104.682524][ T7037] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #12: comm syz.1.1224: corrupted in-inode xattr: invalid ea_ino
[  104.697874][ T7037] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.1224: couldn't read orphan inode 12 (err -117)
[  104.710635][ T7047] FAULT_INJECTION: forcing a failure.
[  104.710635][ T7047] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  104.714366][ T7049] all: renamed from bridge_slave_0 (while UP)
[  104.723911][ T7047] CPU: 1 UID: 0 PID: 7047 Comm: syz.4.1227 Not tainted 6.14.0-rc7-syzkaller #0
[  104.723943][ T7047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  104.723957][ T7047] Call Trace:
[  104.723985][ T7047]  <TASK>
[  104.723994][ T7047]  dump_stack_lvl+0xf2/0x150
[  104.724028][ T7047]  dump_stack+0x15/0x1a
[  104.724054][ T7047]  should_fail_ex+0x24a/0x260
[  104.724214][ T7047]  should_fail_alloc_page+0xfd/0x110
[  104.724278][ T7047]  __alloc_frozen_pages_noprof+0x109/0x340
[  104.724323][ T7047]  alloc_pages_mpol+0xb4/0x260
[  104.724354][ T7047]  vma_alloc_folio_noprof+0x1a0/0x310
[  104.724448][ T7047]  do_wp_page+0x64b/0x2340
[  104.724542][ T7047]  ? __rcu_read_lock+0x36/0x50
[  104.724575][ T7047]  handle_mm_fault+0xc63/0x2ac0
[  104.724621][ T7047]  exc_page_fault+0x3b9/0x650
[  104.724657][ T7047]  asm_exc_page_fault+0x26/0x30
[  104.724775][ T7047] RIP: 0033:0x7f9b1399fbe3
[  104.724794][ T7047] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  104.724817][ T7047] RSP: 002b:00007f9b121463f0 EFLAGS: 00010202
[  104.724844][ T7047] RAX: 00000000000001c0 RBX: 00007f9b12146490 RCX: 00007f9b09d27000
[  104.724860][ T7047] RDX: 00007f9b12146630 RSI: 0000000000000001 RDI: 00007f9b12146530
[  104.724876][ T7047] RBP: 00000000000000bd R08: 0000000000000006 R09: 0000000000000021
[  104.724891][ T7047] R10: 0000000000000024 R11: 00007f9b12146490 R12: 0000000000000001
[  104.724925][ T7047] R13: 00007f9b13b793e0 R14: 0000000000000002 R15: 00007f9b12146530
[  104.724950][ T7047]  </TASK>
[  104.724962][ T7047] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  104.732521][ T7037] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.749304][ T7047] loop4: detected capacity change from 0 to 2048
[  104.924811][ T3300] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  104.986073][ T7056] loop4: detected capacity change from 0 to 2048
[  104.992938][ T7056] EXT4-fs: Ignoring removed bh option
[  105.008836][ T7056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.099225][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.130176][ T7065] loop4: detected capacity change from 0 to 2048
[  105.137004][ T7065] EXT4-fs: Ignoring removed bh option
[  105.147939][ T7065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.255945][ T7074] loop1: detected capacity change from 0 to 128
[  105.333024][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.387457][ T5795] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  105.402646][ T5795] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  105.414963][ T5795] EXT4-fs (loop4): This should not happen!! Data will be lost
[  105.414963][ T5795] 
[  105.424702][ T5795] EXT4-fs (loop4): Total free blocks count 0
[  105.430812][ T5795] EXT4-fs (loop4): Free/Dirty block details
[  105.436860][ T5795] EXT4-fs (loop4): free_blocks=2415919104
[  105.442619][ T5795] EXT4-fs (loop4): dirty_blocks=8224
[  105.447962][ T5795] EXT4-fs (loop4): Block reservation details
[  105.453959][ T5795] EXT4-fs (loop4): i_reserved_data_blocks=514
[  105.489723][ T4104] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  105.590795][ T7090] IPv6: sit1: Disabled Multicast RS
[  105.597979][ T7090] sit1: entered allmulticast mode
[  105.608961][ T7092] loop3: detected capacity change from 0 to 2048
[  105.615706][ T7092] EXT4-fs: Ignoring removed bh option
[  105.646971][ T7092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.737926][ T7111] serio: Serial port ptm0
[  105.774091][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.870800][ T7125] loop4: detected capacity change from 0 to 1024
[  105.877584][ T7125] ext4: Unknown parameter 'subj_role'
[  106.041895][ T7133] IPv6: sit1: Disabled Multicast RS
[  106.051804][ T7133] sit1: entered allmulticast mode
[  106.182369][ T7145] loop3: detected capacity change from 0 to 1024
[  106.192570][ T7143] __nla_validate_parse: 21 callbacks suppressed
[  106.192583][ T7143] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1261'.
[  106.200220][ T7145] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[  106.216099][ T7145] System zones: 0-1, 3-12
[  106.221055][ T7145] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.246827][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.271718][ T7149] loop3: detected capacity change from 0 to 2048
[  106.278478][ T7149] EXT4-fs: Ignoring removed bh option
[  106.288045][ T7149] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.368236][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.443451][ T7155] loop3: detected capacity change from 0 to 1024
[  106.450061][ T7155] ext4: Unknown parameter 'subj_role'
[  106.482195][ T7155] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1264'.
[  106.700674][ T7158] loop4: detected capacity change from 0 to 1024
[  106.707525][ T7158] ext4: Unknown parameter 'subj_role'
[  106.732251][ T7158] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1265'.
[  106.799402][ T7160] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1266'.
[  106.823725][ T7162] loop0: detected capacity change from 0 to 256
[  106.839341][ T7162] syz.0.1267: attempt to access beyond end of device
[  106.839341][ T7162] loop0: rw=2049, sector=256, nr_sectors = 4 limit=256
[  106.967847][ T7172] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1272'.
[  106.991915][ T7172] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1272'.
[  106.995491][ T7175] netlink: 'syz.1.1273': attribute type 4 has an invalid length.
[  107.049450][ T7172] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1272'.
[  107.058555][ T7172] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1272'.
[  107.157931][ T7183] loop0: detected capacity change from 0 to 512
[  107.165195][ T7183] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  107.191157][ T7183] EXT4-fs (loop0): 1 orphan inode deleted
[  107.196988][ T7183] EXT4-fs (loop0): 1 truncate cleaned up
[  107.204359][ T7183] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.532565][ T7202] loop4: detected capacity change from 0 to 2048
[  107.568935][ T7202] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.584151][ T7202] EXT4-fs error (device loop4): ext4_find_extent:938: inode #2: comm syz.4.1282: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  107.637126][ T7202] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  107.690111][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.817173][ T7214] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  107.909758][ T7220] netlink: 'syz.1.1287': attribute type 4 has an invalid length.
[  107.935819][ T7224] loop1: detected capacity change from 0 to 256
[  108.076768][   T30] kauditd_printk_skb: 183 callbacks suppressed
[  108.076785][   T30] audit: type=1326 audit(18139578.334:4340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.123889][ T7235] loop1: detected capacity change from 0 to 1024
[  108.130902][ T7235] ext4: Unknown parameter 'subj_role'
[  108.152110][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.166342][   T30] audit: type=1326 audit(18139578.364:4341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.189673][   T30] audit: type=1326 audit(18139578.364:4342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.213059][   T30] audit: type=1326 audit(18139578.364:4343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.236337][   T30] audit: type=1326 audit(18139578.364:4344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.259903][   T30] audit: type=1326 audit(18139578.364:4345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.283312][   T30] audit: type=1326 audit(18139578.364:4346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.306703][   T30] audit: type=1326 audit(18139578.364:4347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.330031][   T30] audit: type=1326 audit(18139578.364:4348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.353368][   T30] audit: type=1326 audit(18139578.364:4349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7227 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7feccc70d169 code=0x7ffc0000
[  108.419071][ T7240] loop0: detected capacity change from 0 to 1024
[  108.430129][ T7240] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.540068][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.595578][ T7188] serio: Serial port ptm0
[  109.627692][ T7306] loop4: detected capacity change from 0 to 1024
[  109.634494][ T7306] ext4: Unknown parameter 'subj_role'
[  109.822227][ T7327] netlink: 'syz.1.1327': attribute type 4 has an invalid length.
[  109.878161][ T7334] loop0: detected capacity change from 0 to 1024
[  109.887860][ T7334] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[  109.896174][ T7334] System zones: 0-1, 3-12
[  109.901367][ T7334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.902766][ T7339] loop1: detected capacity change from 0 to 2048
[  109.927547][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.928500][ T7339] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.951839][ T7339] EXT4-fs error (device loop1): ext4_find_extent:938: inode #2: comm syz.1.1332: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  110.011721][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.045005][ T7350] loop3: detected capacity change from 0 to 2048
[  110.052182][ T7350] EXT4-fs: Ignoring removed bh option
[  110.069503][ T7350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.120346][ T7361] loop0: detected capacity change from 0 to 2048
[  110.127363][ T7361] EXT4-fs: Ignoring removed bh option
[  110.139003][ T7361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.169468][ T7365] netlink: 'syz.1.1340': attribute type 4 has an invalid length.
[  110.181088][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.200162][ T7368] loop1: detected capacity change from 0 to 256
[  110.210034][ T7370] loop3: detected capacity change from 0 to 256
[  110.221670][ T7368] syz.1.1342: attempt to access beyond end of device
[  110.221670][ T7368] loop1: rw=2049, sector=256, nr_sectors = 4 limit=256
[  110.238416][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.244425][ T7370] syz.3.1341: attempt to access beyond end of device
[  110.244425][ T7370] loop3: rw=2049, sector=256, nr_sectors = 4 limit=256
[  110.286266][ T7375] loop1: detected capacity change from 0 to 2048
[  110.294610][ T7375] EXT4-fs: Ignoring removed bh option
[  110.309134][ T7375] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.339936][ T7384] loop3: detected capacity change from 0 to 2048
[  110.358402][ T7384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.399070][ T7384] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.1347: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  110.458974][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.483479][ T7392] loop4: detected capacity change from 0 to 1024
[  110.491884][ T7392] ext4: Unknown parameter 'subj_role'
[  110.555153][ T4737] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  110.571832][ T4737] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  110.584180][ T4737] EXT4-fs (loop1): This should not happen!! Data will be lost
[  110.584180][ T4737] 
[  110.593365][ T7398] loop3: detected capacity change from 0 to 2048
[  110.594184][ T4737] EXT4-fs (loop1): Total free blocks count 0
[  110.600856][ T7398] EXT4-fs: Ignoring removed bh option
[  110.606143][ T4737] EXT4-fs (loop1): Free/Dirty block details
[  110.606173][ T4737] EXT4-fs (loop1): free_blocks=2415919104
[  110.623242][ T4737] EXT4-fs (loop1): dirty_blocks=8224
[  110.628527][ T7398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.629198][ T4737] EXT4-fs (loop1): Block reservation details
[  110.647230][ T4737] EXT4-fs (loop1): i_reserved_data_blocks=514
[  110.661087][ T4737] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  110.689062][ T7402] netlink: 'syz.0.1353': attribute type 4 has an invalid length.
[  110.740265][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.811644][ T7415] loop0: detected capacity change from 0 to 2048
[  110.818703][ T7415] EXT4-fs: Ignoring removed bh option
[  110.828157][ T7415] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.881411][ T7424] loop3: detected capacity change from 0 to 1024
[  110.889477][ T7424] ext4: Unknown parameter 'subj_role'
[  111.028651][ T7433] loop1: detected capacity change from 0 to 512
[  111.048095][ T7433] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1364: bg 0: block 35: padding at end of block bitmap is not set
[  111.063624][ T7433] EXT4-fs (loop1): Remounting filesystem read-only
[  111.071750][ T7433] EXT4-fs (loop1): 1 truncate cleaned up
[  111.078059][ T7433] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.090417][ T7433] SELinux: (dev loop1, type ext4) getxattr errno 5
[  111.094208][ T4737] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  111.097560][ T7433] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.113445][ T4737] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  111.133177][ T4737] EXT4-fs (loop0): This should not happen!! Data will be lost
[  111.133177][ T4737] 
[  111.142886][ T4737] EXT4-fs (loop0): Total free blocks count 0
[  111.148895][ T4737] EXT4-fs (loop0): Free/Dirty block details
[  111.154936][ T4737] EXT4-fs (loop0): free_blocks=2415919104
[  111.160666][ T4737] EXT4-fs (loop0): dirty_blocks=8224
[  111.165982][ T4737] EXT4-fs (loop0): Block reservation details
[  111.172033][ T4737] EXT4-fs (loop0): i_reserved_data_blocks=514
[  111.182364][ T4737] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28
[  111.210845][ T7433] loop1: detected capacity change from 0 to 512
[  111.217838][ T7433] EXT4-fs: Ignoring removed i_version option
[  111.223998][ T7433] EXT4-fs: Ignoring removed mblk_io_submit option
[  111.230807][ T7433] EXT4-fs: Ignoring removed orlov option
[  111.238415][ T7433] EXT4-fs error (device loop1): ext4_orphan_get:1389: comm syz.1.1364: inode #13: comm syz.1.1364: iget: illegal inode #
[  111.251267][ T7433] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.1364: couldn't read orphan inode 13 (err -117)
[  111.298510][ T7437] netlink: 'syz.0.1365': attribute type 4 has an invalid length.
[  111.315713][ T7439] loop4: detected capacity change from 0 to 2048
[  111.324119][ T7439] EXT4-fs: Ignoring removed bh option
[  111.354213][ T7447] __nla_validate_parse: 24 callbacks suppressed
[  111.354230][ T7447] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1369'.
[  111.411822][ T7453] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1372'.
[  111.445916][ T7456] loop1: detected capacity change from 0 to 2048
[  111.460995][ T7456] EXT4-fs error (device loop1): ext4_find_extent:938: inode #2: comm syz.1.1373: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  111.500072][ T7456] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  111.500299][ T7464] FAULT_INJECTION: forcing a failure.
[  111.500299][ T7464] name failslab, interval 1, probability 0, space 0, times 0
[  111.521225][ T7464] CPU: 0 UID: 0 PID: 7464 Comm: syz.0.1375 Not tainted 6.14.0-rc7-syzkaller #0
[  111.521281][ T7464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  111.521296][ T7464] Call Trace:
[  111.521302][ T7464]  <TASK>
[  111.521309][ T7464]  dump_stack_lvl+0xf2/0x150
[  111.521337][ T7464]  dump_stack+0x15/0x1a
[  111.521361][ T7464]  should_fail_ex+0x24a/0x260
[  111.521545][ T7464]  should_failslab+0x8f/0xb0
[  111.521582][ T7464]  kmem_cache_alloc_noprof+0x52/0x320
[  111.521606][ T7464]  ? prepare_kernel_cred+0x3c/0x650
[  111.521755][ T7464]  prepare_kernel_cred+0x3c/0x650
[  111.521789][ T7464]  _request_firmware+0x2c7/0xa00
[  111.521815][ T7464]  ? avc_has_perm_noaudit+0x1cc/0x210
[  111.521837][ T7464]  ? rpm_resume+0x655/0xd00
[  111.521894][ T7464]  ? __rcu_read_unlock+0x4e/0x70
[  111.521971][ T7464]  request_firmware+0x36/0x50
[  111.522002][ T7464]  devlink_compat_flash_update+0xaf/0x1b0
[  111.522042][ T7464]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  111.522130][ T7464]  dev_ethtool+0x138b/0x14c0
[  111.522214][ T7464]  ? __rcu_read_unlock+0x4e/0x70
[  111.522238][ T7464]  dev_ioctl+0x854/0xab0
[  111.522271][ T7464]  sock_do_ioctl+0x11c/0x260
[  111.522307][ T7464]  sock_ioctl+0x40f/0x600
[  111.522404][ T7464]  ? __pfx_sock_ioctl+0x10/0x10
[  111.522465][ T7464]  __se_sys_ioctl+0xc9/0x140
[  111.522495][ T7464]  __x64_sys_ioctl+0x43/0x50
[  111.522594][ T7464]  x64_sys_call+0x1690/0x2dc0
[  111.522624][ T7464]  do_syscall_64+0xc9/0x1c0
[  111.522728][ T7464]  ? clear_bhb_loop+0x55/0xb0
[  111.522758][ T7464]  ? clear_bhb_loop+0x55/0xb0
[  111.522788][ T7464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.522817][ T7464] RIP: 0033:0x7f72507cd169
[  111.522837][ T7464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.522855][ T7464] RSP: 002b:00007f724ee31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  111.522873][ T7464] RAX: ffffffffffffffda RBX: 00007f72509e5fa0 RCX: 00007f72507cd169
[  111.522885][ T7464] RDX: 0000400000000340 RSI: 0000000000008946 RDI: 0000000000000003
[  111.522897][ T7464] RBP: 00007f724ee31090 R08: 0000000000000000 R09: 0000000000000000
[  111.522911][ T7464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.522925][ T7464] R13: 0000000000000000 R14: 00007f72509e5fa0 R15: 00007ffd981622d8
[  111.522996][ T7464]  </TASK>
[  111.835470][ T7473] loop1: detected capacity change from 0 to 1024
[  111.842135][ T7473] ext4: Unknown parameter 'subj_role'
[  111.869526][ T7473] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1376'.
[  111.878998][ T7474] loop3: detected capacity change from 0 to 1024
[  111.921028][ T7479] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1381'.
[  111.955496][ T7481] loop0: detected capacity change from 0 to 1024
[  111.978890][ T7481] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[  111.987351][ T7481] System zones: 0-1, 3-12
[  112.140500][ T7492] loop0: detected capacity change from 0 to 1024
[  112.147290][ T7492] ext4: Unknown parameter 'subj_role'
[  112.178326][ T7492] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1385'.
[  112.562535][ T7474] ==================================================================
[  112.570809][ T7474] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[  112.578082][ T7474] 
[  112.580433][ T7474] write to 0xffff88811763e224 of 4 bytes by task 7482 on cpu 0:
[  112.588201][ T7474]  xas_set_mark+0x131/0x150
[  112.592758][ T7474]  __folio_start_writeback+0x1e8/0x430
[  112.598240][ T7474]  ext4_bio_write_folio+0x591/0x9d0
[  112.603458][ T7474]  mpage_process_page_bufs+0x486/0x5d0
[  112.608928][ T7474]  mpage_prepare_extent_to_map+0x788/0xb80
[  112.614943][ T7474]  ext4_do_writepages+0x6ea/0x2130
[  112.620080][ T7474]  ext4_writepages+0x159/0x2e0
[  112.624864][ T7474]  do_writepages+0x1d8/0x480
[  112.629468][ T7474]  file_write_and_wait_range+0x168/0x2f0
[  112.635124][ T7474]  generic_buffers_fsync_noflush+0x46/0x120
[  112.641337][ T7474]  ext4_sync_file+0x1ff/0x6c0
[  112.646147][ T7474]  vfs_fsync_range+0x116/0x130
[  112.650942][ T7474]  ext4_buffered_write_iter+0x358/0x3c0
[  112.656518][ T7474]  ext4_file_write_iter+0x383/0xf20
[  112.661739][ T7474]  iter_file_splice_write+0x5f1/0x980
[  112.667393][ T7474]  direct_splice_actor+0x160/0x2c0
[  112.672559][ T7474]  splice_direct_to_actor+0x302/0x670
[  112.677986][ T7474]  do_splice_direct+0xd7/0x150
[  112.682822][ T7474]  do_sendfile+0x398/0x660
[  112.687266][ T7474]  __x64_sys_sendfile64+0x110/0x150
[  112.692581][ T7474]  x64_sys_call+0xfbd/0x2dc0
[  112.697193][ T7474]  do_syscall_64+0xc9/0x1c0
[  112.701724][ T7474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.707632][ T7474] 
[  112.709961][ T7474] read to 0xffff88811763e224 of 4 bytes by task 7474 on cpu 1:
[  112.717505][ T7474]  xas_find_marked+0x608/0x650
[  112.722292][ T7474]  find_get_entry+0x54/0x390
[  112.726889][ T7474]  filemap_get_folios_tag+0x9e/0x210
[  112.732185][ T7474]  mpage_prepare_extent_to_map+0x329/0xb80
[  112.738004][ T7474]  ext4_do_writepages+0x6ea/0x2130
[  112.743136][ T7474]  ext4_writepages+0x159/0x2e0
[  112.748711][ T7474]  do_writepages+0x1d8/0x480
[  112.753336][ T7474]  file_write_and_wait_range+0x168/0x2f0
[  112.759199][ T7474]  generic_buffers_fsync_noflush+0x46/0x120
[  112.765110][ T7474]  ext4_sync_file+0x1ff/0x6c0
[  112.770026][ T7474]  vfs_fsync_range+0x116/0x130
[  112.774809][ T7474]  ext4_buffered_write_iter+0x358/0x3c0
[  112.780381][ T7474]  ext4_file_write_iter+0x383/0xf20
[  112.785598][ T7474]  iter_file_splice_write+0x5f1/0x980
[  112.790982][ T7474]  direct_splice_actor+0x160/0x2c0
[  112.796109][ T7474]  splice_direct_to_actor+0x302/0x670
[  112.801498][ T7474]  do_splice_direct+0xd7/0x150
[  112.806276][ T7474]  do_sendfile+0x398/0x660
[  112.810712][ T7474]  __x64_sys_sendfile64+0x110/0x150
[  112.816107][ T7474]  x64_sys_call+0xfbd/0x2dc0
[  112.820712][ T7474]  do_syscall_64+0xc9/0x1c0
[  112.825236][ T7474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.831179][ T7474] 
[  112.833503][ T7474] value changed: 0x0a000021 -> 0x04000021
[  112.839220][ T7474] 
[  112.841547][ T7474] Reported by Kernel Concurrency Sanitizer on:
[  112.847697][ T7474] CPU: 1 UID: 0 PID: 7474 Comm: syz.3.1378 Not tainted 6.14.0-rc7-syzkaller #0
[  112.856640][ T7474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  112.866705][ T7474] ==================================================================
[  112.985731][ T7474] syz.3.1378 (7474) used greatest stack depth: 8984 bytes left