last executing test programs:

7.235540832s ago: executing program 4 (id=407):
syz_emit_ethernet(0x200000, 0x0, 0x0)

7.168553393s ago: executing program 4 (id=410):
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000a80)='./file1\x00', 0x8, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@data_ordered}, {@grpjquota}, {@sb={'sb', 0x3d, 0x64}}, {@orlov}, {@norecovery}, {@data_err_abort}, {@nomblk_io_submit}]}, 0x66, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000180)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x1)
fspick(r3, &(0x7f0000000740)='./bus/file0\x00', 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000007c0), 0x80a03, 0x0)

7.132938164s ago: executing program 4 (id=413):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x3789, <r0=>0x0}, 0x8)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYRESDEC], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x10000000}, 0x10, r0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r3 = socket(0x28, 0x5, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r4=>0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
io_submit(r4, 0x1, &(0x7f0000001840)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x7, r5, 0x0, 0x0, 0x2, 0x0, 0x0, r5}])
connect$vsock_stream(r3, &(0x7f0000000080), 0x10)
setsockopt$sock_linger(r3, 0x1, 0xd, 0x0, 0x0)
close(r3)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000c40)=ANY=[@ANYBLOB="180000000000000000000000000c000095000000000000007bba09c44d7db5b27c098336262ad3a1b64e0a183aff7a699292babf435aeb565a2f3675d082e6b450429b3d954f85f23af182a1400a85548f98c179e3441479df0947064e2bba358b9918b8dcce87cbecde5c006cfa1de85085", @ANYBLOB="70c614a42f2c9348cab82afb3cd6f9394332132d7e905d15f555e06f6109aa68e4842bc789db0fd2692a9c0801db52b1712590a250aeb8b6972dae523b80ca92d957de26fd3b383180eaece59cbdcd0607e1273746547507ba668347c87d1294266797125a34c8e7bb181828be6eb78662947e86a9246e1ed0ab479c19628bc6081ae4668388ff00576391ce51ead29ca33d930ddfb00fa1b55057fecb33f435a13678069035f239d0ae9b566990203fdddba5ba545e099593bfa474274fd4", @ANYRES8=r3, @ANYRESDEC=r2, @ANYRESOCT=0x0, @ANYRESHEX=r1, @ANYRES64=r5], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r6 = dup(0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000180)={<r7=>0x0, 0x6e, "03d8aa371bb820d65e136ab7f5de2c9987b7659fe5cd3314c2c53c90461f425a67fbcf13e8ddfbcd8dea3a9801410302d3009f2ed58cb11cd4dff12df3fa60d322f98e150d539e75f5a7363e7d036521f28dddf0ab57e6d559fb92d7b8e1c7a6e835f1c31983b5a16d67af5fd5de"}, &(0x7f0000000040)=0x76)
setsockopt$inet_sctp_SCTP_CONTEXT(r6, 0x84, 0x11, &(0x7f0000000200)={r7, 0xfffffffd}, 0x8)
gettid()
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x1501)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000000040)=@urb_type_control={0x2, {}, 0x0, 0x41, &(0x7f00000004c0)={0x4b5a9da54893e123, 0x3, 0x2, 0x2}, 0x8, 0x0, 0x8, 0x0, 0x0, 0x6, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xa, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x20, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)

6.944008687s ago: executing program 4 (id=420):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0xfc, 0x53e, &(0x7f0000000940)="$eJzs3UFvI1cdAPD/eO3d7G62SYEDVGoptGi3grWThrYRh1IkBKdKiMJ5CYkTRXHiKHbaTVRB9hMgIQRInODCBYkPgIRW4sKxQqoEZ5CKQIhuQYIDdJDtcRKcceKsnHjX+f2kybz3xjP/9xy/8YznaSaAC+vZiHgtIj5M0/SFiJjKygvZFHudqfW6Dx68vdiakkjTN/6eRJKVdbeVZPPr2WoTEfH1r0Z8Ozkat7Gzu7ZQqxW7+UpzfbPS2Nm9vbq+sFJdqW7Mzc2+PP/K/EvzM0Np542IePXLf/7h937+lVd//bm3/nTnr7e+06rWZLb8cDtOqXjcwk7TS1cmelbYeshgj6JWe0rdzNXB1rl3hvUBAKC/1jH+RyLi0xHxQkzFpeMPZwEAAIDHUPrFyfhPEpHmu9ynHAAAAHiMFNpjYJNCORsLMBmFQrncGcP7sbhWqNUbzc8u17c3ljpjZaejVFherVVnsrHC01FKWvnZdvog/2JPfi4inoyIH0xdbefLi/Xa0qh//AAAAIAL4nrP+f8/pzrn/wAAAMCYmT5+8dR51QMAAAA4Oyec/wMAAABjwPk/AAAAjLWvvf56a0q7z79eenNne63+5u2lamOtvL69WF6sb22WV+r1lfY9+9ZP2l6tXt/8fGxs3600q41mpbGze2e9vr3RvLMaE+fSIAAAAOCIJz95/w9JROx94Wp7ark86koB56K4n0qyeU7v/+MTnfl751Qp4FxcGuA1713JL3ecAI+3Ym9Bn74OjJ/SqCsAjFxywvKewTvX9lPvZPNPDb9OAADAcN38RP71/5OvC+wVzqF6wBnSieHi6vmeTz3rBy6O9vX/QQfyOFiAsVIaaAQgMM5Oef3/wDuDRkjTU1UIAAAYusn2lBTK2c97k1EolMsRN9qPBSgly6u16kxEPBERv58qXWnlZ9trJieeMwAAAAAAAAAAAAAAAAAAAAAAAAAAHWmaRAoAAACMtYjCX5LfdO7lf3Pq+cne3wcuJ/9uPxL4ckS89ZM3fnR3odncmm2Vv79f3vxxVv7iKH7BAAAAAHp1z9Pb83+NujYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjJsPHry92J0GePnVYcX925ciYjovfjEm2vOJKEXEtX8kUTy0XhIRl4YQf+9eRHw8L37SqtZ+yLz4w3gTTogf09m7kBf/+hDiw0V2v7X/eS2v/xXi2fY8v/8VI/4v/7D67/9if/93qU//vzFgjKfe/WWlb/x7EU8V8/c/3fhJn/jPDRj/W9/Y3e23LP1pxM3u9097j3c4wkGq0lzfrDR2dm+vri+sVFeqG3Nzsy/PvzL/0vxMZXm1Vs3+5sb4/tO/+vC49l/L/f5Lstr0b//zOdvL+07677t3H3y0m9k7Gv/Wcznxf/uz7BVH4xeyOJ/J0kn2XrXTe53387BnfvG7Z45r/9JB+0un+f/f6rfRXkc6ytODfnQAgDPQ2NldW6jVqltjm2idpT8C1bjoiW++/wh+2L471A2maZq2+lTOovsRMch2khhySwv59TlI9P2njHrPBAAADNvBQf+oawIAAAAAAAAAAAAAAAAAAAAX13ncZa035sEtkJNh3EIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//A/7SsQ==")
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd604dc58c00140660"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42}, 0xe0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000000000dfff000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e65766530000000000000000000140001006c6f0000000000000000000000000000080002"], 0xb4}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vlan1\x00', <r5=>0x0})
poll(&(0x7f0000000180)=[{r2, 0x6020}, {r2, 0x110}, {0xffffffffffffffff, 0x8b}, {r1, 0x1688}, {r1}, {r0, 0x1400}, {r1, 0x4100}, {r0, 0x80f0}], 0x8, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000280)='tasks\x00', 0x2, 0x0)
r8 = syz_clone(0x4000, &(0x7f0000001000), 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r7, &(0x7f0000000400)=r8, 0x12)
sendto$packet(r2, &(0x7f00000000c0)="02030e00d3fc02000000ab5d71ac", 0xe, 0x4040041, &(0x7f0000000140)={0x11, 0x5, r5, 0x1, 0x0, 0x6, @link_local}, 0x14)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)

6.479927694s ago: executing program 4 (id=423):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
read(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000021c0)=@newtfilter={0xe8c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0xe58, 0x2, [@TCA_FW_ACT={0xe54, 0x4, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xafcc, 0x7, 0xffffffffffffffff, 0x8, 0x8001}, 0x7, 0x1}, [{0xe205, 0x2, 0x9, 0x1842, 0x1, 0x8000}, {0xfffffff9, 0x8, 0x7, 0xb145, 0x4, 0x8}, {0x0, 0xf8d5, 0x1ff, 0x87, 0xa, 0x5}, {0xf, 0x7e7, 0x9, 0x7, 0x0, 0xa}, {0x1, 0x101, 0x5c78, 0xffffff56, 0xee, 0x8}, {0x3, 0x73, 0xb, 0x7, 0x2, 0x6}, {0x8, 0x5, 0x4, 0x4, 0x2, 0x8}, {0x1ff, 0x1, 0x2f, 0x7, 0x533f, 0x200}, {0x8, 0x4bd5, 0x5, 0x2, 0x2, 0xf8}, {0x2, 0x8, 0x4, 0x7, 0x32, 0x1000}, {0x6, 0x9, 0x0, 0x20000008, 0x6, 0x5}, {0x5, 0x9, 0x1, 0x10, 0x8, 0x4}, {0x4, 0x0, 0x3, 0x80000000, 0x2, 0x1}, {0x6, 0xfffff800, 0xbf, 0x1, 0xffffffff, 0x8}, {0x48a3, 0x3ff, 0x9, 0x6e, 0x3, 0x8}, {0x4, 0x200000, 0xaeb, 0x360, 0x2, 0x400}, {0x0, 0xffffffff, 0xbe, 0x1, 0x7, 0x8}, {0x5ad, 0xfaec, 0x401, 0x9, 0x8, 0x45}, {0x3, 0x9, 0x400, 0x3, 0x6, 0x5}, {0xde, 0x0, 0x5, 0x8000, 0x2, 0xffff}, {0x80, 0x3491, 0x83, 0x8001, 0x3, 0x165c}, {0x6d, 0x5, 0xf, 0xe, 0x8, 0xec}, {0x6, 0x1, 0xfffffffc, 0x5, 0xfffffffc, 0x81}, {0xcd0, 0x9, 0x6, 0x7fffffff, 0x80, 0xfffffff8}, {0x7, 0x3, 0x2b0, 0x5, 0x2, 0xd6}, {0x6, 0x3, 0x0, 0x2, 0xc4}, {0x0, 0x99, 0x200, 0x1b8, 0x4, 0x1}, {0x1cff, 0xc7a9, 0x25, 0xffffffff, 0x7, 0x2}, {0xff, 0x4, 0x7fff, 0x7, 0xfffffff9, 0xd46}, {0x7, 0x2, 0xec, 0x0, 0x8}, {0x3, 0x8, 0x0, 0x6, 0xebc, 0x8}, {0x3, 0xfe9, 0x1, 0x4, 0x0, 0x401}, {0x4, 0x8, 0xd, 0x7fff, 0xb, 0x87c}, {0x4a, 0x1000, 0x1, 0x81, 0x6063, 0x1}, {0xfffffe00, 0xe392, 0x0, 0x9, 0x3, 0x9}, {0x8, 0xff, 0x1, 0x101, 0x10000000, 0x4ac9}, {0x8, 0xffffffdb, 0x3, 0xe4c, 0x3, 0x2ca759d6}, {0x5, 0x4, 0x9, 0x2, 0x2, 0xfffffffa}, {0x0, 0x3, 0x4, 0x1, 0x10001, 0x9}, {0x5f21eb86, 0x1, 0x9, 0x40, 0x4, 0x9}, {0x55f, 0x8, 0x401, 0x5, 0x3, 0x40}, {0x7, 0x6, 0x7, 0x8000, 0x81}, {0x4, 0x9, 0x5, 0x6, 0x3, 0x2}, {0x100, 0x4, 0x7, 0x8, 0x66, 0x9}, {0x5, 0x5, 0x3, 0x7ff, 0x2, 0x80000001}, {0x8, 0x6, 0x88, 0x9, 0x6, 0x1}, {0x7b, 0x74, 0x2, 0xd, 0x8, 0x1}, {0x69, 0xcd, 0x7f, 0xd, 0x200006, 0xf}, {0x9, 0x0, 0xe0e, 0x4, 0x3, 0x6}, {0x1, 0x2, 0x4, 0xc9, 0x6, 0xfffffff7}, {0xb, 0x2, 0x5, 0x7fde, 0x101, 0x1}, {0x3, 0x392, 0xb19, 0x1, 0x8d, 0x9}, {0xff, 0x5, 0xffff, 0x6972, 0x1, 0xfffffff9}, {0x6, 0x200, 0xb1, 0x1, 0x1000, 0x401}, {0x8, 0x54a0ee99, 0xfffffffa, 0x2, 0x99, 0x4}, {0x4, 0x2, 0xc979, 0x2, 0x4, 0x7ff}, {0xffffffff, 0x8, 0x7, 0x8, 0x7fffffff, 0x2b25}, {0x85, 0x4, 0xd55, 0xff, 0xf, 0x2}, {0x5, 0x2cfd091, 0x8, 0x9, 0x4, 0x103d}, {0x0, 0x8, 0x1b89, 0x7, 0x5, 0x6}, {0x2887b03a, 0xc54, 0x3, 0x0, 0x5, 0x7}, {0x2ee, 0x2, 0x8, 0x7, 0x10001, 0x5}, {0x3, 0x6, 0xe, 0x8, 0x5}, {0x1000, 0x9, 0x6, 0x1, 0x40, 0x7}, {0x9, 0x7fff, 0x4, 0x0, 0x4, 0x10}, {0xffff0000, 0x7, 0x8, 0xe, 0x400, 0xfffff521}, {0x7, 0x6, 0xd65a, 0x2, 0x3, 0xffffff93}, {0x6, 0x7, 0xffffff7d, 0x5, 0x80000000, 0xfffffffc}, {0x7, 0x800, 0xc, 0x7fff, 0x2, 0x4}, {0x0, 0x6c0, 0x2, 0x3ff, 0x8, 0x7fd7}, {0x0, 0x8000010, 0xa52, 0x3, 0x4, 0xd91}, {0x0, 0x80000000, 0x400, 0x2, 0x6, 0x7}, {0x1, 0xad3, 0x9, 0x12000000, 0x7, 0x6}, {0x7, 0x6, 0x4, 0x9, 0x9, 0x9}, {0x9e2, 0x8, 0x5, 0x1, 0x400, 0x2}, {0x74863fbb, 0x5, 0xffc000, 0x401, 0xffffff8e, 0xfffffff8}, {0xa99b, 0x4, 0x4, 0x5, 0x4, 0xfffffffa}, {0x8001, 0x0, 0xfffffffe, 0x2, 0x0, 0x7}, {0x6, 0x7, 0x0, 0x7, 0x80000000, 0x50}, {0x0, 0x0, 0xc, 0x2, 0x3, 0x4}, {0x1ff, 0x4, 0xb5, 0x7, 0x1cec, 0x8}, {0x5, 0x7, 0x9, 0x1, 0x7, 0x7}, {0x7, 0x2, 0x71e892ab, 0xe8, 0xfffffff8, 0x4}, {0x80000000, 0xb07, 0x1, 0x8, 0x6, 0x3}, {0x9, 0x2, 0x5, 0x2, 0x9, 0xe}, {0xfffffff5, 0x2, 0x0, 0x5, 0x4a3, 0x8}, {0x5, 0x9, 0x4, 0x10000, 0x3, 0x6}, {0x4, 0x3, 0xfff, 0x4, 0x4, 0x1}, {0x1, 0x6, 0x8, 0x4, 0x7, 0x40}, {0x80000001, 0x389, 0x6, 0x400, 0x5, 0x7fffffff}, {0x65, 0x7fffffff, 0x6, 0x6, 0xea8, 0x8}, {0xb, 0x0, 0x1, 0x33, 0xb, 0x7}, {0x4, 0x1, 0x3, 0x1, 0x8, 0xb49}, {0x1, 0xd, 0x1ff, 0x7, 0x9, 0x9}, {0xc98f, 0x2, 0x10004, 0x8, 0x6, 0xc2f}, {0x4, 0x80000000, 0xc, 0x100, 0xe961, 0xffffffff}, {0x1, 0x5, 0x8, 0x9, 0xff, 0x800}, {0x5, 0x6, 0x5, 0x77, 0x0, 0x8}, {0x5, 0x10000, 0x81, 0x0, 0x1ff, 0x5}, {0x1, 0x0, 0xfffffff8, 0xc0c, 0x6fa, 0x8c1}, {0x8, 0x80000000, 0x9, 0x8, 0x0, 0x7}, {0x4, 0x0, 0x2, 0x0, 0x100, 0x5}, {0x2, 0x10001, 0x1, 0x53da, 0x2, 0x8001}, {0x401, 0x68c, 0x9, 0x2, 0x8, 0x7}, {0x5, 0x80000001, 0x7f, 0x5, 0xb0e, 0xeb}, {0x6, 0xad2b, 0x1, 0x85, 0x101, 0x3ff}, {0x93, 0x7, 0x4, 0x99b, 0x5, 0x11aa729f}, {0x8, 0x3, 0x3, 0x4, 0x32a, 0x10001}, {0x5, 0x80000000, 0x6, 0x1000, 0xffffff81, 0x200}, {0xd4, 0x91000, 0x9, 0xc, 0x4, 0x2}, {0x10000, 0xfffffff4, 0x0, 0x1, 0x6, 0xe5}, {0x3, 0x4a, 0x6, 0x2, 0x8, 0x1}, {0x1, 0xffff, 0x10001, 0x1ff, 0x3, 0xfffffff5}, {0x4, 0x7, 0xfffffffc, 0x6, 0x6, 0x2}, {0xf74f, 0xd, 0x0, 0x0, 0x3ff, 0x6}, {0xfff, 0xff, 0x3, 0x2, 0x8, 0xc}, {0x5, 0x9, 0x45, 0x1, 0x6, 0x1000}, {0x4, 0x0, 0x1ff, 0xb, 0xa, 0x1}, {0x5, 0x6, 0x6a5, 0x0, 0x7}, {0x0, 0x5, 0x7fffffff, 0x6, 0x9, 0x9}, {0x18152e2c, 0x5, 0x0, 0xff, 0x2, 0xffffffff}, {0x7554, 0xffffffff, 0x5, 0x1, 0xfffffffe, 0x6}, {0xef6, 0x7, 0x61a, 0x0, 0x4, 0x9}, {0x19, 0x10001, 0x3, 0x3, 0x0, 0xfff}, {0x7, 0x4000, 0x100, 0x10000}, {0x57b, 0x2, 0x10e, 0x80, 0x7, 0x5}, {0x9a, 0x5, 0x3, 0x0, 0x3, 0x7fff}, {0x2000000, 0x9, 0x7, 0x0, 0x2, 0x101}], [{0x3}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x1}, {}, {0x4}, {}, {0x3}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x1}, {0x1}, {0x4}, {0x4}, {0x5}, {0x5}, {0x6}, {0x2, 0x1}, {0x2, 0x1}, {0x2}, {0x3}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x5}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x3}, {}, {0x3, 0x1}, {0x2}, {0x1}, {0x3}, {0x0, 0x1}, {}, {0x5, 0x3}, {0x4}, {0x4, 0x1}, {0x0, 0x1}, {0x2}, {0x2}, {}, {0x3, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0xe, 0x1}, {0x3}, {0x1}, {0x5}, {0x3}, {0x6, 0x1}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5, 0x3}, {0x5}, {}, {0x5}, {0x1, 0x1}, {0x2, 0x2}, {0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5}, {0x4}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {}, {}, {0x5}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0xdcdcfc412ebb7d41}, {0x1, 0x1}, {0x1}, {0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x4}, {0x3}, {0x2}, {0x3}, {0x0, 0x1}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x1}, {0x2}, {0x3}, {0x1}, {}, {0x5}, {0x4}, {0xbe9e5652533709fb}, {0x4}, {}, {0x0, 0x1}, {0x3}, {0x1}, {0x1}, {}, {0x1, 0x1}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x3}, {0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x2, 0x1}]}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0xf8}}]}, 0xe8c}, 0x1, 0x0, 0x0, 0x81}, 0x4800)

6.157632338s ago: executing program 4 (id=432):
socket$key(0xf, 0x3, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
setresuid(0xee00, 0x0, 0x0)
r0 = syz_clone(0x400100, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x200)
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
ioctl$F2FS_IOC_COMPRESS_FILE(r1, 0xf518, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x200000, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x503, 0x0, 0x25dfdbfe, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1b0000000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000082e512727b1512f322ebf18f607c1c8479a1890d1d6efd5558d7", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000000}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$packet(0x11, 0x3, 0x300)
close_range(r7, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r8, &(0x7f00000002c0)="9e", 0x1a000, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000d80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)

6.157077718s ago: executing program 32 (id=432):
socket$key(0xf, 0x3, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
setresuid(0xee00, 0x0, 0x0)
r0 = syz_clone(0x400100, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x200)
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
ioctl$F2FS_IOC_COMPRESS_FILE(r1, 0xf518, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x200000, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x503, 0x0, 0x25dfdbfe, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1b0000000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000082e512727b1512f322ebf18f607c1c8479a1890d1d6efd5558d7", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000000}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$packet(0x11, 0x3, 0x300)
close_range(r7, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r8, &(0x7f00000002c0)="9e", 0x1a000, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000d80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)

2.288894366s ago: executing program 2 (id=496):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+cKJzzqvoeV/Zz+uj97xHJ4DUOlf7JxMxHBHvRMSx+ubWJ5yrP6w/vj1TWzJRrV75KJM8r7bdfGrz/x2JiLWIGIyIP/424m+ZnXHLK6vz08ViYamxna8sLObLK6sXry9MzxXmCjfGJi9NTU2OToxP7Vlb7/7nH3cvv/H7gdc/+/fD+/99681atYYbZZvbsZfqTe+PE5v29UXEr/YjWA/kGu0Z6nVF+EZqP7/vRsT5JP+PRS75aXbmyb7WDNhv1Wq1+mX1ULvitSpwYGWTY+BMdiQi6uvZ7MhI/Rj+e3E4WyyVKz+7Vlq+MVs/Vj4e/dlr14uF0cZnhePRn6ltjyXrT7fHt21PRCTHwP/LDSXbIzOl4mx3uzpgmyPb8v/TXD3/gZTo/CM/cNDIf0gv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5DerXK/6M9qAfQfbv9/R/oYj2ArvrD5cu1pdq8/n325sryfOnmxdlCeX5kYXlmZKa0tDgyVyrNJdfsLDzr9Yql0uLYz2P5Vr5SKFfy5ZXVqwul5RuVq8l1/VcL/V1pFdCJE2fvvZeJiLVfDCVLbPqTL1fhYKtWM9Hra5CB3sj1ugMCesapP0ivr/EZv+2XhAEvthZf0bth8Ejbol/H4r5UB+iC7G6FTx50ryJA11047fwfpJXxf0gv4/+QXo7xgd3G/6NxL7+WjP/DC2vX8X/gQBtuc/+vo5vu3TUaEd+JiHdz/Yea9/oCDoLsh5nG8f+FYz8a3l46kPk8OUUwEBH/fOXKS7emK5Wlsdr+jzf2V15u7B/vRf2B9raO8DXztJnHAEB6rT++PdNcuhn30W/qkxB2xu9rjE0OJkcwh9czW+YqZPZo7sLanYg41Sp+pnG/8/qZj8PruR3xTzYeM/WXSOrbl9w3vTvxT2+K/8NN8c9863cF0uFerf8ZbZV/2SSnYyP/tvY/w3s0d6LZ/zXnXG+O3+z/cm36v7Mdxvj7q/9qdXo3mez96E7EmZb9bzPeYBJre/xa3S50GP/hX/70/XZl1dfqr9MqflNtLV9ZWMyXV1YvXm/WYvLS1NTk6MT4VD4Zo843R6p3+uWpt++3i19rf0Ob9r+/o/1DjTr9pMP2f/GDB38+t0v8H59v/ft3Mnnc9v5Xqxt1+GmH8T8Z/+Cv7cpq8WfbvP/ZVvGjWRox0WH88v9/59phAHiOlFdW56eLxcKSFStWnu+Vvuhi0Gf1HGvd6aCAffM06XtdEwAAAAAAAAAAAKBT7Wb/3tvD6cS9biMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEHwVQAAAP//QUvQlg==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_create(0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000580)={@fallback=r0, r0, 0x2f}, 0x20)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f00000001c0)={0xfffffff6}, 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000200)={@cgroup=r0, r2, 0x2f, 0x0, 0x4, @void, @value=r1}, 0x20)
rename(0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r5}, 0x18)
sendmsg$nl_route(r4, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r7 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$int_in(r7, 0x5421, 0x0)
lstat(0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x40010, r6, 0x64d7e000)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

2.070023789s ago: executing program 2 (id=503):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
read(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000021c0)=@newtfilter={0xe8c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0xe58, 0x2, [@TCA_FW_ACT={0xe54, 0x4, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xafcc, 0x7, 0xffffffffffffffff, 0x8, 0x8001}, 0x7, 0x1}, [{0xe205, 0x2, 0x9, 0x1842, 0x1, 0x8000}, {0xfffffff9, 0x8, 0x7, 0xb145, 0x4, 0x8}, {0x0, 0xf8d5, 0x1ff, 0x87, 0xa, 0x5}, {0xf, 0x7e7, 0x9, 0x7, 0x0, 0xa}, {0x1, 0x101, 0x5c78, 0xffffff56, 0xee, 0x8}, {0x3, 0x73, 0xb, 0x7, 0x2, 0x6}, {0x8, 0x5, 0x4, 0x4, 0x2, 0x8}, {0x1ff, 0x1, 0x2f, 0x7, 0x533f, 0x200}, {0x8, 0x4bd5, 0x5, 0x2, 0x2, 0xf8}, {0x2, 0x8, 0x4, 0x7, 0x32, 0x1000}, {0x6, 0x9, 0x0, 0x20000008, 0x6, 0x5}, {0x5, 0x9, 0x1, 0x10, 0x8, 0x4}, {0x4, 0x0, 0x3, 0x80000000, 0x2, 0x1}, {0x6, 0xfffff800, 0xbf, 0x1, 0xffffffff, 0x8}, {0x48a3, 0x3ff, 0x9, 0x6e, 0x3, 0x8}, {0x4, 0x200000, 0xaeb, 0x360, 0x2, 0x400}, {0x0, 0xffffffff, 0xbe, 0x1, 0x7, 0x8}, {0x5ad, 0xfaec, 0x401, 0x9, 0x8, 0x45}, {0x3, 0x9, 0x400, 0x3, 0x6, 0x5}, {0xde, 0x0, 0x5, 0x8000, 0x2, 0xffff}, {0x80, 0x3491, 0x83, 0x8001, 0x3, 0x165c}, {0x6d, 0x5, 0xf, 0xe, 0x8, 0xec}, {0x6, 0x1, 0xfffffffc, 0x5, 0xfffffffc, 0x81}, {0xcd0, 0x9, 0x6, 0x7fffffff, 0x80, 0xfffffff8}, {0x7, 0x3, 0x2b0, 0x5, 0x2, 0xd6}, {0x6, 0x3, 0x0, 0x2, 0xc4}, {0x0, 0x99, 0x200, 0x1b8, 0x4, 0x1}, {0x1cff, 0xc7a9, 0x25, 0xffffffff, 0x7, 0x2}, {0xff, 0x4, 0x7fff, 0x7, 0xfffffff9, 0xd46}, {0x7, 0x2, 0xec, 0x0, 0x8}, {0x3, 0x8, 0x0, 0x6, 0xebc, 0x8}, {0x3, 0xfe9, 0x1, 0x4, 0x0, 0x401}, {0x4, 0x8, 0xd, 0x7fff, 0xb, 0x87c}, {0x4a, 0x1000, 0x1, 0x81, 0x6063, 0x1}, {0xfffffe00, 0xe392, 0x0, 0x9, 0x3, 0x9}, {0x8, 0xff, 0x1, 0x101, 0x10000000, 0x4ac9}, {0x8, 0xffffffdb, 0x3, 0xe4c, 0x3, 0x2ca759d6}, {0x5, 0x4, 0x9, 0x2, 0x2, 0xfffffffa}, {0x0, 0x3, 0x4, 0x1, 0x10001, 0x9}, {0x5f21eb86, 0x1, 0x9, 0x40, 0x4, 0x9}, {0x55f, 0x8, 0x401, 0x5, 0x3, 0x40}, {0x7, 0x6, 0x7, 0x8000, 0x81}, {0x4, 0x9, 0x5, 0x6, 0x3, 0x2}, {0x100, 0x4, 0x7, 0x8, 0x66, 0x9}, {0x5, 0x5, 0x3, 0x7ff, 0x2, 0x80000001}, {0x8, 0x6, 0x88, 0x9, 0x6, 0x1}, {0x7b, 0x74, 0x2, 0xd, 0x8, 0x1}, {0x69, 0xcd, 0x7f, 0xd, 0x200006, 0xf}, {0x9, 0x0, 0xe0e, 0x4, 0x3, 0x6}, {0x1, 0x2, 0x4, 0xc9, 0x6, 0xfffffff7}, {0xb, 0x2, 0x5, 0x7fde, 0x101, 0x1}, {0x3, 0x392, 0xb19, 0x1, 0x8d, 0x9}, {0xff, 0x5, 0xffff, 0x6972, 0x1, 0xfffffff9}, {0x6, 0x200, 0xb1, 0x1, 0x1000, 0x401}, {0x8, 0x54a0ee99, 0xfffffffa, 0x2, 0x99, 0x4}, {0x4, 0x2, 0xc979, 0x2, 0x4, 0x7ff}, {0xffffffff, 0x8, 0x7, 0x8, 0x7fffffff, 0x2b25}, {0x85, 0x4, 0xd55, 0xff, 0xf, 0x2}, {0x5, 0x2cfd091, 0x8, 0x9, 0x4, 0x103d}, {0x0, 0x8, 0x1b89, 0x7, 0x5, 0x6}, {0x2887b03a, 0xc54, 0x3, 0x0, 0x5, 0x7}, {0x2ee, 0x2, 0x8, 0x7, 0x10001, 0x5}, {0x3, 0x6, 0xe, 0x8, 0x5}, {0x1000, 0x9, 0x6, 0x1, 0x40, 0x7}, {0x9, 0x7fff, 0x4, 0x0, 0x4, 0x10}, {0xffff0000, 0x7, 0x8, 0xe, 0x400, 0xfffff521}, {0x7, 0x6, 0xd65a, 0x2, 0x3, 0xffffff93}, {0x6, 0x7, 0xffffff7d, 0x5, 0x80000000, 0xfffffffc}, {0x7, 0x800, 0xc, 0x7fff, 0x2, 0x4}, {0x0, 0x6c0, 0x2, 0x3ff, 0x8, 0x7fd7}, {0x0, 0x8000010, 0xa52, 0x3, 0x4, 0xd91}, {0x0, 0x80000000, 0x400, 0x2, 0x6, 0x7}, {0x1, 0xad3, 0x9, 0x12000000, 0x7, 0x6}, {0x7, 0x6, 0x4, 0x9, 0x9, 0x9}, {0x9e2, 0x8, 0x5, 0x1, 0x400, 0x2}, {0x74863fbb, 0x5, 0xffc000, 0x401, 0xffffff8e, 0xfffffff8}, {0xa99b, 0x4, 0x4, 0x5, 0x4, 0xfffffffa}, {0x8001, 0x0, 0xfffffffe, 0x2, 0x0, 0x7}, {0x6, 0x7, 0x0, 0x7, 0x80000000, 0x50}, {0x0, 0x0, 0xc, 0x2, 0x3, 0x4}, {0x1ff, 0x4, 0xb5, 0x7, 0x1cec, 0x8}, {0x5, 0x7, 0x9, 0x1, 0x7, 0x7}, {0x7, 0x2, 0x71e892ab, 0xe8, 0xfffffff8, 0x4}, {0x80000000, 0xb07, 0x1, 0x8, 0x6, 0x3}, {0x9, 0x2, 0x5, 0x2, 0x9, 0xe}, {0xfffffff5, 0x2, 0x0, 0x5, 0x4a3, 0x8}, {0x5, 0x9, 0x4, 0x10000, 0x3, 0x6}, {0x4, 0x3, 0xfff, 0x4, 0x4, 0x1}, {0x1, 0x6, 0x8, 0x4, 0x7, 0x40}, {0x80000001, 0x389, 0x6, 0x400, 0x5, 0x7fffffff}, {0x65, 0x7fffffff, 0x6, 0x6, 0xea8, 0x8}, {0xb, 0x0, 0x1, 0x33, 0xb, 0x7}, {0x4, 0x1, 0x3, 0x1, 0x8, 0xb49}, {0x1, 0xd, 0x1ff, 0x7, 0x9, 0x9}, {0xc98f, 0x2, 0x10004, 0x8, 0x6, 0xc2f}, {0x4, 0x80000000, 0xc, 0x100, 0xe961, 0xffffffff}, {0x1, 0x5, 0x8, 0x9, 0xff, 0x800}, {0x5, 0x6, 0x5, 0x77, 0x0, 0x8}, {0x5, 0x10000, 0x81, 0x0, 0x1ff, 0x5}, {0x1, 0x0, 0xfffffff8, 0xc0c, 0x6fa, 0x8c1}, {0x8, 0x80000000, 0x9, 0x8, 0x0, 0x7}, {0x4, 0x0, 0x2, 0x0, 0x100, 0x5}, {0x2, 0x10001, 0x1, 0x53da, 0x2, 0x8001}, {0x401, 0x68c, 0x9, 0x2, 0x8, 0x7}, {0x5, 0x80000001, 0x7f, 0x5, 0xb0e, 0xeb}, {0x6, 0xad2b, 0x1, 0x85, 0x101, 0x3ff}, {0x93, 0x7, 0x4, 0x99b, 0x5, 0x11aa729f}, {0x8, 0x3, 0x3, 0x4, 0x32a, 0x10001}, {0x5, 0x80000000, 0x6, 0x1000, 0xffffff81, 0x200}, {0xd4, 0x91000, 0x9, 0xc, 0x4, 0x2}, {0x10000, 0xfffffff4, 0x0, 0x1, 0x6, 0xe5}, {0x3, 0x4a, 0x6, 0x2, 0x8, 0x1}, {0x1, 0xffff, 0x10001, 0x1ff, 0x3, 0xfffffff5}, {0x4, 0x7, 0xfffffffc, 0x6, 0x6, 0x2}, {0xf74f, 0xd, 0x0, 0x0, 0x3ff, 0x6}, {0xfff, 0xff, 0x3, 0x2, 0x8, 0xc}, {0x5, 0x9, 0x45, 0x1, 0x6, 0x1000}, {0x4, 0x0, 0x1ff, 0xb, 0xa, 0x1}, {0x5, 0x6, 0x6a5, 0x0, 0x7}, {0x0, 0x5, 0x7fffffff, 0x6, 0x9, 0x9}, {0x18152e2c, 0x5, 0x0, 0xff, 0x2, 0xffffffff}, {0x7554, 0xffffffff, 0x5, 0x1, 0xfffffffe, 0x6}, {0xef6, 0x7, 0x61a, 0x0, 0x4, 0x9}, {0x19, 0x10001, 0x3, 0x3, 0x0, 0xfff}, {0x7, 0x4000, 0x100, 0x10000}, {0x57b, 0x2, 0x10e, 0x80, 0x7, 0x5}, {0x9a, 0x5, 0x3, 0x0, 0x3, 0x7fff}, {0x2000000, 0x9, 0x7, 0x0, 0x2, 0x101}], [{0x3}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x1}, {}, {0x4}, {}, {0x3}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x1}, {0x1}, {0x4}, {0x4}, {0x5}, {0x5}, {0x6}, {0x2, 0x1}, {0x2, 0x1}, {0x2}, {0x3}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x5}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x3}, {}, {0x3, 0x1}, {0x2}, {0x1}, {0x3}, {0x0, 0x1}, {}, {0x5, 0x3}, {0x4}, {0x4, 0x1}, {0x0, 0x1}, {0x2}, {0x2}, {}, {0x3, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0xe, 0x1}, {0x3}, {0x1}, {0x5}, {0x3}, {0x6, 0x1}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5, 0x3}, {0x5}, {}, {0x5}, {0x1, 0x1}, {0x2, 0x2}, {0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5}, {0x4}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {}, {}, {0x5}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0xdcdcfc412ebb7d41}, {0x1, 0x1}, {0x1}, {0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x4}, {0x3}, {0x2}, {0x3}, {0x0, 0x1}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x1}, {0x2}, {0x3}, {0x1}, {}, {0x5}, {0x4}, {0xbe9e5652533709fb}, {0x4}, {}, {0x0, 0x1}, {0x3}, {0x1}, {0x1}, {}, {0x1, 0x1}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x3}, {0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x2, 0x1}]}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0xf8}}]}, 0xe8c}, 0x1, 0x0, 0x0, 0x81}, 0x4800)

1.943176191s ago: executing program 2 (id=506):
socket$kcm(0x10, 0x2, 0x0)
syz_read_part_table(0x1060, &(0x7f0000000000)="$eJzsz8FpAlEUBdA7n/mZCQSyTxFTRxaBrLJOE/bhypUd2I7FiIJ8YRwtQV2cs3k8ePfBDc9VcmqttXLb345J9zVmSsm2Jqm/U9Jm6Yd7bH+dbTinbuqSTbKu+U/qe5KPJN3PMCar75Skn48+D+Pyo8vf7qFdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBFXQIAAP//s1YVKg==")
r0 = creat(0x0, 0xecf86c37d53049cc)
write$binfmt_elf32(r0, 0x0, 0x58)

1.702350095s ago: executing program 3 (id=510):
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000a80)='./file1\x00', 0x8, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@data_ordered}, {@grpjquota}, {@sb={'sb', 0x3d, 0x64}}, {@orlov}, {@norecovery}, {@data_err_abort}, {@nomblk_io_submit}]}, 0x66, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000007c0), 0x80a03, 0x0)

1.661018795s ago: executing program 2 (id=511):
r0 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x2000, @fd, 0x9, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

1.554538637s ago: executing program 3 (id=515):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000200400001"], 0x48)

1.532683547s ago: executing program 2 (id=516):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x10, &(0x7f00000001c0)=0xffe, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c6173740000000014000000101801"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
recvmmsg(r0, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000100)=0x1e7b, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
io_setup(0xb, &(0x7f0000000240)=<r2=>0x0)
io_getevents(r2, 0x2e08, 0x3, &(0x7f0000000000)=[{}, {}, {}], 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x59, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xfbf6, 0x400, 0x0, 0x349})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="d80000001c0081044e81f782db44b904021d080201000000400000a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x18, 0x140f, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'mad\x00'}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x1004)
r9 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x40, 0x0, 0x89, 0x0, r4})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00'})
getrlimit(0x1, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_FILES(r9, 0x1e, &(0x7f0000000000)=[r4], 0x1)

1.503633458s ago: executing program 3 (id=519):
r0 = semget$private(0x0, 0x4000000009, 0x0)
semop(r0, &(0x7f0000000040)=[{0x4, 0x1}, {0x4}], 0x2)
semtimedop(r0, &(0x7f0000000040)=[{0x3, 0xfffe, 0x1000}], 0x1, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x0, 0xc63e}, {0x4, 0x4, 0x1800}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000c80)={[{@numtail}, {@shortname_winnt}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@fat=@flush}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@fat=@codepage={'codepage', 0x3d, '950'}}, {@fat=@gid={'gid', 0x3d, 0xee00}}, {@utf8no}, {@shortname_lower}, {@shortname_winnt}]}, 0x1, 0x362, &(0x7f0000000d80)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
utimensat(r3, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
kexec_load(0x0, 0x0, 0x0, 0x0)

1.322344101s ago: executing program 5 (id=520):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r5 = add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x1}, &(0x7f00000003c0)="ae", 0x1, r4)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@keyring={'key_or_keyring:', r5})
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000280)=0x4)
ioctl$PPPIOCSMAXCID(r1, 0x40047451, &(0x7f0000000200)=0x3)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r1, &(0x7f0000000140)=[{&(0x7f0000000580)="00214717a70700ee776f209eb052a5069d317ebbaaa6", 0x16}], 0x1, 0x803, 0x2)
r6 = syz_io_uring_setup(0x497, &(0x7f0000000040)={0x0, 0x79af, 0x1000, 0x8000, 0x400250}, &(0x7f0000000680)=<r7=>0x0, &(0x7f0000000300)=<r8=>0x0)
r9 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f0000000c80)='\x95\xbc\x83\xcc\xc6X\xe6\xf2\xd4 Dj\x1f\x1f\x8b\xc6AOP\xd0n\x06*T\x9c|\x01\xc1\x82\x9fn@\x01\xec\xf4\x81\xab\x8eG3)\xee@* \xbbM\x06\x81\xd1\xc8\xdc\x95\v\xa7\xc2\xa7\xff\f\xe5\x9f1\xcex\xa6\xd2\x01Y\r\xb1\xf3\xe27\xce-<\xfcp\xb3{Sp6\xe4\xe7\xc4\xedb\x84\vR\xa3\xc6M\xd3l\xaeC\x88I\xdbwStNkA\ty\xbc\xde\xa2\t\x85u\r\xce\xbd\xd1\xa7\xf8\xc7\xb0\v\xad>\xd8\xc3{\xe5\x97\x17x\x9a\x82YD3\x94N\x19\x94S$w/\x8d\xe2h\xa8\xcc\x10O|\xacBC P\xe3\xb49\x0e!t\xe9R\\\xf8w\xa6a\xd0\xc0\xd0\xfe\x16\x98\x8d\xc3K\xa6 \xa6b7\x89[\xbd\x85\x1e\x1e\xa5\xc2\xcc\x1a{\xd8\x18k\xf3\xcc\xfeL\x8a\x8dp\xfbum\xbb\xbd\xae\xbd\xa7\xa6\\\x89Dk\x1c\xe4\xdd\xf0\x0e[.9\x14=\xe2\xa7Y\xe6\xc0\x98U\xb3N\t-\xb6\x8d\x94\xb9I\x1f\xc4\xd62\x03\xbe]^\xfe\x86.x\xa01\xab\f\x93\x95\xb6@$\xb5\xa1\xc3}\xef\xda5\t\x9f\xf8\xb6\xed\x7f]\x8e\x0e.\xf3\xf2\xbb\xccD\xd0\a\x15\xf6\xd8(\xbdFkJ\x1e\x1c\x95?\xe2;\xa4\xc8_\x05x\b\f\x7fI\xa5b#\x17\x03\t\xb5Fr@\x12\x15\xaa\x05\xa7\x96\xe6\xdaNk$\x92\x90w\a9\a\xce\x16\xe3*y\x0e\xf6BHSb\xa2\x86\xadC\'\x8d$\xb5\x8fY5\x04bE\x1f\xaf\xa6;\xe8\xfc\xa5:N\xfb\xa0\"\xa6\x03\x00=wW\x9e\xd6\xd5%\x10PP\xb1\x9e7p', &(0x7f0000000380)='$\x00LQ->\xa0\x85\'\xf4\xfc\x8f\x96\x96\xfd\xb6\xef\x7f\x04\a\x1b\x1c\xf4\xb8', 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffa, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r0, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r6, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)

1.184135832s ago: executing program 5 (id=524):
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, 0x0, &(0x7f0000001c80)="6ed4f9", 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000001600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000040002850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffdba, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, 0x0, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='mm_page_alloc\x00', r4}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
syz_clone(0x40049480, 0x0, 0x0, &(0x7f0000000a00), 0x0, 0x0)

1.065213224s ago: executing program 0 (id=527):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bf"], &(0x7f0000000100)='GPL\x00', 0x2000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x19}, 0x94)
sigaltstack(0x0, &(0x7f0000000080)={&(0x7f0000000040)})
gettid()
rt_sigqueueinfo(0xffffffffffffffff, 0x0, &(0x7f0000002d00)={0x39, 0x7, 0xffffffff})
r0 = fsmount(0xffffffffffffffff, 0x0, 0xf0)
fchdir(r0)
r1 = socket(0x840000000002, 0x3, 0x100)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0)
r2 = getpid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc004)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010026bd700000000000250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=r2, @ANYBLOB="0b0a98e457de45ff373caa265c6358eba9fcde37f72cf111192341a13690aeba6cba870601bc72b5d031933eeb445035476d8e576dd611343863f284069d396a22c09d3e23116619a681b1f7"], 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r5, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000400)=0x14)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)='r', 0x200420}], 0x1}, 0x48000)
sendmsg$kcm(r7, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000005c0)="96", 0x1}], 0x1}, 0x1)
r8 = dup(r6)
ioctl$TIOCL_SETSEL(r8, 0x541c, &(0x7f00000007c0)={0x2, {0x2, 0x101, 0x0, 0x101}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
request_key(&(0x7f0000000540)='user\x00', &(0x7f0000000580)={'syz', 0x2}, &(0x7f00000005c0)='\x00', 0xffffffffffffffff)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x18)
open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r11, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

1.060861764s ago: executing program 5 (id=528):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x800}, 0x18)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000001380)=@o_path={&(0x7f0000001340)='./file0\x00', 0x0, 0x4008}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

993.889675ms ago: executing program 5 (id=530):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x10, &(0x7f00000001c0)=0xffe, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c6173740000000014000000101801"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
recvmmsg(r0, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000100)=0x1e7b, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
io_setup(0xb, &(0x7f0000000240)=<r2=>0x0)
io_getevents(r2, 0x2e08, 0x3, &(0x7f0000000000)=[{}, {}, {}], 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x59, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xfbf6, 0x400, 0x0, 0x349})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="d80000001c0081044e81f782db44b904021d080201000000400000a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x18, 0x140f, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'mad\x00'}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x1004)
r8 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x1e28, 0x40, 0x0, 0x89, 0x0, r4})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00'})
io_uring_register$IORING_REGISTER_FILES(r8, 0x1e, &(0x7f0000000000)=[r4], 0x1)

855.976867ms ago: executing program 5 (id=532):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x3789, <r0=>0x0}, 0x8)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYRESDEC], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x10000000}, 0x10, r0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket(0x28, 0x5, 0x0)
io_setup(0x8, &(0x7f0000004200))
syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x1)

759.021059ms ago: executing program 5 (id=535):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYRESOCT=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r7}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r8, 0x0, 0x8000000000000}, 0x18)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r9, 0x65, 0x1, 0x0, 0xf00)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r10, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, r11, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000084}, 0x40)
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x2)

719.477899ms ago: executing program 0 (id=536):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
read(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000021c0)=@newtfilter={0xe8c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0xe58, 0x2, [@TCA_FW_ACT={0xe54, 0x4, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xafcc, 0x7, 0xffffffffffffffff, 0x8, 0x8001}, 0x7, 0x1}, [{0xe205, 0x2, 0x9, 0x1842, 0x1, 0x8000}, {0xfffffff9, 0x8, 0x7, 0xb145, 0x4, 0x8}, {0x0, 0xf8d5, 0x1ff, 0x87, 0xa, 0x5}, {0xf, 0x7e7, 0x9, 0x7, 0x0, 0xa}, {0x1, 0x101, 0x5c78, 0xffffff56, 0xee, 0x8}, {0x3, 0x73, 0xb, 0x7, 0x2, 0x6}, {0x8, 0x5, 0x4, 0x4, 0x2, 0x8}, {0x1ff, 0x1, 0x2f, 0x7, 0x533f, 0x200}, {0x8, 0x4bd5, 0x5, 0x2, 0x2, 0xf8}, {0x2, 0x8, 0x4, 0x7, 0x32, 0x1000}, {0x6, 0x9, 0x0, 0x20000008, 0x6, 0x5}, {0x5, 0x9, 0x1, 0x10, 0x8, 0x4}, {0x4, 0x0, 0x3, 0x80000000, 0x2, 0x1}, {0x6, 0xfffff800, 0xbf, 0x1, 0xffffffff, 0x8}, {0x48a3, 0x3ff, 0x9, 0x6e, 0x3, 0x8}, {0x4, 0x200000, 0xaeb, 0x360, 0x2, 0x400}, {0x0, 0xffffffff, 0xbe, 0x1, 0x7, 0x8}, {0x5ad, 0xfaec, 0x401, 0x9, 0x8, 0x45}, {0x3, 0x9, 0x400, 0x3, 0x6, 0x5}, {0xde, 0x0, 0x5, 0x8000, 0x2, 0xffff}, {0x80, 0x3491, 0x83, 0x8001, 0x3, 0x165c}, {0x6d, 0x5, 0xf, 0xe, 0x8, 0xec}, {0x6, 0x1, 0xfffffffc, 0x5, 0xfffffffc, 0x81}, {0xcd0, 0x9, 0x6, 0x7fffffff, 0x80, 0xfffffff8}, {0x7, 0x3, 0x2b0, 0x5, 0x2, 0xd6}, {0x6, 0x3, 0x0, 0x2, 0xc4}, {0x0, 0x99, 0x200, 0x1b8, 0x4, 0x1}, {0x1cff, 0xc7a9, 0x25, 0xffffffff, 0x7, 0x2}, {0xff, 0x4, 0x7fff, 0x7, 0xfffffff9, 0xd46}, {0x7, 0x2, 0xec, 0x0, 0x8}, {0x3, 0x8, 0x0, 0x6, 0xebc, 0x8}, {0x3, 0xfe9, 0x1, 0x4, 0x0, 0x401}, {0x4, 0x8, 0xd, 0x7fff, 0xb, 0x87c}, {0x4a, 0x1000, 0x1, 0x81, 0x6063, 0x1}, {0xfffffe00, 0xe392, 0x0, 0x9, 0x3, 0x9}, {0x8, 0xff, 0x1, 0x101, 0x10000000, 0x4ac9}, {0x8, 0xffffffdb, 0x3, 0xe4c, 0x3, 0x2ca759d6}, {0x5, 0x4, 0x9, 0x2, 0x2, 0xfffffffa}, {0x0, 0x3, 0x4, 0x1, 0x10001, 0x9}, {0x5f21eb86, 0x1, 0x9, 0x40, 0x4, 0x9}, {0x55f, 0x8, 0x401, 0x5, 0x3, 0x40}, {0x7, 0x6, 0x7, 0x8000, 0x81}, {0x4, 0x9, 0x5, 0x6, 0x3, 0x2}, {0x100, 0x4, 0x7, 0x8, 0x66, 0x9}, {0x5, 0x5, 0x3, 0x7ff, 0x2, 0x80000001}, {0x8, 0x6, 0x88, 0x9, 0x6, 0x1}, {0x7b, 0x74, 0x2, 0xd, 0x8, 0x1}, {0x69, 0xcd, 0x7f, 0xd, 0x200006, 0xf}, {0x9, 0x0, 0xe0e, 0x4, 0x3, 0x6}, {0x1, 0x2, 0x4, 0xc9, 0x6, 0xfffffff7}, {0xb, 0x2, 0x5, 0x7fde, 0x101, 0x1}, {0x3, 0x392, 0xb19, 0x1, 0x8d, 0x9}, {0xff, 0x5, 0xffff, 0x6972, 0x1, 0xfffffff9}, {0x6, 0x200, 0xb1, 0x1, 0x1000, 0x401}, {0x8, 0x54a0ee99, 0xfffffffa, 0x2, 0x99, 0x4}, {0x4, 0x2, 0xc979, 0x2, 0x4, 0x7ff}, {0xffffffff, 0x8, 0x7, 0x8, 0x7fffffff, 0x2b25}, {0x85, 0x4, 0xd55, 0xff, 0xf, 0x2}, {0x5, 0x2cfd091, 0x8, 0x9, 0x4, 0x103d}, {0x0, 0x8, 0x1b89, 0x7, 0x5, 0x6}, {0x2887b03a, 0xc54, 0x3, 0x0, 0x5, 0x7}, {0x2ee, 0x2, 0x8, 0x7, 0x10001, 0x5}, {0x3, 0x6, 0xe, 0x8, 0x5}, {0x1000, 0x9, 0x6, 0x1, 0x40, 0x7}, {0x9, 0x7fff, 0x4, 0x0, 0x4, 0x10}, {0xffff0000, 0x7, 0x8, 0xe, 0x400, 0xfffff521}, {0x7, 0x6, 0xd65a, 0x2, 0x3, 0xffffff93}, {0x6, 0x7, 0xffffff7d, 0x5, 0x80000000, 0xfffffffc}, {0x7, 0x800, 0xc, 0x7fff, 0x2, 0x4}, {0x0, 0x6c0, 0x2, 0x3ff, 0x8, 0x7fd7}, {0x0, 0x8000010, 0xa52, 0x3, 0x4, 0xd91}, {0x0, 0x80000000, 0x400, 0x2, 0x6, 0x7}, {0x1, 0xad3, 0x9, 0x12000000, 0x7, 0x6}, {0x7, 0x6, 0x4, 0x9, 0x9, 0x9}, {0x9e2, 0x8, 0x5, 0x1, 0x400, 0x2}, {0x74863fbb, 0x5, 0xffc000, 0x401, 0xffffff8e, 0xfffffff8}, {0xa99b, 0x4, 0x4, 0x5, 0x4, 0xfffffffa}, {0x8001, 0x0, 0xfffffffe, 0x2, 0x0, 0x7}, {0x6, 0x7, 0x0, 0x7, 0x80000000, 0x50}, {0x0, 0x0, 0xc, 0x2, 0x3, 0x4}, {0x1ff, 0x4, 0xb5, 0x7, 0x1cec, 0x8}, {0x5, 0x7, 0x9, 0x1, 0x7, 0x7}, {0x7, 0x2, 0x71e892ab, 0xe8, 0xfffffff8, 0x4}, {0x80000000, 0xb07, 0x1, 0x8, 0x6, 0x3}, {0x9, 0x2, 0x5, 0x2, 0x9, 0xe}, {0xfffffff5, 0x2, 0x0, 0x5, 0x4a3, 0x8}, {0x5, 0x9, 0x4, 0x10000, 0x3, 0x6}, {0x4, 0x3, 0xfff, 0x4, 0x4, 0x1}, {0x1, 0x6, 0x8, 0x4, 0x7, 0x40}, {0x80000001, 0x389, 0x6, 0x400, 0x5, 0x7fffffff}, {0x65, 0x7fffffff, 0x6, 0x6, 0xea8, 0x8}, {0xb, 0x0, 0x1, 0x33, 0xb, 0x7}, {0x4, 0x1, 0x3, 0x1, 0x8, 0xb49}, {0x1, 0xd, 0x1ff, 0x7, 0x9, 0x9}, {0xc98f, 0x2, 0x10004, 0x8, 0x6, 0xc2f}, {0x4, 0x80000000, 0xc, 0x100, 0xe961, 0xffffffff}, {0x1, 0x5, 0x8, 0x9, 0xff, 0x800}, {0x5, 0x6, 0x5, 0x77, 0x0, 0x8}, {0x5, 0x10000, 0x81, 0x0, 0x1ff, 0x5}, {0x1, 0x0, 0xfffffff8, 0xc0c, 0x6fa, 0x8c1}, {0x8, 0x80000000, 0x9, 0x8, 0x0, 0x7}, {0x4, 0x0, 0x2, 0x0, 0x100, 0x5}, {0x2, 0x10001, 0x1, 0x53da, 0x2, 0x8001}, {0x401, 0x68c, 0x9, 0x2, 0x8, 0x7}, {0x5, 0x80000001, 0x7f, 0x5, 0xb0e, 0xeb}, {0x6, 0xad2b, 0x1, 0x85, 0x101, 0x3ff}, {0x93, 0x7, 0x4, 0x99b, 0x5, 0x11aa729f}, {0x8, 0x3, 0x3, 0x4, 0x32a, 0x10001}, {0x5, 0x80000000, 0x6, 0x1000, 0xffffff81, 0x200}, {0xd4, 0x91000, 0x9, 0xc, 0x4, 0x2}, {0x10000, 0xfffffff4, 0x0, 0x1, 0x6, 0xe5}, {0x3, 0x4a, 0x6, 0x2, 0x8, 0x1}, {0x1, 0xffff, 0x10001, 0x1ff, 0x3, 0xfffffff5}, {0x4, 0x7, 0xfffffffc, 0x6, 0x6, 0x2}, {0xf74f, 0xd, 0x0, 0x0, 0x3ff, 0x6}, {0xfff, 0xff, 0x3, 0x2, 0x8, 0xc}, {0x5, 0x9, 0x45, 0x1, 0x6, 0x1000}, {0x4, 0x0, 0x1ff, 0xb, 0xa, 0x1}, {0x5, 0x6, 0x6a5, 0x0, 0x7}, {0x0, 0x5, 0x7fffffff, 0x6, 0x9, 0x9}, {0x18152e2c, 0x5, 0x0, 0xff, 0x2, 0xffffffff}, {0x7554, 0xffffffff, 0x5, 0x1, 0xfffffffe, 0x6}, {0xef6, 0x7, 0x61a, 0x0, 0x4, 0x9}, {0x19, 0x10001, 0x3, 0x3, 0x0, 0xfff}, {0x7, 0x4000, 0x100, 0x10000}, {0x57b, 0x2, 0x10e, 0x80, 0x7, 0x5}, {0x9a, 0x5, 0x3, 0x0, 0x3, 0x7fff}, {0x2000000, 0x9, 0x7, 0x0, 0x2, 0x101}], [{0x3}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x1}, {}, {0x4}, {}, {0x3}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x1}, {0x1}, {0x4}, {0x4}, {0x5}, {0x5}, {0x6}, {0x2, 0x1}, {0x2, 0x1}, {0x2}, {0x3}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x5}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x3}, {}, {0x3, 0x1}, {0x2}, {0x1}, {0x3}, {0x0, 0x1}, {}, {0x5, 0x3}, {0x4}, {0x4, 0x1}, {0x0, 0x1}, {0x2}, {0x2}, {}, {0x3, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0xe, 0x1}, {0x3}, {0x1}, {0x5}, {0x3}, {0x6, 0x1}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5, 0x3}, {0x5}, {}, {0x5}, {0x1, 0x1}, {0x2, 0x2}, {0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5}, {0x4}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {}, {}, {0x5}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0xdcdcfc412ebb7d41}, {0x1, 0x1}, {0x1}, {0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x4}, {0x3}, {0x2}, {0x3}, {0x0, 0x1}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x1}, {0x2}, {0x3}, {0x1}, {}, {0x5}, {0x4}, {0xbe9e5652533709fb}, {0x4}, {}, {0x0, 0x1}, {0x3}, {0x1}, {0x1}, {}, {0x1, 0x1}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x3}, {0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x2, 0x1}]}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0xf8}}]}, 0xe8c}, 0x1, 0x0, 0x0, 0x81}, 0x4800)

718.855399ms ago: executing program 1 (id=537):
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000a80)='./file1\x00', 0x8, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@data_ordered}, {@grpjquota}, {@sb={'sb', 0x3d, 0x64}}, {@orlov}, {@norecovery}, {@data_err_abort}, {@nomblk_io_submit}]}, 0x66, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000007c0), 0x80a03, 0x0)

676.06502ms ago: executing program 1 (id=538):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000340)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0000000000000000000000000000000000001fb195d574202b200000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000"]}, 0x108)

665.55158ms ago: executing program 1 (id=539):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

629.336601ms ago: executing program 0 (id=540):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff0000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r2}, 0x10)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
socket$packet(0x11, 0x2, 0x300)
r4 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000140)={[{@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noblock_validity}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
name_to_handle_at(r4, 0x0, 0x0, 0x0, 0x1200)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
r6 = getpgrp(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, r6, 0x0, &(0x7f00000003c0))
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x5, 0x0, 0x0, {0x0, 0xea60}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "1d0b6382972f4b8f"}}, 0x48}}, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r7, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r7, &(0x7f00000002c0), 0x220, 0x100, 0x0)
writev(r5, &(0x7f0000000380)=[{&(0x7f00000000c0)="6b5ea0cd187ede3e538bc3543948db9297109ca599cded039b156251280c7ab65af41be8ce62414fe0e3ec3ee9e934d857d01d2100604b4cb96352c190d2a873f0456fbfe4300bb80f3eb66e6ac9489e2c0a22124aa2564aa23304616ea710e465bb0aa8ba8801dc0b08424236366badebbb569dc0c8fbf88fb26bc9fef50f76f7", 0x81}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, r5, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
ioctl(r5, 0x1, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000400)=0x54)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r5, 0x5, 0x0, 0x2}, 0x50)

579.285982ms ago: executing program 2 (id=541):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20e8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb0100180000000000000014000000140000"], 0x0, 0x2e, 0x0, 0x1, 0x3}, 0x28)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0)
ioctl$EVIOCSMASK(r2, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0})
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x2250)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYRES64=r0], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x101180, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x6, 0x4, &(0x7f00000003c0)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x14}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x6}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

566.710002ms ago: executing program 3 (id=542):
r0 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x2000, @fd, 0x9, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

447.760224ms ago: executing program 1 (id=543):
socket$kcm(0x10, 0x2, 0x0)
syz_read_part_table(0x1060, &(0x7f0000000000)="$eJzsz8FpAlEUBdA7n/mZCQSyTxFTRxaBrLJOE/bhypUd2I7FiIJ8YRwtQV2cs3k8ePfBDc9VcmqttXLb345J9zVmSsm2Jqm/U9Jm6Yd7bH+dbTinbuqSTbKu+U/qe5KPJN3PMCar75Skn48+D+Pyo8vf7qFdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBFXQIAAP//s1YVKg==")
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, 0x0, 0x58)

281.193146ms ago: executing program 0 (id=544):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket(0x10, 0x80002, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000006c0)={0x0, 0x79af, 0x1000, 0x8000, 0x400250}, &(0x7f0000000680)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r1, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r2, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)

233.203067ms ago: executing program 3 (id=545):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000000000000e1317135c9a420f7eb9df168ac5c051d2db069f5f1fe507db122c7482a6882e44635412ca094a0c7dbc020d4fb935e55c7055a6c134b61f9d3f1d5ab617adfecdca1c385b3c02a3c6346d8f9406319e7671a3c15b8c8d9e19fdc4aaeac2d"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffda2, 0x0, 0x0, 0x0}, 0x94)
r5 = socket(0x2, 0x80805, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={<r7=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x7a, &(0x7f0000000340)={r7, @in={{0x2, 0x4e21, @remote}}}, &(0x7f0000000040)=0x84)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r3, &(0x7f0000000440)="d194fe1f4ffb3ff55aec2fa10c97fcbd761e02c6300a66631f41a40b6e974e5aeb90a20c9cedd2708f7726e96b586cc7dbb32e801eb65d9e14795ed30dd8b18a2db9ee3f73234a63352023ae557a50f677", &(0x7f00000005c0)=""/102}, 0x20)
sendmmsg$inet_sctp(r5, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000000)={r7, 0x5, 0x20}, 0xc)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f00000004c0), &(0x7f0000000280)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x80010, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000680)={r8, 0xffffffffffffffff, 0x2d, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7, 0x0, 0x1}}, 0x40)
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f0000000400)={0x0, 0x7f, 0x700})
sendmsg$IPSET_CMD_RENAME(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="280004000506030000000000000000000a000005090002003ab4db49413dc1a2f374d8c59573790d"], 0x28}, 0x1, 0x0, 0x0, 0x41}, 0x20008040)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')

101.059769ms ago: executing program 1 (id=546):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x3789, <r0=>0x0}, 0x8)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYRESDEC], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x10000000}, 0x10, r0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket(0x28, 0x5, 0x0)
io_setup(0x8, &(0x7f0000004200))
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x1)

88.558829ms ago: executing program 3 (id=547):
r0 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x2000, @fd, 0x9, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

77.321409ms ago: executing program 0 (id=548):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', r1, 0x0, 0x2}, 0x18)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
msgctl$IPC_RMID(0x0, 0x0)

56.979579ms ago: executing program 0 (id=549):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000007000000020000000400000005000000", @ANYRES32, @ANYRES64, @ANYRES8=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r3 = syz_open_pts(r2, 0x0)
dup3(r3, r2, 0x0)
ppoll(&(0x7f0000000140)=[{r1, 0x1001}], 0x2000000000000027, 0x0, 0x0, 0x0)
ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000180)={0x38000, 0x8, 0x0, 0x2, 0x5, "aa32b73986bbee6bd231334cbfa0b758261a93"})
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x200)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x8000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
fchdir(r7)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)

0s ago: executing program 1 (id=550):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x4, 0x0, 0x3, 0x6, 0x0, 0x20, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="50020000", @ANYRES16=<r2=>r1, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c8024000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b8008000a"], 0x250}}, 0x4c000)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000001040)=ANY=[@ANYBLOB="f8040000", @ANYRES16=r3, @ANYBLOB="000027bd7000fedbdf25020000000800010003000000080001000300000090000c8014000b8008000900504e562708000900be5867133c000b8008000900c1242a45080009006bc8f85008000a0088db00000800090075cb944c08000a00b7790000080009007a6dad760800090095e2e9793c000b8008000900dc5c1710080009008fccfe2408000a0074ac000008000a004c2e0000080009004e1f527d08000a0087a0000008000a008c1b0000240108801c0007800800050030525941080005001c1c277208000600110000001400078008000500abb37e2b080006006100000024000780080005003debc6670800050050849f5e080006007a00000008000500746cf04b3c000780080005003f06bc1508000600a200000008000600e400000008000500a1fca10708000600f1000000080006001500000008000600970000001400078008000500d6f5260908000500fa3c427d4400078008000600bf000000080006004e0000000800050032e1631d0800050088abb95508f9b8e281f370000500d635dd1c0800060029000000080006005300000008000600470000001c000780080006006e00000008000600db00000008000500fc33270a1c00078008000500dc073937080006005600000008000500d53fe14528010c8014000b80080009002dec4c6808000a0057c200000c000b800800090014a92a5344000b8008000900cd42bf0808000900b98d6547080009006bbf062808000a00b038000008000a00d739000008000900b0803f7708000a000d78000008000900e1b0e06a0c000b800800090055e10a6f3c000b8008000a00e797000008000900dfa05b4c08000a008bca0000080009003ef1f0090800090092c0e26f08000a003a460000080009000d18bc2f44000b8008000a000800000008000a002a78000008000a008d6c000008000a00fa60000008000a00205d000008000a008bcd000008000900dfc53971080009003983ee5c34000b8008000a00e07c000008000a00636d000008000a009085000008000a008310000008000a000ecd0000080009006ba2f47b4400048005000300070000000500030000000000050003000000000005000300060000000500030006000000050003000600000005000300050000000500030007000000f8000c802c000b8008000900fb90f35708000a001b0f000008000a004645000008000a00d8aa000008000900f977066e44000b8008000a00220d00000800090069d8ba2c080009008623fb4708000900817d720e080009008db0f32d080009000345827208000a00096a000008000900683cc1462c000b8008000900c859f77808000900e1803f6a08000a00580700000800090024305a4308000a008e1100000c000b8008000900050000004c000b8008000a00d6f1000008000a00f0fb0000080009001737926c0800090049940c0708000900b240440108000a00d9240000080009000e0f827c08000900653ab42208000a0096160000bc000c8034000b8008000900a98a252508000a00d8a8000008000900aff2ff4808000a00112c000008000900a4e0825608000a0098ad0000"], 0x4f8}, 0x1, 0x0, 0x0, 0x40001}, 0x2400c805)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000680)="1f000000190081054e81f782db4cb9040263cb848a0ef30b1bffff070a000a", 0x1f}], 0x1}, 0x14)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n\x00', @ANYRES32], 0x48)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="28000000000803000000000000000000000000000600024088a800000500030081000000fe3504808cdbb6bb69c59a540000000000000000b7dbf777feadefc305ad188f"], 0x28}}, 0x0)
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYRESDEC=r2, @ANYRES32=r6, @ANYRES64=r4], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4}, 0xffffffffffffff8d)
r7 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r7, 0x80045505, &(0x7f0000000040)=@usbdevfs_driver={0x1, 0x3, &(0x7f00000000c0)="eb77ec06c0e0af95d3be025b910dba5be03a7e6e323742e5686b5dbf7e9374afcb6ea65cc8a37f6d64b039596680adf8b02e98fa806666f8ecd3e88e64234f564ef131829083860a165524cf7639b3459ebcad8584d7864c"})

kernel console output (not intermixed with test programs):

op3): ext4_lookup:1787: inode #12: comm syz.3.68: iget: bad i_size value: 2533274857506816
[   34.570521][ T3761] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.68: iget: bad i_size value: 2533274857506816
[   34.601577][ T3761] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.68: corrupted inode contents
[   34.617748][ T3761] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm syz.3.68: mark_inode_dirty error
[   34.631615][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.642842][ T3735] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.61: Allocating blocks 497-513 which overlap fs metadata
[   34.687736][ T3761] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm syz.3.68: corrupted inode contents
[   34.700689][ T3761] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm syz.3.68: mark_inode_dirty error
[   34.715122][ T3761] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm syz.3.68: mark inode dirty (error -117)
[   34.731246][   T29] kauditd_printk_skb: 651 callbacks suppressed
[   34.731264][   T29] audit: type=1400 audit(1751602686.046:786): avc:  denied  { unmount } for  pid=3309 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   34.733455][ T3772] loop0: detected capacity change from 0 to 512
[   34.759148][ T3761] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[   34.781789][ T3772] EXT4-fs: Ignoring removed nobh option
[   34.790309][ T3774] loop2: detected capacity change from 0 to 256
[   34.801266][ T3772] EXT4-fs: Ignoring removed mblk_io_submit option
[   34.810372][ T3772] EXT4-fs: old and new quota format mixing
[   34.816894][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.821342][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.855511][ T3774] FAT-fs (loop2): codepage cp950 not found
[   34.876560][ T3772] loop0: detected capacity change from 0 to 128
[   34.877283][   T29] audit: type=1400 audit(1751602686.186:787): avc:  denied  { read write } for  pid=3773 comm="syz.2.72" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   34.906324][   T29] audit: type=1400 audit(1751602686.186:788): avc:  denied  { open } for  pid=3773 comm="syz.2.72" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   34.964270][ T3781] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   34.964270][ T3781]    program syz.1.74 not setting count and/or reply_len properly
[   34.964513][   T29] audit: type=1400 audit(1751602686.276:789): avc:  denied  { write } for  pid=3780 comm="syz.1.74" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   35.005360][ T3779] loop3: detected capacity change from 0 to 512
[   35.013285][ T3779] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   35.039765][ T3779] EXT4-fs (loop3): invalid journal inode
[   35.053160][ T3779] EXT4-fs (loop3): can't get journal size
[   35.070276][ T3779] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #12: comm syz.3.73: blocks 2-2 from inode overlap system zone
[   35.084192][ T3779] EXT4-fs (loop3): failed to initialize system zone (-117)
[   35.093554][ T3779] EXT4-fs (loop3): mount failed
[   35.116501][   T29] audit: type=1326 audit(1751602686.426:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3796 comm="syz.4.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   35.142245][ T3795] vlan0: entered promiscuous mode
[   35.147290][ T3795] hsr0: entered promiscuous mode
[   35.167310][   T29] audit: type=1326 audit(1751602686.466:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3796 comm="syz.4.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   35.190420][   T29] audit: type=1326 audit(1751602686.466:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3796 comm="syz.4.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   35.213792][   T29] audit: type=1326 audit(1751602686.466:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3796 comm="syz.4.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   35.213816][   T29] audit: type=1326 audit(1751602686.466:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3796 comm="syz.4.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   35.213837][   T29] audit: type=1326 audit(1751602686.466:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3796 comm="syz.4.79" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   35.294709][ T3801] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   35.302203][ T3801] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   35.329128][ T3804] loop2: detected capacity change from 0 to 256
[   35.391276][ T3816] syz.1.83 uses obsolete (PF_INET,SOCK_PACKET)
[   35.460361][ T3818] loop3: detected capacity change from 0 to 2048
[   35.520432][ T3818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.935142][ T3835] __nla_validate_parse: 7 callbacks suppressed
[   35.935158][ T3835] netlink: 24 bytes leftover after parsing attributes in process `syz.1.89'.
[   36.036286][ T3837] xt_cgroup: path and classid specified
[   36.285533][ T3804] FAT-fs (loop2): codepage cp950 not found
[   36.295307][ T3841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.91'.
[   36.431200][ T3845] loop0: detected capacity change from 0 to 512
[   36.517535][ T3845] EXT4-fs: quotafile must be on filesystem root
[   36.535194][ T3851] FAULT_INJECTION: forcing a failure.
[   36.535194][ T3851] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   36.548327][ T3851] CPU: 1 UID: 0 PID: 3851 Comm: syz.1.95 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   36.548394][ T3851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   36.548463][ T3851] Call Trace:
[   36.548469][ T3851]  <TASK>
[   36.548475][ T3851]  __dump_stack+0x1d/0x30
[   36.548497][ T3851]  dump_stack_lvl+0xe8/0x140
[   36.548523][ T3851]  dump_stack+0x15/0x1b
[   36.548540][ T3851]  should_fail_ex+0x265/0x280
[   36.548566][ T3851]  should_fail+0xb/0x20
[   36.548587][ T3851]  should_fail_usercopy+0x1a/0x20
[   36.548649][ T3851]  _copy_from_iter+0xcf/0xe40
[   36.548683][ T3851]  ? alloc_pages_mpol+0x201/0x250
[   36.548828][ T3851]  ip_generic_getfrag+0x90/0x1b0
[   36.548899][ T3851]  __ip6_append_data+0x1348/0x23d0
[   36.548931][ T3851]  ? __pfx_ip_generic_getfrag+0x10/0x10
[   36.548957][ T3851]  ip6_append_data+0x13b/0x250
[   36.548980][ T3851]  ? __pfx_ip_generic_getfrag+0x10/0x10
[   36.549062][ T3851]  udpv6_sendmsg+0x880/0x1580
[   36.549116][ T3851]  ? __pfx_ip_generic_getfrag+0x10/0x10
[   36.549169][ T3851]  ? __pfx_udpv6_sendmsg+0x10/0x10
[   36.549194][ T3851]  inet6_sendmsg+0xac/0xd0
[   36.549219][ T3851]  __sock_sendmsg+0x8b/0x180
[   36.549267][ T3851]  ____sys_sendmsg+0x345/0x4e0
[   36.549301][ T3851]  ___sys_sendmsg+0x17b/0x1d0
[   36.549372][ T3851]  __sys_sendmmsg+0x178/0x300
[   36.549412][ T3851]  __x64_sys_sendmmsg+0x57/0x70
[   36.549476][ T3851]  x64_sys_call+0x2f2f/0x2fb0
[   36.549493][ T3851]  do_syscall_64+0xd2/0x200
[   36.549507][ T3851]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   36.549548][ T3851]  ? clear_bhb_loop+0x40/0x90
[   36.549569][ T3851]  ? clear_bhb_loop+0x40/0x90
[   36.549591][ T3851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.549608][ T3851] RIP: 0033:0x7fb30d61e929
[   36.549626][ T3851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.549716][ T3851] RSP: 002b:00007fb30bc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   36.549732][ T3851] RAX: ffffffffffffffda RBX: 00007fb30d845fa0 RCX: 00007fb30d61e929
[   36.549742][ T3851] RDX: 0000000000000001 RSI: 0000200000006780 RDI: 0000000000000006
[   36.549755][ T3851] RBP: 00007fb30bc87090 R08: 0000000000000000 R09: 0000000000000000
[   36.549766][ T3851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.549821][ T3851] R13: 0000000000000000 R14: 00007fb30d845fa0 R15: 00007ffe124c9ed8
[   36.549838][ T3851]  </TASK>
[   36.992259][ T3856] loop4: detected capacity change from 0 to 2048
[   36.994135][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.034139][ T3856] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   37.169730][ T3872] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   37.241786][ T3871] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   37.264686][ T3871] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 782 with error 28
[   37.277294][ T3871] EXT4-fs (loop4): This should not happen!! Data will be lost
[   37.277294][ T3871] 
[   37.287308][ T3871] EXT4-fs (loop4): Total free blocks count 0
[   37.293516][ T3871] EXT4-fs (loop4): Free/Dirty block details
[   37.299574][ T3871] EXT4-fs (loop4): free_blocks=2415919104
[   37.305631][ T3871] EXT4-fs (loop4): dirty_blocks=784
[   37.311081][ T3871] EXT4-fs (loop4): Block reservation details
[   37.317139][ T3871] EXT4-fs (loop4): i_reserved_data_blocks=49
[   37.344491][ T3886] netlink: 8 bytes leftover after parsing attributes in process `syz.2.106'.
[   37.367093][ T3886] loop2: detected capacity change from 0 to 512
[   37.377181][ T3886] ext4: Unknown parameter 'subj_type'
[   37.407532][ T3886] loop2: detected capacity change from 0 to 512
[   37.433715][ T3886] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   37.454844][ T3886] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.106: bad orphan inode 131083
[   37.467023][ T3886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.479244][ T3893] loop3: detected capacity change from 0 to 512
[   37.493142][ T3886] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   37.538442][ T3893] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.563320][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   37.573462][ T3893] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   37.620633][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.643476][ T3893] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   37.701179][ T3893] netlink: 8 bytes leftover after parsing attributes in process `syz.3.109'.
[   37.717670][ T3909] FAULT_INJECTION: forcing a failure.
[   37.717670][ T3909] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   37.730873][ T3909] CPU: 0 UID: 0 PID: 3909 Comm: syz.0.114 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   37.730985][ T3909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   37.730995][ T3909] Call Trace:
[   37.731001][ T3909]  <TASK>
[   37.731008][ T3909]  __dump_stack+0x1d/0x30
[   37.731029][ T3909]  dump_stack_lvl+0xe8/0x140
[   37.731047][ T3909]  dump_stack+0x15/0x1b
[   37.731062][ T3909]  should_fail_ex+0x265/0x280
[   37.731216][ T3909]  should_fail+0xb/0x20
[   37.731321][ T3909]  should_fail_usercopy+0x1a/0x20
[   37.731412][ T3909]  _copy_from_user+0x1c/0xb0
[   37.731433][ T3909]  memdup_user+0x5e/0xd0
[   37.731454][ T3909]  proc_pid_attr_write+0x15e/0x220
[   37.731491][ T3909]  vfs_writev+0x403/0x8b0
[   37.731509][ T3909]  ? __pfx_proc_pid_attr_write+0x10/0x10
[   37.731557][ T3909]  ? mutex_lock+0xd/0x30
[   37.731578][ T3909]  do_writev+0xe7/0x210
[   37.731652][ T3909]  __x64_sys_writev+0x45/0x50
[   37.731667][ T3909]  x64_sys_call+0x2006/0x2fb0
[   37.731687][ T3909]  do_syscall_64+0xd2/0x200
[   37.731704][ T3909]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   37.731804][ T3909]  ? clear_bhb_loop+0x40/0x90
[   37.731821][ T3909]  ? clear_bhb_loop+0x40/0x90
[   37.731839][ T3909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.731860][ T3909] RIP: 0033:0x7f1fd2e9e929
[   37.731909][ T3909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.731924][ T3909] RSP: 002b:00007f1fd1507038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   37.731939][ T3909] RAX: ffffffffffffffda RBX: 00007f1fd30c5fa0 RCX: 00007f1fd2e9e929
[   37.731960][ T3909] RDX: 0000000000000008 RSI: 00002000000000c0 RDI: 0000000000000006
[   37.731988][ T3909] RBP: 00007f1fd1507090 R08: 0000000000000000 R09: 0000000000000000
[   37.732000][ T3909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.732011][ T3909] R13: 0000000000000000 R14: 00007f1fd30c5fa0 R15: 00007fff65258638
[   37.732027][ T3909]  </TASK>
[   37.980869][ T3910] loop2: detected capacity change from 0 to 512
[   37.990077][ T3910] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   37.992485][ T3912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.109'.
[   37.999197][ T3910] EXT4-fs (loop2): invalid journal inode
[   38.014172][ T3910] EXT4-fs (loop2): can't get journal size
[   38.027707][ T3910] EXT4-fs error (device loop2): ext4_protect_reserved_inode:182: inode #12: comm syz.2.115: blocks 2-2 from inode overlap system zone
[   38.042688][ T3910] EXT4-fs (loop2): failed to initialize system zone (-117)
[   38.051577][ T3910] EXT4-fs (loop2): mount failed
[   38.096976][ T3928] loop2: detected capacity change from 0 to 256
[   38.103902][ T3928] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   38.135247][ T3928] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   38.212457][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.260057][ T3940] netlink: 12 bytes leftover after parsing attributes in process `syz.3.125'.
[   38.269004][ T3940] netlink: 12 bytes leftover after parsing attributes in process `syz.3.125'.
[   38.288899][ T3940] netlink: 12 bytes leftover after parsing attributes in process `syz.3.125'.
[   38.304096][ T3941] loop1: detected capacity change from 0 to 512
[   38.310742][ T3941] EXT4-fs: quotafile must be on filesystem root
[   38.353083][ T3937] loop4: detected capacity change from 0 to 128
[   38.364046][ T3937] vfat: Unknown parameter 'ÿÿÿÿÿÿÿ°"ý„	’�«Ž¾9ÏÁ€¼)&”7¡Þ©ÊV�1ÁKg÷©íÐØ|sd�S:��¶ÓÀÓ³ú•WÑ@q¶'Ùh ®{Õ€ÒÙý�4E>Ïúè#Nrûã¦½RbÅ'
[   38.379874][ T3949] FAULT_INJECTION: forcing a failure.
[   38.379874][ T3949] name failslab, interval 1, probability 0, space 0, times 0
[   38.392543][ T3949] CPU: 0 UID: 0 PID: 3949 Comm: syz.2.129 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   38.392566][ T3949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   38.392575][ T3949] Call Trace:
[   38.392580][ T3949]  <TASK>
[   38.392586][ T3949]  __dump_stack+0x1d/0x30
[   38.392606][ T3949]  dump_stack_lvl+0xe8/0x140
[   38.392649][ T3949]  dump_stack+0x15/0x1b
[   38.392663][ T3949]  should_fail_ex+0x265/0x280
[   38.392687][ T3949]  should_failslab+0x8c/0xb0
[   38.392706][ T3949]  kmem_cache_alloc_node_noprof+0x57/0x320
[   38.392763][ T3949]  ? __alloc_skb+0x101/0x320
[   38.392788][ T3949]  __alloc_skb+0x101/0x320
[   38.392811][ T3949]  netlink_alloc_large_skb+0xba/0xf0
[   38.392843][ T3949]  netlink_sendmsg+0x3cf/0x6b0
[   38.392864][ T3949]  ? __pfx_netlink_sendmsg+0x10/0x10
[   38.392883][ T3949]  __sock_sendmsg+0x145/0x180
[   38.392903][ T3949]  ____sys_sendmsg+0x31e/0x4e0
[   38.392994][ T3949]  ___sys_sendmsg+0x17b/0x1d0
[   38.393100][ T3949]  __x64_sys_sendmsg+0xd4/0x160
[   38.393133][ T3949]  x64_sys_call+0x2999/0x2fb0
[   38.393192][ T3949]  do_syscall_64+0xd2/0x200
[   38.393209][ T3949]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.393307][ T3949]  ? clear_bhb_loop+0x40/0x90
[   38.393333][ T3949]  ? clear_bhb_loop+0x40/0x90
[   38.393354][ T3949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.393372][ T3949] RIP: 0033:0x7fdaba12e929
[   38.393384][ T3949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.393398][ T3949] RSP: 002b:00007fdab8797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   38.393451][ T3949] RAX: ffffffffffffffda RBX: 00007fdaba355fa0 RCX: 00007fdaba12e929
[   38.393521][ T3949] RDX: 0000000000040006 RSI: 0000200000000700 RDI: 0000000000000003
[   38.393534][ T3949] RBP: 00007fdab8797090 R08: 0000000000000000 R09: 0000000000000000
[   38.393546][ T3949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.393558][ T3949] R13: 0000000000000000 R14: 00007fdaba355fa0 R15: 00007ffff22d1fd8
[   38.393575][ T3949]  </TASK>
[   38.617440][ T3951] loop2: detected capacity change from 0 to 512
[   38.627776][ T3950] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   38.758141][ T3951] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.129: casefold flag without casefold feature
[   38.771664][ T3951] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.129: couldn't read orphan inode 15 (err -117)
[   38.784395][ T3951] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.848891][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.914100][ T3965] loop3: detected capacity change from 0 to 512
[   38.925309][ T3962] loop2: detected capacity change from 0 to 1024
[   38.943558][ T3965] EXT4-fs: Ignoring removed orlov option
[   38.956468][ T3965] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.130: Attempting to read directory block (0) that is past i_size (256)
[   38.979956][ T3965] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   38.990116][ T3965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.003741][ T3962] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.050706][ T3977] loop0: detected capacity change from 0 to 512
[   39.074976][ T3962] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.132: Allocating blocks 385-513 which overlap fs metadata
[   39.093565][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.105663][ T3962] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   39.116566][ T3962] EXT4-fs (loop2): pa ffff8881069a2070: logic 16, phys. 129, len 24
[   39.124707][ T3962] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[   39.136867][ T3977] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.151714][ T3977] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.167551][ T3977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.136'.
[   39.187755][ T3983] loop4: detected capacity change from 0 to 512
[   39.195698][ T3983] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   39.216209][ T3983] EXT4-fs (loop4): invalid journal inode
[   39.244374][ T3983] EXT4-fs (loop4): can't get journal size
[   39.250954][ T3989] loop1: detected capacity change from 0 to 512
[   39.252503][ T3962] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.260986][ T3990] SELinux:  Context Ü is not valid (left unmapped).
[   39.273388][ T3977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.136'.
[   39.287876][ T3983] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #12: comm syz.4.137: blocks 2-2 from inode overlap system zone
[   39.302632][ T3989] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.139: casefold flag without casefold feature
[   39.316401][ T3983] EXT4-fs (loop4): failed to initialize system zone (-117)
[   39.317706][ T3989] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.139: couldn't read orphan inode 15 (err -117)
[   39.336936][ T3983] EXT4-fs (loop4): mount failed
[   39.336999][ T3989] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.361656][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.371224][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.436049][ T4007] loop0: detected capacity change from 0 to 512
[   39.444784][ T4007] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.145: corrupted in-inode xattr: invalid ea_ino
[   39.459113][ T4007] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.145: couldn't read orphan inode 15 (err -117)
[   39.473366][ T4007] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.500504][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.576003][ T4028] loop2: detected capacity change from 0 to 128
[   39.583607][ T4030] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.596613][ T4030] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.625939][ T4032] bridge0: port 3(vlan2) entered blocking state
[   39.632348][ T4032] bridge0: port 3(vlan2) entered disabled state
[   39.640080][ T4032] vlan2: entered allmulticast mode
[   39.645247][ T4032] dummy0: entered allmulticast mode
[   39.651658][ T4032] vlan2: entered promiscuous mode
[   39.656791][ T4032] dummy0: entered promiscuous mode
[   39.662350][ T4032] bridge0: port 3(vlan2) entered blocking state
[   39.668650][ T4032] bridge0: port 3(vlan2) entered forwarding state
[   39.715037][ T4037] loop3: detected capacity change from 0 to 512
[   39.740234][ T4037] syz.3.157 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   39.839306][ T4046] netlink: 'syz.3.160': attribute type 3 has an invalid length.
[   39.931311][   T29] kauditd_printk_skb: 154 callbacks suppressed
[   39.931325][   T29] audit: type=1400 audit(1751602691.246:950): avc:  denied  { connect } for  pid=4055 comm="syz.3.162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   39.956886][   T29] audit: type=1400 audit(1751602691.246:951): avc:  denied  { write } for  pid=4055 comm="syz.3.162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   40.008051][ T4018] Set syz1 is full, maxelem 65536 reached
[   40.022144][ T4061] netlink: 'syz.3.164': attribute type 3 has an invalid length.
[   40.058149][   T29] audit: type=1326 audit(1751602691.366:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.2.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaba12e929 code=0x7ffc0000
[   40.081515][   T29] audit: type=1326 audit(1751602691.366:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.2.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaba12e929 code=0x7ffc0000
[   40.104770][   T29] audit: type=1326 audit(1751602691.376:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.2.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdaba12e929 code=0x7ffc0000
[   40.128034][   T29] audit: type=1326 audit(1751602691.376:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.2.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaba12e929 code=0x7ffc0000
[   40.151298][   T29] audit: type=1326 audit(1751602691.376:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.2.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fdaba12e929 code=0x7ffc0000
[   40.174447][   T29] audit: type=1326 audit(1751602691.376:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.2.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaba12e929 code=0x7ffc0000
[   40.197869][   T29] audit: type=1326 audit(1751602691.376:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.2.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fdaba12e929 code=0x7ffc0000
[   40.221153][   T29] audit: type=1326 audit(1751602691.376:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4063 comm="syz.2.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaba12e929 code=0x7ffc0000
[   40.223400][ T4069] FAULT_INJECTION: forcing a failure.
[   40.223400][ T4069] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.257658][ T4069] CPU: 0 UID: 0 PID: 4069 Comm: syz.3.167 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   40.257681][ T4069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   40.257720][ T4069] Call Trace:
[   40.257724][ T4069]  <TASK>
[   40.257730][ T4069]  __dump_stack+0x1d/0x30
[   40.257773][ T4069]  dump_stack_lvl+0xe8/0x140
[   40.257787][ T4069]  dump_stack+0x15/0x1b
[   40.257800][ T4069]  should_fail_ex+0x265/0x280
[   40.257846][ T4069]  should_fail+0xb/0x20
[   40.257866][ T4069]  should_fail_usercopy+0x1a/0x20
[   40.257889][ T4069]  _copy_from_iter+0xcf/0xe40
[   40.257912][ T4069]  ? __build_skb_around+0x1a0/0x200
[   40.257944][ T4069]  ? __alloc_skb+0x223/0x320
[   40.257966][ T4069]  netlink_sendmsg+0x471/0x6b0
[   40.258034][ T4069]  ? __pfx_netlink_sendmsg+0x10/0x10
[   40.258067][ T4069]  __sock_sendmsg+0x145/0x180
[   40.258085][ T4069]  ____sys_sendmsg+0x31e/0x4e0
[   40.258237][ T4069]  ___sys_sendmsg+0x17b/0x1d0
[   40.258269][ T4069]  __x64_sys_sendmsg+0xd4/0x160
[   40.258365][ T4069]  x64_sys_call+0x2999/0x2fb0
[   40.258381][ T4069]  do_syscall_64+0xd2/0x200
[   40.258395][ T4069]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   40.258578][ T4069]  ? clear_bhb_loop+0x40/0x90
[   40.258593][ T4069]  ? clear_bhb_loop+0x40/0x90
[   40.258627][ T4069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.258643][ T4069] RIP: 0033:0x7f17db69e929
[   40.258655][ T4069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.258717][ T4069] RSP: 002b:00007f17d9d07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.258778][ T4069] RAX: ffffffffffffffda RBX: 00007f17db8c5fa0 RCX: 00007f17db69e929
[   40.258864][ T4069] RDX: 0000000000000000 RSI: 00002000000029c0 RDI: 0000000000000004
[   40.258874][ T4069] RBP: 00007f17d9d07090 R08: 0000000000000000 R09: 0000000000000000
[   40.258883][ T4069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.258918][ T4069] R13: 0000000000000000 R14: 00007f17db8c5fa0 R15: 00007ffd29a61db8
[   40.258936][ T4069]  </TASK>
[   40.261703][ T4066] FAULT_INJECTION: forcing a failure.
[   40.261703][ T4066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.302032][ T4073] loop3: detected capacity change from 0 to 128
[   40.303699][ T4066] CPU: 1 UID: 0 PID: 4066 Comm: syz.4.166 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   40.303798][ T4066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   40.303809][ T4066] Call Trace:
[   40.303816][ T4066]  <TASK>
[   40.303823][ T4066]  __dump_stack+0x1d/0x30
[   40.303845][ T4066]  dump_stack_lvl+0xe8/0x140
[   40.303866][ T4066]  dump_stack+0x15/0x1b
[   40.303944][ T4066]  should_fail_ex+0x265/0x280
[   40.303977][ T4066]  should_fail+0xb/0x20
[   40.304003][ T4066]  should_fail_usercopy+0x1a/0x20
[   40.304069][ T4066]  _copy_to_user+0x20/0xa0
[   40.304089][ T4066]  simple_read_from_buffer+0xb5/0x130
[   40.304144][ T4066]  proc_fail_nth_read+0x100/0x140
[   40.304181][ T4066]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   40.304209][ T4066]  vfs_read+0x1a0/0x6f0
[   40.304267][ T4066]  ? __pfx_shmem_put_link+0x10/0x10
[   40.304297][ T4066]  ? __rcu_read_unlock+0x4f/0x70
[   40.304371][ T4066]  ? __fget_files+0x184/0x1c0
[   40.304391][ T4066]  ksys_read+0xda/0x1a0
[   40.304420][ T4066]  __x64_sys_read+0x40/0x50
[   40.304516][ T4066]  x64_sys_call+0x2d77/0x2fb0
[   40.304537][ T4066]  do_syscall_64+0xd2/0x200
[   40.304562][ T4066]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   40.304672][ T4066]  ? clear_bhb_loop+0x40/0x90
[   40.304692][ T4066]  ? clear_bhb_loop+0x40/0x90
[   40.304712][ T4066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.304732][ T4066] RIP: 0033:0x7f1db185d33c
[   40.304798][ T4066] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   40.304814][ T4066] RSP: 002b:00007f1dafec7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   40.304833][ T4066] RAX: ffffffffffffffda RBX: 00007f1db1a85fa0 RCX: 00007f1db185d33c
[   40.304843][ T4066] RDX: 000000000000000f RSI: 00007f1dafec70a0 RDI: 0000000000000005
[   40.304853][ T4066] RBP: 00007f1dafec7090 R08: 0000000000000000 R09: 0000000000000000
[   40.304863][ T4066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.304872][ T4066] R13: 0000000000000000 R14: 00007f1db1a85fa0 R15: 00007ffd83688608
[   40.304898][ T4066]  </TASK>
[   40.702101][ T4073] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   40.716659][ T4073] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   40.784671][ T4083] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[   40.791316][ T4083] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   40.798752][ T4083] vhci_hcd vhci_hcd.0: Device attached
[   40.816210][ T3315] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   40.849965][ T4084] vhci_hcd: connection closed
[   40.953315][   T51] vhci_hcd: stop threads
[   40.962296][   T51] vhci_hcd: release socket
[   40.966840][   T51] vhci_hcd: disconnect device
[   41.017624][ T1079] vhci_hcd: vhci_device speed not set
[   41.150970][ T4107] loop4: detected capacity change from 0 to 512
[   41.171755][ T4104] loop1: detected capacity change from 0 to 512
[   41.182353][ T4104] EXT4-fs: quotafile must be on filesystem root
[   41.189076][ T4107] EXT4-fs: quotafile must be on filesystem root
[   41.255425][ T4106] __nla_validate_parse: 2 callbacks suppressed
[   41.255438][ T4106] netlink: 60 bytes leftover after parsing attributes in process `syz.3.179'.
[   41.271805][ T4106] netlink: 12 bytes leftover after parsing attributes in process `syz.3.179'.
[   41.281645][ T4106] netlink: 60 bytes leftover after parsing attributes in process `syz.3.179'.
[   41.767979][ T4119] FAULT_INJECTION: forcing a failure.
[   41.767979][ T4119] name failslab, interval 1, probability 0, space 0, times 0
[   41.780697][ T4119] CPU: 1 UID: 0 PID: 4119 Comm: syz.3.181 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   41.780722][ T4119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   41.780732][ T4119] Call Trace:
[   41.780737][ T4119]  <TASK>
[   41.780743][ T4119]  __dump_stack+0x1d/0x30
[   41.780810][ T4119]  dump_stack_lvl+0xe8/0x140
[   41.780851][ T4119]  dump_stack+0x15/0x1b
[   41.780925][ T4119]  should_fail_ex+0x265/0x280
[   41.780950][ T4119]  should_failslab+0x8c/0xb0
[   41.780973][ T4119]  kmem_cache_alloc_noprof+0x50/0x310
[   41.780999][ T4119]  ? skb_clone+0x151/0x1f0
[   41.781020][ T4119]  skb_clone+0x151/0x1f0
[   41.781038][ T4119]  __netlink_deliver_tap+0x2c9/0x500
[   41.781071][ T4119]  netlink_sendskb+0x126/0x150
[   41.781100][ T4119]  netlink_unicast+0x28a/0x670
[   41.781137][ T4119]  netlink_ack+0x4c8/0x500
[   41.781169][ T4119]  netlink_rcv_skb+0x192/0x220
[   41.781260][ T4119]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   41.781289][ T4119]  rtnetlink_rcv+0x1c/0x30
[   41.781308][ T4119]  netlink_unicast+0x5a1/0x670
[   41.781338][ T4119]  netlink_sendmsg+0x58b/0x6b0
[   41.781450][ T4119]  ? __pfx_netlink_sendmsg+0x10/0x10
[   41.781466][ T4119]  __sock_sendmsg+0x145/0x180
[   41.781489][ T4119]  ____sys_sendmsg+0x31e/0x4e0
[   41.781568][ T4119]  ___sys_sendmsg+0x17b/0x1d0
[   41.781602][ T4119]  __x64_sys_sendmsg+0xd4/0x160
[   41.781634][ T4119]  x64_sys_call+0x2999/0x2fb0
[   41.781709][ T4119]  do_syscall_64+0xd2/0x200
[   41.781726][ T4119]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   41.781774][ T4119]  ? clear_bhb_loop+0x40/0x90
[   41.781799][ T4119]  ? clear_bhb_loop+0x40/0x90
[   41.781817][ T4119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.781837][ T4119] RIP: 0033:0x7f17db69e929
[   41.781917][ T4119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.781934][ T4119] RSP: 002b:00007f17d9d07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   41.781953][ T4119] RAX: ffffffffffffffda RBX: 00007f17db8c5fa0 RCX: 00007f17db69e929
[   41.781966][ T4119] RDX: 0000000000004040 RSI: 0000200000000240 RDI: 0000000000000003
[   41.782000][ T4119] RBP: 00007f17d9d07090 R08: 0000000000000000 R09: 0000000000000000
[   41.782010][ T4119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.782020][ T4119] R13: 0000000000000000 R14: 00007f17db8c5fa0 R15: 00007ffd29a61db8
[   41.782037][ T4119]  </TASK>
[   42.314968][ T4138] netlink: 132 bytes leftover after parsing attributes in process `syz.0.188'.
[   42.335790][ T4143] FAULT_INJECTION: forcing a failure.
[   42.335790][ T4143] name failslab, interval 1, probability 0, space 0, times 0
[   42.348462][ T4143] CPU: 1 UID: 0 PID: 4143 Comm: syz.3.190 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   42.348485][ T4143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   42.348499][ T4143] Call Trace:
[   42.348504][ T4143]  <TASK>
[   42.348510][ T4143]  __dump_stack+0x1d/0x30
[   42.348531][ T4143]  dump_stack_lvl+0xe8/0x140
[   42.348550][ T4143]  dump_stack+0x15/0x1b
[   42.348593][ T4143]  should_fail_ex+0x265/0x280
[   42.348620][ T4143]  should_failslab+0x8c/0xb0
[   42.348672][ T4143]  __kvmalloc_node_noprof+0x123/0x4e0
[   42.348753][ T4143]  ? xt_alloc_entry_offsets+0x48/0x50
[   42.348848][ T4143]  ? __account_obj_stock+0x2cc/0x350
[   42.348866][ T4143]  xt_alloc_entry_offsets+0x48/0x50
[   42.348951][ T4143]  translate_table+0xa9/0xf90
[   42.348978][ T4143]  ? __rcu_read_unlock+0x4f/0x70
[   42.349000][ T4143]  ? __memcg_slab_post_alloc_hook+0x44c/0x580
[   42.349098][ T4143]  ? should_fail_ex+0xdb/0x280
[   42.349121][ T4143]  ? _copy_from_user+0x89/0xb0
[   42.349141][ T4143]  do_ipt_set_ctl+0x66f/0x820
[   42.349229][ T4143]  nf_setsockopt+0x196/0x1b0
[   42.349249][ T4143]  ip_setsockopt+0x102/0x110
[   42.349277][ T4143]  raw_setsockopt+0xbd/0x150
[   42.349305][ T4143]  sock_common_setsockopt+0x69/0x80
[   42.349364][ T4143]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   42.349391][ T4143]  __sys_setsockopt+0x184/0x200
[   42.349421][ T4143]  __x64_sys_setsockopt+0x64/0x80
[   42.349486][ T4143]  x64_sys_call+0x2bd5/0x2fb0
[   42.349522][ T4143]  do_syscall_64+0xd2/0x200
[   42.349537][ T4143]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   42.349562][ T4143]  ? clear_bhb_loop+0x40/0x90
[   42.349579][ T4143]  ? clear_bhb_loop+0x40/0x90
[   42.349666][ T4143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.349686][ T4143] RIP: 0033:0x7f17db69e929
[   42.349702][ T4143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.349719][ T4143] RSP: 002b:00007f17d9d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   42.349777][ T4143] RAX: ffffffffffffffda RBX: 00007f17db8c5fa0 RCX: 00007f17db69e929
[   42.349788][ T4143] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[   42.349801][ T4143] RBP: 00007f17d9d07090 R08: 0000000000000398 R09: 0000000000000000
[   42.349814][ T4143] R10: 0000200000001900 R11: 0000000000000246 R12: 0000000000000001
[   42.349856][ T4143] R13: 0000000000000000 R14: 00007f17db8c5fa0 R15: 00007ffd29a61db8
[   42.349879][ T4143]  </TASK>
[   42.667499][ T4151] loop2: detected capacity change from 0 to 512
[   42.732726][ T4151] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.194: Failed to acquire dquot type 1
[   42.751788][ T4151] EXT4-fs (loop2): 1 truncate cleaned up
[   42.758218][ T4151] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.783003][ T4164] FAULT_INJECTION: forcing a failure.
[   42.783003][ T4164] name failslab, interval 1, probability 0, space 0, times 0
[   42.789377][ T4163] loop4: detected capacity change from 0 to 8192
[   42.795682][ T4164] CPU: 1 UID: 0 PID: 4164 Comm: syz.3.197 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   42.795709][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   42.795721][ T4164] Call Trace:
[   42.795727][ T4164]  <TASK>
[   42.795734][ T4164]  __dump_stack+0x1d/0x30
[   42.795826][ T4164]  dump_stack_lvl+0xe8/0x140
[   42.795844][ T4164]  dump_stack+0x15/0x1b
[   42.795873][ T4164]  should_fail_ex+0x265/0x280
[   42.795901][ T4164]  should_failslab+0x8c/0xb0
[   42.795990][ T4164]  kmem_cache_alloc_node_noprof+0x57/0x320
[   42.796090][ T4164]  ? __alloc_skb+0x101/0x320
[   42.796115][ T4164]  ? __account_obj_stock+0x211/0x350
[   42.796135][ T4164]  __alloc_skb+0x101/0x320
[   42.796161][ T4164]  _sctp_make_chunk+0x59/0x210
[   42.796219][ T4164]  sctp_make_abort_user+0x4c/0x3a0
[   42.796241][ T4164]  sctp_sendmsg_check_sflags+0x17e/0x1e0
[   42.796269][ T4164]  sctp_sendmsg+0x10bb/0x18d0
[   42.796369][ T4164]  ? __pfx_sctp_sendmsg+0x10/0x10
[   42.796393][ T4164]  inet_sendmsg+0xc2/0xd0
[   42.796451][ T4164]  __sock_sendmsg+0x102/0x180
[   42.796474][ T4164]  ____sys_sendmsg+0x31e/0x4e0
[   42.796504][ T4164]  ___sys_sendmsg+0x17b/0x1d0
[   42.796617][ T4164]  __x64_sys_sendmsg+0xd4/0x160
[   42.796649][ T4164]  x64_sys_call+0x2999/0x2fb0
[   42.796732][ T4164]  do_syscall_64+0xd2/0x200
[   42.796749][ T4164]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   42.796773][ T4164]  ? clear_bhb_loop+0x40/0x90
[   42.796792][ T4164]  ? clear_bhb_loop+0x40/0x90
[   42.796865][ T4164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.796885][ T4164] RIP: 0033:0x7f17db69e929
[   42.796899][ T4164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.796927][ T4164] RSP: 002b:00007f17d9ce6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.796945][ T4164] RAX: ffffffffffffffda RBX: 00007f17db8c6080 RCX: 00007f17db69e929
[   42.796963][ T4164] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[   42.796975][ T4164] RBP: 00007f17d9ce6090 R08: 0000000000000000 R09: 0000000000000000
[   42.796986][ T4164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.796999][ T4164] R13: 0000000000000000 R14: 00007f17db8c6080 R15: 00007ffd29a61db8
[   42.797015][ T4164]  </TASK>
[   42.799268][ T4151] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.036522][ T4169] loop1: detected capacity change from 0 to 512
[   43.059948][ T4169] EXT4-fs: quotafile must be on filesystem root
[   43.067856][ T4173] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   43.128543][ T4179] FAULT_INJECTION: forcing a failure.
[   43.128543][ T4179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   43.141624][ T4179] CPU: 1 UID: 0 PID: 4179 Comm: syz.4.202 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   43.141651][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   43.141662][ T4179] Call Trace:
[   43.141673][ T4179]  <TASK>
[   43.141680][ T4179]  __dump_stack+0x1d/0x30
[   43.141702][ T4179]  dump_stack_lvl+0xe8/0x140
[   43.141721][ T4179]  dump_stack+0x15/0x1b
[   43.141794][ T4179]  should_fail_ex+0x265/0x280
[   43.141823][ T4179]  should_fail+0xb/0x20
[   43.141849][ T4179]  should_fail_usercopy+0x1a/0x20
[   43.141889][ T4179]  _copy_from_iter+0xcf/0xe40
[   43.141918][ T4179]  ? __build_skb_around+0x1a0/0x200
[   43.141968][ T4179]  ? __alloc_skb+0x223/0x320
[   43.141993][ T4179]  netlink_sendmsg+0x471/0x6b0
[   43.142089][ T4179]  ? __pfx_netlink_sendmsg+0x10/0x10
[   43.142104][ T4179]  __sock_sendmsg+0x145/0x180
[   43.142123][ T4179]  ____sys_sendmsg+0x31e/0x4e0
[   43.142151][ T4179]  ___sys_sendmsg+0x17b/0x1d0
[   43.142237][ T4179]  __x64_sys_sendmsg+0xd4/0x160
[   43.142342][ T4179]  x64_sys_call+0x2999/0x2fb0
[   43.142412][ T4179]  do_syscall_64+0xd2/0x200
[   43.142430][ T4179]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   43.142455][ T4179]  ? clear_bhb_loop+0x40/0x90
[   43.142477][ T4179]  ? clear_bhb_loop+0x40/0x90
[   43.142499][ T4179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.142560][ T4179] RIP: 0033:0x7f1db185e929
[   43.142575][ T4179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.142591][ T4179] RSP: 002b:00007f1dafec7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   43.142685][ T4179] RAX: ffffffffffffffda RBX: 00007f1db1a85fa0 RCX: 00007f1db185e929
[   43.142698][ T4179] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000003
[   43.142711][ T4179] RBP: 00007f1dafec7090 R08: 0000000000000000 R09: 0000000000000000
[   43.142723][ T4179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.142735][ T4179] R13: 0000000000000000 R14: 00007f1db1a85fa0 R15: 00007ffd83688608
[   43.142753][ T4179]  </TASK>
[   43.474241][ T4187] loop4: detected capacity change from 0 to 2048
[   43.481222][ T4187] ext4: Unknown parameter 'ÿ'
[   43.497889][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.585688][ T4203] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   43.593129][ T4203] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   43.604188][ T4204] loop0: detected capacity change from 0 to 256
[   43.623778][ T4204] FAT-fs (loop0): codepage cp950 not found
[   43.779704][ T4215] netlink: 'syz.3.213': attribute type 10 has an invalid length.
[   43.787508][ T4215] netlink: 40 bytes leftover after parsing attributes in process `syz.3.213'.
[   43.799669][ T4215] bridge0: port 4(dummy0) entered blocking state
[   43.806053][ T4215] bridge0: port 4(dummy0) entered disabled state
[   43.815368][ T4215] bridge0: port 4(dummy0) entered blocking state
[   43.821790][ T4215] bridge0: port 4(dummy0) entered forwarding state
[   43.845709][ T4215] loop3: detected capacity change from 0 to 512
[   43.861086][ T4227] loop2: detected capacity change from 0 to 128
[   43.872243][ T4215] loop3: detected capacity change from 0 to 1024
[   43.876652][ T4227] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   43.879487][ T4215] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.891974][ T4227] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   43.909549][ T4215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.926103][ T4227] Zero length message leads to an empty skb
[   43.965300][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.974489][ T4235] loop1: detected capacity change from 0 to 1764
[   44.079371][ T4250] syz.1.227 (4250) used greatest stack depth: 10016 bytes left
[   44.112999][ T4255] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   44.135667][ T4254] loop1: detected capacity change from 0 to 8192
[   44.187910][ T4254]  loop1: p1 p2 < > p3 p4 < p5 >
[   44.192931][ T4254] loop1: partition table partially beyond EOD, truncated
[   44.201904][ T4254] loop1: p1 size 100663296 extends beyond EOD, truncated
[   44.213481][ T4254] loop1: p2 start 591104 is beyond EOD, truncated
[   44.215927][ T4257] netlink: 132 bytes leftover after parsing attributes in process `syz.3.229'.
[   44.219949][ T4254] loop1: p3 start 33572980 is beyond EOD, truncated
[   44.235634][ T4260] loop2: detected capacity change from 0 to 512
[   44.242405][ T4260] EXT4-fs: quotafile must be on filesystem root
[   44.257553][ T4254] loop1: p5 size 100663296 extends beyond EOD, truncated
[   44.317150][ T4254] netlink: 'syz.1.228': attribute type 10 has an invalid length.
[   44.327527][ T4262] netlink: 16 bytes leftover after parsing attributes in process `syz.0.230'.
[   44.337810][ T4254] team0: Device hsr_slave_0 failed to register rx_handler
[   44.362551][ T4262] netlink: 'syz.0.230': attribute type 1 has an invalid length.
[   44.397422][ T4262] 8021q: adding VLAN 0 to HW filter on device bond1
[   44.432425][ T4268] bond1: (slave veth3): Enslaving as an active interface with a down link
[   44.591821][ T4275] loop0: detected capacity change from 0 to 1024
[   44.595700][ T4254] syz.1.228 (4254) used greatest stack depth: 9696 bytes left
[   44.600550][ T4275] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   44.616642][ T4275] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   44.630144][ T4275] JBD2: no valid journal superblock found
[   44.635871][ T4275] EXT4-fs (loop0): Could not load journal inode
[   44.653082][ T4275] Cannot find add_set index 0 as target
[   44.663477][ T4275] SELinux: security_context_str_to_sid (ùÿ) failed with errno=-22
[   44.784675][ T4285] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   44.792170][ T4285] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   44.818084][ T4288] loop0: detected capacity change from 0 to 1764
[   44.830276][ T4279] loop4: detected capacity change from 0 to 1024
[   44.837025][ T4279] ext4: Bad value for 'debug_want_extra_isize'
[   44.942873][ T4303] loop1: detected capacity change from 0 to 512
[   44.954670][ T4303] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   44.973527][ T4303] EXT4-fs (loop1): invalid journal inode
[   44.979311][ T4303] EXT4-fs (loop1): can't get journal size
[   44.992194][ T4303] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #12: comm syz.1.244: blocks 2-2 from inode overlap system zone
[   45.009555][ T4318] loop2: detected capacity change from 0 to 512
[   45.016224][ T4318] EXT4-fs: Ignoring removed bh option
[   45.021810][ T4318] EXT4-fs: Ignoring removed mblk_io_submit option
[   45.029701][ T4318] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   45.043881][ T4303] EXT4-fs (loop1): failed to initialize system zone (-117)
[   45.051191][ T4303] EXT4-fs (loop1): mount failed
[   45.051766][ T4319] ipt_ECN: cannot use operation on non-tcp rule
[   45.232327][ T4318] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   45.242568][ T4318] EXT4-fs (loop2): orphan cleanup on readonly fs
[   45.255476][ T4322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   45.257617][   T29] kauditd_printk_skb: 346 callbacks suppressed
[   45.257630][   T29] audit: type=1400 audit(1751602696.566:1304): avc:  denied  { ioctl } for  pid=4321 comm="syz.4.252" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   45.267815][ T4318] Quota error (device loop2): do_insert_tree: Free block already used in tree: block 4
[   45.304483][ T4318] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[   45.320422][ T4322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   45.328509][ T4318] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.248: Failed to acquire dquot type 1
[   45.345233][ T4335] loop1: detected capacity change from 0 to 512
[   45.405705][   T29] audit: type=1400 audit(1751602696.696:1305): avc:  denied  { read } for  pid=4338 comm="syz.3.259" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   45.428690][   T29] audit: type=1400 audit(1751602696.696:1306): avc:  denied  { open } for  pid=4338 comm="syz.3.259" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   45.452402][   T29] audit: type=1400 audit(1751602696.696:1307): avc:  denied  { ioctl } for  pid=4338 comm="syz.3.259" path="/dev/rtc0" dev="devtmpfs" ino=244 ioctlcmd=0x7002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   45.452616][ T4335] EXT4-fs: quotafile must be on filesystem root
[   45.477340][   T29] audit: type=1400 audit(1751602696.696:1308): avc:  denied  { create } for  pid=4338 comm="syz.3.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   45.504297][   T29] audit: type=1400 audit(1751602696.706:1309): avc:  denied  { execute } for  pid=4338 comm="syz.3.259" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=7097 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   45.505295][ T4318] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.248: Invalid block bitmap block 0 in block_group 0
[   45.528732][   T29] audit: type=1400 audit(1751602696.706:1310): avc:  denied  { ioctl } for  pid=4338 comm="syz.3.259" path="socket:[7095]" dev="sockfs" ino=7095 ioctlcmd=0x8907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   45.585656][ T4318] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.248: Invalid block bitmap block 0 in block_group 0
[   45.601585][ T4318] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.248: Invalid block bitmap block 0 in block_group 0
[   45.615324][ T4318] Quota error (device loop2): write_blk: dquota write failed
[   45.622808][ T4318] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.248: Failed to acquire dquot type 1
[   45.635553][ T4318] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.248: Failed to acquire dquot type 1
[   45.649542][ T4318] EXT4-fs (loop2): 1 orphan inode deleted
[   45.686013][ T4342] xt_hashlimit: max too large, truncated to 1048576
[   45.710898][ T4346] loop0: detected capacity change from 0 to 128
[   45.726859][ T4347] netlink: 8 bytes leftover after parsing attributes in process `syz.4.261'.
[   45.735704][ T4347] netlink: 4 bytes leftover after parsing attributes in process `syz.4.261'.
[   45.752735][ T4348] veth3: entered promiscuous mode
[   45.757834][ T4348] veth3: entered allmulticast mode
[   45.809581][ T4346] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   45.817519][ T4346] FAT-fs (loop0): Filesystem has been set read-only
[   45.837105][ T4346] bio_check_eod: 8 callbacks suppressed
[   45.837117][ T4346] syz.0.262: attempt to access beyond end of device
[   45.837117][ T4346] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   45.856840][ T4318] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.872733][ T4351] netlink: 132 bytes leftover after parsing attributes in process `syz.3.263'.
[   45.892092][ T4346] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   45.899982][ T4346] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   45.914837][ T4318] syz.2.248 (4318) used greatest stack depth: 8952 bytes left
[   45.922623][ T4346] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   45.926375][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.930503][ T4346] syz.0.262: attempt to access beyond end of device
[   45.930503][ T4346] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   45.954072][ T4346] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   45.957010][ T4354] syz.0.262: attempt to access beyond end of device
[   45.957010][ T4354] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   45.961907][ T4346] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   45.975363][ T4354] syz.0.262: attempt to access beyond end of device
[   45.975363][ T4354] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   45.996190][ T4346] syz.0.262: attempt to access beyond end of device
[   45.996190][ T4346] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.015293][ T4358] loop4: detected capacity change from 0 to 512
[   46.019187][ T4354] syz.0.262: attempt to access beyond end of device
[   46.019187][ T4354] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.023631][ T4358] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   46.035166][ T4346] syz.0.262: attempt to access beyond end of device
[   46.035166][ T4346] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.051068][ T4358] EXT4-fs (loop4): invalid journal inode
[   46.061853][ T4358] EXT4-fs (loop4): can't get journal size
[   46.067805][ T4354] syz.0.262: attempt to access beyond end of device
[   46.067805][ T4354] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.117167][ T4358] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #12: comm syz.4.265: blocks 2-2 from inode overlap system zone
[   46.124942][ T4346] syz.0.262: attempt to access beyond end of device
[   46.124942][ T4346] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.145233][ T4346] syz.0.262: attempt to access beyond end of device
[   46.145233][ T4346] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   46.174323][ T4363] SELinux: failed to load policy
[   46.234677][ T4358] EXT4-fs (loop4): failed to initialize system zone (-117)
[   46.264542][ T4365] loop3: detected capacity change from 0 to 8192
[   46.278449][ T4358] EXT4-fs (loop4): mount failed
[   46.283501][ T4373] loop2: detected capacity change from 0 to 512
[   46.290502][ T4373] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   46.298263][ T4365] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   46.299177][ T4373] EXT4-fs (loop2): invalid journal inode
[   46.317640][ T4373] EXT4-fs (loop2): can't get journal size
[   46.337723][ T4373] EXT4-fs error (device loop2): ext4_protect_reserved_inode:182: inode #12: comm syz.2.269: blocks 2-2 from inode overlap system zone
[   46.358858][ T4373] EXT4-fs (loop2): failed to initialize system zone (-117)
[   46.366155][ T4373] EXT4-fs (loop2): mount failed
[   46.390293][ T4379] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   46.397849][ T4379] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   46.518997][ T4383] openvswitch: netlink: Message has 6 unknown bytes.
[   46.528146][ T4381] netlink: 132 bytes leftover after parsing attributes in process `syz.2.271'.
[   46.556712][ T4383] loop3: detected capacity change from 0 to 2048
[   46.585799][ T4383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.615569][ T4383] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   46.630522][ T4383] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   46.642711][ T4383] EXT4-fs (loop3): This should not happen!! Data will be lost
[   46.642711][ T4383] 
[   46.652362][ T4383] EXT4-fs (loop3): Total free blocks count 0
[   46.658425][ T4383] EXT4-fs (loop3): Free/Dirty block details
[   46.664374][ T4383] EXT4-fs (loop3): free_blocks=66060288
[   46.669962][ T4383] EXT4-fs (loop3): dirty_blocks=16
[   46.675138][ T4383] EXT4-fs (loop3): Block reservation details
[   46.681133][ T4383] EXT4-fs (loop3): i_reserved_data_blocks=1
[   46.692065][ T4383] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   46.807994][ T4396] netlink: 'syz.4.276': attribute type 19 has an invalid length.
[   46.823901][ T4401] loop3: detected capacity change from 0 to 128
[   46.831396][ T4401] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   46.844827][ T4401] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   46.856897][ T4401] tmpfs: Bad value for 'mpol'
[   46.863699][ T4401] netlink: 12 bytes leftover after parsing attributes in process `syz.3.275'.
[   47.092101][ T4411] loop2: detected capacity change from 0 to 512
[   47.132922][ T4411] EXT4-fs: quotafile must be on filesystem root
[   47.986545][ T4430] netlink: 132 bytes leftover after parsing attributes in process `syz.0.285'.
[   48.105779][ T4445] FAULT_INJECTION: forcing a failure.
[   48.105779][ T4445] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.119017][ T4445] CPU: 0 UID: 0 PID: 4445 Comm: syz.4.290 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   48.119078][ T4445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   48.119090][ T4445] Call Trace:
[   48.119096][ T4445]  <TASK>
[   48.119102][ T4445]  __dump_stack+0x1d/0x30
[   48.119120][ T4445]  dump_stack_lvl+0xe8/0x140
[   48.119135][ T4445]  dump_stack+0x15/0x1b
[   48.119149][ T4445]  should_fail_ex+0x265/0x280
[   48.119239][ T4445]  should_fail+0xb/0x20
[   48.119263][ T4445]  should_fail_usercopy+0x1a/0x20
[   48.119302][ T4445]  _copy_from_iter+0xcf/0xe40
[   48.119349][ T4445]  ? __build_skb_around+0x1a0/0x200
[   48.119378][ T4445]  ? __alloc_skb+0x223/0x320
[   48.119407][ T4445]  netlink_sendmsg+0x471/0x6b0
[   48.119468][ T4445]  ? __pfx_netlink_sendmsg+0x10/0x10
[   48.119488][ T4445]  __sock_sendmsg+0x145/0x180
[   48.119507][ T4445]  ____sys_sendmsg+0x31e/0x4e0
[   48.119534][ T4445]  ___sys_sendmsg+0x17b/0x1d0
[   48.119651][ T4445]  __x64_sys_sendmsg+0xd4/0x160
[   48.119682][ T4445]  x64_sys_call+0x2999/0x2fb0
[   48.119736][ T4445]  do_syscall_64+0xd2/0x200
[   48.119751][ T4445]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   48.119845][ T4445]  ? clear_bhb_loop+0x40/0x90
[   48.119862][ T4445]  ? clear_bhb_loop+0x40/0x90
[   48.119962][ T4445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.119983][ T4445] RIP: 0033:0x7f1db185e929
[   48.120004][ T4445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.120032][ T4445] RSP: 002b:00007f1dafec7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.120051][ T4445] RAX: ffffffffffffffda RBX: 00007f1db1a85fa0 RCX: 00007f1db185e929
[   48.120113][ T4445] RDX: 0000000000044000 RSI: 0000200000000040 RDI: 0000000000000004
[   48.120126][ T4445] RBP: 00007f1dafec7090 R08: 0000000000000000 R09: 0000000000000000
[   48.120138][ T4445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.120151][ T4445] R13: 0000000000000000 R14: 00007f1db1a85fa0 R15: 00007ffd83688608
[   48.120169][ T4445]  </TASK>
[   48.443312][ T4369] mmap: syz.1.267 (4369) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   48.551456][ T4369] loop1: detected capacity change from 0 to 1024
[   48.561910][ T4369] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[   48.572019][ T4369] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   48.587288][ T4369] EXT4-fs (loop1): invalid journal inode
[   48.635065][ T4471] loop4: detected capacity change from 0 to 8192
[   48.645652][ T4475] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   48.653141][ T4475] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   48.697968][ T4471]  loop4: p1 p2 < > p3 p4 < p5 >
[   48.702918][ T4471] loop4: partition table partially beyond EOD, truncated
[   48.710284][ T4471] loop4: p1 size 100663296 extends beyond EOD, truncated
[   48.718132][ T4471] loop4: p2 start 591104 is beyond EOD, truncated
[   48.724634][ T4471] loop4: p3 start 33572980 is beyond EOD, truncated
[   48.731824][ T4471] loop4: p5 size 100663296 extends beyond EOD, truncated
[   48.773674][ T4479] loop1: detected capacity change from 0 to 1024
[   48.798900][ T4479] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.812142][ T4479] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.836471][ T4479] netlink: 28 bytes leftover after parsing attributes in process `syz.1.301'.
[   48.845759][ T4479] netlink: 28 bytes leftover after parsing attributes in process `syz.1.301'.
[   48.937303][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.968354][ T4489] loop3: detected capacity change from 0 to 512
[   48.977947][ T4487] loop4: detected capacity change from 0 to 512
[   48.986506][ T4487] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   48.995318][ T4489] EXT4-fs: quotafile must be on filesystem root
[   49.004497][ T4487] EXT4-fs (loop4): invalid journal inode
[   49.010330][ T4487] EXT4-fs (loop4): can't get journal size
[   49.023879][ T4487] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #12: comm syz.4.303: blocks 2-2 from inode overlap system zone
[   49.067167][ T4496] SELinux:  Context system_u:object_r:ldconfig_cache_t:s0 is not valid (left unmapped).
[   49.087782][ T4487] EXT4-fs (loop4): failed to initialize system zone (-117)
[   49.110831][ T4487] EXT4-fs (loop4): mount failed
[   49.138871][ T4494] loop0: detected capacity change from 0 to 8192
[   49.160454][ T4496] loop1: detected capacity change from 0 to 512
[   49.167778][ T4496] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   49.197792][ T4494]  loop0: p1 p2 p3 p4[EZD]
[   49.202447][ T4494] loop0: p1 size 16128 extends beyond EOD, truncated
[   49.210224][ T4494] loop0: p2 size 2130728454 extends beyond EOD, truncated
[   49.218818][ T4494] loop0: p3 start 459039 is beyond EOD, truncated
[   49.225267][ T4494] loop0: p4 start 268437891 is beyond EOD, truncated
[   49.310989][ T4498] loop2: detected capacity change from 0 to 8192
[   49.369704][ T4498]  loop2: p1 p2 < > p3 p4 < p5 >
[   49.374734][ T4498] loop2: partition table partially beyond EOD, truncated
[   49.382718][ T4498] loop2: p1 size 100663296 extends beyond EOD, truncated
[   49.416256][ T4498] loop2: p2 start 591104 is beyond EOD, truncated
[   49.422721][ T4498] loop2: p3 start 33572980 is beyond EOD, truncated
[   49.430679][ T4498] loop2: p5 size 100663296 extends beyond EOD, truncated
[   49.493715][ T4505] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   49.501373][ T4505] FAULT_INJECTION: forcing a failure.
[   49.501373][ T4505] name failslab, interval 1, probability 0, space 0, times 0
[   49.514330][ T4505] CPU: 0 UID: 0 PID: 4505 Comm: syz.2.310 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   49.514356][ T4505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   49.514440][ T4505] Call Trace:
[   49.514446][ T4505]  <TASK>
[   49.514453][ T4505]  __dump_stack+0x1d/0x30
[   49.514474][ T4505]  dump_stack_lvl+0xe8/0x140
[   49.514492][ T4505]  dump_stack+0x15/0x1b
[   49.514507][ T4505]  should_fail_ex+0x265/0x280
[   49.514627][ T4505]  should_failslab+0x8c/0xb0
[   49.514717][ T4505]  __kmalloc_node_noprof+0xa9/0x410
[   49.514823][ T4505]  ? vprintk_emit+0x635/0x650
[   49.514841][ T4505]  ? qdisc_alloc+0x65/0x440
[   49.514865][ T4505]  qdisc_alloc+0x65/0x440
[   49.514889][ T4505]  ? vprintk_default+0x26/0x30
[   49.514907][ T4505]  ? vprintk+0x1d/0x30
[   49.515022][ T4505]  qdisc_create_dflt+0x7f/0x2d0
[   49.515051][ T4505]  fifo_create_dflt+0x4a/0x1a0
[   49.515072][ T4505]  tbf_change+0x636/0xcd0
[   49.515106][ T4505]  ? __list_add_valid_or_report+0x38/0xe0
[   49.515154][ T4505]  ? rtnetlink_rcv+0x1c/0x30
[   49.515181][ T4505]  ? netlink_unicast+0x5a1/0x670
[   49.515207][ T4505]  ? netlink_sendmsg+0x58b/0x6b0
[   49.515292][ T4505]  ? __sock_sendmsg+0x145/0x180
[   49.515319][ T4505]  ? read_tsc+0x9/0x20
[   49.515415][ T4505]  ? __pfx_tbf_init+0x10/0x10
[   49.515437][ T4505]  tbf_init+0x72/0x90
[   49.515459][ T4505]  qdisc_create+0x58e/0x9e0
[   49.515518][ T4505]  tc_modify_qdisc+0xe2c/0x1380
[   49.515549][ T4505]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   49.515654][ T4505]  rtnetlink_rcv_msg+0x657/0x6d0
[   49.515678][ T4505]  netlink_rcv_skb+0x120/0x220
[   49.515702][ T4505]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   49.515877][ T4505]  rtnetlink_rcv+0x1c/0x30
[   49.515895][ T4505]  netlink_unicast+0x5a1/0x670
[   49.515923][ T4505]  netlink_sendmsg+0x58b/0x6b0
[   49.515941][ T4505]  ? __pfx_netlink_sendmsg+0x10/0x10
[   49.515958][ T4505]  __sock_sendmsg+0x145/0x180
[   49.516022][ T4505]  ____sys_sendmsg+0x31e/0x4e0
[   49.516053][ T4505]  ___sys_sendmsg+0x17b/0x1d0
[   49.516096][ T4505]  __x64_sys_sendmsg+0xd4/0x160
[   49.516151][ T4505]  x64_sys_call+0x2999/0x2fb0
[   49.516182][ T4505]  do_syscall_64+0xd2/0x200
[   49.516200][ T4505]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   49.516294][ T4505]  ? clear_bhb_loop+0x40/0x90
[   49.516314][ T4505]  ? clear_bhb_loop+0x40/0x90
[   49.516334][ T4505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.516354][ T4505] RIP: 0033:0x7fdaba12e929
[   49.516369][ T4505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.516437][ T4505] RSP: 002b:00007fdab8797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   49.516455][ T4505] RAX: ffffffffffffffda RBX: 00007fdaba355fa0 RCX: 00007fdaba12e929
[   49.516468][ T4505] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000005
[   49.516560][ T4505] RBP: 00007fdab8797090 R08: 0000000000000000 R09: 0000000000000000
[   49.516650][ T4505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.516739][ T4505] R13: 0000000000000000 R14: 00007fdaba355fa0 R15: 00007ffff22d1fd8
[   49.516757][ T4505]  </TASK>
[   49.517462][ T4508] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   49.829318][ T4508] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   49.866671][ T4513] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   49.874216][ T4513] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   49.945824][ T4522] FAULT_INJECTION: forcing a failure.
[   49.945824][ T4522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.959032][ T4522] CPU: 1 UID: 0 PID: 4522 Comm: syz.3.317 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   49.959054][ T4522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   49.959064][ T4522] Call Trace:
[   49.959069][ T4522]  <TASK>
[   49.959074][ T4522]  __dump_stack+0x1d/0x30
[   49.959091][ T4522]  dump_stack_lvl+0xe8/0x140
[   49.959214][ T4522]  dump_stack+0x15/0x1b
[   49.959231][ T4522]  should_fail_ex+0x265/0x280
[   49.959258][ T4522]  should_fail+0xb/0x20
[   49.959279][ T4522]  should_fail_usercopy+0x1a/0x20
[   49.959378][ T4522]  _copy_from_iter+0xcf/0xe40
[   49.959449][ T4522]  ? alloc_pages_noprof+0xa9/0x130
[   49.959474][ T4522]  ? skb_page_frag_refill+0xc0/0x2c0
[   49.959496][ T4522]  kcm_sendmsg+0x9b3/0x16c0
[   49.959520][ T4522]  ? __pfx_kcm_sendmsg+0x10/0x10
[   49.959593][ T4522]  __sock_sendmsg+0x145/0x180
[   49.959658][ T4522]  sock_write_iter+0x165/0x1b0
[   49.959681][ T4522]  ? __pfx_sock_write_iter+0x10/0x10
[   49.959700][ T4522]  vfs_write+0x4a0/0x8e0
[   49.959781][ T4522]  ksys_write+0xda/0x1a0
[   49.959807][ T4522]  __x64_sys_write+0x40/0x50
[   49.959836][ T4522]  x64_sys_call+0x2cdd/0x2fb0
[   49.959942][ T4522]  do_syscall_64+0xd2/0x200
[   49.959957][ T4522]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   49.959977][ T4522]  ? clear_bhb_loop+0x40/0x90
[   49.959995][ T4522]  ? clear_bhb_loop+0x40/0x90
[   49.960066][ T4522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.960084][ T4522] RIP: 0033:0x7f17db69e929
[   49.960099][ T4522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.960115][ T4522] RSP: 002b:00007f17d9d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   49.960191][ T4522] RAX: ffffffffffffffda RBX: 00007f17db8c5fa0 RCX: 00007f17db69e929
[   49.960202][ T4522] RDX: 00000000fffffdef RSI: 0000200000000140 RDI: 0000000000000004
[   49.960213][ T4522] RBP: 00007f17d9d07090 R08: 0000000000000000 R09: 0000000000000000
[   49.960274][ T4522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.960286][ T4522] R13: 0000000000000000 R14: 00007f17db8c5fa0 R15: 00007ffd29a61db8
[   49.960304][ T4522]  </TASK>
[   50.183771][ T4527] netlink: 332 bytes leftover after parsing attributes in process `syz.0.318'.
[   50.192420][ T4524] loop1: detected capacity change from 0 to 512
[   50.193030][ T4522] loop3: detected capacity change from 0 to 1024
[   50.202896][ T4524] EXT4-fs: Ignoring removed orlov option
[   50.218584][ T4524] EXT4-fs: Ignoring removed nomblk_io_submit option
[   50.227523][ T4527] netlink: 'syz.0.318': attribute type 9 has an invalid length.
[   50.228901][ T4524] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[   50.235215][ T4527] netlink: 108 bytes leftover after parsing attributes in process `syz.0.318'.
[   50.250623][ T4527] netlink: 32 bytes leftover after parsing attributes in process `syz.0.318'.
[   50.279419][ T4522] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.296092][ T4522] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.311224][   T29] kauditd_printk_skb: 405 callbacks suppressed
[   50.311236][   T29] audit: type=1326 audit(1751602701.626:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4534 comm="syz.4.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   50.340847][   T29] audit: type=1326 audit(1751602701.646:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4534 comm="syz.4.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   50.342530][ T4526] netlink: 3 bytes leftover after parsing attributes in process `syz.0.318'.
[   50.364237][   T29] audit: type=1326 audit(1751602701.646:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4534 comm="syz.4.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   50.364262][   T29] audit: type=1326 audit(1751602701.646:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4534 comm="syz.4.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   50.399182][ T4527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.318'.
[   50.419846][   T29] audit: type=1326 audit(1751602701.646:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4534 comm="syz.4.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   50.451926][   T29] audit: type=1326 audit(1751602701.646:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4534 comm="syz.4.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   50.475242][   T29] audit: type=1326 audit(1751602701.646:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4534 comm="syz.4.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   50.498549][   T29] audit: type=1326 audit(1751602701.646:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4534 comm="syz.4.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1db185e929 code=0x7ffc0000
[   50.529641][   T29] audit: type=1326 audit(1751602701.716:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4525 comm="syz.0.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   50.553044][   T29] audit: type=1326 audit(1751602701.716:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4525 comm="syz.0.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   50.553414][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.643242][ T4543] loop1: detected capacity change from 0 to 512
[   50.650213][ T4543] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   50.660047][ T4535] openvswitch: netlink: Message has 6 unknown bytes.
[   50.661453][ T4543] EXT4-fs (loop1): invalid journal inode
[   50.675531][ T4535] loop4: detected capacity change from 0 to 2048
[   50.680954][ T4543] EXT4-fs (loop1): can't get journal size
[   50.705694][ T4543] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #12: comm syz.1.324: blocks 2-2 from inode overlap system zone
[   50.708880][ T4549] loop3: detected capacity change from 0 to 512
[   50.722128][ T4543] EXT4-fs (loop1): failed to initialize system zone (-117)
[   50.733224][ T4543] EXT4-fs (loop1): mount failed
[   50.743195][ T4535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.764606][ T4558] loop2: detected capacity change from 0 to 1024
[   50.772976][ T4549] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.785688][ T4549] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.797857][ T4558] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.823258][ T4558] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.835956][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.856558][ T4558] FAULT_INJECTION: forcing a failure.
[   50.856558][ T4558] name failslab, interval 1, probability 0, space 0, times 0
[   50.869348][ T4558] CPU: 1 UID: 0 PID: 4558 Comm: syz.2.327 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   50.869374][ T4558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   50.869385][ T4558] Call Trace:
[   50.869448][ T4558]  <TASK>
[   50.869455][ T4558]  __dump_stack+0x1d/0x30
[   50.869475][ T4558]  dump_stack_lvl+0xe8/0x140
[   50.869493][ T4558]  dump_stack+0x15/0x1b
[   50.869509][ T4558]  should_fail_ex+0x265/0x280
[   50.869538][ T4558]  should_failslab+0x8c/0xb0
[   50.869639][ T4558]  kmem_cache_alloc_node_noprof+0x57/0x320
[   50.869689][ T4558]  ? __alloc_skb+0x101/0x320
[   50.869718][ T4558]  __alloc_skb+0x101/0x320
[   50.869743][ T4558]  ? audit_log_start+0x365/0x6c0
[   50.869850][ T4558]  audit_log_start+0x380/0x6c0
[   50.869879][ T4558]  audit_seccomp+0x48/0x100
[   50.869904][ T4558]  ? __seccomp_filter+0x68c/0x10d0
[   50.870017][ T4558]  __seccomp_filter+0x69d/0x10d0
[   50.870048][ T4558]  __secure_computing+0x82/0x150
[   50.870069][ T4558]  syscall_trace_enter+0xcf/0x1e0
[   50.870153][ T4558]  do_syscall_64+0xac/0x200
[   50.870172][ T4558]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   50.870197][ T4558]  ? clear_bhb_loop+0x40/0x90
[   50.870217][ T4558]  ? clear_bhb_loop+0x40/0x90
[   50.870274][ T4558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.870294][ T4558] RIP: 0033:0x7fdaba12d33c
[   50.870316][ T4558] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   50.870331][ T4558] RSP: 002b:00007fdab8797030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   50.870351][ T4558] RAX: ffffffffffffffda RBX: 00007fdaba355fa0 RCX: 00007fdaba12d33c
[   50.870363][ T4558] RDX: 000000000000000f RSI: 00007fdab87970a0 RDI: 000000000000000a
[   50.870373][ T4558] RBP: 00007fdab8797090 R08: 0000000000000000 R09: 0000000000000000
[   50.870442][ T4558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.870454][ T4558] R13: 0000000000000000 R14: 00007fdaba355fa0 R15: 00007ffff22d1fd8
[   50.870471][ T4558]  </TASK>
[   50.878202][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.918257][ T4574] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   51.094781][ T4574] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   51.103276][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.287550][ T4604] loop4: detected capacity change from 0 to 512
[   51.321303][ T4607] loop3: detected capacity change from 0 to 1024
[   51.323054][ T4604] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   51.329762][ T4607] EXT4-fs: Ignoring removed i_version option
[   51.338801][ T4604] EXT4-fs (loop4): invalid journal inode
[   51.342525][ T4607] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   51.357630][ T4604] EXT4-fs (loop4): can't get journal size
[   51.360113][ T4610] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.370740][ T4610] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.393687][ T4604] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #12: comm syz.4.339: blocks 2-2 from inode overlap system zone
[   51.406108][ T4610] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   51.412870][ T4604] EXT4-fs (loop4): failed to initialize system zone (-117)
[   51.416739][ T4610] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   51.424012][ T4604] EXT4-fs (loop4): mount failed
[   51.436331][ T4607] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.333: Invalid block bitmap block 0 in block_group 0
[   51.450638][ T4607] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.333: Failed to acquire dquot type 0
[   51.462525][ T4607] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.333: Freeing blocks not in datazone - block = 0, count = 4096
[   51.476058][ T4607] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.333: Invalid inode bitmap blk 0 in block_group 0
[   51.488804][   T31] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 0
[   51.488804][ T4610] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.488835][ T4610] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.501139][ T4607] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   51.509314][ T4610] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.520754][ T4607] EXT4-fs (loop3): 1 orphan inode deleted
[   51.526618][ T4610] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.536195][ T4607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.563594][ T4607] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.601072][ T4581] IPv6: sit1: Disabled Multicast RS
[   51.662280][ T4625] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   51.669789][ T4625] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   51.719981][ T4619] loop1: detected capacity change from 0 to 512
[   51.726489][ T4619] EXT4-fs: dax option not supported
[   51.735317][ T4619] __nla_validate_parse: 1 callbacks suppressed
[   51.735329][ T4619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.346'.
[   51.741133][ T4630] tipc: Started in network mode
[   51.755206][ T4630] tipc: Node identity 0ae7504aed4a, cluster identity 4711
[   51.762419][ T4630] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   51.769830][ T4630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.351'.
[   51.780229][ T4629] tipc: Disabling bearer <eth:syzkaller0>
[   51.835671][ T4641] loop2: detected capacity change from 0 to 512
[   51.859615][ T4645] netlink: 24 bytes leftover after parsing attributes in process `syz.1.357'.
[   51.859748][ T4641] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.881087][ T4641] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.898506][ T4645] netlink: 24 bytes leftover after parsing attributes in process `syz.1.357'.
[   52.082763][ T4658] netlink: 332 bytes leftover after parsing attributes in process `syz.3.360'.
[   52.158768][ T4658] netlink: 'syz.3.360': attribute type 9 has an invalid length.
[   52.166453][ T4658] netlink: 108 bytes leftover after parsing attributes in process `syz.3.360'.
[   52.175459][ T4658] netlink: 32 bytes leftover after parsing attributes in process `syz.3.360'.
[   52.488611][ T4658] netlink: 3 bytes leftover after parsing attributes in process `syz.3.360'.
[   52.507780][ T4658] netlink: 4 bytes leftover after parsing attributes in process `syz.3.360'.
[   52.730599][ T4667] loop3: detected capacity change from 0 to 512
[   52.745701][ T4667] EXT4-fs: Ignoring removed orlov option
[   52.751863][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.760920][ T4667] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.793421][ T4667] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[   52.821233][ T4672] FAULT_INJECTION: forcing a failure.
[   52.821233][ T4672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.834440][ T4672] CPU: 0 UID: 0 PID: 4672 Comm: syz.2.365 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   52.834498][ T4672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   52.834507][ T4672] Call Trace:
[   52.834512][ T4672]  <TASK>
[   52.834517][ T4672]  __dump_stack+0x1d/0x30
[   52.834551][ T4672]  dump_stack_lvl+0xe8/0x140
[   52.834569][ T4672]  dump_stack+0x15/0x1b
[   52.834628][ T4672]  should_fail_ex+0x265/0x280
[   52.834656][ T4672]  should_fail+0xb/0x20
[   52.834724][ T4672]  should_fail_usercopy+0x1a/0x20
[   52.834755][ T4672]  _copy_to_user+0x20/0xa0
[   52.834776][ T4672]  simple_read_from_buffer+0xb5/0x130
[   52.834816][ T4672]  proc_fail_nth_read+0x100/0x140
[   52.834845][ T4672]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   52.834906][ T4672]  vfs_read+0x1a0/0x6f0
[   52.834935][ T4672]  ? __rcu_read_unlock+0x4f/0x70
[   52.834957][ T4672]  ? __fget_files+0x184/0x1c0
[   52.834981][ T4672]  ksys_read+0xda/0x1a0
[   52.835012][ T4672]  __x64_sys_read+0x40/0x50
[   52.835038][ T4672]  x64_sys_call+0x2d77/0x2fb0
[   52.835059][ T4672]  do_syscall_64+0xd2/0x200
[   52.835126][ T4672]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.835215][ T4672]  ? clear_bhb_loop+0x40/0x90
[   52.835237][ T4672]  ? clear_bhb_loop+0x40/0x90
[   52.835259][ T4672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.835292][ T4672] RIP: 0033:0x7fdaba12d33c
[   52.835363][ T4672] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.835380][ T4672] RSP: 002b:00007fdab8797030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.835399][ T4672] RAX: ffffffffffffffda RBX: 00007fdaba355fa0 RCX: 00007fdaba12d33c
[   52.835452][ T4672] RDX: 000000000000000f RSI: 00007fdab87970a0 RDI: 0000000000000010
[   52.835464][ T4672] RBP: 00007fdab8797090 R08: 0000000000000000 R09: 0000000000000000
[   52.835477][ T4672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.835560][ T4672] R13: 0000000000000000 R14: 00007fdaba355fa0 R15: 00007ffff22d1fd8
[   52.835597][ T4672]  </TASK>
[   53.089523][ T4680] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   53.122173][ T4684] loop2: detected capacity change from 0 to 1024
[   53.139282][ T4684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.162587][ T4684] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.201633][ T4682] netlink: 132 bytes leftover after parsing attributes in process `syz.1.372'.
[   53.275646][ T4706] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   53.283130][ T4706] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   53.303918][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.314797][ T4710] tipc: Enabling of bearer <edp:s> rejected, media not registered
[   53.330653][ T4710] loop4: detected capacity change from 0 to 1024
[   53.338848][ T4710] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.345997][ T4710] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   53.390122][ T4710] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.427272][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.546007][ T4737] loop0: detected capacity change from 0 to 256
[   53.581486][ T4737] FAT-fs (loop0): codepage cp950 not found
[   53.676831][ T4751] loop2: detected capacity change from 0 to 256
[   53.698563][ T4751] FAT-fs (loop2): codepage cp950 not found
[   53.781415][ T4759] loop4: detected capacity change from 0 to 1024
[   53.788264][ T4759] EXT4-fs: Ignoring removed nobh option
[   53.793850][ T4759] EXT4-fs: Ignoring removed bh option
[   53.799294][ T4759] EXT4-fs: inline encryption not supported
[   53.842552][ T4759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.857932][ T4763] loop1: detected capacity change from 0 to 512
[   53.865057][ T4763] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   53.874846][ T4763] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[   53.882994][ T4763] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.398: corrupted in-inode xattr: e_value size too large
[   53.884049][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.898108][ T4763] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.398: couldn't read orphan inode 15 (err -117)
[   53.918477][ T4763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.964479][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.007042][ T4778] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   54.024376][ T4780] FAULT_INJECTION: forcing a failure.
[   54.024376][ T4780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.037481][ T4780] CPU: 1 UID: 0 PID: 4780 Comm: syz.1.404 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   54.037526][ T4780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   54.037533][ T4780] Call Trace:
[   54.037536][ T4780]  <TASK>
[   54.037577][ T4780]  __dump_stack+0x1d/0x30
[   54.037595][ T4780]  dump_stack_lvl+0xe8/0x140
[   54.037612][ T4780]  dump_stack+0x15/0x1b
[   54.037629][ T4780]  should_fail_ex+0x265/0x280
[   54.037659][ T4780]  should_fail+0xb/0x20
[   54.037713][ T4780]  should_fail_usercopy+0x1a/0x20
[   54.037743][ T4780]  _copy_from_user+0x1c/0xb0
[   54.037773][ T4780]  copy_from_bpfptr+0x5c/0x90
[   54.037790][ T4780]  bpf_prog_load+0x74a/0x1070
[   54.037816][ T4780]  ? security_bpf+0x2b/0x90
[   54.037853][ T4780]  __sys_bpf+0x51d/0x790
[   54.037950][ T4780]  __x64_sys_bpf+0x41/0x50
[   54.037965][ T4780]  x64_sys_call+0x2478/0x2fb0
[   54.038013][ T4780]  do_syscall_64+0xd2/0x200
[   54.038024][ T4780]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   54.038038][ T4780]  ? clear_bhb_loop+0x40/0x90
[   54.038093][ T4780]  ? clear_bhb_loop+0x40/0x90
[   54.038142][ T4780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.038213][ T4780] RIP: 0033:0x7fb30d61e929
[   54.038222][ T4780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.038292][ T4780] RSP: 002b:00007fb30bc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   54.038303][ T4780] RAX: ffffffffffffffda RBX: 00007fb30d845fa0 RCX: 00007fb30d61e929
[   54.038333][ T4780] RDX: 0000000000000094 RSI: 0000200000000700 RDI: 0000000000000005
[   54.038346][ T4780] RBP: 00007fb30bc87090 R08: 0000000000000000 R09: 0000000000000000
[   54.038358][ T4780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.038370][ T4780] R13: 0000000000000000 R14: 00007fb30d845fa0 R15: 00007ffe124c9ed8
[   54.038385][ T4780]  </TASK>
[   54.303803][ T4792] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=272 sclass=netlink_xfrm_socket pid=4792 comm=syz.0.408
[   54.315453][ T4791] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   54.323567][ T4791] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   54.337212][ T4796] loop4: detected capacity change from 0 to 512
[   54.344392][ T4796] EXT4-fs: Ignoring removed orlov option
[   54.356001][ T4796] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.363712][ T4796] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[   54.394100][ T4801] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   54.401632][ T4801] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   54.451525][ T4812] FAULT_INJECTION: forcing a failure.
[   54.451525][ T4812] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.464605][ T4812] CPU: 1 UID: 0 PID: 4812 Comm: syz.3.418 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   54.464628][ T4812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   54.464638][ T4812] Call Trace:
[   54.464644][ T4812]  <TASK>
[   54.464649][ T4812]  __dump_stack+0x1d/0x30
[   54.464694][ T4812]  dump_stack_lvl+0xe8/0x140
[   54.464714][ T4812]  dump_stack+0x15/0x1b
[   54.464731][ T4812]  should_fail_ex+0x265/0x280
[   54.464788][ T4812]  should_fail+0xb/0x20
[   54.464814][ T4812]  should_fail_usercopy+0x1a/0x20
[   54.464913][ T4812]  _copy_from_iter+0xcf/0xe40
[   54.465060][ T4812]  ? __build_skb_around+0x1a0/0x200
[   54.465089][ T4812]  ? __alloc_skb+0x223/0x320
[   54.465214][ T4812]  netlink_sendmsg+0x471/0x6b0
[   54.465235][ T4812]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.465255][ T4812]  __sock_sendmsg+0x145/0x180
[   54.465279][ T4812]  ____sys_sendmsg+0x31e/0x4e0
[   54.465313][ T4812]  ___sys_sendmsg+0x17b/0x1d0
[   54.465395][ T4812]  __x64_sys_sendmsg+0xd4/0x160
[   54.465427][ T4812]  x64_sys_call+0x2999/0x2fb0
[   54.465444][ T4812]  do_syscall_64+0xd2/0x200
[   54.465460][ T4812]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   54.465545][ T4812]  ? clear_bhb_loop+0x40/0x90
[   54.465562][ T4812]  ? clear_bhb_loop+0x40/0x90
[   54.465581][ T4812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.465603][ T4812] RIP: 0033:0x7f17db69e929
[   54.465618][ T4812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.465653][ T4812] RSP: 002b:00007f17d9d07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.465668][ T4812] RAX: ffffffffffffffda RBX: 00007f17db8c5fa0 RCX: 00007f17db69e929
[   54.465679][ T4812] RDX: 0000000000044000 RSI: 0000200000000040 RDI: 0000000000000003
[   54.465689][ T4812] RBP: 00007f17d9d07090 R08: 0000000000000000 R09: 0000000000000000
[   54.465699][ T4812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.465709][ T4812] R13: 0000000000000000 R14: 00007f17db8c5fa0 R15: 00007ffd29a61db8
[   54.465725][ T4812]  </TASK>
[   54.474789][ T4810] infiniband syz!: set down
[   54.493587][ T4813] loop0: detected capacity change from 0 to 256
[   54.496453][ T4810] infiniband syz!: added team_slave_0
[   54.512768][ T4813] FAT-fs (loop0): codepage cp950 not found
[   54.542871][ T4810] RDS/IB: syz!: added
[   54.586404][ T4820] loop4: detected capacity change from 0 to 512
[   54.586962][ T4810] smc: adding ib device syz! with port count 1
[   54.681280][ T4820] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.420: Failed to acquire dquot type 1
[   54.683855][ T4810] smc:    ib device syz! port 1 has pnetid 
[   54.699377][ T4820] EXT4-fs (loop4): 1 truncate cleaned up
[   54.748670][ T4820] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.779827][ T4820] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.793012][ T4828] loop3: detected capacity change from 0 to 256
[   54.799846][ T4830] loop1: detected capacity change from 0 to 512
[   54.814128][ T4828] FAT-fs (loop3): codepage cp950 not found
[   54.948912][ T4830] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.422: Failed to acquire dquot type 1
[   54.960769][ T4830] EXT4-fs (loop1): 1 truncate cleaned up
[   54.966926][ T4830] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.979635][ T4830] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.038555][ T3306] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz-executor: Failed to acquire dquot type 1
[   55.109109][ T4387] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[   55.142953][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.159816][ T4841] loop1: detected capacity change from 0 to 512
[   55.166466][ T4841] EXT4-fs: Ignoring removed orlov option
[   55.172416][ T4841] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.179301][ T4841] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[   55.272922][ T4858] loop0: detected capacity change from 0 to 512
[   55.280754][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.292418][  T122] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.304060][ T4858] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   55.320858][ T4858] EXT4-fs (loop0): 1 truncate cleaned up
[   55.339023][ T4858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.379193][  T122] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.383918][   T29] kauditd_printk_skb: 717 callbacks suppressed
[   55.383930][   T29] audit: type=1400 audit(1751602706.696:2429): avc:  denied  { mounton } for  pid=4862 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   55.436277][ T4867] loop1: detected capacity change from 0 to 512
[   55.444369][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.456238][ T4867] EXT4-fs: test_dummy_encryption option not supported
[   55.473020][  T122] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.519802][ T4877] loop0: detected capacity change from 0 to 512
[   55.532973][ T4877] EXT4-fs: Ignoring removed orlov option
[   55.547648][  T122] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.558134][ T4877] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.572472][ T4877] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[   55.612440][   T29] audit: type=1400 audit(1751602706.926:2430): avc:  denied  { mount } for  pid=4866 comm="syz.1.435" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   55.651265][   T29] audit: type=1326 audit(1751602706.966:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4887 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb30d61e929 code=0x7ffc0000
[   55.674655][   T29] audit: type=1326 audit(1751602706.966:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4887 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb30d61e929 code=0x7ffc0000
[   55.697963][   T29] audit: type=1326 audit(1751602706.966:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4887 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb30d61e929 code=0x7ffc0000
[   55.723134][   T29] audit: type=1326 audit(1751602706.966:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4887 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb30d61e929 code=0x7ffc0000
[   55.746467][   T29] audit: type=1326 audit(1751602706.966:2435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4887 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb30d61e929 code=0x7ffc0000
[   55.769860][   T29] audit: type=1326 audit(1751602706.966:2436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4887 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb30d61e929 code=0x7ffc0000
[   55.793182][   T29] audit: type=1326 audit(1751602706.966:2437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4887 comm="syz.1.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb30d61e929 code=0x7ffc0000
[   55.821464][   T29] audit: type=1400 audit(1751602707.106:2438): avc:  denied  { write } for  pid=4887 comm="syz.1.442" lport=36463 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   55.885766][  T122] dummy0: left allmulticast mode
[   55.891063][  T122] bridge0: port 3(dummy0) entered disabled state
[   55.908117][  T122] bridge_slave_1: left allmulticast mode
[   55.913886][  T122] bridge_slave_1: left promiscuous mode
[   55.919543][  T122] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.967213][ T4907] openvswitch: netlink: Message has 6 unknown bytes.
[   55.979228][  T122] bridge_slave_0: left allmulticast mode
[   55.984941][  T122] bridge_slave_0: left promiscuous mode
[   55.991049][  T122] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.005018][ T4907] loop1: detected capacity change from 0 to 2048
[   56.028201][ T4907] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.059644][ T4907] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   56.092942][ T4907] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   56.105218][ T4907] EXT4-fs (loop1): This should not happen!! Data will be lost
[   56.105218][ T4907] 
[   56.114866][ T4907] EXT4-fs (loop1): Total free blocks count 0
[   56.120907][ T4907] EXT4-fs (loop1): Free/Dirty block details
[   56.126796][ T4907] EXT4-fs (loop1): free_blocks=66060288
[   56.132351][ T4907] EXT4-fs (loop1): dirty_blocks=16
[   56.137464][ T4907] EXT4-fs (loop1): Block reservation details
[   56.143457][ T4907] EXT4-fs (loop1): i_reserved_data_blocks=1
[   56.150508][ T4907] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   56.199942][  T122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   56.209861][  T122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   56.220362][  T122] bond0 (unregistering): Released all slaves
[   56.294011][ T4916] openvswitch: netlink: Message has 6 unknown bytes.
[   56.387074][ T4862] chnl_net:caif_netlink_parms(): no params data found
[   56.397452][ T4916] loop0: detected capacity change from 0 to 2048
[   56.411671][  T122] hsr_slave_0: left promiscuous mode
[   56.431916][  T122] hsr_slave_1: left promiscuous mode
[   56.437919][  T122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.445448][  T122] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.462392][ T4923] loop1: detected capacity change from 0 to 512
[   56.470385][ T4923] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   56.479287][ T4916] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.495596][ T4923] EXT4-fs (loop1): invalid journal inode
[   56.509622][  T122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.517034][  T122] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.536728][ T4923] EXT4-fs (loop1): can't get journal size
[   56.543330][ T4916] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   56.559709][ T4916] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   56.571944][ T4916] EXT4-fs (loop0): This should not happen!! Data will be lost
[   56.571944][ T4916] 
[   56.581642][ T4916] EXT4-fs (loop0): Total free blocks count 0
[   56.587649][ T4916] EXT4-fs (loop0): Free/Dirty block details
[   56.593803][ T4916] EXT4-fs (loop0): free_blocks=66060288
[   56.599418][ T4916] EXT4-fs (loop0): dirty_blocks=16
[   56.604535][ T4916] EXT4-fs (loop0): Block reservation details
[   56.610565][ T4916] EXT4-fs (loop0): i_reserved_data_blocks=1
[   56.617764][ T4923] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #12: comm syz.1.453: blocks 2-2 from inode overlap system zone
[   56.638726][  T122] veth1_macvtap: left promiscuous mode
[   56.648918][ T4923] EXT4-fs (loop1): failed to initialize system zone (-117)
[   56.656213][ T4923] EXT4-fs (loop1): mount failed
[   56.661649][ T4916] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   56.673902][  T122] veth0_macvtap: left promiscuous mode
[   56.689181][  T122] veth1_vlan: left promiscuous mode
[   56.694537][  T122] veth0_vlan: left promiscuous mode
[   56.729077][ T4931] netlink: 'syz.2.455': attribute type 9 has an invalid length.
[   56.766021][ T4931] __nla_validate_parse: 5 callbacks suppressed
[   56.766037][ T4931] netlink: 3 bytes leftover after parsing attributes in process `syz.2.455'.
[   56.810817][ T4931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.455'.
[   56.847201][  T122] team0 (unregistering): Port device team_slave_1 removed
[   56.862181][  T122] team0 (unregistering): Port device team_slave_0 removed
[   56.950444][ T4862] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.957655][ T4862] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.966636][ T4862] bridge_slave_0: entered allmulticast mode
[   56.973162][ T4862] bridge_slave_0: entered promiscuous mode
[   56.990768][ T4862] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.998109][ T4862] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.011151][ T4862] bridge_slave_1: entered allmulticast mode
[   57.019561][ T4862] bridge_slave_1: entered promiscuous mode
[   57.054834][ T4949] loop2: detected capacity change from 0 to 1024
[   57.070733][ T4949] EXT4-fs: Ignoring removed nobh option
[   57.070907][ T4862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.076440][ T4949] EXT4-fs: Ignoring removed bh option
[   57.090895][ T4949] EXT4-fs: inline encryption not supported
[   57.093802][ T4862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.149855][ T4862] team0: Port device team_slave_0 added
[   57.156529][ T4862] team0: Port device team_slave_1 added
[   57.180332][ T4862] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.187345][ T4862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.213387][ T4862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.227354][ T4862] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.234352][ T4862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.260284][ T4862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.288600][ T4956] loop0: detected capacity change from 0 to 256
[   57.313525][ T4956] FAT-fs (loop0): codepage cp950 not found
[   57.404002][ T4862] hsr_slave_0: entered promiscuous mode
[   57.410594][ T4902] loop3: detected capacity change from 0 to 1024
[   57.419035][ T4862] hsr_slave_1: entered promiscuous mode
[   57.426065][ T4862] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   57.441834][ T4862] Cannot create hsr debugfs directory
[   57.447602][ T4959] netlink: 132 bytes leftover after parsing attributes in process `syz.1.463'.
[   57.460994][ T4902] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[   57.487938][ T4902] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   57.511251][ T4902] EXT4-fs (loop3): invalid journal inode
[   57.625044][ T4862] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   57.635524][ T4862] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   57.655993][ T4862] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   57.676417][ T4862] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   57.711007][ T4862] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.718173][ T4862] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.725457][ T4862] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.732582][ T4862] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.772993][ T4978] openvswitch: netlink: Message has 6 unknown bytes.
[   57.774741][ T4862] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.799983][ T4862] 8021q: adding VLAN 0 to HW filter on device team0
[   57.808414][ T3428] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.816358][ T4978] loop3: detected capacity change from 0 to 2048
[   57.817257][ T3428] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.876754][ T3428] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.883860][ T3428] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.892834][ T3428] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.893988][ T4978] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, 
[   57.899944][ T3428] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.915861][ T4978] block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   57.925153][ T4978] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   57.937381][ T4978] EXT4-fs (loop3): This should not happen!! Data will be lost
[   57.937381][ T4978] 
[   57.947105][ T4978] EXT4-fs (loop3): Total free blocks count 0
[   57.947119][ T4978] EXT4-fs (loop3): Free/Dirty block details
[   57.947130][ T4978] EXT4-fs (loop3): free_blocks=66060288
[   57.947219][ T4978] EXT4-fs (loop3): dirty_blocks=16
[   57.947229][ T4978] EXT4-fs (loop3): Block reservation details
[   57.947240][ T4978] EXT4-fs (loop3): i_reserved_data_blocks=1
[   57.947920][ T4978] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   57.947976][ T4978] EXT4-fs (loop3): This should not happen!! Data will be lost
[   57.947976][ T4978] 
[   58.070159][ T4862] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.190638][ T5011] openvswitch: netlink: Message has 6 unknown bytes.
[   58.220127][ T5011] loop2: detected capacity change from 0 to 2048
[   58.261651][ T5011] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   58.282706][ T4862] veth0_vlan: entered promiscuous mode
[   58.298601][ T4862] veth1_vlan: entered promiscuous mode
[   58.301286][ T5011] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   58.316342][ T5011] EXT4-fs (loop2): This should not happen!! Data will be lost
[   58.316342][ T5011] 
[   58.319207][ T4862] veth0_macvtap: entered promiscuous mode
[   58.326005][ T5011] EXT4-fs (loop2): Total free blocks count 0
[   58.337705][ T5011] EXT4-fs (loop2): Free/Dirty block details
[   58.340503][ T4862] veth1_macvtap: entered promiscuous mode
[   58.343581][ T5011] EXT4-fs (loop2): free_blocks=66060288
[   58.353970][ T4862] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.354907][ T5011] EXT4-fs (loop2): dirty_blocks=16
[   58.363663][ T4862] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.367174][ T5011] EXT4-fs (loop2): Block reservation details
[   58.367186][ T5011] EXT4-fs (loop2): i_reserved_data_blocks=1
[   58.386392][ T5032] loop0: detected capacity change from 0 to 512
[   58.393057][ T5032] EXT4-fs: quotafile must be on filesystem root
[   58.429544][ T4862] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.432198][ T5034] openvswitch: netlink: Message has 6 unknown bytes.
[   58.438268][ T4862] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.453715][ T4862] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.462509][ T4862] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.475414][ T5011] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   58.487660][ T5011] EXT4-fs (loop2): This should not happen!! Data will be lost
[   58.487660][ T5011] 
[   58.505076][ T5034] loop1: detected capacity change from 0 to 2048
[   58.553714][ T5034] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   58.561871][ T5039] loop3: detected capacity change from 0 to 8192
[   58.575739][ T5034] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   58.588126][ T5034] EXT4-fs (loop1): This should not happen!! Data will be lost
[   58.588126][ T5034] 
[   58.597778][ T5034] EXT4-fs (loop1): Total free blocks count 0
[   58.603760][ T5034] EXT4-fs (loop1): Free/Dirty block details
[   58.609703][ T5034] EXT4-fs (loop1): free_blocks=66060288
[   58.615250][ T5034] EXT4-fs (loop1): dirty_blocks=16
[   58.620376][ T5034] EXT4-fs (loop1): Block reservation details
[   58.626406][ T5034] EXT4-fs (loop1): i_reserved_data_blocks=1
[   58.652697][ T5039]  loop3: p1 p2 < > p3 p4 < p5 >
[   58.657805][ T5039] loop3: partition table partially beyond EOD, truncated
[   58.667748][ T5039] loop3: p1 size 100663296 extends beyond EOD, truncated
[   58.675932][  T122] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   58.688228][ T5039] loop3: p2 start 591104 is beyond EOD, 
[   58.688286][  T122] EXT4-fs (loop1): This should not happen!! Data will be lost
[   58.688286][  T122] 
[   58.688291][ T5039] truncated
[   58.706655][ T5039] loop3: p3 start 33572980 is beyond EOD, truncated
[   58.715648][ T5039] loop3: p5 size 100663296 extends beyond EOD, truncated
[   58.726654][ T5046] loop5: detected capacity change from 0 to 512
[   58.774330][ T5046] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.433: Failed to acquire dquot type 1
[   58.774817][ T5055] loop3: detected capacity change from 0 to 512
[   58.794755][ T5055] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   58.796343][ T5046] EXT4-fs (loop5): 1 truncate cleaned up
[   58.796838][ T5046] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.797469][ T5055] EXT4-fs (loop3): 1 truncate cleaned up
[   58.926767][ T5067] loop3: detected capacity change from 0 to 512
[   59.022211][ T5067] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   59.034684][ T5070] loop1: detected capacity change from 0 to 512
[   59.044755][ T5072] loop5: detected capacity change from 0 to 512
[   59.047806][ T5067] EXT4-fs (loop3): 1 truncate cleaned up
[   59.072187][ T5072] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   59.086239][ T5075] netlink: 332 bytes leftover after parsing attributes in process `syz.2.493'.
[   59.095515][ T5070] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   59.106028][ T5075] netlink: 'syz.2.493': attribute type 9 has an invalid length.
[   59.113767][ T5075] netlink: 108 bytes leftover after parsing attributes in process `syz.2.493'.
[   59.113780][ T5075] netlink: 32 bytes leftover after parsing attributes in process `syz.2.493'.
[   59.117733][ T5072] EXT4-fs (loop5): 1 truncate cleaned up
[   59.140057][ T5075] netlink: 3 bytes leftover after parsing attributes in process `syz.2.493'.
[   59.150195][ T5075] netlink: 4 bytes leftover after parsing attributes in process `syz.2.493'.
[   59.161596][ T5070] EXT4-fs (loop1): 1 truncate cleaned up
[   59.244771][ T5082] loop2: detected capacity change from 0 to 512
[   59.280333][ T5086] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   59.280348][ T5082] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.287808][ T5086] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   59.305769][ T5084] loop1: detected capacity change from 0 to 8192
[   59.360806][ T5098] loop3: detected capacity change from 0 to 512
[   59.367362][ T5098] EXT4-fs: Ignoring removed orlov option
[   59.369028][ T5084]  loop1: p1 p2 < > p3 p4 < p5 >
[   59.373681][ T5098] EXT4-fs: Ignoring removed nomblk_io_submit option
[   59.377978][ T5084] loop1: partition table partially beyond EOD, truncated
[   59.385703][ T5098] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[   59.392328][ T5084] loop1: p1 size 100663296 extends beyond EOD, 
[   59.398162][ T5082] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   59.412973][ T5084] truncated
[   59.426746][ T5099] loop0: detected capacity change from 0 to 1024
[   59.435131][ T5084] loop1: p2 start 591104 is beyond EOD, truncated
[   59.441602][ T5084] loop1: p3 start 33572980 is beyond EOD, truncated
[   59.445602][ T5101] loop5: detected capacity change from 0 to 512
[   59.454765][ T5084] loop1: p5 size 100663296 extends beyond EOD, truncated
[   59.511334][ T5101] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.502: Failed to acquire dquot type 1
[   59.526295][ T5101] EXT4-fs (loop5): 1 truncate cleaned up
[   59.533018][ T5101] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.568842][ T5109] openvswitch: netlink: Message has 6 unknown bytes.
[   59.619288][ T5109] loop3: detected capacity change from 0 to 2048
[   59.645151][ T5114] loop2: detected capacity change from 0 to 8192
[   59.661694][ T5120] netlink: 332 bytes leftover after parsing attributes in process `syz.1.507'.
[   59.670891][ T5120] netlink: 'syz.1.507': attribute type 9 has an invalid length.
[   59.678584][ T5120] netlink: 108 bytes leftover after parsing attributes in process `syz.1.507'.
[   59.683560][ T5109] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   59.702681][ T5114]  loop2: p1 p2 < > p3 p4 < p5 >
[   59.707660][ T5114] loop2: partition table partially beyond EOD, truncated
[   59.714739][ T5109] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   59.727065][ T5109] EXT4-fs (loop3): This should not happen!! Data will be lost
[   59.727065][ T5109] 
[   59.732786][ T5114] loop2: p1 size 100663296 extends beyond EOD, truncated
[   59.736944][ T5109] EXT4-fs (loop3): Total free blocks count 0
[   59.745468][ T5114] loop2: p2 start 591104 is beyond EOD, 
[   59.749971][ T5109] EXT4-fs (loop3): Free/Dirty block details
[   59.749976][ T5114] truncated
[   59.755588][ T5109] EXT4-fs (loop3): free_blocks=66060288
[   59.755603][ T5109] EXT4-fs (loop3): dirty_blocks=16
[   59.755615][ T5109] EXT4-fs (loop3): Block reservation details
[   59.761520][ T5114] loop2: p3 start 33572980 is beyond EOD, 
[   59.764605][ T5109] EXT4-fs (loop3): i_reserved_data_blocks=1
[   59.770164][ T5114] truncated
[   59.775663][ T5114] loop2: p5 size 100663296 extends beyond EOD, truncated
[   59.817719][   T31] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   59.830192][   T31] EXT4-fs (loop3): This should not happen!! Data will be lost
[   59.830192][   T31] 
[   59.892536][ T5131] loop3: detected capacity change from 0 to 512
[   59.900463][ T5131] EXT4-fs: Ignoring removed orlov option
[   59.906234][ T5131] EXT4-fs: Ignoring removed nomblk_io_submit option
[   59.913524][ T5131] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[   60.003825][ T5137] loop1: detected capacity change from 0 to 8192
[   60.049310][ T5137]  loop1: p1 p2 p3 p4[EZD]
[   60.053868][ T5137] loop1: p1 size 16128 extends beyond EOD, truncated
[   60.061189][ T5137] loop1: p2 size 2130728454 extends beyond EOD, truncated
[   60.068946][ T5137] loop1: p3 start 459039 is beyond EOD, truncated
[   60.075461][ T5137] loop1: p4 start 268437891 is beyond EOD, truncated
[   60.179238][ T5154] loop3: detected capacity change from 0 to 256
[   60.218150][ T5154] FAT-fs (loop3): codepage cp950 not found
[   60.252306][ T5159] loop1: detected capacity change from 0 to 8192
[   60.287867][ T5159]  loop1: p1 p2 < > p3 p4 < p5 >
[   60.292836][ T5159] loop1: partition table partially beyond EOD, truncated
[   60.300820][ T5159] loop1: p1 size 100663296 extends beyond EOD, truncated
[   60.313753][ T5163] netlink: 'syz.0.523': attribute type 9 has an invalid length.
[   60.318896][ T5159] loop1: p2 start 591104 is beyond EOD, truncated
[   60.327865][ T5159] loop1: p3 start 33572980 is beyond EOD, truncated
[   60.337448][ T5159] loop1: p5 size 100663296 extends beyond EOD, truncated
[   60.392970][ T5167] loop0: detected capacity change from 0 to 512
[   60.401891][ T5167] EXT4-fs: Ignoring removed orlov option
[   60.414041][ T5167] EXT4-fs: Ignoring removed nomblk_io_submit option
[   60.420983][ T5167] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[   60.465165][ T5173] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.475600][ T5175] loop5: detected capacity change from 0 to 512
[   60.477936][ T5175] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   60.493057][ T5175] EXT4-fs (loop5): 1 truncate cleaned up
[   60.535568][ T5173] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.593984][ T5173] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.641723][ T5173] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.704825][ T5173] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   60.716733][ T5173] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   60.728554][ T5173] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   60.740207][ T5173] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   60.805555][ T5196] loop1: detected capacity change from 0 to 512
[   60.812370][ T5196] EXT4-fs: Ignoring removed orlov option
[   60.818472][ T5196] EXT4-fs: Ignoring removed nomblk_io_submit option
[   60.825541][ T5196] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[   60.859347][ T5203] loop1: detected capacity change from 0 to 512
[   60.866061][ T5203] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   60.880084][ T5203] EXT4-fs (loop1): 1 truncate cleaned up
[   60.893534][   T29] kauditd_printk_skb: 855 callbacks suppressed
[   60.893546][   T29] audit: type=1326 audit(1751602712.206:3290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   60.928427][ T5206] openvswitch: netlink: Message has 6 unknown bytes.
[   60.945370][ T5206] loop0: detected capacity change from 0 to 2048
[   60.952918][   T29] audit: type=1326 audit(1751602712.216:3291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   60.976304][   T29] audit: type=1326 audit(1751602712.216:3292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   60.999714][   T29] audit: type=1326 audit(1751602712.216:3293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   61.023039][   T29] audit: type=1326 audit(1751602712.216:3294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   61.046530][   T29] audit: type=1326 audit(1751602712.216:3295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   61.069919][   T29] audit: type=1326 audit(1751602712.216:3296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   61.069942][   T29] audit: type=1326 audit(1751602712.216:3297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   61.069998][   T29] audit: type=1326 audit(1751602712.216:3298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   61.070022][   T29] audit: type=1326 audit(1751602712.216:3299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5205 comm="syz.0.540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1fd2e9e929 code=0x7ffc0000
[   61.121026][ T5206] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   61.121147][ T5206] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   61.121170][ T5206] EXT4-fs (loop0): This should not happen!! Data will be lost
[   61.121170][ T5206] 
[   61.121181][ T5206] EXT4-fs (loop0): Total free blocks count 0
[   61.121194][ T5206] EXT4-fs (loop0): Free/Dirty block details
[   61.121205][ T5206] EXT4-fs (loop0): free_blocks=66060288
[   61.121218][ T5206] EXT4-fs (loop0): dirty_blocks=16
[   61.121246][ T5206] EXT4-fs (loop0): Block reservation details
[   61.121257][ T5206] EXT4-fs (loop0): i_reserved_data_blocks=1
[   61.167497][ T5216] loop1: detected capacity change from 0 to 8192
[   61.287735][   T41] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   61.299957][   T41] EXT4-fs (loop0): This should not happen!! Data will be lost
[   61.299957][   T41] 
[   61.324022][ T5216]  loop1: p1 p2 < > p3 p4 < p5 >
[   61.329087][ T5216] loop1: partition table partially beyond EOD, truncated
[   61.336297][ T5216] loop1: p1 size 100663296 extends beyond EOD, truncated
[   61.344326][ T5216] loop1: p2 start 591104 is beyond EOD, truncated
[   61.350878][ T5216] loop1: p3 start 33572980 is beyond EOD, truncated
[   61.371744][ T5216] loop1: p5 size 100663296 extends beyond EOD, truncated
[   61.521257][   T41] ==================================================================
[   61.529353][   T41] BUG: KCSAN: data-race in n_tty_receive_char_flow_ctrl / tty_set_termios
[   61.537850][   T41] 
[   61.540160][   T41] write to 0xffff888117e8f908 of 44 bytes by task 5233 on cpu 1:
[   61.547860][   T41]  tty_set_termios+0xc0/0x8c0
[   61.552526][   T41]  set_termios+0x496/0x4e0
[   61.556930][   T41]  tty_mode_ioctl+0x379/0x5c0
[   61.561593][   T41]  n_tty_ioctl_helper+0x91/0x210
[   61.566520][   T41]  n_tty_ioctl+0x101/0x200
[   61.570924][   T41]  tty_ioctl+0x842/0xb80
[   61.575157][   T41]  __se_sys_ioctl+0xce/0x140
[   61.579742][   T41]  __x64_sys_ioctl+0x43/0x50
[   61.584326][   T41]  x64_sys_call+0x19a8/0x2fb0
[   61.588988][   T41]  do_syscall_64+0xd2/0x200
[   61.593474][   T41]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.599351][   T41] 
[   61.601659][   T41] read to 0xffff888117e8f921 of 1 bytes by task 41 on cpu 0:
[   61.609012][   T41]  n_tty_receive_char_flow_ctrl+0x23/0x1a0
[   61.614811][   T41]  n_tty_lookahead_flow_ctrl+0xed/0x130
[   61.620342][   T41]  tty_port_default_lookahead_buf+0x91/0xc0
[   61.626229][   T41]  flush_to_ldisc+0x284/0x360
[   61.630898][   T41]  process_scheduled_works+0x4cb/0x9d0
[   61.636347][   T41]  worker_thread+0x582/0x770
[   61.640925][   T41]  kthread+0x489/0x510
[   61.644983][   T41]  ret_from_fork+0xda/0x150
[   61.649471][   T41]  ret_from_fork_asm+0x1a/0x30
[   61.654220][   T41] 
[   61.656525][   T41] value changed: 0x11 -> 0xd2
[   61.661194][   T41] 
[   61.663499][   T41] Reported by Kernel Concurrency Sanitizer on:
[   61.669631][   T41] CPU: 0 UID: 0 PID: 41 Comm: kworker/u8:2 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(voluntary) 
[   61.682026][   T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   61.692067][   T41] Workqueue: events_unbound flush_to_ldisc
[   61.697866][   T41] ==================================================================
[   61.722072][ T5235] netlink: 'syz.1.550': attribute type 9 has an invalid length.