last executing test programs:

2m48.566182847s ago: executing program 1 (id=621):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x835, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x94)
close_range(r0, r0, 0x0)

2m48.259550896s ago: executing program 1 (id=628):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000042c0)="c6", 0x1}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

2m48.236702415s ago: executing program 1 (id=629):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x800, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
capset(0x0, &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYRESHEX=r5, @ANYRESOCT=r4, @ANYRESOCT=r5], 0x5c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x6, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e21, @multicast2}}}, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000", @ANYRES32=0x1, @ANYBLOB="000000000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f0000000300))
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[], [{@smackfsfloor={'smackfsfloor', 0x3d, '/'}}, {@seclabel}, {@euid_eq={'euid', 0x3d, r2}}, {@fsname={'fsname', 0x3d, '/'}}]}})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000800)={{{@in=@initdev, @in6=@private0}}, {{@in6}, 0x0, @in=@multicast1}}, &(0x7f0000000040)=0xe8)

2m47.373012272s ago: executing program 1 (id=641):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x418484, &(0x7f0000000440), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r3 = io_uring_setup(0x253f, &(0x7f0000000180)={0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, r2})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r4, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r5, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000f4)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000004740)='\x00', 0x0, 0x0, 0x1200)
io_setup(0x5ff, &(0x7f0000000040)=<r6=>0x0)
io_uring_enter(0xffffffffffffffff, 0x46f6, 0x0, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
io_submit(r6, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x2000000, 0x0, 0x0, 0x0, 0xf00, r5, &(0x7f0000000000)="96", 0xffffff20, 0x0, 0x0, 0x0, r5}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff}])
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xc0b, 0x70bd2a, 0x2001, {0x0, 0x0, 0x0, r1, {0x0, 0x1}, {0xffff, 0xffff}, {0x5, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r7 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r7, 0x4, 0x6000)
io_setup(0x200, &(0x7f0000000140))
open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x39)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r8)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000480)=ANY=[@ANYRESDEC=r2], &(0x7f0000000440)='syzkaller\x00', 0xd80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r9, 0x0, 0x8000000000000000}, 0x18)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Di', 0x0)

2m46.972796571s ago: executing program 1 (id=651):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x2, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000400)='kmem_cache_free\x00', r0}, 0x10)
getrandom(0x0, 0x0, 0x1) (fail_nth: 2)

2m42.522562634s ago: executing program 1 (id=728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f00000005c0)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x15, r3})

2m42.485034964s ago: executing program 32 (id=728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f00000005c0)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x15, r3})

2.619389029s ago: executing program 5 (id=4366):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000a00)=@newtaction={0x894, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x880, 0x1, [@m_police={0x87c, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x5, 0xb5, 0x649f, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0xfffffffb, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x224, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x119203c5, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0xfff, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x7, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0xfffffffa]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xffffbff1}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x3a40da20, 0x9, 0x6, 0x4, 0x8000, 0x7fffffff, 0x2, 0x1, 0x7fff, 0x86, 0x10000, 0x2, 0x40, 0x2, 0x99d, 0x6, 0xffffff92, 0xe9c, 0x3ff, 0xfffffffe, 0x10001, 0xa, 0xfffff000, 0x7f, 0x4, 0x0, 0x81, 0x6f0, 0x18e, 0x8, 0x4, 0x3, 0x4, 0x2, 0xffffffff, 0x0, 0x80000000, 0x3, 0x9, 0xfffc, 0x2, 0xd, 0x3, 0x5, 0x1, 0x4, 0x8, 0x7, 0x2, 0xd92e, 0x7fffffff, 0x3, 0x90, 0xc0, 0x5b, 0x1, 0xe6, 0x40, 0x5, 0x1000, 0x3, 0x10, 0x0, 0x5, 0x6, 0x6, 0x100, 0xf3, 0x1, 0xa92, 0x0, 0x6, 0x7, 0x0, 0x8, 0x8, 0x10000, 0x3, 0x3, 0x0, 0xa, 0x5, 0x1, 0xee7e, 0x800, 0xd1, 0x7fff, 0x1, 0x4, 0x5, 0x4, 0xffffff89, 0x7, 0xfffffff3, 0x2, 0xffffffff, 0x9, 0x5, 0x2, 0x101, 0x7fffffff, 0xfffff001, 0x64, 0x4, 0xffffffff, 0x5, 0x9, 0x1, 0x0, 0xb3e, 0x8, 0xf3, 0x401, 0x401, 0x9, 0x8, 0x2, 0xb, 0x0, 0x0, 0x9, 0xffffffff, 0x25c, 0x7, 0x5, 0x0, 0x9, 0xfffffff9, 0x3, 0xe2, 0x8, 0x1, 0x8, 0x9, 0x0, 0x9, 0x2, 0x1, 0x9, 0x80, 0x5, 0xd3c3, 0x5, 0x2, 0x1, 0x472a8800, 0xc, 0xfffffff0, 0xfffffff8, 0x9, 0x8, 0xfffffffc, 0x9, 0x5, 0x9, 0x5, 0x6, 0x6, 0x7, 0x87f, 0x59, 0x4fedcacd, 0x1, 0x4, 0x9df4, 0x2, 0x7, 0x5, 0xfff, 0x3828, 0x0, 0x1, 0x7, 0x401, 0x7f, 0x4, 0x7, 0x2120, 0xfffffffa, 0x80, 0x3, 0xdbff, 0x52b6, 0xfffffffa, 0x49, 0x70, 0x0, 0xe1, 0x401, 0xa, 0x101, 0x3ff, 0x101, 0x0, 0x7ffe, 0x80000000, 0x81, 0xfffffff7, 0x3, 0x1, 0x7514, 0x7, 0x3, 0x1, 0x4, 0x2, 0x9, 0x4, 0x10000, 0x3ff, 0x0, 0x100, 0x7ef2, 0x0, 0x1, 0xe, 0xd, 0x4, 0x6, 0x8, 0x4, 0x10001, 0x6, 0x400, 0x436, 0x3, 0x202, 0x0, 0x0, 0x0, 0xbc, 0xa8, 0x0, 0x6, 0x7, 0x1, 0x81, 0x3, 0x2, 0x3, 0x4, 0x4, 0x2445c87b, 0x6, 0xd, 0x9, 0x2, 0x10, 0x4, 0x7, 0x57, 0x5, 0xd, 0x1000, 0x3]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x400, 0x8, 0x3, 0x7b2, 0x400, {0x1, 0x2, 0x8, 0x624, 0x0, 0xfffffff8}, {0x9, 0x2, 0x7, 0x7ff, 0xff01, 0x4}, 0x6, 0x4, 0x923}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa}}}]}]}, 0x894}}, 0x0)

2.593811989s ago: executing program 5 (id=4369):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

2.563156789s ago: executing program 5 (id=4370):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = gettid()
read(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x335, @time={0xb381, 0x880}, 0x20, {}, 0x5, 0x2})
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, 0x0)
tkill(r1, 0x17)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xe32b60fbedc7f0cc}, {0x7}, {0x0, 0xa}}}, 0x24}}, 0x0)

1.715153776s ago: executing program 5 (id=4390):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x400)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000680)=ANY=[@ANYBLOB="30010000120001000000000000000000100000000c000000000000000000000010010200636f6e74656e74696f6e5f626567696e00ea5b1a4396e825cb31107df2d6dd65fd154246a84951227696b7fef427f483ed441f8cc8fd57e7fbabf70805eefca9923dd44b249e92264569e0e9261e170a0ae5af9fec7d44017345e2736f7ea921b939b36c1b698ff28fbb71490c19ecaf11d71b6a9c0f3fa74519d1bf0192aa305f2f5edbc3dcf136a60166726a18541a47826da8ba60cf916db6c1b6591e54b2f6c01a1deb81c206bef111ee84729b20d95efe82b1eca5ff828fa84b2eb1c917ee494cac1c9b09135bec4ac0355c6e8c4fbb9a36497b84f370b1fb142343841cbadc9f0c8d328fbb3071d5bb79c39b259cfd6e86001a0000ebd2660b772d1b5db82e0b11ccb3057a5c8e72954628d2bc682ef5ebcf40bd549d95348ceb49ce30de6ded104e22e81f1019df6d1520740d3d18b5358aa7086509a083d33f25030ce702c87d67408821511b3a5e89b9db17f886d971f17c0ef874a08a3aba8ab953eacd173d366444140e1b4ca7cb80f00a182c64b98378526ef219179b2c3f00"/428], 0x130}], 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xd, &(0x7f0000000900)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b7040000000000008500000001000000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f0000000200)=[0x7e1, 0x3])
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x21000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000580)=@gettfilter={0x3c, 0x2e, 0x800, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xb, 0xe}, {0x7, 0xd}}, [{0x8, 0xb, 0x3}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x9d7d}]}, 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r5, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)=ANY=[@ANYRES32=r0])
r7 = socket(0x10, 0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$selinux_load(r9, &(0x7f0000000140)={0xf97cff8c, 0x8}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'gre0\x00', 0x0, 0x7800, 0x10, 0x9, 0x8, {{0x5, 0x4, 0x1, 0x1b, 0x14, 0x66, 0x0, 0xd9, 0x2f, 0x0, @remote, @local}}}})
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r10, 0x6, 0x2, &(0x7f00000000c0)=0x7a, 0x4)
r11 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000380), 0x8a00, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r11, 0xc0189372, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r10, {0x4}}, './file2\x00'})
bind$inet(r10, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)

1.500676765s ago: executing program 3 (id=4395):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008000000b70400008f2000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000840), 0xffffffffffffffff)
getgroups(0x0, 0x0)

1.485413585s ago: executing program 3 (id=4397):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB="40010000100033060000000000000000fc000000000000000000000000000000ffffffff00000000000000000000000000004000000080010000200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414000000000000000000000000000000000032000000fe80000000000000000000000000000b23030000000000000000000000000000000000000000000000ff70bc500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000029bd7000000000000a000200000000000000000048000200656362286369706865725f6e756c6c290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000b0007000000"], 0x140}}, 0x0)
r3 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r3, &(0x7f00000001c0)='personality\x00')
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0xb, 0x0, 0x0, 0x0, 0x200, 0x2800, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000440), 0x8}, 0x400}, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0), 0x68002, 0x0)
r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x301842, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r5, {0x40}}, './file0\x00'})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
recvmsg(r6, 0x0, 0x700)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000001b80)='GPL\x00', 0x6e, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='sched_switch\x00', r7, 0x0, 0x9}, 0x18)
gettid()
r8 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r8, &(0x7f0000000000)=[{&(0x7f0000000300)=""/270, 0x10e}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0)

1.403646185s ago: executing program 3 (id=4400):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = gettid()
read(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x335, @time={0xb381, 0x880}, 0x20, {}, 0x5, 0x2})
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, 0x0)
tkill(r1, 0x17)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xe32b60fbedc7f0cc}, {0x7}, {0x0, 0xa}}}, 0x24}}, 0x0)

1.159135264s ago: executing program 2 (id=4402):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x1000000a, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

973.028433ms ago: executing program 2 (id=4405):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r4, 0x10f, 0x81, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="796100000000000000007e00000008000300", @ANYRES32=0x0, @ANYBLOB="9c2ebf3f2e3c93bdd10b327395153f9ad8ab5fffad2e9638d5cb60c03ee9f63c367a5af6c21e370aa5563d81d29b9e2dae85ae688d77a1ec54fa97a334b139e2c2e86b0532e71565"], 0x1c}}, 0x0)

951.430263ms ago: executing program 0 (id=4406):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

950.874833ms ago: executing program 0 (id=4407):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000840), 0xffffffffffffffff)
getgroups(0x0, 0x0)

929.117123ms ago: executing program 2 (id=4408):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000646c6c2500000000002020207b1af8ff00000000bfa1000000000000070100740effffffb702000008000000b7030000c11600008500000006000000950000000000000084bd499c23e7faf35d88027ebafed04599734381be612d360354d56921a8617dfc93a76c52167c17faff70db8152ce604684246683"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

920.480903ms ago: executing program 0 (id=4409):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0)

910.561713ms ago: executing program 2 (id=4410):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1501)
ioctl$USBDEVFS_SETCONFIGURATION(r1, 0x80045505, &(0x7f0000000000)=0x1)

909.126213ms ago: executing program 0 (id=4411):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600))
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000a00)=@newtaction={0x894, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x880, 0x1, [@m_police={0x87c, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x5, 0xb5, 0x649f, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0xfffffffb, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x224, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x119203c5, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0xfff, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x7, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0xfffffffa]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xffffbff1}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x3a40da20, 0x9, 0x6, 0x4, 0x8000, 0x7fffffff, 0x2, 0x1, 0x7fff, 0x86, 0x10000, 0x2, 0x40, 0x2, 0x99d, 0x6, 0xffffff92, 0xe9c, 0x3ff, 0xfffffffe, 0x10001, 0xa, 0xfffff000, 0x7f, 0x4, 0x0, 0x81, 0x6f0, 0x18e, 0x8, 0x4, 0x3, 0x4, 0x2, 0xffffffff, 0x0, 0x80000000, 0x3, 0x9, 0xfffc, 0x2, 0xd, 0x3, 0x5, 0x1, 0x4, 0x8, 0x7, 0x2, 0xd92e, 0x7fffffff, 0x3, 0x90, 0xc0, 0x5b, 0x1, 0xe6, 0x40, 0x5, 0x1000, 0x3, 0x10, 0x0, 0x5, 0x6, 0x6, 0x100, 0xf3, 0x1, 0xa92, 0x0, 0x6, 0x7, 0x0, 0x8, 0x8, 0x10000, 0x3, 0x3, 0x0, 0xa, 0x5, 0x1, 0xee7e, 0x800, 0xd1, 0x7fff, 0x1, 0x4, 0x5, 0x4, 0xffffff89, 0x7, 0xfffffff3, 0x2, 0xffffffff, 0x9, 0x5, 0x2, 0x101, 0x7fffffff, 0xfffff001, 0x64, 0x4, 0xffffffff, 0x5, 0x9, 0x1, 0x0, 0xb3e, 0x8, 0xf3, 0x401, 0x401, 0x9, 0x8, 0x2, 0xb, 0x0, 0x0, 0x9, 0xffffffff, 0x25c, 0x7, 0x5, 0x0, 0x9, 0xfffffff9, 0x3, 0xe2, 0x8, 0x1, 0x8, 0x9, 0x0, 0x9, 0x2, 0x1, 0x9, 0x80, 0x5, 0xd3c3, 0x5, 0x2, 0x1, 0x472a8800, 0xc, 0xfffffff0, 0xfffffff8, 0x9, 0x8, 0xfffffffc, 0x9, 0x5, 0x9, 0x5, 0x6, 0x6, 0x7, 0x87f, 0x59, 0x4fedcacd, 0x1, 0x4, 0x9df4, 0x2, 0x7, 0x5, 0xfff, 0x3828, 0x0, 0x1, 0x7, 0x401, 0x7f, 0x4, 0x7, 0x2120, 0xfffffffa, 0x80, 0x3, 0xdbff, 0x52b6, 0xfffffffa, 0x49, 0x70, 0x0, 0xe1, 0x401, 0xa, 0x101, 0x3ff, 0x101, 0x0, 0x7ffe, 0x80000000, 0x81, 0xfffffff7, 0x3, 0x1, 0x7514, 0x7, 0x3, 0x1, 0x4, 0x2, 0x9, 0x4, 0x10000, 0x3ff, 0x0, 0x100, 0x7ef2, 0x0, 0x1, 0xe, 0xd, 0x4, 0x6, 0x8, 0x4, 0x10001, 0x6, 0x400, 0x436, 0x3, 0x202, 0x0, 0x0, 0x0, 0xbc, 0xa8, 0x0, 0x6, 0x7, 0x1, 0x81, 0x3, 0x2, 0x3, 0x4, 0x4, 0x2445c87b, 0x6, 0xd, 0x9, 0x2, 0x10, 0x4, 0x7, 0x57, 0x5, 0xd, 0x1000, 0x3]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x400, 0x8, 0x3, 0x7b2, 0x400, {0x1, 0x2, 0x8, 0x624, 0x0, 0xfffffff8}, {0x9, 0x2, 0x7, 0x7ff, 0xff01, 0x4}, 0x6, 0x4, 0x923}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa}}}]}]}, 0x894}}, 0x0)

888.577463ms ago: executing program 0 (id=4412):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, 0x0)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)

878.155183ms ago: executing program 2 (id=4413):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x400)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000680)=ANY=[@ANYBLOB="30010000120001000000000000000000100000000c000000000000000000000010010200636f6e74656e74696f6e5f626567696e00ea5b1a4396e825cb31107df2d6dd65fd154246a84951227696b7fef427f483ed441f8cc8fd57e7fbabf70805eefca9923dd44b249e92264569e0e9261e170a0ae5af9fec7d44017345e2736f7ea921b939b36c1b698ff28fbb71490c19ecaf11d71b6a9c0f3fa74519d1bf0192aa305f2f5edbc3dcf136a60166726a18541a47826da8ba60cf916db6c1b6591e54b2f6c01a1deb81c206bef111ee84729b20d95efe82b1eca5ff828fa84b2eb1c917ee494cac1c9b09135bec4ac0355c6e8c4fbb9a36497b84f370b1fb142343841cbadc9f0c8d328fbb3071d5bb79c39b259cfd6e86001a0000ebd2660b772d1b5db82e0b11ccb3057a5c8e72954628d2bc682ef5ebcf40bd549d95348ceb49ce30de6ded104e22e81f1019df6d1520740d3d18b5358aa7086509a083d33f25030ce702c87d67408821511b3a5e89b9db17f886d971f17c0ef874a08a3aba8ab953eacd173d366444140e1b4ca7cb80f00a182c64b98378526ef219179b2c3f00"/428], 0x130}], 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xd, &(0x7f0000000900)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b7040000000000008500000001000000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f0000000200)=[0x7e1, 0x3])
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x21000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000580)=@gettfilter={0x3c, 0x2e, 0x800, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xb, 0xe}, {0x7, 0xd}}, [{0x8, 0xb, 0x3}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x9d7d}]}, 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r5, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)=ANY=[@ANYRES32=r0])
r7 = socket(0x10, 0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$selinux_load(r9, &(0x7f0000000140)={0xf97cff8c, 0x8}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'gre0\x00', 0x0, 0x7800, 0x10, 0x9, 0x8, {{0x5, 0x4, 0x1, 0x1b, 0x14, 0x66, 0x0, 0xd9, 0x2f, 0x0, @remote, @local}}}})
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r10, 0x6, 0x2, &(0x7f00000000c0)=0x7a, 0x4)
r11 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000380), 0x8a00, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r11, 0xc0189372, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r10, {0x4}}, './file2\x00'})
bind$inet(r10, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)

865.264243ms ago: executing program 5 (id=4414):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13549ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2f5, &(0x7f00000000c0)="$eJzs3EtPE1EUwPFDW0pbAu3CaDQx3OhGNxOorpXGQGJsIkFqfCQmA0y16diSToOpMaIrt8YP4YKwZEeifAE27nTjxl03Ji5kYRzTeVAeA2hbKML/l5A59N4zcw8dyLmkbb1PXHpVQjElPY14XSQlIfH1eMeQE0dls1dyuf/H5/N37j+4lclmxyaVGs9MXUkrpQaHPjx7EfemrfTJWupR/Xv629rptbP131NPCpYqWKpUripdTZe/VvVp01CzBauoKTVhGrplqELJMirueNkdz5vlubma0kuzA4m5imFZSi/VVNGoqWpZVSs1FX6sF0pK0zQ1kBDsJuUdc4uTk3qmxZPMdHBBOECVSkYPi0h8x0husSsLAgAAXVW/9/ZpMW9pea//D4nqZP+/dGG12n93edDr/1eiQf3/1S/uubb0/zERCez//esH9v/6v/X/Ozuik6Wt/h9Hw1B0x0M9zbAxWMnoCe/31/H64dKwE9D/AwAAAAAAAAAAAAAAAAAAAADwP1i37aRt20n/6H/1iUhMRPzvA1LDInK9C0tGB7Xx/OMYaL5xLzIoYr6Zz83n3KM3YVVETDFkWJLyy7kfPI3Yf+eRakjJR3PBy1+Yz4WdkUxeCk7+iCR7ZXu+bY/fzI6NKNfW/F5JbM5PS1JOBeenA/Ojcumikx/zFpmUTzNSFlNmnXU081+OKHXjdnZbftyZBwAAAADAcaCpDYH7d03bbdzN39ifb///QLi5vx4O3J9H5Fyku7UDAAAAAHBSWLXnRd00jcoeQVz2n9N6EOnoCSMbdfkV/m26/1qGg6t0j8C/+JYh/4ULHb2WeB8P2+Z5QtJK1lCjGtVuFf5zvNscmRht9RLR9n4sZ969/9m5e+PacmyfSlsPwnvfAL2H8scHAAAAwKFqNv3+I6PdXRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfQYXy+XbdrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6KPwEAAP//9xj88Q==")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = gettid()
r4 = syz_open_procfs(r3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="5000000010003b0c008000"/20, @ANYRES32, @ANYBLOB="0000000000000000300012800b00010065727370616e00"], 0x50}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0xf, &(0x7f0000000680)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0xb, 0xd8, &(0x7f00000008c0)=""/216, 0x41000, 0x6, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f0000000500)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x2, 0x3, 0xff, 0x3}, 0x10, 0x0, 0x0, 0x6, &(0x7f00000005c0)=[r4, r0], &(0x7f0000000b00)=[{0x5, 0x2, 0x9, 0x3}, {0x5, 0x1, 0xf, 0x4}, {0x4, 0x1, 0xa, 0x2}, {0x0, 0x1, 0x6, 0xa}, {0x5, 0x2, 0xf, 0x1}, {0x3, 0x4, 0x9, 0x3}], 0x10, 0x9, @void, @value}, 0x94)
fchdir(r4)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000000)='.\x00', 0x0, 0x321491, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r5}, 0x0, &(0x7f0000000040)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r7, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e7578"], 0x65)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='kfree\x00', r11, 0x0, 0x4}, 0x18)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000015c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x3c, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc0}}, 0x0)
sendfile(r8, r8, 0x0, 0xfffe80)
inotify_init()

740.261082ms ago: executing program 0 (id=4415):
openat$urandom(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040), 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='sched_switch\x00', r4}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ_RESET(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="20000000150a030c000900020073797a3200"/32], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

555.371722ms ago: executing program 3 (id=4416):
r0 = creat(&(0x7f0000000340)='./file0\x00', 0x14)
close(r0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSBRKP(r1, 0x5425, 0x0)
unshare(0x6020400)
r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
timerfd_gettime(r2, 0x0)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x100, 0x0, 0x0, "7a58beca3900000000000000000000000200"})

379.808981ms ago: executing program 4 (id=4418):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

379.299031ms ago: executing program 4 (id=4419):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000840), 0xffffffffffffffff)
getgroups(0x0, 0x0)

341.639451ms ago: executing program 4 (id=4420):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000a00)=@newtaction={0x894, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x880, 0x1, [@m_police={0x87c, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x5, 0xb5, 0x649f, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0xfffffffb, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x224, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x119203c5, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0xfff, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x7, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0xfffffffa]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xffffbff1}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x3a40da20, 0x9, 0x6, 0x4, 0x8000, 0x7fffffff, 0x2, 0x1, 0x7fff, 0x86, 0x10000, 0x2, 0x40, 0x2, 0x99d, 0x6, 0xffffff92, 0xe9c, 0x3ff, 0xfffffffe, 0x10001, 0xa, 0xfffff000, 0x7f, 0x4, 0x0, 0x81, 0x6f0, 0x18e, 0x8, 0x4, 0x3, 0x4, 0x2, 0xffffffff, 0x0, 0x80000000, 0x3, 0x9, 0xfffc, 0x2, 0xd, 0x3, 0x5, 0x1, 0x4, 0x8, 0x7, 0x2, 0xd92e, 0x7fffffff, 0x3, 0x90, 0xc0, 0x5b, 0x1, 0xe6, 0x40, 0x5, 0x1000, 0x3, 0x10, 0x0, 0x5, 0x6, 0x6, 0x100, 0xf3, 0x1, 0xa92, 0x0, 0x6, 0x7, 0x0, 0x8, 0x8, 0x10000, 0x3, 0x3, 0x0, 0xa, 0x5, 0x1, 0xee7e, 0x800, 0xd1, 0x7fff, 0x1, 0x4, 0x5, 0x4, 0xffffff89, 0x7, 0xfffffff3, 0x2, 0xffffffff, 0x9, 0x5, 0x2, 0x101, 0x7fffffff, 0xfffff001, 0x64, 0x4, 0xffffffff, 0x5, 0x9, 0x1, 0x0, 0xb3e, 0x8, 0xf3, 0x401, 0x401, 0x9, 0x8, 0x2, 0xb, 0x0, 0x0, 0x9, 0xffffffff, 0x25c, 0x7, 0x5, 0x0, 0x9, 0xfffffff9, 0x3, 0xe2, 0x8, 0x1, 0x8, 0x9, 0x0, 0x9, 0x2, 0x1, 0x9, 0x80, 0x5, 0xd3c3, 0x5, 0x2, 0x1, 0x472a8800, 0xc, 0xfffffff0, 0xfffffff8, 0x9, 0x8, 0xfffffffc, 0x9, 0x5, 0x9, 0x5, 0x6, 0x6, 0x7, 0x87f, 0x59, 0x4fedcacd, 0x1, 0x4, 0x9df4, 0x2, 0x7, 0x5, 0xfff, 0x3828, 0x0, 0x1, 0x7, 0x401, 0x7f, 0x4, 0x7, 0x2120, 0xfffffffa, 0x80, 0x3, 0xdbff, 0x52b6, 0xfffffffa, 0x49, 0x70, 0x0, 0xe1, 0x401, 0xa, 0x101, 0x3ff, 0x101, 0x0, 0x7ffe, 0x80000000, 0x81, 0xfffffff7, 0x3, 0x1, 0x7514, 0x7, 0x3, 0x1, 0x4, 0x2, 0x9, 0x4, 0x10000, 0x3ff, 0x0, 0x100, 0x7ef2, 0x0, 0x1, 0xe, 0xd, 0x4, 0x6, 0x8, 0x4, 0x10001, 0x6, 0x400, 0x436, 0x3, 0x202, 0x0, 0x0, 0x0, 0xbc, 0xa8, 0x0, 0x6, 0x7, 0x1, 0x81, 0x3, 0x2, 0x3, 0x4, 0x4, 0x2445c87b, 0x6, 0xd, 0x9, 0x2, 0x10, 0x4, 0x7, 0x57, 0x5, 0xd, 0x1000, 0x3]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x400, 0x8, 0x3, 0x7b2, 0x400, {0x1, 0x2, 0x8, 0x624, 0x0, 0xfffffff8}, {0x9, 0x2, 0x7, 0x7ff, 0xff01, 0x4}, 0x6, 0x4, 0x923}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa}}}]}]}, 0x894}}, 0x0)

237.15183ms ago: executing program 4 (id=4421):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

162.91408ms ago: executing program 3 (id=4422):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0)

132.28164ms ago: executing program 4 (id=4423):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x200, &(0x7f0000000140)=<r1=>0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x39)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}])

102.24626ms ago: executing program 3 (id=4424):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x6, 0x80, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000060000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0xe)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
getcwd(&(0x7f0000000240)=""/87, 0x57)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300000f0000000000000000000000010018000000000005000600000000000a00000000000000fc02000007000000000000000000000000000000000000000200010000000000000002000000000005000500000000000a"], 0x78}, 0x1, 0x7}, 0x0)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x13)
prctl$PR_SET_NAME(0xf, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000d80)={[{@dioread_lock}, {@grpquota}, {@noload}, {@abort}, {@user_xattr}, {@usrquota}, {@resgid}, {@bh}]}, 0x1, 0x58d, &(0x7f00000005c0)="$eJzs3UtoHGUcAPD/zGZNn6aCgkoPRYUKpZukD62e0qtYKPQgeKlhsw0hm2zIbrQJOaT3Ivbgi17qTQ8eFQ8exItHr14Uz4JoUGh6kJV9pWmyG7c1r2Z/P5js981M5v99M/v/dmeYYQPoWSdqf9KI5yLichIxsGZZXzQXnmist7K8mL+3vJhPolq98kcSSUTcXV7Mt9ZPmq+HI2IpIp6NiO+zEafSjXHL8wuTo8ViYbZZH6xMzQyW5xdOT0yNjhfGC9NnX33t/IVz54fPDG9ZX2/+cuv9mz++cefWF18eX8p/OJrESBxpLlvbj63U2CfZGFk3/9x2BNtFSYf5H53f4YbwUDLNPM9GxDMxEJlm1gP7X7U/orqp1si++VrA4yiJteXGN7ndbA+wU1rfA2rnv61pJ79//H6xcQJytz8ilhfzK6vx+xrXJuJA/dzk0F/JA2cmtVHq2E42lH1p6UZEDPX1bXz/J83336Mb2ooGsq2+u9g4UBuPf7o6/sS68edoRP264f99f8Sa8W+lOfattImf6TD+Xe4yxj9v//ppx/g3Ip5vGz9ZjZ+0iZ9GxDtdxr/91jcXOi2rfhZxMtrHb0k2vz48eG2iWBhq/G0b49uTx1/vdIWy1v9DHeI3rtkeqH/MtNv/M132/+sfvnphqcOyWvyXX9z8+Lfb/wcj4oMu4z919/M3Oy2rxR/r0P/N4tfm3eky/isjJ37uclUAAAAAAAAAAOAhpPV72ZI0t1pO01yu8Qzv03EoLZbKlVPXSnPTY4173o5FNm3daTXQqCe1+nDzftxW/cy6+tlMM2DmYL2ey5eKY7vcdwAAAAAAAAAAAAAAAAAAANgrDq97/v/vTOP5f6BH+Mlv6F3yH3rXg/nf/ocSgf3J5z/0rKr8h94l/6F3yX/oXfIfepf8h94l/6F3yX8AAAAAAAAAAAAAAAAAAAAAAAAAANgWly9dqk3Ve8uL+Vp9rG9+brL07umxQnkyNzWXz+VLszO58VJpvFjI5UtT/7W9Yqk0MxTTc9cHK4VyZbA8v3B1qjQ3Xbk6MTU6XrhayO5IrwAAAAAAAAAAAAAAAAAAAODxcqQ+JWkuItJ6OU1zuYijEXEsssm1iWJhKCKejIifMtn+Wn14txsNAAAAAAAAAAAAAAAAAAAA+0x5fmFytFgszCpsLETE0tZuubbFh/6vbPNYbWUHR5rb3BP7eW8Vqv17ohm7XdjFQQkAAAAAAAAAAAAAAAAAAHrU/Yd+u1g53YEGAQAAAAAAAAAAAAAAAAAAQE9Kf0siojadHHjpyPqlTyQrmfprRLx3+8rH10crldnh2vw/V+dXPmnOP9M+wsH+be8E0IVWnrbyGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALivPL8wOVosFma3sbDbfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FP8GAAD//wbmv/Y=")
open(&(0x7f0000000140)='./file1\x00', 0x64842, 0x25)
unshare(0x6020400)
r3 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000002c0)={<r5=>0xffffffffffffffff})
vmsplice(r5, &(0x7f00000001c0)=[{&(0x7f00000004c0)="7cd1f233f595b9483683fb7fcac2881731c46bffa49ed496fc64424094", 0x1d}], 0x1, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)

15.1477ms ago: executing program 4 (id=4425):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000)

12.02902ms ago: executing program 2 (id=4426):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe80, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

0s ago: executing program 5 (id=4427):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000)

kernel console output (not intermixed with test programs):

 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.478738][T13168] RSP: 002b:00007f8edd821038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  213.478884][T13168] RAX: ffffffffffffffda RBX: 00007f8edf3d5fa0 RCX: 00007f8edf1bcd29
[  213.478901][T13168] RDX: 00000000200000c0 RSI: 0000000020000440 RDI: 0000000020000400
[  213.478916][T13168] RBP: 00007f8edd821090 R08: 0000000000000000 R09: 0000000000000000
[  213.478931][T13168] R10: 000000000000005c R11: 0000000000000246 R12: 0000000000000001
[  213.478947][T13168] R13: 0000000000000000 R14: 00007f8edf3d5fa0 R15: 00007ffd7ef7a358
[  213.478968][T13168]  </TASK>
[  213.655061][T11299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.706168][T13185] loop4: detected capacity change from 0 to 512
[  213.742361][T13185] EXT4-fs: Ignoring removed oldalloc option
[  213.762164][T13185] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  213.786017][T13189] hub 6-0:1.0: USB hub found
[  213.790900][T13189] hub 6-0:1.0: 8 ports detected
[  213.808108][T13185] EXT4-fs (loop4): 1 truncate cleaned up
[  213.815638][T13185] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.815776][T13187] hub 6-0:1.0: USB hub found
[  213.833357][T13187] hub 6-0:1.0: 8 ports detected
[  213.848486][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.886565][T13195] loop4: detected capacity change from 0 to 512
[  213.896439][T13195] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  213.916518][T13195] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.940675][T13195] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.954340][T13195] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  213.972963][T13207] loop5: detected capacity change from 0 to 2048
[  213.982262][T13209] loop2: detected capacity change from 0 to 128
[  213.989941][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.009093][T13211] atomic_op ffff88810e3a5528 conn xmit_atomic 0000000000000000
[  214.010450][T13209] syz.2.3473: attempt to access beyond end of device
[  214.010450][T13209] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  214.031914][T13207]  loop5: p1 < > p4
[  214.036244][T13207] loop5: p4 size 8388608 extends beyond EOD, truncated
[  214.115777][T13218] loop4: detected capacity change from 0 to 1024
[  214.120216][T13220] loop5: detected capacity change from 0 to 1024
[  214.124565][T13218] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  214.130342][T13220] EXT4-fs: Ignoring removed bh option
[  214.162012][T13220] ext4 filesystem being mounted at /540/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.167726][T13225] loop2: detected capacity change from 0 to 512
[  214.209613][T13225] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.290819][T13237] SELinux:  policydb version -28439970 does not match my version range 15-34
[  214.300161][T13237] SELinux: failed to load policy
[  214.308670][T13240] atomic_op ffff8881189bad28 conn xmit_atomic 0000000000000000
[  214.322071][T13242] FAULT_INJECTION: forcing a failure.
[  214.322071][T13242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.335239][T13242] CPU: 0 UID: 0 PID: 13242 Comm: syz.4.3486 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  214.335268][T13242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  214.335303][T13242] Call Trace:
[  214.335311][T13242]  <TASK>
[  214.335319][T13242]  dump_stack_lvl+0xf2/0x150
[  214.335348][T13242]  dump_stack+0x15/0x1a
[  214.335367][T13242]  should_fail_ex+0x223/0x230
[  214.335459][T13242]  should_fail+0xb/0x10
[  214.335491][T13242]  should_fail_usercopy+0x1a/0x20
[  214.335530][T13242]  _copy_from_user+0x1c/0xa0
[  214.335557][T13242]  memdup_user+0x64/0xc0
[  214.335613][T13242]  security_setselfattr+0x8f/0x260
[  214.335640][T13242]  __x64_sys_lsm_set_self_attr+0x51/0x60
[  214.335665][T13242]  x64_sys_call+0x5b0/0x2dc0
[  214.335768][T13242]  do_syscall_64+0xc9/0x1c0
[  214.335797][T13242]  ? clear_bhb_loop+0x55/0xb0
[  214.335830][T13242]  ? clear_bhb_loop+0x55/0xb0
[  214.335923][T13242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.335953][T13242] RIP: 0033:0x7fea6e5bcd29
[  214.335971][T13242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.335992][T13242] RSP: 002b:00007fea6cc27038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cc
[  214.336023][T13242] RAX: ffffffffffffffda RBX: 00007fea6e7d5fa0 RCX: 00007fea6e5bcd29
[  214.336056][T13242] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000067
[  214.336143][T13242] RBP: 00007fea6cc27090 R08: 0000000000000000 R09: 0000000000000000
[  214.336158][T13242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.336172][T13242] R13: 0000000000000000 R14: 00007fea6e7d5fa0 R15: 00007ffd6edeb068
[  214.336273][T13242]  </TASK>
[  214.452434][T13251] program syz.2.3490 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  214.522753][T13251] SELinux: failed to load policy
[  214.547142][T13258] loop3: detected capacity change from 0 to 512
[  214.572996][T13259] FAULT_INJECTION: forcing a failure.
[  214.572996][T13259] name failslab, interval 1, probability 0, space 0, times 0
[  214.576541][T13258] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.585659][T13259] CPU: 0 UID: 0 PID: 13259 Comm: syz.4.3492 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  214.585689][T13259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  214.585772][T13259] Call Trace:
[  214.585781][T13259]  <TASK>
[  214.585791][T13259]  dump_stack_lvl+0xf2/0x150
[  214.585825][T13259]  dump_stack+0x15/0x1a
[  214.585851][T13259]  should_fail_ex+0x223/0x230
[  214.585888][T13259]  should_failslab+0x8f/0xb0
[  214.585927][T13259]  __kmalloc_noprof+0xab/0x3f0
[  214.585964][T13259]  ? alloc_pipe_info+0x1cb/0x360
[  214.585995][T13259]  alloc_pipe_info+0x1cb/0x360
[  214.586025][T13259]  splice_direct_to_actor+0x60f/0x670
[  214.586066][T13259]  ? __pfx_direct_splice_actor+0x10/0x10
[  214.586091][T13259]  ? 0xffffffff81000000
[  214.586106][T13259]  ? selinux_file_permission+0x22a/0x360
[  214.586142][T13259]  ? __rcu_read_unlock+0x4e/0x70
[  214.586203][T13259]  ? avc_policy_seqno+0x15/0x20
[  214.586230][T13259]  ? selinux_file_permission+0x22a/0x360
[  214.586330][T13259]  do_splice_direct+0xd7/0x150
[  214.586353][T13259]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  214.586382][T13259]  do_sendfile+0x398/0x660
[  214.586482][T13259]  __x64_sys_sendfile64+0x110/0x150
[  214.586515][T13259]  x64_sys_call+0xfbd/0x2dc0
[  214.586568][T13259]  do_syscall_64+0xc9/0x1c0
[  214.586594][T13259]  ? clear_bhb_loop+0x55/0xb0
[  214.586703][T13259]  ? clear_bhb_loop+0x55/0xb0
[  214.586756][T13259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.586787][T13259] RIP: 0033:0x7fea6e5bcd29
[  214.586805][T13259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.586828][T13259] RSP: 002b:00007fea6cc06038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  214.586850][T13259] RAX: ffffffffffffffda RBX: 00007fea6e7d6080 RCX: 00007fea6e5bcd29
[  214.586865][T13259] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007
[  214.586937][T13259] RBP: 00007fea6cc06090 R08: 0000000000000000 R09: 0000000000000000
[  214.586951][T13259] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[  214.587035][T13259] R13: 0000000000000000 R14: 00007fea6e7d6080 R15: 00007ffd6edeb068
[  214.587057][T13259]  </TASK>
[  214.878612][T13269] loop3: detected capacity change from 0 to 2048
[  214.922617][T13269]  loop3: p1 < > p4
[  214.927007][T13269] loop3: p4 size 8388608 extends beyond EOD, truncated
[  214.973023][T13276] atomic_op ffff888114ed5928 conn xmit_atomic 0000000000000000
[  214.992017][T13273] hub 6-0:1.0: USB hub found
[  214.995950][T13278] loop3: detected capacity change from 0 to 1024
[  214.997951][T13273] hub 6-0:1.0: 8 ports detected
[  215.338406][T13299] loop2: detected capacity change from 0 to 128
[  215.401050][   T58] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  215.432855][   T58] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  215.445528][   T58] EXT4-fs (loop3): This should not happen!! Data will be lost
[  215.445528][   T58] 
[  215.455315][   T58] EXT4-fs (loop3): Total free blocks count 0
[  215.461396][   T58] EXT4-fs (loop3): Free/Dirty block details
[  215.467347][   T58] EXT4-fs (loop3): free_blocks=68451041280
[  215.473232][   T58] EXT4-fs (loop3): dirty_blocks=16384
[  215.478616][   T58] EXT4-fs (loop3): Block reservation details
[  215.485004][   T58] EXT4-fs (loop3): i_reserved_data_blocks=1024
[  215.505827][T13301] SELinux:  policydb version -28439970 does not match my version range 15-34
[  215.518466][T13301] SELinux: failed to load policy
[  215.527042][   T58] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  215.539904][   T58] EXT4-fs (loop3): This should not happen!! Data will be lost
[  215.539904][   T58] 
[  215.701093][T13306] loop3: detected capacity change from 0 to 512
[  215.708344][T13306] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  215.719947][T13306] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.3510: invalid indirect mapped block 83886080 (level 1)
[  215.734056][T13306] EXT4-fs (loop3): Remounting filesystem read-only
[  215.740781][T13306] EXT4-fs (loop3): 1 orphan inode deleted
[  215.746566][T13306] EXT4-fs (loop3): 1 truncate cleaned up
[  215.752899][T13306] SELinux: (dev loop3, type ext4) getxattr errno 5
[  215.779461][T13310] atomic_op ffff888117954128 conn xmit_atomic 0000000000000000
[  215.971490][T13325] loop3: detected capacity change from 0 to 128
[  215.999336][T13326] program syz.5.3516 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.015559][T13326] SELinux: failed to load policy
[  216.024027][T13325] syz.3.3519: attempt to access beyond end of device
[  216.024027][T13325] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[  216.103444][T13330] loop4: detected capacity change from 0 to 1024
[  216.159135][T13334] loop3: detected capacity change from 0 to 512
[  216.176666][T13334] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.220048][T13339] loop2: detected capacity change from 0 to 2048
[  216.285612][T13345] atomic_op ffff888117954528 conn xmit_atomic 0000000000000000
[  216.333880][T13349] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3526'.
[  216.357920][   T29] kauditd_printk_skb: 812 callbacks suppressed
[  216.357936][   T29] audit: type=1326 audit(1737946188.308:42897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6884de3ce7 code=0x7ffc0000
[  216.392114][   T29] audit: type=1326 audit(1737946188.348:42898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6884d88f29 code=0x7ffc0000
[  216.415842][   T29] audit: type=1326 audit(1737946188.348:42899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6884de3ce7 code=0x7ffc0000
[  216.439359][   T29] audit: type=1326 audit(1737946188.348:42900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6884d88f29 code=0x7ffc0000
[  216.463060][   T29] audit: type=1326 audit(1737946188.348:42901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f6884decd29 code=0x7ffc0000
[  216.493701][   T29] audit: type=1326 audit(1737946188.448:42902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6884de3ce7 code=0x7ffc0000
[  216.517391][   T29] audit: type=1326 audit(1737946188.448:42903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6884d88f29 code=0x7ffc0000
[  216.541353][   T29] audit: type=1326 audit(1737946188.448:42904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f6884decd29 code=0x7ffc0000
[  216.565031][   T29] audit: type=1326 audit(1737946188.448:42905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6884de3ce7 code=0x7ffc0000
[  216.588565][   T29] audit: type=1326 audit(1737946188.448:42906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13304 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6884d88f29 code=0x7ffc0000
[  216.621188][ T4619] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  216.638951][ T4619] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  216.651576][ T4619] EXT4-fs (loop4): This should not happen!! Data will be lost
[  216.651576][ T4619] 
[  216.661297][ T4619] EXT4-fs (loop4): Total free blocks count 0
[  216.667445][ T4619] EXT4-fs (loop4): Free/Dirty block details
[  216.673703][ T4619] EXT4-fs (loop4): free_blocks=68451041280
[  216.679889][ T4619] EXT4-fs (loop4): dirty_blocks=16384
[  216.685764][ T4619] EXT4-fs (loop4): Block reservation details
[  216.691903][ T4619] EXT4-fs (loop4): i_reserved_data_blocks=1024
[  216.708985][ T4619] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  216.716043][T13361] loop2: detected capacity change from 0 to 128
[  216.721783][ T4619] EXT4-fs (loop4): This should not happen!! Data will be lost
[  216.721783][ T4619] 
[  216.791505][T13369] SELinux:  policydb version -28439970 does not match my version range 15-34
[  216.820255][T13369] SELinux: failed to load policy
[  216.889775][T13354] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  216.917200][T13384] loop4: detected capacity change from 0 to 1024
[  216.924482][T13384] EXT4-fs: Ignoring removed bh option
[  216.951235][T13384] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.974316][T13391] hub 6-0:1.0: USB hub found
[  216.979987][T13391] hub 6-0:1.0: 8 ports detected
[  217.136364][T13406] program syz.5.3545 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  217.147947][T13406] SELinux: failed to load policy
[  217.532024][T13429] vhci_hcd: invalid port number 13
[  217.537295][T13429] vhci_hcd: default hub control req: 0016 vfffd i000d l0
[  217.572997][T13432] atomic_op ffff888117959928 conn xmit_atomic 0000000000000000
[  217.793860][T13457] atomic_op ffff888117959928 conn xmit_atomic 0000000000000000
[  217.817964][T13461] loop4: detected capacity change from 0 to 128
[  217.844285][T13464] loop3: detected capacity change from 0 to 512
[  217.862417][T13464] EXT4-fs: Mount option(s) incompatible with ext2
[  217.888676][T13470] SELinux:  policydb version -28439970 does not match my version range 15-34
[  217.897842][T13470] SELinux: failed to load policy
[  218.146475][T13494] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  218.230396][T13516] FAULT_INJECTION: forcing a failure.
[  218.230396][T13516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.243570][T13516] CPU: 1 UID: 0 PID: 13516 Comm: syz.5.3597 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  218.243616][T13516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  218.243632][T13516] Call Trace:
[  218.243639][T13516]  <TASK>
[  218.243647][T13516]  dump_stack_lvl+0xf2/0x150
[  218.243680][T13516]  dump_stack+0x15/0x1a
[  218.243729][T13516]  should_fail_ex+0x223/0x230
[  218.243768][T13516]  should_fail+0xb/0x10
[  218.243849][T13516]  should_fail_usercopy+0x1a/0x20
[  218.243885][T13516]  _copy_from_user+0x1c/0xa0
[  218.243910][T13516]  __se_sys_memfd_create+0x26b/0x5c0
[  218.243936][T13516]  __x64_sys_memfd_create+0x31/0x40
[  218.243999][T13516]  x64_sys_call+0x2d4c/0x2dc0
[  218.244044][T13516]  do_syscall_64+0xc9/0x1c0
[  218.244073][T13516]  ? clear_bhb_loop+0x55/0xb0
[  218.244105][T13516]  ? clear_bhb_loop+0x55/0xb0
[  218.244238][T13516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.244268][T13516] RIP: 0033:0x7fe23c23cd29
[  218.244283][T13516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.244305][T13516] RSP: 002b:00007fe23a8a6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  218.244326][T13516] RAX: ffffffffffffffda RBX: 000000000000052e RCX: 00007fe23c23cd29
[  218.244342][T13516] RDX: 00007fe23a8a6ef0 RSI: 0000000000000000 RDI: 00007fe23c2bec01
[  218.244356][T13516] RBP: 0000000020000640 R08: 00007fe23a8a6bb7 R09: 00007fe23a8a6e40
[  218.244382][T13516] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000000
[  218.244396][T13516] R13: 00007fe23a8a6ef0 R14: 00007fe23a8a6eb0 R15: 00000000200001c0
[  218.244431][T13516]  </TASK>
[  218.394018][T13521] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3593'.
[  218.426128][T13508] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3593'.
[  218.436328][T13508] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.444065][T13508] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.454450][T13508] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.462066][T13508] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.548606][T13536] FAULT_INJECTION: forcing a failure.
[  218.548606][T13536] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  218.561945][T13536] CPU: 0 UID: 0 PID: 13536 Comm: syz.5.3605 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  218.561977][T13536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  218.561993][T13536] Call Trace:
[  218.562000][T13536]  <TASK>
[  218.562009][T13536]  dump_stack_lvl+0xf2/0x150
[  218.562167][T13536]  dump_stack+0x15/0x1a
[  218.562190][T13536]  should_fail_ex+0x223/0x230
[  218.562229][T13536]  should_fail_alloc_page+0xfd/0x110
[  218.562260][T13536]  __alloc_pages_noprof+0x109/0x340
[  218.562329][T13536]  alloc_pages_mpol_noprof+0xb8/0x260
[  218.562456][T13536]  folio_alloc_mpol_noprof+0x36/0x70
[  218.562499][T13536]  shmem_get_folio_gfp+0x3d1/0xd90
[  218.562545][T13536]  shmem_fallocate+0x593/0x860
[  218.562605][T13536]  ? putname+0xcf/0xf0
[  218.562642][T13536]  vfs_fallocate+0x368/0x3b0
[  218.562742][T13536]  __x64_sys_fallocate+0x78/0xc0
[  218.562767][T13536]  x64_sys_call+0x43c/0x2dc0
[  218.562846][T13536]  do_syscall_64+0xc9/0x1c0
[  218.562868][T13536]  ? clear_bhb_loop+0x55/0xb0
[  218.562895][T13536]  ? clear_bhb_loop+0x55/0xb0
[  218.562996][T13536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.563030][T13536] RIP: 0033:0x7fe23c23cd29
[  218.563044][T13536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.563062][T13536] RSP: 002b:00007fe23a8a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  218.563083][T13536] RAX: ffffffffffffffda RBX: 00007fe23c455fa0 RCX: 00007fe23c23cd29
[  218.563123][T13536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  218.563137][T13536] RBP: 00007fe23a8a7090 R08: 0000000000000000 R09: 0000000000000000
[  218.563153][T13536] R10: 0000000002000402 R11: 0000000000000246 R12: 0000000000000001
[  218.563167][T13536] R13: 0000000000000000 R14: 00007fe23c455fa0 R15: 00007ffd79644708
[  218.563189][T13536]  </TASK>
[  218.856844][T13556] loop2: detected capacity change from 0 to 2048
[  218.867992][T13555] loop5: detected capacity change from 0 to 2048
[  218.894078][T13559] hub 6-0:1.0: USB hub found
[  218.899022][T13559] hub 6-0:1.0: 8 ports detected
[  218.903325][T13556]  loop2: p1 < > p4
[  218.912800][T13556] loop2: p4 size 8388608 extends beyond EOD, truncated
[  218.914879][T13562] loop4: detected capacity change from 0 to 512
[  218.974492][T13562] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  219.008999][T13569] atomic_op ffff8881024b1d28 conn xmit_atomic 0000000000000000
[  219.035653][T13562] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.057671][T13578] bond1: entered promiscuous mode
[  219.062958][T13578] bond1: entered allmulticast mode
[  219.073884][T13578] 8021q: adding VLAN 0 to HW filter on device bond1
[  219.080812][T13580] loop5: detected capacity change from 0 to 512
[  219.087908][T13580] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  219.097051][T13580] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  219.121637][T13580] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  219.131794][T13580] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  219.139833][T13580] System zones: 0-2, 18-18, 34-34
[  219.146232][T13580] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  219.161283][T13580] EXT4-fs (loop5): 1 truncate cleaned up
[  219.174737][T13578] bond1 (unregistering): Released all slaves
[  219.228682][T13579] EXT4-fs error (device loop5): ext4_find_dest_de:2079: inode #2: block 3: comm syz.5.3619: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  219.324820][T13610] atomic_op ffff888114ef5d28 conn xmit_atomic 0000000000000000
[  219.331089][T13598] hub 6-0:1.0: USB hub found
[  219.337325][T13598] hub 6-0:1.0: 8 ports detected
[  219.355090][T13611] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3630'.
[  219.366082][T13611] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3630'.
[  219.383734][T13611] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3630'.
[  219.398938][T13611] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3630'.
[  219.447709][T13611] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3630'.
[  219.458102][T13611] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3630'.
[  219.486442][T13625] loop4: detected capacity change from 0 to 512
[  219.504048][T13625] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.534839][T13633] loop3: detected capacity change from 0 to 1024
[  219.804854][T13657] loop3: detected capacity change from 0 to 1024
[  219.811833][T13657] EXT4-fs: Ignoring removed bh option
[  219.828405][T13657] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.830851][T13649] hub 6-0:1.0: USB hub found
[  219.844475][T13649] hub 6-0:1.0: 8 ports detected
[  220.010370][T13670] loop2: detected capacity change from 0 to 512
[  220.024492][T13670] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.031835][T13666] hub 6-0:1.0: USB hub found
[  220.039797][T13666] hub 6-0:1.0: 8 ports detected
[  220.164802][T13681] FAULT_INJECTION: forcing a failure.
[  220.164802][T13681] name failslab, interval 1, probability 0, space 0, times 0
[  220.177645][T13681] CPU: 0 UID: 0 PID: 13681 Comm: syz.4.3656 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  220.177678][T13681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  220.177694][T13681] Call Trace:
[  220.177702][T13681]  <TASK>
[  220.177711][T13681]  dump_stack_lvl+0xf2/0x150
[  220.177744][T13681]  dump_stack+0x15/0x1a
[  220.177770][T13681]  should_fail_ex+0x223/0x230
[  220.177881][T13681]  should_failslab+0x8f/0xb0
[  220.177910][T13681]  kmem_cache_alloc_noprof+0x52/0x320
[  220.177947][T13681]  ? audit_log_start+0x34c/0x6b0
[  220.177988][T13681]  audit_log_start+0x34c/0x6b0
[  220.178082][T13681]  audit_seccomp+0x4b/0x130
[  220.178168][T13681]  __seccomp_filter+0x6fa/0x1180
[  220.178197][T13681]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  220.178279][T13681]  ? vfs_write+0x644/0x920
[  220.178301][T13681]  ? __schedule+0x6fe/0x930
[  220.178359][T13681]  __secure_computing+0x9f/0x1c0
[  220.178387][T13681]  syscall_trace_enter+0xd1/0x1f0
[  220.178447][T13681]  do_syscall_64+0xaa/0x1c0
[  220.178476][T13681]  ? clear_bhb_loop+0x55/0xb0
[  220.178567][T13681]  ? clear_bhb_loop+0x55/0xb0
[  220.178674][T13681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.178705][T13681] RIP: 0033:0x7fea6e5bcd29
[  220.178720][T13681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.178794][T13681] RSP: 002b:00007fea6cc06038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c4
[  220.178816][T13681] RAX: ffffffffffffffda RBX: 00007fea6e7d6080 RCX: 00007fea6e5bcd29
[  220.178831][T13681] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  220.178845][T13681] RBP: 00007fea6cc06090 R08: 0000000000000000 R09: 0000000000000000
[  220.178861][T13681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.178876][T13681] R13: 0000000000000000 R14: 00007fea6e7d6080 R15: 00007ffd6edeb068
[  220.178899][T13681]  </TASK>
[  220.517169][T13702] loop4: detected capacity change from 0 to 512
[  220.529080][T13705] loop5: detected capacity change from 0 to 128
[  220.567275][T13702] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.580553][T13705] syz.5.3666: attempt to access beyond end of device
[  220.580553][T13705] loop5: rw=34817, sector=97, nr_sectors = 32 limit=128
[  220.598746][T13713] atomic_op ffff888117954128 conn xmit_atomic 0000000000000000
[  220.684515][T13710] hub 6-0:1.0: USB hub found
[  220.689260][T13710] hub 6-0:1.0: 8 ports detected
[  220.713981][T13721] loop4: detected capacity change from 0 to 128
[  220.800907][T13735] SELinux:  policydb version -28439970 does not match my version range 15-34
[  220.817395][T13735] SELinux: failed to load policy
[  220.843532][T13741] loop3: detected capacity change from 0 to 1024
[  220.853136][T13741] EXT4-fs: Ignoring removed bh option
[  220.863924][T13745] loop5: detected capacity change from 0 to 1024
[  220.884541][T13741] EXT4-fs mount: 34 callbacks suppressed
[  220.884559][T13741] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.884925][T13745] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.890363][T13741] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.055125][T13769] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  221.178558][T13782] FAULT_INJECTION: forcing a failure.
[  221.178558][T13782] name failslab, interval 1, probability 0, space 0, times 0
[  221.191277][T13782] CPU: 0 UID: 0 PID: 13782 Comm: syz.2.3696 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  221.191307][T13782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  221.191322][T13782] Call Trace:
[  221.191329][T13782]  <TASK>
[  221.191338][T13782]  dump_stack_lvl+0xf2/0x150
[  221.191449][T13782]  dump_stack+0x15/0x1a
[  221.191475][T13782]  should_fail_ex+0x223/0x230
[  221.191506][T13782]  should_failslab+0x8f/0xb0
[  221.191530][T13782]  kmem_cache_alloc_node_noprof+0x59/0x320
[  221.191569][T13782]  ? __alloc_skb+0x10b/0x310
[  221.191597][T13782]  __alloc_skb+0x10b/0x310
[  221.191623][T13782]  netlink_alloc_large_skb+0xad/0xe0
[  221.191658][T13782]  netlink_sendmsg+0x3b4/0x6e0
[  221.191692][T13782]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.191782][T13782]  __sock_sendmsg+0x140/0x180
[  221.191823][T13782]  ____sys_sendmsg+0x312/0x410
[  221.191851][T13782]  __sys_sendmsg+0x19d/0x230
[  221.191958][T13782]  __x64_sys_sendmsg+0x46/0x50
[  221.191992][T13782]  x64_sys_call+0x2734/0x2dc0
[  221.192024][T13782]  do_syscall_64+0xc9/0x1c0
[  221.192131][T13782]  ? clear_bhb_loop+0x55/0xb0
[  221.192160][T13782]  ? clear_bhb_loop+0x55/0xb0
[  221.192230][T13782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.192262][T13782] RIP: 0033:0x7f037d05cd29
[  221.192280][T13782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.192298][T13782] RSP: 002b:00007f037b6c1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.192363][T13782] RAX: ffffffffffffffda RBX: 00007f037d275fa0 RCX: 00007f037d05cd29
[  221.192376][T13782] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004
[  221.192387][T13782] RBP: 00007f037b6c1090 R08: 0000000000000000 R09: 0000000000000000
[  221.192398][T13782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.192417][T13782] R13: 0000000000000000 R14: 00007f037d275fa0 R15: 00007ffd9fc87858
[  221.192502][T13782]  </TASK>
[  221.407508][   T28] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  221.423342][   T29] kauditd_printk_skb: 1045 callbacks suppressed
[  221.423357][   T29] audit: type=1326 audit(1737946193.368:43950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8edf1b3ce7 code=0x7ffc0000
[  221.451423][   T28] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  221.453115][   T29] audit: type=1326 audit(1737946193.368:43951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8edf158f29 code=0x7ffc0000
[  221.465483][   T28] EXT4-fs (loop5): This should not happen!! Data will be lost
[  221.465483][   T28] 
[  221.465501][   T28] EXT4-fs (loop5): Total free blocks count 0
[  221.493660][   T29] audit: type=1326 audit(1737946193.368:43952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  221.498678][   T28] EXT4-fs (loop5): Free/Dirty block details
[  221.504649][   T29] audit: type=1326 audit(1737946193.368:43953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8edf1b3ce7 code=0x7ffc0000
[  221.528281][   T28] EXT4-fs (loop5): free_blocks=68451041280
[  221.528298][   T28] EXT4-fs (loop5): dirty_blocks=16384
[  221.534185][   T29] audit: type=1326 audit(1737946193.368:43954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8edf158f29 code=0x7ffc0000
[  221.557631][   T28] EXT4-fs (loop5): Block reservation details
[  221.557645][   T28] EXT4-fs (loop5): i_reserved_data_blocks=1024
[  221.563862][   T29] audit: type=1326 audit(1737946193.368:43955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  221.608834][ T4619] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  221.653731][   T29] audit: type=1326 audit(1737946193.378:43956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8edf1b3ce7 code=0x7ffc0000
[  221.677377][   T29] audit: type=1326 audit(1737946193.378:43957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8edf158f29 code=0x7ffc0000
[  221.700989][   T29] audit: type=1326 audit(1737946193.378:43958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  221.724692][   T29] audit: type=1326 audit(1737946193.388:43959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13740 comm="syz.3.3681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8edf1b3ce7 code=0x7ffc0000
[  221.763344][T13787] hub 6-0:1.0: USB hub found
[  221.770346][T13787] hub 6-0:1.0: 8 ports detected
[  221.788054][T13792] loop4: detected capacity change from 0 to 1024
[  221.806666][T11299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.837495][T13792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.872497][T13803] loop5: detected capacity change from 0 to 128
[  221.923585][T13808] Cannot find add_set index 0 as target
[  221.948211][T13814] SELinux:  policydb version -28439970 does not match my version range 15-34
[  221.962288][T13814] SELinux: failed to load policy
[  222.196645][ T4620] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  222.212235][T13830] sctp: [Deprecated]: syz.2.3715 (pid 13830) Use of struct sctp_assoc_value in delayed_ack socket option.
[  222.212235][T13830] Use struct sctp_sack_info instead
[  222.228997][ T4620] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  222.241534][ T4620] EXT4-fs (loop4): This should not happen!! Data will be lost
[  222.241534][ T4620] 
[  222.251291][ T4620] EXT4-fs (loop4): Total free blocks count 0
[  222.257361][ T4620] EXT4-fs (loop4): Free/Dirty block details
[  222.263319][ T4620] EXT4-fs (loop4): free_blocks=68451041280
[  222.269135][ T4620] EXT4-fs (loop4): dirty_blocks=16384
[  222.274533][ T4620] EXT4-fs (loop4): Block reservation details
[  222.280668][ T4620] EXT4-fs (loop4): i_reserved_data_blocks=1024
[  222.295028][ T4620] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  222.615282][T13834] loop3: detected capacity change from 0 to 2048
[  222.653225][T13834] Alternate GPT is invalid, using primary GPT.
[  222.659645][T13834]  loop3: p1 p2 p3
[  222.836055][T13858] loop5: detected capacity change from 0 to 1024
[  222.875380][T13858] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.920242][T13863] loop4: detected capacity change from 0 to 128
[  223.148893][T13868] loop2: detected capacity change from 0 to 128
[  223.195681][ T4620] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  223.221631][ T4620] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  223.234162][ T4620] EXT4-fs (loop5): This should not happen!! Data will be lost
[  223.234162][ T4620] 
[  223.243827][ T4620] EXT4-fs (loop5): Total free blocks count 0
[  223.249817][ T4620] EXT4-fs (loop5): Free/Dirty block details
[  223.255739][ T4620] EXT4-fs (loop5): free_blocks=68451041280
[  223.261618][ T4620] EXT4-fs (loop5): dirty_blocks=16384
[  223.267036][ T4620] EXT4-fs (loop5): Block reservation details
[  223.273211][ T4620] EXT4-fs (loop5): i_reserved_data_blocks=1024
[  223.279687][T13868] syz.2.3730: attempt to access beyond end of device
[  223.279687][T13868] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  223.345335][ T4620] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  223.568509][T13898] loop3: detected capacity change from 0 to 1024
[  223.597082][T13895] loop5: detected capacity change from 0 to 164
[  223.605341][T13898] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.607201][T13895] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  223.624375][T13905] hub 6-0:1.0: USB hub found
[  223.635098][T13905] hub 6-0:1.0: 8 ports detected
[  223.703436][T13914] loop2: detected capacity change from 0 to 164
[  223.710829][T13914] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  223.722977][T13918] program syz.5.3744 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  223.753137][T13921] loop2: detected capacity change from 0 to 164
[  223.760060][T13921] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  223.904905][T13900] __nla_validate_parse: 6 callbacks suppressed
[  223.904924][T13900] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  224.004994][   T28] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  224.021150][   T28] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  224.033734][   T28] EXT4-fs (loop3): This should not happen!! Data will be lost
[  224.033734][   T28] 
[  224.043806][   T28] EXT4-fs (loop3): Total free blocks count 0
[  224.049797][   T28] EXT4-fs (loop3): Free/Dirty block details
[  224.055737][   T28] EXT4-fs (loop3): free_blocks=68451041280
[  224.061557][   T28] EXT4-fs (loop3): dirty_blocks=16384
[  224.067011][   T28] EXT4-fs (loop3): Block reservation details
[  224.073119][   T28] EXT4-fs (loop3): i_reserved_data_blocks=1024
[  224.100705][ T4620] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  224.106507][T13939] loop4: detected capacity change from 0 to 164
[  224.131649][T13939] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  224.230289][T13947] loop2: detected capacity change from 0 to 128
[  224.295170][T13953] SELinux:  policydb version -28439970 does not match my version range 15-34
[  224.304075][T13953] SELinux: failed to load policy
[  224.541900][T13963] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  224.745364][T13949] loop3: detected capacity change from 0 to 2048
[  224.773283][T13949] Alternate GPT is invalid, using primary GPT.
[  224.779683][T13949]  loop3: p1 p2 p3
[  224.788242][T13982] loop4: detected capacity change from 0 to 1024
[  224.795143][T13982] EXT4-fs: Ignoring removed bh option
[  224.828520][T13982] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.845111][T13982] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.861495][T13994] hub 6-0:1.0: USB hub found
[  224.873145][T13994] hub 6-0:1.0: 8 ports detected
[  225.351977][T14043] FAULT_INJECTION: forcing a failure.
[  225.351977][T14043] name failslab, interval 1, probability 0, space 0, times 0
[  225.364708][T14043] CPU: 0 UID: 0 PID: 14043 Comm: syz.2.3795 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  225.364739][T14043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  225.364754][T14043] Call Trace:
[  225.364762][T14043]  <TASK>
[  225.364771][T14043]  dump_stack_lvl+0xf2/0x150
[  225.364804][T14043]  dump_stack+0x15/0x1a
[  225.364856][T14043]  should_fail_ex+0x223/0x230
[  225.364898][T14043]  should_failslab+0x8f/0xb0
[  225.364927][T14043]  kmem_cache_alloc_node_noprof+0x59/0x320
[  225.365019][T14043]  ? __alloc_skb+0x10b/0x310
[  225.365045][T14043]  __alloc_skb+0x10b/0x310
[  225.365070][T14043]  tipc_msg_build+0xc6/0x820
[  225.365115][T14043]  __tipc_sendstream+0x672/0xb20
[  225.365170][T14043]  ? __pfx_woken_wake_function+0x10/0x10
[  225.365221][T14043]  ? __pfx_tipc_sendstream+0x10/0x10
[  225.365255][T14043]  tipc_sendstream+0x3e/0x60
[  225.365290][T14043]  __sock_sendmsg+0x140/0x180
[  225.365383][T14043]  ____sys_sendmsg+0x312/0x410
[  225.365442][T14043]  __sys_sendmmsg+0x227/0x4b0
[  225.365495][T14043]  __x64_sys_sendmmsg+0x57/0x70
[  225.365522][T14043]  x64_sys_call+0x29aa/0x2dc0
[  225.365614][T14043]  do_syscall_64+0xc9/0x1c0
[  225.365636][T14043]  ? clear_bhb_loop+0x55/0xb0
[  225.365663][T14043]  ? clear_bhb_loop+0x55/0xb0
[  225.365726][T14043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.365755][T14043] RIP: 0033:0x7f037d05cd29
[  225.365849][T14043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.365872][T14043] RSP: 002b:00007f037b6c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  225.365975][T14043] RAX: ffffffffffffffda RBX: 00007f037d275fa0 RCX: 00007f037d05cd29
[  225.365989][T14043] RDX: 000000000400006d RSI: 00000000200029c0 RDI: 0000000000000003
[  225.366001][T14043] RBP: 00007f037b6c1090 R08: 0000000000000000 R09: 0000000000000000
[  225.366012][T14043] R10: 0000000020000004 R11: 0000000000000246 R12: 0000000000000001
[  225.366097][T14043] R13: 0000000000000000 R14: 00007f037d275fa0 R15: 00007ffd9fc87858
[  225.366188][T14043]  </TASK>
[  225.577641][T14053] SELinux:  policydb version -28439970 does not match my version range 15-34
[  225.586931][T14053] SELinux: failed to load policy
[  225.616489][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.726146][T14069] loop5: detected capacity change from 0 to 128
[  225.744955][T14067] loop2: detected capacity change from 0 to 1024
[  225.754935][T14069] syz.5.3806: attempt to access beyond end of device
[  225.754935][T14069] loop5: rw=34817, sector=97, nr_sectors = 32 limit=128
[  225.774437][T14067] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.879530][T14082] loop4: detected capacity change from 0 to 512
[  225.900842][T14082] EXT4-fs: Ignoring removed i_version option
[  225.908544][T14082] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  225.930601][T14082] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.3810: iget: bad extra_isize 15 (inode size 256)
[  225.949475][T14082] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3810: couldn't read orphan inode 15 (err -117)
[  225.974284][T14082] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.017232][T14090] loop5: detected capacity change from 0 to 128
[  226.040539][T14093] loop3: detected capacity change from 0 to 128
[  226.056771][T14093] FAT-fs (loop3): error, clusters badly computed (2 != 0)
[  226.064114][T14093] FAT-fs (loop3): Filesystem has been set read-only
[  226.082816][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.092831][T14094] SELinux:  policydb version -28439970 does not match my version range 15-34
[  226.102339][T14094] SELinux: failed to load policy
[  226.106658][   T28] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  226.123761][   T28] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  226.136600][   T28] EXT4-fs (loop2): This should not happen!! Data will be lost
[  226.136600][   T28] 
[  226.146436][   T28] EXT4-fs (loop2): Total free blocks count 0
[  226.152487][   T28] EXT4-fs (loop2): Free/Dirty block details
[  226.158420][   T28] EXT4-fs (loop2): free_blocks=68451041280
[  226.164374][   T28] EXT4-fs (loop2): dirty_blocks=16384
[  226.168257][T14096] loop4: detected capacity change from 0 to 1024
[  226.169746][   T28] EXT4-fs (loop2): Block reservation details
[  226.169761][   T28] EXT4-fs (loop2): i_reserved_data_blocks=1024
[  226.176535][T14096] EXT4-fs: Ignoring removed bh option
[  226.192583][   T28] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  226.225142][T14096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.238469][T14096] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.333553][T14115] atomic_op ffff88810ac16928 conn xmit_atomic 0000000000000000
[  226.373407][T14118] hub 6-0:1.0: USB hub found
[  226.378354][T14118] hub 6-0:1.0: 8 ports detected
[  226.398682][T14122] loop3: detected capacity change from 0 to 128
[  226.454457][T14128] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  226.467325][T14131] SELinux:  policydb version -28439970 does not match my version range 15-34
[  226.476222][T14131] SELinux: failed to load policy
[  226.508453][T14134] FAULT_INJECTION: forcing a failure.
[  226.508453][T14134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.521571][T14134] CPU: 1 UID: 0 PID: 14134 Comm: syz.2.3830 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  226.521675][T14134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  226.521688][T14134] Call Trace:
[  226.521695][T14134]  <TASK>
[  226.521703][T14134]  dump_stack_lvl+0xf2/0x150
[  226.521733][T14134]  dump_stack+0x15/0x1a
[  226.521751][T14134]  should_fail_ex+0x223/0x230
[  226.521800][T14134]  should_fail+0xb/0x10
[  226.521908][T14134]  should_fail_usercopy+0x1a/0x20
[  226.521934][T14134]  _copy_from_user+0x1c/0xa0
[  226.521952][T14134]  move_addr_to_kernel+0x82/0x120
[  226.521981][T14134]  copy_msghdr_from_user+0x271/0x2a0
[  226.522095][T14134]  __sys_sendmmsg+0x1e8/0x4b0
[  226.522173][T14134]  __x64_sys_sendmmsg+0x57/0x70
[  226.522235][T14134]  x64_sys_call+0x29aa/0x2dc0
[  226.522257][T14134]  do_syscall_64+0xc9/0x1c0
[  226.522288][T14134]  ? clear_bhb_loop+0x55/0xb0
[  226.522309][T14134]  ? clear_bhb_loop+0x55/0xb0
[  226.522330][T14134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.522364][T14134] RIP: 0033:0x7f037d05cd29
[  226.522375][T14134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.522389][T14134] RSP: 002b:00007f037b6c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  226.522407][T14134] RAX: ffffffffffffffda RBX: 00007f037d275fa0 RCX: 00007f037d05cd29
[  226.522417][T14134] RDX: 0000000000000001 RSI: 00000000200043c0 RDI: 0000000000000006
[  226.522483][T14134] RBP: 00007f037b6c1090 R08: 0000000000000000 R09: 0000000000000000
[  226.522493][T14134] R10: 0000000020004800 R11: 0000000000000246 R12: 0000000000000001
[  226.522502][T14134] R13: 0000000000000000 R14: 00007f037d275fa0 R15: 00007ffd9fc87858
[  226.522516][T14134]  </TASK>
[  226.731045][T14140] Cannot find add_set index 0 as target
[  226.750994][T14144] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  226.759269][T14144] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  226.788193][T14147] loop2: detected capacity change from 0 to 512
[  226.804653][T14147] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.817292][T14147] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.870953][T12330] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.961450][T14162] loop5: detected capacity change from 0 to 2048
[  226.984340][T14162]  loop5: p1 < > p4
[  226.991202][T14162] loop5: p4 size 8388608 extends beyond EOD, truncated
[  227.002700][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.054197][T14170] loop4: detected capacity change from 0 to 128
[  227.071204][T14172] atomic_op ffff8881035c0128 conn xmit_atomic 0000000000000000
[  227.098438][   T29] kauditd_printk_skb: 929 callbacks suppressed
[  227.098454][   T29] audit: type=1400 audit(1737946199.048:44889): avc:  denied  { watch_reads } for  pid=14174 comm="syz.5.3845" path="/598" dev="tmpfs" ino=3248 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  227.111283][T14173] hub 6-0:1.0: USB hub found
[  227.135656][T14170] syz.4.3842: attempt to access beyond end of device
[  227.135656][T14170] loop4: rw=34817, sector=97, nr_sectors = 32 limit=128
[  227.153195][T14173] hub 6-0:1.0: 8 ports detected
[  227.165049][   T29] audit: type=1400 audit(1737946199.088:44890): avc:  denied  { execute } for  pid=14174 comm="syz.5.3845" name="file1" dev="tmpfs" ino=3253 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  227.187592][   T29] audit: type=1400 audit(1737946199.088:44891): avc:  denied  { execute_no_trans } for  pid=14174 comm="syz.5.3845" path="/598/file1" dev="tmpfs" ino=3253 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  227.211411][   T29] audit: type=1326 audit(1737946199.118:44892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14179 comm="syz.0.3846" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6884decd29 code=0x0
[  227.243120][T14182] SELinux:  policydb version -28439970 does not match my version range 15-34
[  227.259266][T14182] SELinux: failed to load policy
[  227.314815][T14192] loop3: detected capacity change from 0 to 128
[  227.329835][T14192] FAT-fs (loop3): error, clusters badly computed (2 != 0)
[  227.337097][T14192] FAT-fs (loop3): Filesystem has been set read-only
[  227.368054][ T1700] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.382084][   T29] audit: type=1326 audit(1737946199.338:44893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.3.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  227.405811][   T29] audit: type=1326 audit(1737946199.338:44894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.3.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  227.429623][   T29] audit: type=1326 audit(1737946199.338:44895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.3.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  227.453253][   T29] audit: type=1326 audit(1737946199.338:44896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.3.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  227.476856][   T29] audit: type=1326 audit(1737946199.338:44897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.3.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  227.500603][   T29] audit: type=1326 audit(1737946199.338:44898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14188 comm="syz.3.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf1bcd29 code=0x7ffc0000
[  227.530644][T14183] chnl_net:caif_netlink_parms(): no params data found
[  227.537207][T14211] loop2: detected capacity change from 0 to 128
[  227.589534][T14218] atomic_op ffff88810ac14928 conn xmit_atomic 0000000000000000
[  227.598275][ T1700] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.626157][T14183] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.633277][T14183] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.645984][T14183] bridge_slave_0: entered allmulticast mode
[  227.665244][T14183] bridge_slave_0: entered promiscuous mode
[  227.673742][T14183] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.680842][T14183] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.688018][T14183] bridge_slave_1: entered allmulticast mode
[  227.694600][T14183] bridge_slave_1: entered promiscuous mode
[  227.713728][ T1700] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.739547][T14183] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.750473][T14183] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.770315][T14183] team0: Port device team_slave_0 added
[  227.776832][T14183] team0: Port device team_slave_1 added
[  227.792951][ T1700] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.809852][T14231] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3864'.
[  227.819663][T14183] batman_adv: batadv0: Adding interface: batadv_slave_0
[  227.826690][T14183] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.852764][T14183] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  227.896921][T14183] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.903926][T14183] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.930355][T14183] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.978169][T14183] hsr_slave_0: entered promiscuous mode
[  227.984317][T14183] hsr_slave_1: entered promiscuous mode
[  227.990105][T14183] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  228.006465][T14183] Cannot create hsr debugfs directory
[  228.015300][ T1700] bridge_slave_1: left allmulticast mode
[  228.020968][ T1700] bridge_slave_1: left promiscuous mode
[  228.026741][ T1700] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.042536][ T1700] bridge_slave_0: left allmulticast mode
[  228.048208][ T1700] bridge_slave_0: left promiscuous mode
[  228.054173][ T1700] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.069462][T14242] atomic_op ffff888117ced928 conn xmit_atomic 0000000000000000
[  228.115189][ T1700] bridge0 (unregistering): left allmulticast mode
[  228.165562][ T1700] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  228.176273][ T1700] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  228.186212][ T1700] bond0 (unregistering): Released all slaves
[  228.228073][ T1700] tipc: Disabling bearer <udp:syz2>
[  228.233409][ T1700] tipc: Left network mode
[  228.245655][ T1700] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.253187][ T1700] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.263787][ T1700] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.271252][ T1700] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.360726][ T1700] team0 (unregistering): Port device team_slave_1 removed
[  228.372968][ T1700] team0 (unregistering): Port device team_slave_0 removed
[  228.433650][T14270] SELinux:  policydb version -28439970 does not match my version range 15-34
[  228.443037][T14270] SELinux: failed to load policy
[  228.529486][T14183] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  228.540383][T14183] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  228.549585][T14183] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  228.560409][T14183] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  228.586762][T14273] ref_ctr increment failed for inode: 0x374 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88810a80c540
[  228.605329][T14183] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.612776][T14272] uprobe: syz.3.3880:14272 failed to unregister, leaking uprobe
[  228.618796][T14183] 8021q: adding VLAN 0 to HW filter on device team0
[  228.631855][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.639034][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.651453][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.658545][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.745716][T14183] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.889911][T14301] hub 6-0:1.0: USB hub found
[  228.894907][T14301] hub 6-0:1.0: 8 ports detected
[  228.993552][T14183] veth0_vlan: entered promiscuous mode
[  229.004063][T14183] veth1_vlan: entered promiscuous mode
[  229.011671][T14314] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  229.038487][T14183] veth0_macvtap: entered promiscuous mode
[  229.046691][T14183] veth1_macvtap: entered promiscuous mode
[  229.059675][T14183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.070200][T14183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.080105][T14183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.090591][T14183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.100626][T14183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.106332][T14318] loop3: detected capacity change from 0 to 1024
[  229.111313][T14183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.125047][T14318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.129079][T14183] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.152966][T14183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.163769][T14183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.173735][T14183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.184258][T14183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.194330][T14183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.204872][T14183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.233998][T14183] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.266877][T14183] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.275679][T14183] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.284431][T14183] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.293158][T14183] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.669656][T14368] loop5: detected capacity change from 0 to 128
[  229.693906][T14371] loop2: detected capacity change from 0 to 128
[  229.702698][T14368] FAT-fs (loop5): error, clusters badly computed (2 != 0)
[  229.710029][T14368] FAT-fs (loop5): Filesystem has been set read-only
[  229.754790][ T4618] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  229.782365][ T4618] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  229.794914][ T4618] EXT4-fs (loop3): This should not happen!! Data will be lost
[  229.794914][ T4618] 
[  229.809319][ T4618] EXT4-fs (loop3): Total free blocks count 0
[  229.815399][ T4618] EXT4-fs (loop3): Free/Dirty block details
[  229.821311][ T4618] EXT4-fs (loop3): free_blocks=68451041280
[  229.827381][ T4618] EXT4-fs (loop3): dirty_blocks=16384
[  229.832808][ T4618] EXT4-fs (loop3): Block reservation details
[  229.838810][ T4618] EXT4-fs (loop3): i_reserved_data_blocks=1024
[  229.854857][ T4620] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  229.934153][T14389] FAULT_INJECTION: forcing a failure.
[  229.934153][T14389] name failslab, interval 1, probability 0, space 0, times 0
[  229.946837][T14389] CPU: 1 UID: 0 PID: 14389 Comm: syz.2.3918 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  229.946944][T14389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  229.946959][T14389] Call Trace:
[  229.946966][T14389]  <TASK>
[  229.946973][T14389]  dump_stack_lvl+0xf2/0x150
[  229.947000][T14389]  dump_stack+0x15/0x1a
[  229.947090][T14389]  should_fail_ex+0x223/0x230
[  229.947129][T14389]  should_failslab+0x8f/0xb0
[  229.947201][T14389]  kmem_cache_alloc_node_noprof+0x59/0x320
[  229.947308][T14389]  ? __alloc_skb+0x10b/0x310
[  229.947337][T14389]  __alloc_skb+0x10b/0x310
[  229.947366][T14389]  netlink_alloc_large_skb+0xad/0xe0
[  229.947428][T14389]  netlink_sendmsg+0x3b4/0x6e0
[  229.947468][T14389]  ? __pfx_netlink_sendmsg+0x10/0x10
[  229.947500][T14389]  __sock_sendmsg+0x140/0x180
[  229.947538][T14389]  ____sys_sendmsg+0x312/0x410
[  229.947645][T14389]  __sys_sendmsg+0x19d/0x230
[  229.947691][T14389]  __x64_sys_sendmsg+0x46/0x50
[  229.947802][T14389]  x64_sys_call+0x2734/0x2dc0
[  229.947836][T14389]  do_syscall_64+0xc9/0x1c0
[  229.947862][T14389]  ? clear_bhb_loop+0x55/0xb0
[  229.947888][T14389]  ? clear_bhb_loop+0x55/0xb0
[  229.947952][T14389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.947978][T14389] RIP: 0033:0x7f037d05cd29
[  229.948068][T14389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.948090][T14389] RSP: 002b:00007f037b6c1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  229.948110][T14389] RAX: ffffffffffffffda RBX: 00007f037d275fa0 RCX: 00007f037d05cd29
[  229.948169][T14389] RDX: 0000000000000040 RSI: 0000000020000140 RDI: 0000000000000007
[  229.948184][T14389] RBP: 00007f037b6c1090 R08: 0000000000000000 R09: 0000000000000000
[  229.948197][T14389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.948209][T14389] R13: 0000000000000000 R14: 00007f037d275fa0 R15: 00007ffd9fc87858
[  229.948226][T14389]  </TASK>
[  230.187939][T14392] loop2: detected capacity change from 0 to 2048
[  230.195526][T14393] loop5: detected capacity change from 0 to 512
[  230.205677][T14395] loop3: detected capacity change from 0 to 164
[  230.212903][T14395] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  230.230168][T14397] loop4: detected capacity change from 0 to 256
[  230.242901][T14392]  loop2: p1 < > p4
[  230.248884][T14393] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.266240][T14397] FAT-fs (loop4): Directory bread(block 64) failed
[  230.279705][T14392] loop2: p4 size 8388608 extends beyond EOD, 
[  230.279707][T14393] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.285866][T14392] truncated
[  230.297918][T14397] FAT-fs (loop4): Directory bread(block 65) failed
[  230.343491][T14397] FAT-fs (loop4): Directory bread(block 66) failed
[  230.350065][T14397] FAT-fs (loop4): Directory bread(block 67) failed
[  230.356935][T14397] FAT-fs (loop4): Directory bread(block 68) failed
[  230.363506][T14397] FAT-fs (loop4): Directory bread(block 69) failed
[  230.370193][T14397] FAT-fs (loop4): Directory bread(block 70) failed
[  230.377298][T14397] FAT-fs (loop4): Directory bread(block 71) failed
[  230.397019][T14397] FAT-fs (loop4): Directory bread(block 72) failed
[  230.413473][T14397] FAT-fs (loop4): Directory bread(block 73) failed
[  230.445065][T14183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.485130][T14411] FAULT_INJECTION: forcing a failure.
[  230.485130][T14411] name failslab, interval 1, probability 0, space 0, times 0
[  230.497866][T14411] CPU: 1 UID: 0 PID: 14411 Comm: syz.3.3927 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  230.497900][T14411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  230.497916][T14411] Call Trace:
[  230.497924][T14411]  <TASK>
[  230.497933][T14411]  dump_stack_lvl+0xf2/0x150
[  230.497968][T14411]  dump_stack+0x15/0x1a
[  230.498069][T14411]  should_fail_ex+0x223/0x230
[  230.498149][T14411]  ? ip6_setup_cork+0x129/0x7f0
[  230.498256][T14411]  should_failslab+0x8f/0xb0
[  230.498286][T14411]  __kmalloc_cache_noprof+0x4e/0x320
[  230.498370][T14411]  ip6_setup_cork+0x129/0x7f0
[  230.498424][T14411]  ip6_make_skb+0x102/0x510
[  230.498460][T14411]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  230.498507][T14411]  udpv6_sendmsg+0x14c7/0x15b0
[  230.498580][T14411]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  230.498635][T14411]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  230.498660][T14411]  inet6_sendmsg+0xaf/0xd0
[  230.498687][T14411]  __sock_sendmsg+0x8b/0x180
[  230.498849][T14411]  ____sys_sendmsg+0x312/0x410
[  230.498887][T14411]  __sys_sendmmsg+0x227/0x4b0
[  230.498945][T14411]  __x64_sys_sendmmsg+0x57/0x70
[  230.498980][T14411]  x64_sys_call+0x29aa/0x2dc0
[  230.499012][T14411]  do_syscall_64+0xc9/0x1c0
[  230.499066][T14411]  ? clear_bhb_loop+0x55/0xb0
[  230.499105][T14411]  ? clear_bhb_loop+0x55/0xb0
[  230.499206][T14411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.499290][T14411] RIP: 0033:0x7f8edf1bcd29
[  230.499325][T14411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.499347][T14411] RSP: 002b:00007f8edd821038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  230.499369][T14411] RAX: ffffffffffffffda RBX: 00007f8edf3d5fa0 RCX: 00007f8edf1bcd29
[  230.499384][T14411] RDX: 0400000000000172 RSI: 0000000020003cc0 RDI: 0000000000000005
[  230.499399][T14411] RBP: 00007f8edd821090 R08: 0000000000000000 R09: 0000000000000000
[  230.499414][T14411] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  230.499428][T14411] R13: 0000000000000000 R14: 00007f8edf3d5fa0 R15: 00007ffd7ef7a358
[  230.499450][T14411]  </TASK>
[  230.746324][T14418] atomic_op ffff88810ac16528 conn xmit_atomic 0000000000000000
[  230.819906][T14432] loop4: detected capacity change from 0 to 1024
[  230.890438][T14432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.067753][T14454] loop2: detected capacity change from 0 to 128
[  231.113871][T14454] syz.2.3943: attempt to access beyond end of device
[  231.113871][T14454] loop2: rw=34817, sector=97, nr_sectors = 32 limit=128
[  231.133239][T14458] atomic_op ffff88810ac15928 conn xmit_atomic 0000000000000000
[  231.153861][T14462] FAULT_INJECTION: forcing a failure.
[  231.153861][T14462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.167105][T14462] CPU: 0 UID: 0 PID: 14462 Comm: syz.5.3945 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  231.167130][T14462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  231.167142][T14462] Call Trace:
[  231.167149][T14462]  <TASK>
[  231.167158][T14462]  dump_stack_lvl+0xf2/0x150
[  231.167211][T14462]  dump_stack+0x15/0x1a
[  231.167232][T14462]  should_fail_ex+0x223/0x230
[  231.167284][T14462]  should_fail+0xb/0x10
[  231.167320][T14462]  should_fail_usercopy+0x1a/0x20
[  231.167360][T14462]  _copy_from_user+0x1c/0xa0
[  231.167390][T14462]  __x64_sys_epoll_ctl+0x8e/0xf0
[  231.167419][T14462]  x64_sys_call+0x1361/0x2dc0
[  231.167445][T14462]  do_syscall_64+0xc9/0x1c0
[  231.167474][T14462]  ? clear_bhb_loop+0x55/0xb0
[  231.167516][T14462]  ? clear_bhb_loop+0x55/0xb0
[  231.167547][T14462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.167578][T14462] RIP: 0033:0x7f8b1f87cd29
[  231.167624][T14462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.167644][T14462] RSP: 002b:00007f8b1dee7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  231.167702][T14462] RAX: ffffffffffffffda RBX: 00007f8b1fa95fa0 RCX: 00007f8b1f87cd29
[  231.167714][T14462] RDX: 0000000000000003 RSI: 0000000000000003 RDI: 0000000000000004
[  231.167740][T14462] RBP: 00007f8b1dee7090 R08: 0000000000000000 R09: 0000000000000000
[  231.167755][T14462] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  231.167836][T14462] R13: 0000000000000000 R14: 00007f8b1fa95fa0 R15: 00007ffdb37b5b58
[  231.167858][T14462]  </TASK>
[  231.332915][T14465] program syz.0.3944 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  231.347862][T14465] SELinux: failed to load policy
[  231.520071][T14483] hub 6-0:1.0: USB hub found
[  231.525200][T14483] hub 6-0:1.0: 8 ports detected
[  231.537761][T14487] loop3: detected capacity change from 0 to 128
[  231.549553][T14487] FAT-fs (loop3): error, clusters badly computed (2 != 0)
[  231.556830][T14487] FAT-fs (loop3): Filesystem has been set read-only
[  231.598011][ T4620] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  231.616070][ T4620] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  231.628628][ T4620] EXT4-fs (loop4): This should not happen!! Data will be lost
[  231.628628][ T4620] 
[  231.638342][ T4620] EXT4-fs (loop4): Total free blocks count 0
[  231.644479][ T4620] EXT4-fs (loop4): Free/Dirty block details
[  231.650413][ T4620] EXT4-fs (loop4): free_blocks=68451041280
[  231.656283][ T4620] EXT4-fs (loop4): dirty_blocks=16384
[  231.661693][ T4620] EXT4-fs (loop4): Block reservation details
[  231.667787][ T4620] EXT4-fs (loop4): i_reserved_data_blocks=1024
[  231.683609][T14495] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3959'.
[  231.701447][ T4620] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  231.719542][T14493] loop2: detected capacity change from 0 to 1024
[  231.731938][T14493] EXT4-fs: Ignoring removed bh option
[  231.750717][T14499] loop3: detected capacity change from 0 to 128
[  231.758868][T14493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.793251][T14493] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.803958][T14499] syz.3.3961: attempt to access beyond end of device
[  231.803958][T14499] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[  231.832653][T12330] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.853991][T14506] loop2: detected capacity change from 0 to 128
[  232.028321][T14518] random: crng reseeded on system resumption
[  232.121385][T14528] atomic_op ffff88810ac14d28 conn xmit_atomic 0000000000000000
[  232.212548][T14525] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3967'.
[  232.300915][T14525] loop2: detected capacity change from 0 to 8192
[  232.308438][T14525] vfat: Unknown parameter ''
[  232.473873][T14561] loop2: detected capacity change from 0 to 1024
[  232.482503][T14561] EXT4-fs: Ignoring removed bh option
[  232.531479][   T29] kauditd_printk_skb: 509 callbacks suppressed
[  232.531495][   T29] audit: type=1326 audit(1737946204.478:45408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.564228][T14561] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.576321][   T29] audit: type=1326 audit(1737946204.518:45409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.600430][   T29] audit: type=1326 audit(1737946204.518:45410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.624177][   T29] audit: type=1326 audit(1737946204.518:45411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.648160][   T29] audit: type=1326 audit(1737946204.518:45412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.650867][T14577] Cannot find add_set index 0 as target
[  232.671809][   T29] audit: type=1326 audit(1737946204.518:45413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.688115][T14561] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.701243][   T29] audit: type=1326 audit(1737946204.518:45414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.735340][   T29] audit: type=1326 audit(1737946204.518:45415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.759096][   T29] audit: type=1326 audit(1737946204.518:45416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.782714][   T29] audit: type=1326 audit(1737946204.518:45417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14569 comm="syz.4.3987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  232.809139][T12330] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.832668][T14582] vlan0: entered promiscuous mode
[  232.950568][T14603] loop2: detected capacity change from 0 to 2048
[  232.975671][T14609] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3999'.
[  233.006898][T14613] Cannot find add_set index 0 as target
[  233.013159][T14603]  loop2: p1 < > p4
[  233.017887][T14603] loop2: p4 size 8388608 extends beyond EOD, truncated
[  233.135791][T14627] loop2: detected capacity change from 0 to 128
[  233.186464][T14632] loop5: detected capacity change from 0 to 128
[  233.197845][T14632] FAT-fs (loop5): error, clusters badly computed (2 != 0)
[  233.205041][T14632] FAT-fs (loop5): Filesystem has been set read-only
[  233.245035][T14638] loop5: detected capacity change from 0 to 128
[  233.259203][T14638] FAT-fs (loop5): error, clusters badly computed (2 != 0)
[  233.266482][T14638] FAT-fs (loop5): Filesystem has been set read-only
[  233.288014][T14642] Cannot find add_set index 0 as target
[  233.330279][T14647] loop5: detected capacity change from 0 to 2048
[  233.359170][T14654] FAULT_INJECTION: forcing a failure.
[  233.359170][T14654] name failslab, interval 1, probability 0, space 0, times 0
[  233.371892][T14654] CPU: 1 UID: 0 PID: 14654 Comm: syz.4.4023 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  233.371922][T14654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  233.371935][T14654] Call Trace:
[  233.371941][T14654]  <TASK>
[  233.371948][T14654]  dump_stack_lvl+0xf2/0x150
[  233.372052][T14654]  dump_stack+0x15/0x1a
[  233.372073][T14654]  should_fail_ex+0x223/0x230
[  233.372142][T14654]  ? nsim_bpf+0x497/0x8c0
[  233.372173][T14654]  should_failslab+0x8f/0xb0
[  233.372197][T14654]  __kmalloc_cache_noprof+0x4e/0x320
[  233.372314][T14654]  ? rhashtable_lookup_fast+0x2ad/0x2e0
[  233.372342][T14654]  nsim_bpf+0x497/0x8c0
[  233.372375][T14654]  bpf_map_offload_map_alloc+0x260/0x390
[  233.372402][T14654]  map_create+0x850/0xb70
[  233.372430][T14654]  __sys_bpf+0x667/0x7a0
[  233.372507][T14654]  __x64_sys_bpf+0x43/0x50
[  233.372574][T14654]  x64_sys_call+0x2914/0x2dc0
[  233.372600][T14654]  do_syscall_64+0xc9/0x1c0
[  233.372624][T14654]  ? clear_bhb_loop+0x55/0xb0
[  233.372651][T14654]  ? clear_bhb_loop+0x55/0xb0
[  233.372676][T14654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.372728][T14654] RIP: 0033:0x7fea6e5bcd29
[  233.372743][T14654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.372761][T14654] RSP: 002b:00007fea6cc27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  233.372779][T14654] RAX: ffffffffffffffda RBX: 00007fea6e7d5fa0 RCX: 00007fea6e5bcd29
[  233.372863][T14654] RDX: 0000000000000050 RSI: 0000000020000100 RDI: 0000000000000000
[  233.372876][T14654] RBP: 00007fea6cc27090 R08: 0000000000000000 R09: 0000000000000000
[  233.372887][T14654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.372899][T14654] R13: 0000000000000000 R14: 00007fea6e7d5fa0 R15: 00007ffd6edeb068
[  233.372917][T14654]  </TASK>
[  233.562908][T14647]  loop5: p1 < > p4
[  233.567449][T14647] loop5: p4 size 8388608 extends beyond EOD, truncated
[  233.619951][T14659] Invalid ELF header magic: != ELF
[  233.633014][T14663] FAULT_INJECTION: forcing a failure.
[  233.633014][T14663] name failslab, interval 1, probability 0, space 0, times 0
[  233.645872][T14663] CPU: 0 UID: 0 PID: 14663 Comm: syz.2.4027 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  233.646010][T14663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  233.646025][T14663] Call Trace:
[  233.646032][T14663]  <TASK>
[  233.646040][T14663]  dump_stack_lvl+0xf2/0x150
[  233.646073][T14663]  dump_stack+0x15/0x1a
[  233.646098][T14663]  should_fail_ex+0x223/0x230
[  233.646135][T14663]  should_failslab+0x8f/0xb0
[  233.646200][T14663]  __kmalloc_node_noprof+0xad/0x410
[  233.646237][T14663]  ? alloc_slab_obj_exts+0x32/0x80
[  233.646282][T14663]  alloc_slab_obj_exts+0x32/0x80
[  233.646373][T14663]  __memcg_slab_post_alloc_hook+0x31b/0x660
[  233.646411][T14663]  kmem_cache_alloc_node_noprof+0x22e/0x320
[  233.646494][T14663]  ? __alloc_skb+0x10b/0x310
[  233.646543][T14663]  __alloc_skb+0x10b/0x310
[  233.646615][T14663]  alloc_skb_with_frags+0x80/0x450
[  233.646645][T14663]  ? avc_has_perm+0xd4/0x160
[  233.646677][T14663]  sock_alloc_send_pskb+0x435/0x4f0
[  233.646726][T14663]  unix_stream_sendmsg+0x365/0x800
[  233.646772][T14663]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[  233.646807][T14663]  __sock_sendmsg+0x140/0x180
[  233.646848][T14663]  ____sys_sendmsg+0x312/0x410
[  233.646974][T14663]  __sys_sendmsg+0x19d/0x230
[  233.647046][T14663]  __x64_sys_sendmsg+0x46/0x50
[  233.647079][T14663]  x64_sys_call+0x2734/0x2dc0
[  233.647154][T14663]  do_syscall_64+0xc9/0x1c0
[  233.647183][T14663]  ? clear_bhb_loop+0x55/0xb0
[  233.647215][T14663]  ? clear_bhb_loop+0x55/0xb0
[  233.647319][T14663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.647346][T14663] RIP: 0033:0x7f037d05cd29
[  233.647369][T14663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.647388][T14663] RSP: 002b:00007f037b6c1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.647407][T14663] RAX: ffffffffffffffda RBX: 00007f037d275fa0 RCX: 00007f037d05cd29
[  233.647420][T14663] RDX: 0000000000020001 RSI: 0000000020000d40 RDI: 0000000000000003
[  233.647432][T14663] RBP: 00007f037b6c1090 R08: 0000000000000000 R09: 0000000000000000
[  233.647445][T14663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.647457][T14663] R13: 0000000000000000 R14: 00007f037d275fa0 R15: 00007ffd9fc87858
[  233.647476][T14663]  </TASK>
[  233.710524][T14669] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  233.730000][T14671] Cannot find add_set index 0 as target
[  233.808922][T14675] FAULT_INJECTION: forcing a failure.
[  233.808922][T14675] name failslab, interval 1, probability 0, space 0, times 0
[  233.906496][T14675] CPU: 1 UID: 0 PID: 14675 Comm: syz.3.4033 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  233.906603][T14675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  233.906619][T14675] Call Trace:
[  233.906628][T14675]  <TASK>
[  233.906638][T14675]  dump_stack_lvl+0xf2/0x150
[  233.906689][T14675]  dump_stack+0x15/0x1a
[  233.906710][T14675]  should_fail_ex+0x223/0x230
[  233.906752][T14675]  should_failslab+0x8f/0xb0
[  233.906783][T14675]  kmem_cache_alloc_noprof+0x52/0x320
[  233.906823][T14675]  ? __proc_create+0x254/0x4a0
[  233.906854][T14675]  __proc_create+0x254/0x4a0
[  233.906894][T14675]  ? snprintf+0x87/0xb0
[  233.906932][T14675]  proc_mkdir+0x3d/0xc0
[  233.906968][T14675]  register_handler_proc+0x1b4/0x210
[  233.907084][T14675]  __setup_irq+0x9b2/0x1240
[  233.907122][T14675]  request_threaded_irq+0x235/0x2d0
[  233.907155][T14675]  ? __pfx_serial8250_interrupt+0x10/0x10
[  233.907189][T14675]  univ8250_setup_irq+0x285/0x2e0
[  233.907214][T14675]  serial8250_do_startup+0xc73/0x1ea0
[  233.907287][T14675]  serial8250_startup+0x40/0x50
[  233.907320][T14675]  uart_startup+0x481/0x9b0
[  233.907363][T14675]  uart_ioctl+0xc39/0xe20
[  233.907388][T14675]  ? ioctl_has_perm+0x28d/0x2e0
[  233.907412][T14675]  ? do_vfs_ioctl+0x96e/0x1530
[  233.907439][T14675]  ? tty_jobctrl_ioctl+0x2ab/0x810
[  233.907531][T14675]  tty_ioctl+0x815/0xbe0
[  233.907560][T14675]  ? __pfx_tty_ioctl+0x10/0x10
[  233.907586][T14675]  __se_sys_ioctl+0xc9/0x140
[  233.907632][T14675]  __x64_sys_ioctl+0x43/0x50
[  233.907650][T14675]  x64_sys_call+0x1690/0x2dc0
[  233.907827][T14675]  do_syscall_64+0xc9/0x1c0
[  233.907897][T14675]  ? clear_bhb_loop+0x55/0xb0
[  233.907930][T14675]  ? clear_bhb_loop+0x55/0xb0
[  233.907964][T14675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.907995][T14675] RIP: 0033:0x7f8edf1bcd29
[  233.908027][T14675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.908049][T14675] RSP: 002b:00007f8edd821038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  233.908072][T14675] RAX: ffffffffffffffda RBX: 00007f8edf3d5fa0 RCX: 00007f8edf1bcd29
[  233.908087][T14675] RDX: 0000000000000000 RSI: 0000000000005453 RDI: 0000000000000005
[  233.908102][T14675] RBP: 00007f8edd821090 R08: 0000000000000000 R09: 0000000000000000
[  233.908115][T14675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.908137][T14675] R13: 0000000000000000 R14: 00007f8edf3d5fa0 R15: 00007ffd7ef7a358
[  233.908160][T14675]  </TASK>
[  234.212163][T14689] loop4: detected capacity change from 0 to 2048
[  234.271844][T14689]  loop4: p1 < > p4
[  234.278650][T14689] loop4: p4 size 8388608 extends beyond EOD, truncated
[  234.331956][T14687] hub 6-0:1.0: USB hub found
[  234.348139][T14696] loop5: detected capacity change from 0 to 1024
[  234.349623][T14687] hub 6-0:1.0: 8 ports detected
[  234.394919][T14696] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.422717][T14701] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4040'.
[  234.847198][T14719] loop3: detected capacity change from 0 to 512
[  234.862832][  T315] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  234.879276][T14719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.891887][  T315] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  234.902051][T14719] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.904491][  T315] EXT4-fs (loop5): This should not happen!! Data will be lost
[  234.904491][  T315] 
[  234.924635][  T315] EXT4-fs (loop5): Total free blocks count 0
[  234.930633][  T315] EXT4-fs (loop5): Free/Dirty block details
[  234.936579][  T315] EXT4-fs (loop5): free_blocks=68451041280
[  234.942440][  T315] EXT4-fs (loop5): dirty_blocks=16384
[  234.947822][  T315] EXT4-fs (loop5): Block reservation details
[  234.953903][  T315] EXT4-fs (loop5): i_reserved_data_blocks=1024
[  235.007517][T11299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.020347][ T4620] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  235.042929][T14727] hub 6-0:1.0: USB hub found
[  235.053289][T14727] hub 6-0:1.0: 8 ports detected
[  235.158277][T14733] loop4: detected capacity change from 0 to 128
[  235.224754][T14733] FAT-fs (loop4): error, clusters badly computed (2 != 0)
[  235.232005][T14733] FAT-fs (loop4): Filesystem has been set read-only
[  235.266419][T14742] loop5: detected capacity change from 0 to 2048
[  235.327752][T14742]  loop5: p1 < > p4
[  235.335019][T14742] loop5: p4 size 8388608 extends beyond EOD, truncated
[  235.522572][T14757] hub 6-0:1.0: USB hub found
[  235.530544][T14770] Cannot find add_set index 0 as target
[  235.536829][T14757] hub 6-0:1.0: 8 ports detected
[  235.671914][T14785] FAULT_INJECTION: forcing a failure.
[  235.671914][T14785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.685239][T14785] CPU: 0 UID: 0 PID: 14785 Comm: syz.0.4079 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  235.685265][T14785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  235.685331][T14785] Call Trace:
[  235.685340][T14785]  <TASK>
[  235.685350][T14785]  dump_stack_lvl+0xf2/0x150
[  235.685381][T14785]  dump_stack+0x15/0x1a
[  235.685401][T14785]  should_fail_ex+0x223/0x230
[  235.685433][T14785]  should_fail+0xb/0x10
[  235.685491][T14785]  should_fail_usercopy+0x1a/0x20
[  235.685526][T14785]  _copy_from_user+0x1c/0xa0
[  235.685548][T14785]  __sys_bpf+0x14e/0x7a0
[  235.685586][T14785]  __x64_sys_bpf+0x43/0x50
[  235.685675][T14785]  x64_sys_call+0x2914/0x2dc0
[  235.685708][T14785]  do_syscall_64+0xc9/0x1c0
[  235.685737][T14785]  ? clear_bhb_loop+0x55/0xb0
[  235.685772][T14785]  ? clear_bhb_loop+0x55/0xb0
[  235.685809][T14785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.685836][T14785] RIP: 0033:0x7f6884decd29
[  235.685854][T14785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.685910][T14785] RSP: 002b:00007f6883451038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  235.685931][T14785] RAX: ffffffffffffffda RBX: 00007f6885005fa0 RCX: 00007f6884decd29
[  235.685966][T14785] RDX: 000000000000003c RSI: 00000000200012c0 RDI: 000000000000001c
[  235.686041][T14785] RBP: 00007f6883451090 R08: 0000000000000000 R09: 0000000000000000
[  235.686055][T14785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.686070][T14785] R13: 0000000000000000 R14: 00007f6885005fa0 R15: 00007ffca855b688
[  235.686100][T14785]  </TASK>
[  235.861248][T14790] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4077'.
[  235.958621][T14801] FAULT_INJECTION: forcing a failure.
[  235.958621][T14801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.969403][T14802] loop4: detected capacity change from 0 to 1024
[  235.971949][T14801] CPU: 1 UID: 0 PID: 14801 Comm: syz.3.4085 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  235.971980][T14801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  235.971996][T14801] Call Trace:
[  235.972014][T14801]  <TASK>
[  235.972022][T14801]  dump_stack_lvl+0xf2/0x150
[  235.972059][T14801]  dump_stack+0x15/0x1a
[  235.972085][T14801]  should_fail_ex+0x223/0x230
[  235.972172][T14801]  should_fail+0xb/0x10
[  235.972205][T14801]  should_fail_usercopy+0x1a/0x20
[  235.972300][T14801]  _copy_from_iter+0xd5/0xd00
[  235.972322][T14801]  ? kmalloc_reserve+0x16e/0x190
[  235.972350][T14801]  ? __build_skb_around+0x196/0x1f0
[  235.972377][T14801]  ? __alloc_skb+0x21f/0x310
[  235.972465][T14801]  ? __virt_addr_valid+0x1ed/0x250
[  235.972494][T14801]  ? __check_object_size+0x364/0x520
[  235.972587][T14801]  netlink_sendmsg+0x460/0x6e0
[  235.972686][T14801]  ? __pfx_netlink_sendmsg+0x10/0x10
[  235.972873][T14801]  __sock_sendmsg+0x140/0x180
[  235.972991][T14801]  ____sys_sendmsg+0x312/0x410
[  235.973028][T14801]  __sys_sendmsg+0x19d/0x230
[  235.973077][T14801]  __x64_sys_sendmsg+0x46/0x50
[  235.973176][T14801]  x64_sys_call+0x2734/0x2dc0
[  235.973208][T14801]  do_syscall_64+0xc9/0x1c0
[  235.973238][T14801]  ? clear_bhb_loop+0x55/0xb0
[  235.973335][T14801]  ? clear_bhb_loop+0x55/0xb0
[  235.973369][T14801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.973461][T14801] RIP: 0033:0x7f8edf1bcd29
[  235.973479][T14801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.973520][T14801] RSP: 002b:00007f8edd821038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  235.973543][T14801] RAX: ffffffffffffffda RBX: 00007f8edf3d5fa0 RCX: 00007f8edf1bcd29
[  235.973558][T14801] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  235.973573][T14801] RBP: 00007f8edd821090 R08: 0000000000000000 R09: 0000000000000000
[  235.973655][T14801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.973670][T14801] R13: 0000000000000000 R14: 00007f8edf3d5fa0 R15: 00007ffd7ef7a358
[  235.973692][T14801]  </TASK>
[  236.281881][T14802] loop4: detected capacity change from 0 to 2048
[  236.370369][T14802] Alternate GPT is invalid, using primary GPT.
[  236.376850][T14802]  loop4: p2 p3 p7
[  236.512974][T14827] loop4: detected capacity change from 0 to 512
[  236.533972][T14829] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  236.545398][T14827] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.564823][T14827] ext4 filesystem being mounted at /262/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.710110][T14847] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  236.788693][T14854] loop3: detected capacity change from 0 to 1024
[  236.801144][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.811139][T14856] netlink: 268 bytes leftover after parsing attributes in process `syz.5.4105'.
[  236.815551][T14854] EXT4-fs: Ignoring removed bh option
[  236.867124][T14854] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.886538][T14854] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.929762][T11299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.999058][T14875] loop5: detected capacity change from 0 to 512
[  237.034189][T14875] EXT4-fs: Ignoring removed oldalloc option
[  237.041130][T14875] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  237.143608][T14875] EXT4-fs (loop5): 1 truncate cleaned up
[  237.149670][T14875] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.196704][T14887] Cannot find add_set index 0 as target
[  237.223977][T14183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.324861][T14900] program syz.4.4121 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.358768][T14900] SELinux: failed to load policy
[  237.402577][T14902] loop3: detected capacity change from 0 to 1024
[  237.409445][T14902] EXT4-fs: Ignoring removed bh option
[  237.434198][T14902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.470728][T14902] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.554537][T11299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.575411][T14918] loop2: detected capacity change from 0 to 2048
[  237.604933][T14921] Cannot find add_set index 0 as target
[  237.635781][T14911] loop5: detected capacity change from 0 to 512
[  237.644297][T14911] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.653159][T14918]  loop2: p1 < > p4
[  237.657606][T14918] loop2: p4 size 8388608 extends beyond EOD, truncated
[  237.681777][T14911] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.733975][T14928] loop3: detected capacity change from 0 to 128
[  237.782536][T14919] 9pnet_fd: Insufficient options for proto=fd
[  237.809673][   T29] kauditd_printk_skb: 512 callbacks suppressed
[  237.809691][   T29] audit: type=1400 audit(1737946209.758:45930): avc:  denied  { ioctl } for  pid=14910 comm="syz.5.4127" path="/48/file1/file1" dev="loop5" ino=15 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  238.132826][T14948] Cannot find add_set index 0 as target
[  238.163117][T14951] loop4: detected capacity change from 0 to 2048
[  238.209997][T14951]  loop4: p1 < > p4
[  238.216290][T14951] loop4: p4 size 8388608 extends beyond EOD, truncated
[  238.440170][T14977] loop2: detected capacity change from 0 to 128
[  238.454073][T14183] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.478706][T14977] FAT-fs (loop2): error, clusters badly computed (2 != 0)
[  238.485937][T14977] FAT-fs (loop2): Filesystem has been set read-only
[  238.510842][   T29] audit: type=1326 audit(1737946210.458:45931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.534512][   T29] audit: type=1326 audit(1737946210.458:45932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.558161][   T29] audit: type=1326 audit(1737946210.458:45933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.581839][   T29] audit: type=1326 audit(1737946210.458:45934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.605500][   T29] audit: type=1326 audit(1737946210.458:45935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.629154][   T29] audit: type=1326 audit(1737946210.458:45936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.653034][   T29] audit: type=1326 audit(1737946210.458:45937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.676628][   T29] audit: type=1326 audit(1737946210.458:45938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.700592][   T29] audit: type=1326 audit(1737946210.458:45939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14976 comm="syz.2.4153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  238.794248][T14992] loop3: detected capacity change from 0 to 128
[  238.816955][T14996] loop2: detected capacity change from 0 to 1024
[  238.827236][T14998] loop4: detected capacity change from 0 to 128
[  238.828817][   T35] kernel write not supported for file /513/attr/exec (pid: 35 comm: kworker/1:1)
[  238.839417][T14999] program syz.5.4154 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  238.865585][T14999] SELinux: failed to load policy
[  238.874392][T14992] syz.3.4160: attempt to access beyond end of device
[  238.874392][T14992] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[  238.903770][T15006] SELinux:  policydb version -28439970 does not match my version range 15-34
[  238.912876][T15006] SELinux: failed to load policy
[  239.081876][T15029] loop3: detected capacity change from 0 to 128
[  239.085147][T15027] loop2: detected capacity change from 0 to 2048
[  239.095325][T15029] FAT-fs (loop3): error, clusters badly computed (2 != 0)
[  239.102541][T15029] FAT-fs (loop3): Filesystem has been set read-only
[  239.142443][T15027]  loop2: p1 < > p4
[  239.147132][T15027] loop2: p4 size 8388608 extends beyond EOD, truncated
[  239.219112][T15042] bridge0: entered promiscuous mode
[  239.224465][T15042] macvlan0: entered promiscuous mode
[  239.231135][T15042] bridge0: port 3(macvlan0) entered blocking state
[  239.237756][T15042] bridge0: port 3(macvlan0) entered disabled state
[  239.244941][T15042] macvlan0: entered allmulticast mode
[  239.250372][T15042] bridge0: entered allmulticast mode
[  239.256272][T15042] macvlan0: left allmulticast mode
[  239.261571][T15042] bridge0: left allmulticast mode
[  239.267080][T15042] bridge0: left promiscuous mode
[  239.457987][T15084] loop2: detected capacity change from 0 to 2048
[  239.482627][T15084]  loop2: p1 < > p4
[  239.486910][T15084] loop2: p4 size 8388608 extends beyond EOD, truncated
[  239.595948][T15091] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4187'.
[  239.677771][T15100] netlink: 'syz.0.4190': attribute type 3 has an invalid length.
[  239.685666][T15100] netlink: 240 bytes leftover after parsing attributes in process `syz.0.4190'.
[  239.697117][T15100] sctp: [Deprecated]: syz.0.4190 (pid 15100) Use of int in max_burst socket option.
[  239.697117][T15100] Use struct sctp_assoc_value instead
[  239.732720][T15103] program syz.4.4193 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.743349][T15103] SELinux: failed to load policy
[  239.944424][T15119] program syz.5.4199 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.954954][T15119] SELinux: failed to load policy
[  240.245716][T15123] hub 6-0:1.0: USB hub found
[  240.250450][T15123] hub 6-0:1.0: 8 ports detected
[  240.394052][T15128] syzkaller1: entered promiscuous mode
[  240.399576][T15128] syzkaller1: entered allmulticast mode
[  240.440909][T15132] loop3: detected capacity change from 0 to 128
[  240.553063][T15155] loop4: detected capacity change from 0 to 512
[  240.566915][T15155] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.581850][T15155] ext4 filesystem being mounted at /273/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.598847][T15161] loop2: detected capacity change from 0 to 164
[  240.605783][T15161] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  240.643515][T15160] hub 6-0:1.0: USB hub found
[  240.648398][T15160] hub 6-0:1.0: 8 ports detected
[  240.687886][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.761328][T15174] SELinux:  policydb version -28439970 does not match my version range 15-34
[  240.793435][T15174] SELinux: failed to load policy
[  240.807745][T15179] FAULT_INJECTION: forcing a failure.
[  240.807745][T15179] name failslab, interval 1, probability 0, space 0, times 0
[  240.820585][T15179] CPU: 0 UID: 0 PID: 15179 Comm: syz.5.4219 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  240.820617][T15179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  240.820633][T15179] Call Trace:
[  240.820640][T15179]  <TASK>
[  240.820649][T15179]  dump_stack_lvl+0xf2/0x150
[  240.820682][T15179]  dump_stack+0x15/0x1a
[  240.820730][T15179]  should_fail_ex+0x223/0x230
[  240.820771][T15179]  should_failslab+0x8f/0xb0
[  240.820801][T15179]  kmem_cache_alloc_node_noprof+0x59/0x320
[  240.820843][T15179]  ? __alloc_skb+0x10b/0x310
[  240.820934][T15179]  __alloc_skb+0x10b/0x310
[  240.820963][T15179]  virtio_transport_alloc_skb+0x49/0x5f0
[  240.820992][T15179]  ? bpf_trace_run3+0x12b/0x1d0
[  240.821015][T15179]  ? skb_release_data+0x4df/0x5c0
[  240.821059][T15179]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  240.821093][T15179]  virtio_transport_send_pkt_info+0x42d/0x840
[  240.821129][T15179]  virtio_transport_stream_dequeue+0x4f2/0x560
[  240.821234][T15179]  __vsock_connectible_recvmsg+0x545/0x760
[  240.821282][T15179]  ? __pfx_autoremove_wake_function+0x10/0x10
[  240.821344][T15179]  vsock_connectible_recvmsg+0x83/0xa0
[  240.821444][T15179]  ? __pfx_vsock_connectible_recvmsg+0x10/0x10
[  240.821478][T15179]  sock_recvmsg+0x13f/0x170
[  240.821496][T15179]  ____sys_recvmsg+0xf9/0x280
[  240.821530][T15179]  __sys_recvmsg+0x1c0/0x260
[  240.821594][T15179]  __x64_sys_recvmsg+0x46/0x50
[  240.821626][T15179]  x64_sys_call+0xc64/0x2dc0
[  240.821656][T15179]  do_syscall_64+0xc9/0x1c0
[  240.821678][T15179]  ? clear_bhb_loop+0x55/0xb0
[  240.821704][T15179]  ? clear_bhb_loop+0x55/0xb0
[  240.821751][T15179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.821790][T15179] RIP: 0033:0x7f8b1f87cd29
[  240.821878][T15179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.821900][T15179] RSP: 002b:00007f8b1dee7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  240.821923][T15179] RAX: ffffffffffffffda RBX: 00007f8b1fa95fa0 RCX: 00007f8b1f87cd29
[  240.821952][T15179] RDX: 000000004c2103a0 RSI: 0000000020000280 RDI: 0000000000000005
[  240.821967][T15179] RBP: 00007f8b1dee7090 R08: 0000000000000000 R09: 0000000000000000
[  240.821998][T15179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.822012][T15179] R13: 0000000000000000 R14: 00007f8b1fa95fa0 R15: 00007ffdb37b5b58
[  240.822034][T15179]  </TASK>
[  241.131308][T15188] program syz.5.4221 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  241.157675][T15190] loop4: detected capacity change from 0 to 164
[  241.165029][T15190] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  241.381163][T15198] hub 6-0:1.0: USB hub found
[  241.386895][T15198] hub 6-0:1.0: 8 ports detected
[  241.423175][T15208] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4230'.
[  241.442892][T15213] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4231'.
[  241.498187][T15219] loop3: detected capacity change from 0 to 164
[  241.505429][T15219] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  241.848850][T15234] netlink: 8 bytes leftover after parsing attributes in process `'.
[  241.857068][T15234] IPVS: Error joining to the multicast group
[  241.871430][T15242] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  241.965502][T15250] loop5: detected capacity change from 0 to 2048
[  242.003205][T15250]  loop5: p1 < > p4
[  242.007710][T15250] loop5: p4 size 8388608 extends beyond EOD, truncated
[  242.255017][T15286] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4260'.
[  242.264527][T15289] program syz.3.4259 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  242.267155][T15290] SELinux: failed to load policy
[  242.541168][T15309] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4271'.
[  243.104840][T15322] loop3: detected capacity change from 0 to 128
[  243.118031][   T29] kauditd_printk_skb: 728 callbacks suppressed
[  243.118109][   T29] audit: type=1326 audit(1737946215.068:46668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.148037][   T29] audit: type=1326 audit(1737946215.068:46669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.173762][   T29] audit: type=1326 audit(1737946215.068:46670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.197528][   T29] audit: type=1326 audit(1737946215.068:46671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.221234][   T29] audit: type=1326 audit(1737946215.068:46672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.245131][   T29] audit: type=1326 audit(1737946215.068:46673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.246558][T15332] FAULT_INJECTION: forcing a failure.
[  243.246558][T15332] name failslab, interval 1, probability 0, space 0, times 0
[  243.268805][   T29] audit: type=1326 audit(1737946215.068:46674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.281394][T15332] CPU: 1 UID: 0 PID: 15332 Comm: syz.2.4281 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  243.281487][T15332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  243.281503][T15332] Call Trace:
[  243.281511][T15332]  <TASK>
[  243.281520][T15332]  dump_stack_lvl+0xf2/0x150
[  243.281553][T15332]  dump_stack+0x15/0x1a
[  243.281649][T15332]  should_fail_ex+0x223/0x230
[  243.281785][T15332]  should_failslab+0x8f/0xb0
[  243.281815][T15332]  __kmalloc_noprof+0xab/0x3f0
[  243.281858][T15332]  ? security_sk_alloc+0x53/0x120
[  243.281894][T15332]  ? should_failslab+0x8f/0xb0
[  243.281925][T15332]  security_sk_alloc+0x53/0x120
[  243.281981][T15332]  sk_prot_alloc+0xc6/0x190
[  243.282065][T15332]  sk_alloc+0x33/0x360
[  243.282093][T15332]  ? bpf_prog_test_run_skb+0x1f3/0xc00
[  243.282128][T15332]  bpf_prog_test_run_skb+0x24b/0xc00
[  243.282203][T15332]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  243.282240][T15332]  bpf_prog_test_run+0x20f/0x3a0
[  243.282385][T15332]  __sys_bpf+0x400/0x7a0
[  243.282460][T15332]  __x64_sys_bpf+0x43/0x50
[  243.282489][T15332]  x64_sys_call+0x2914/0x2dc0
[  243.282532][T15332]  do_syscall_64+0xc9/0x1c0
[  243.282570][T15332]  ? clear_bhb_loop+0x55/0xb0
[  243.282602][T15332]  ? clear_bhb_loop+0x55/0xb0
[  243.282635][T15332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.282671][T15332] RIP: 0033:0x7f037d05cd29
[  243.282689][T15332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.282710][T15332] RSP: 002b:00007f037b6c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  243.282732][T15332] RAX: ffffffffffffffda RBX: 00007f037d275fa0 RCX: 00007f037d05cd29
[  243.282746][T15332] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a
[  243.282809][T15332] RBP: 00007f037b6c1090 R08: 0000000000000000 R09: 0000000000000000
[  243.282822][T15332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.282836][T15332] R13: 0000000000000000 R14: 00007f037d275fa0 R15: 00007ffd9fc87858
[  243.282857][T15332]  </TASK>
[  243.308927][T15338] loop5: detected capacity change from 0 to 128
[  243.315651][   T29] audit: type=1326 audit(1737946215.068:46675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.384437][T15338] FAT-fs (loop5): error, clusters badly computed (2 != 0)
[  243.389056][   T29] audit: type=1326 audit(1737946215.068:46676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.394917][T15338] FAT-fs (loop5): Filesystem has been set read-only
[  243.399843][   T29] audit: type=1326 audit(1737946215.068:46677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15321 comm="syz.2.4277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037d05cd29 code=0x7ffc0000
[  243.406706][T15342] SELinux:  policydb version -28439970 does not match my version range 15-34
[  243.615024][T15342] SELinux: failed to load policy
[  243.621935][T15348] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4283'.
[  243.627310][T15347] SELinux: failed to load policy
[  243.639749][T15353] program syz.5.4286 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  243.854188][T15367] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4293'.
[  244.190345][T15378] hub 6-0:1.0: USB hub found
[  244.195084][T15378] hub 6-0:1.0: 8 ports detected
[  244.227895][T15380] loop4: detected capacity change from 0 to 128
[  244.239416][T15380] FAT-fs (loop4): error, clusters badly computed (2 != 0)
[  244.246300][T15382] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4298'.
[  244.246886][T15380] FAT-fs (loop4): Filesystem has been set read-only
[  244.256315][T15382] bridge_slave_1: left allmulticast mode
[  244.268031][T15382] bridge_slave_1: left promiscuous mode
[  244.273834][T15382] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.281822][T15382] bridge_slave_0: left allmulticast mode
[  244.287640][T15382] bridge_slave_0: left promiscuous mode
[  244.293335][T15382] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.327389][T15386] loop4: detected capacity change from 0 to 128
[  244.345510][T15389] program syz.2.4301 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  244.382633][T15391] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15391 comm=syz.2.4302
[  244.389627][T15394] SELinux:  policydb version -28439970 does not match my version range 15-34
[  244.396072][T15391] lo: entered promiscuous mode
[  244.405146][T15394] SELinux: failed to load policy
[  244.408827][T15391] lo: entered allmulticast mode
[  244.458293][T15403] loop3: detected capacity change from 0 to 2048
[  244.482793][T15403]  loop3: p1 < > p4
[  244.487662][T15403] loop3: p4 size 8388608 extends beyond EOD, truncated
[  244.587065][T15412] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  244.604487][T15414] loop3: detected capacity change from 0 to 128
[  244.619361][T15414] FAT-fs (loop3): error, clusters badly computed (2 != 0)
[  244.626600][T15414] FAT-fs (loop3): Filesystem has been set read-only
[  244.680891][T15421] loop5: detected capacity change from 0 to 2048
[  244.716378][T15421] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.744391][T15421] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  244.776966][T15421] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  244.789247][T15421] EXT4-fs (loop5): This should not happen!! Data will be lost
[  244.789247][T15421] 
[  244.798296][T15442] loop2: detected capacity change from 0 to 128
[  244.798991][T15421] EXT4-fs (loop5): Total free blocks count 0
[  244.811233][T15421] EXT4-fs (loop5): Free/Dirty block details
[  244.817162][T15421] EXT4-fs (loop5): free_blocks=2415919104
[  244.819300][T15444] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  244.822911][T15421] EXT4-fs (loop5): dirty_blocks=16
[  244.837550][T15421] EXT4-fs (loop5): Block reservation details
[  244.843719][T15421] EXT4-fs (loop5): i_reserved_data_blocks=1
[  244.850682][T15448] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  244.873200][T15448] netlink: 16215 bytes leftover after parsing attributes in process `syz.5.4313'.
[  245.032734][T15468] FAULT_INJECTION: forcing a failure.
[  245.032734][T15468] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.046054][T15468] CPU: 1 UID: 0 PID: 15468 Comm: syz.5.4332 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  245.046085][T15468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  245.046107][T15468] Call Trace:
[  245.046113][T15468]  <TASK>
[  245.046120][T15468]  dump_stack_lvl+0xf2/0x150
[  245.046156][T15468]  dump_stack+0x15/0x1a
[  245.046176][T15468]  should_fail_ex+0x223/0x230
[  245.046208][T15468]  should_fail+0xb/0x10
[  245.046235][T15468]  should_fail_usercopy+0x1a/0x20
[  245.046352][T15468]  _copy_to_user+0x20/0xa0
[  245.046433][T15468]  simple_read_from_buffer+0xa0/0x110
[  245.046459][T15468]  proc_fail_nth_read+0xf9/0x140
[  245.046551][T15468]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  245.046577][T15468]  vfs_read+0x19b/0x6f0
[  245.046597][T15468]  ? __rcu_read_unlock+0x4e/0x70
[  245.046621][T15468]  ? __fget_files+0x17c/0x1c0
[  245.046653][T15468]  ksys_read+0xe8/0x1b0
[  245.046677][T15468]  __x64_sys_read+0x42/0x50
[  245.046713][T15468]  x64_sys_call+0x2874/0x2dc0
[  245.046744][T15468]  do_syscall_64+0xc9/0x1c0
[  245.046817][T15468]  ? clear_bhb_loop+0x55/0xb0
[  245.046842][T15468]  ? clear_bhb_loop+0x55/0xb0
[  245.046869][T15468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.046901][T15468] RIP: 0033:0x7f8b1f87b73c
[  245.046992][T15468] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  245.047014][T15468] RSP: 002b:00007f8b1dee7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  245.047032][T15468] RAX: ffffffffffffffda RBX: 00007f8b1fa95fa0 RCX: 00007f8b1f87b73c
[  245.047044][T15468] RDX: 000000000000000f RSI: 00007f8b1dee70a0 RDI: 0000000000000004
[  245.047055][T15468] RBP: 00007f8b1dee7090 R08: 0000000000000000 R09: 0000000000000000
[  245.047067][T15468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.047156][T15468] R13: 0000000000000000 R14: 00007f8b1fa95fa0 R15: 00007ffdb37b5b58
[  245.047177][T15468]  </TASK>
[  245.075091][T15457] hub 6-0:1.0: USB hub found
[  245.138747][T15476] loop2: detected capacity change from 0 to 1024
[  245.144459][T15457] hub 6-0:1.0: 8 ports detected
[  245.162571][T15476] EXT4-fs: Ignoring removed bh option
[  245.288425][T15488] loop4: detected capacity change from 0 to 1024
[  245.295795][T15488] EXT4-fs: Ignoring removed bh option
[  245.318755][T15476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.332117][T15488] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.344682][T15476] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.356116][T15488] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.471449][T15515] loop3: detected capacity change from 0 to 164
[  245.479216][T15515] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  245.541608][T15527] loop3: detected capacity change from 0 to 128
[  245.565792][T15527] syz.3.4355: attempt to access beyond end of device
[  245.565792][T15527] loop3: rw=34817, sector=97, nr_sectors = 32 limit=128
[  245.599055][T15531] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4356'.
[  245.891594][T12330] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.002579][T15546] 9pnet_virtio: no channels available for device 127.0.0.1
[  246.091403][T15554] loop2: detected capacity change from 0 to 164
[  246.098333][T15554] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  246.134419][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.207790][T15568] loop4: detected capacity change from 0 to 128
[  246.226173][T15568] FAT-fs (loop4): error, clusters badly computed (2 != 0)
[  246.233466][T15568] FAT-fs (loop4): Filesystem has been set read-only
[  246.267432][T15570] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4370'.
[  246.317044][T15582] bridge0: port 3(syz_tun) entered blocking state
[  246.323773][T15582] bridge0: port 3(syz_tun) entered disabled state
[  246.330639][T15582] syz_tun: entered allmulticast mode
[  246.336878][T15582] syz_tun: entered promiscuous mode
[  246.337362][T15584] loop2: detected capacity change from 0 to 1024
[  246.342493][T15582] bridge0: port 3(syz_tun) entered blocking state
[  246.350344][T15584] EXT4-fs: Ignoring removed bh option
[  246.354998][T15582] bridge0: port 3(syz_tun) entered forwarding state
[  246.374574][T15584] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.387511][T15584] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.418166][T15588] loop4: detected capacity change from 0 to 164
[  246.425216][T15588] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿ0xffffffffffffffff'
[  246.606362][T15602] program syz.4.4384 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  246.617085][T15602] SELinux: failed to load policy
[  246.936026][T15614] SELinux:  policydb version -28439970 does not match my version range 15-34
[  246.945249][T15614] SELinux: failed to load policy
[  247.084251][T15617] program syz.5.4390 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  247.095280][T15617] SELinux: failed to load policy
[  247.168550][T12330] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.225706][T15625] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  247.291710][T15635] loop2: detected capacity change from 0 to 1024
[  247.303437][T15635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.414809][T15647] loop4: detected capacity change from 0 to 1024
[  247.421982][T15647] EXT4-fs: Ignoring removed bh option
[  247.423504][T15644] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4400'.
[  247.444620][T15647] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.457428][T15647] ext4 filesystem being mounted at /303/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.585569][T15072] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  247.600637][T15072] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  247.613182][T15072] EXT4-fs (loop2): This should not happen!! Data will be lost
[  247.613182][T15072] 
[  247.622841][T15072] EXT4-fs (loop2): Total free blocks count 0
[  247.628830][T15072] EXT4-fs (loop2): Free/Dirty block details
[  247.634843][T15072] EXT4-fs (loop2): free_blocks=68451041280
[  247.640665][T15072] EXT4-fs (loop2): dirty_blocks=16384
[  247.646217][T15072] EXT4-fs (loop2): Block reservation details
[  247.652276][T15072] EXT4-fs (loop2): i_reserved_data_blocks=1024
[  247.666212][T15067] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  247.777132][T15660] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  247.810110][T15666] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  247.842279][T15672] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.4410' sets config #1
[  247.882328][T15678] loop5: detected capacity change from 0 to 128
[  247.920230][T15680] program syz.2.4413 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  247.931229][T15680] SELinux: failed to load policy
[  247.944358][T15681] SELinux:  policydb version -28439970 does not match my version range 15-34
[  247.954811][T15681] SELinux: failed to load policy
[  248.017887][T15684] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4415'.
[  248.247780][T11606] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.273499][T15689] loop4: detected capacity change from 0 to 2048
[  248.313098][T15689] GPT:first_usable_lbas don't match.
[  248.318454][T15689] GPT:34 != 290
[  248.321945][T15689] GPT: Use GNU Parted to correct GPT errors.
[  248.328156][T15689]  loop4: p1 p2 p3
[  248.366942][   T29] kauditd_printk_skb: 1118 callbacks suppressed
[  248.366956][   T29] audit: type=1326 audit(1737946220.318:47796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.397149][   T29] audit: type=1326 audit(1737946220.318:47797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.420811][   T29] audit: type=1326 audit(1737946220.318:47798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.444529][   T29] audit: type=1326 audit(1737946220.318:47799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.468210][   T29] audit: type=1326 audit(1737946220.318:47800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.491898][   T29] audit: type=1326 audit(1737946220.318:47801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.515501][   T29] audit: type=1326 audit(1737946220.318:47802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.539208][   T29] audit: type=1326 audit(1737946220.318:47803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.550420][T15697] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  248.562920][   T29] audit: type=1326 audit(1737946220.318:47804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.596194][   T29] audit: type=1326 audit(1737946220.318:47805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.4.4419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea6e5bcd29 code=0x7ffc0000
[  248.616797][T15700] loop4: detected capacity change from 0 to 128
[  248.647184][T15700] syz.4.4423: attempt to access beyond end of device
[  248.647184][T15700] loop4: rw=34817, sector=97, nr_sectors = 32 limit=128
[  248.661227][T15703] loop3: detected capacity change from 0 to 1024
[  248.668005][T15703] EXT4-fs: Ignoring removed bh option
[  248.697993][T15703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.711235][T15703] ext4 filesystem being mounted at /295/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.753869][T14183] ==================================================================
[  248.762004][T14183] BUG: KCSAN: data-race in fprop_reflect_period_percpu / fprop_reflect_period_percpu
[  248.771508][T14183] 
[  248.773835][T14183] write to 0xffff8881013e29c8 of 4 bytes by task 15067 on cpu 0:
[  248.781662][T14183]  fprop_reflect_period_percpu+0x170/0x1a0
[  248.787504][T14183]  fprop_fraction_percpu+0x77/0x150
[  248.792719][T14183]  __wb_calc_thresh+0x8e/0x2c0
[  248.797490][T14183]  domain_over_bg_thresh+0x22c/0x300
[  248.802782][T14183]  wb_over_bg_thresh+0xb3/0x110
[  248.807637][T14183]  wb_workfn+0x643/0x940
[  248.811890][T14183]  process_scheduled_works+0x483/0x9a0
[  248.817353][T14183]  worker_thread+0x51d/0x6f0
[  248.821948][T14183]  kthread+0x4ae/0x520
[  248.826027][T14183]  ret_from_fork+0x4b/0x60
[  248.830473][T14183]  ret_from_fork_asm+0x1a/0x30
[  248.835250][T14183] 
[  248.837575][T14183] read to 0xffff8881013e29c8 of 4 bytes by task 14183 on cpu 1:
[  248.845204][T14183]  fprop_reflect_period_percpu+0x32/0x1a0
[  248.850933][T14183]  __fprop_add_percpu_max+0x58/0x180
[  248.856229][T14183]  __wb_writeout_add+0x77/0x1d0
[  248.861082][T14183]  __folio_end_writeback+0x20d/0x490
[  248.866377][T14183]  folio_end_writeback+0x74/0x1f0
[  248.871421][T14183]  __block_write_full_folio+0x5bf/0x8c0
[  248.876976][T14183]  block_write_full_folio+0x293/0x2b0
[  248.882357][T14183]  write_cache_pages+0x62/0x100
[  248.887219][T14183]  blkdev_writepages+0x59/0x90
[  248.891986][T14183]  do_writepages+0x1d8/0x480
[  248.896583][T14183]  filemap_flush+0xe7/0x120
[  248.901097][T14183]  sync_blockdev_nowait+0x29/0x40
[  248.906136][T14183]  sync_filesystem+0xe3/0x190
[  248.910901][T14183]  generic_shutdown_super+0x46/0x220
[  248.916218][T14183]  kill_block_super+0x2a/0x70
[  248.920915][T14183]  deactivate_locked_super+0x7d/0x1c0
[  248.926310][T14183]  deactivate_super+0x9f/0xb0
[  248.931009][T14183]  cleanup_mnt+0x268/0x2e0
[  248.935482][T14183]  __cleanup_mnt+0x19/0x20
[  248.939914][T14183]  task_work_run+0x13a/0x1a0
[  248.944526][T14183]  syscall_exit_to_user_mode+0xa8/0x120
[  248.950078][T14183]  do_syscall_64+0xd6/0x1c0
[  248.954681][T14183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.960584][T14183] 
[  248.962911][T14183] value changed: 0x0000004d -> 0x0000004e
[  248.968661][T14183] 
[  248.970987][T14183] Reported by Kernel Concurrency Sanitizer on:
[  248.977135][T14183] CPU: 1 UID: 0 PID: 14183 Comm: syz-executor Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[  248.987737][T14183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  248.997883][T14183] ==================================================================
[  249.488163][T11299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.