last executing test programs:

6.503796449s ago: executing program 0 (id=869):
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$sg(0x0, 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x40000, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_SPLICE={0x1e, 0x25, 0x0, @fd=r3, 0x6, {0x0, r0}, 0x1, 0x2, 0x1, {0x0, r4, r1}})
tgkill(0x0, 0x0, 0x21)
capget(0x0, &(0x7f0000000640)={0xfffffffe, 0x8, 0x688, 0x4, 0x4, 0x10000ccc})
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setsig(r5, 0xa, 0x13)
fcntl$setlease(r5, 0x400, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000140)="1081", 0x1001, r8)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000000)=0xc92b)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x17e, 0x800000000003}, 0x100100, 0x5dd8, 0x7, 0x0, 0x0, 0x401, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r9, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x4e21, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r9, 0x0, 0x30, &(0x7f0000000980)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000300000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000002000000ac1414bb00"/338], 0x210)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000340)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000240)=@o_path={&(0x7f0000000080)='./file0\x00', r5, 0x4000, r1}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

3.606822084s ago: executing program 0 (id=960):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x581, &(0x7f0000002cc0)="$eJzs3d9rU2cfAPDvSRutP97XCiLvu4tR8GIOZ2rb/XAw0F2OTSZs9y40sUhTI00qthPUi3mzmyGDMSaM/QG7HbuU3exy/8HuhE2QIWW72E3HSU9qbPNDY1yr+XzgtM+Tc5Lv+eY5z5Pn5CQkgKE1kf7JRfw/Ir5IIg60rBuNbOXE+narD67OpksSa2sf/ZFEkt3W3D7J/u/LKv+LiJ8+iziW2xq3trwyX6xUyotZfbK+cGmytrxy/MJCca48V744PTNz8o2Z6bf3Dy7XV8/+9fWHd947+fmR1a++v3fwVhKno/nwrXk8heutlYmYyJ6TfJzetOHUAILtJMl27wB9Gcn6eT7SMeBAjGS9HnjxXYuINWBIJb/+vD4UdFi/2/gAL6jmPKB5bj+g8+Dnxv1310+Arm3Jf3T9vZEYa5wb7V1NHjkzSs93xwcQP43x4++3b6VL9Hgf4toA4gE0Xb8RESdGR7eO/0k2/vXvROPN4+42xxi21x/YTnfS+c9r7eZ/uY35T7SZ/+xr03f70bv/5+4NIExH6fzvnbbz342ha3wkq/2nMefLJ+cvVMonIuK/EXE08rvTerfrOSdX7651Wtc6/0uXNH5zLpjtx73R3Y/ep1SsF58m51b3b0S8NLqRfxJbxv+xxlx3c/unz8fZx4xxuHz75U7reuffavAz4LXvIl5p2/4Pr2gl3a5PvvXmZON4mGweFVv9efPwL53iP1n+g5e2/97u+Y8nrddra20eZKx7jG/H/i53Wtfv8b8r+bhR3pXddqVYry9ORexKPth6+/TD+zbrze3T/I8e6T7+tTv+90TEJ93T3nDz0M2Om+6E9i89Ufs/eeHu+59+0yn+47X/648cYqXiD/leeT3uDvb/zAEAAAAAAMDOk4uI/ZHkChvlXK5QWP98x6HYm6tUa/Vj56tLF0vR+K7seORzzSvdB1o+DzGVfR62WZ/eVJ+JiIMR8eXInka9MFutlLY7eQAAAAAAAAAAAAAAAAAAANgh9nX4/n/qt5Ht3jvgmfOT3zC8evb/QfzSE7Ajef2H4aX/w/DS/2F46f8wvPR/GF76Pwwv/R+Gl/4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X2zJl0WVt9cHU2rZcuLy/NVy8fL5Vr84WFpdnCbHXxUmGuWp2rlAuz1YVej1epVi9NTcfSlcl6uVafrC2vnFuoLl2sn7uwUJwrnyvn/5WsAAAAAAAAAAAAAAAAAAAA4PlSW16ZL1Yq5UWFjoVTsSN2o+9C0quVT2UHQ18hRrc/QYVnUNjmgQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWvwTAAD//6aCK3U=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000600)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000002c0)=<r2=>0x0)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x40005, 0x4554, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000240), 0x8}, 0xc58, 0x7f, 0x2, 0x2, 0x7, 0x2, 0xb, 0x0, 0x0, 0x0, 0xb}, r2, 0xa, 0xffffffffffffffff, 0x2)
readv(r1, &(0x7f0000000280)=[{&(0x7f0000000380)=""/103, 0x67}], 0x1)
fallocate(r0, 0x0, 0x800, 0x2000402)
execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
lstat(&(0x7f0000000180)='./file1\x00', &(0x7f0000000880))
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="4000000010001fff2bbd70903e47dff4e5aaae00", @ANYRES32=0x0, @ANYBLOB="efb0000005040000200012800b00010067726574617000001000028006000e000000000004001200"], 0x40}}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r5 = fcntl$dupfd(r3, 0x0, r3)
write$sndseq(r5, &(0x7f0000000740)=[{0x0, 0x3, 0x0, 0x0, @time={0x8, 0x8}, {}, {}, @control={0x18, 0x80000000, 0x6}}, {0x80, 0x0, 0x0, 0x0, @tick=0x1000, {}, {}, @time=@tick=0x5d52}, {0x81, 0xaa, 0x0, 0x3, @tick=0x5, {0xe1, 0x1}, {0x2, 0x33}, @quote={{0xf1, 0x2}, 0x8000, &(0x7f00000004c0)={0xb, 0x0, 0x8, 0x0, @time={0x9}, {0x9e, 0x6}, {0x3, 0x9}, @time=@tick=0x3ff}}}], 0x54)
read$snapshot(r5, 0x0, 0xffffffbf)

3.484296606s ago: executing program 0 (id=963):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = socket(0x2c, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r4, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000380)=@o_path={&(0x7f0000000180)='./file0\x00', r4, 0x4000, r5}, 0x18)

3.405764087s ago: executing program 0 (id=965):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r2=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={r2, 0x2}, 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xd, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="03929f213489e5be393279167d82c4bf79957922bc802e0bd85b5ecaffc69ba50e05e8"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$pptp(0x18, 0x1, 0x2)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r9 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0), 0x8, 0x0)
faccessat2(r9, &(0x7f0000001400)='\x00', 0x0, 0x1100)
getsockopt$IP_VS_SO_GET_SERVICE(r5, 0x0, 0x483, &(0x7f0000000080), &(0x7f0000000100)=0x68)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
r12 = dup(r11)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r12, @ANYBLOB=',aname=-,cache=l'])

2.684545428s ago: executing program 1 (id=982):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61780, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000180)={@initdev}, &(0x7f0000000280)=0x14)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

2.651574519s ago: executing program 1 (id=984):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
dup(r0)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x10)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x800000, &(0x7f0000000900)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES32, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed3944440d445ac89758d3aa4a6c77ea3e1e50196a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbba4b20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad194301887b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c41f021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4ebe299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b95491ed", @ANYRES8=0x0], 0x3, 0x7dc, &(0x7f0000000d80)="$eJzs3U9sHGcVAPC3rt0EF0VVqdIQpekkLVIqpe563bpYPbTb9diedr1r7a6RI0Bt1DiVFaetWipoDoRcWkBFiBPHwrU3LgiEBBIH4IRED1y4VeoJFQQSAiEko5nddfxnbSfN37a/nxXP55k3871vPJm3Y3tmAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIUm26XB4vRT1rLC4l2wxFRHJvL3Z+2+K1tbW1bqu/vd9smuzSb0Qp/xf798eh7qxD915efDD/dDyOdL86Evvzyf64cNfBu5/8wvBQf/3tCV+zY1cYV4r4Tp7UudOrq8uv3YBEbqLv/2q3pcODZv6n+L7Ppo2s3czmq7NpkrWbydTkZPnRuZl2MpPV0/apdiedT2qttNpptpITtYeT8ampiSQdO9VcbMxOV+tpf+YTj1TK5cnk2bGLEdFuNh59dqxdm8vq9awxW8RUyt+MPOaJpDbdei7rJJ20Op8kZ1dWlyf2Gl0eNL7L8iMP3f3hGx/8c2U5PyB3Cir1DszK+HilMj75+NTjT5TLw5VyZfOM8haxHhFDEXnEDTlouX0Up8zdXJ8TN1wHQ736H/XIohGLsRTJgI+RqMV0tKIZ8/nXfx7ZFtHTr/9fevRvf9yt3431v1/lD11efDiK+n+0+9XRner/wFyv58dQL5+dlr8eb8aFOBenYzVWYzleu+EZXePH0BVHHvv8FUTNRhqNyKIdzchiPqrFnKQ3J4mpmIzJKMfzMRcz0Y4kZiKLeqTRjlPRjk6kxRFVi1akUY1ONKMVSZyIWjwcSYzHVEzFRCSRxlicimYsRiNmYzqqxVbOxkqx3ye25HXw2y/88qU/ffhu3l4PGt9lIKX8xVwe9I9dgraV+yuv/2vRi1D/P+uu8xkcPr61fv0HAAAAPrVKxU/f8+v/kbi/aM1k9fSrtzotAAAA4DoqfvN/JJ+M5K37o5Rf/5cHRL5/03MDAAAAro9ScY9dKSJG44Fuq3+71KAfAgAAAACfQMXv/4/mk9GIi8UM1/8AAADwKfPdnZ6x/0H/GbvthX2lX/89Wq2R0qWFpYdK56t5XPX8Hd31epOvrG+xM3O4tD+6Gym2NTl84a5SRAzX0iOl/tMv/7evO/2o+Hx4eH31nZ71X9qSwPoad2wdUp7AgQtbEjhYdPxOHOvGHDvTnZ7pxfWeSDw6k9XTsVqz/mTxSMT8X+eNl1e+FcXwv9eYP1CKsyury2MvvrJ6psjlUr6VS+d7D1Dc9hzFwbkUPa719kDcP3jEI8WNGL1+R7v9ljd+A4aeLlYf2r3P0sY+34rj3Zjjo93p6Obx78/7HB97cjyq1QNDnXSp88bahtH3shi/xpG/FQ92Yx488WB3MiCLyqYsXt6eRWVjFr2dsMe+2DOLkd6B9e6xi0v/+l2zlE7slcXEliz2X2UWALfK2eKpP5er0OeKKvTfta68/l+uu0k3oKd3lrtvfVP5Wa5fBrac5c7G+pL++htq3XBsq+5bX17Ell52OKOf6Mac6L6eGD48oK6UB5zRX1159fe9M/pj7/34J18/+oefffzq9l483I3pTeKe3+5QY/Mx/6AxP9rf6NJTvcZPd+y3Xa+UYiTijm+cfzUOvv7mhUdWzp9+afml5ZcrlYnJ8mPl8uOVGCleKvQmag8AA+z9Hjt7RpQe2+Oq+p71PykYixfjlViNM3GyuNsgIh4YvNXRDX+GcDKOR3GxvMNV6+iGd3g5uce15eXYyvbY/uuKbbETG/bYfT8qJv++gd8UALjBju9Rh6+k/p/c47p7cy3fcnUcO9fyQb58Q/cGAHw2pK2PSqOdt0utVrbw/PjU1Hi1M5cmrWbtuaSVTc+mSdbopK3aXLUxmyYLrWanWev/4Hg6bSftxYWFZquTzDRbyUKznS0V7/ye9N76vZ3OVxudrNZeqKfVdprUmo1OtdZJprN2LVm485l61p5LW8XK7YW0ls1ktWonazaSdnOxVUvHkqSdpsnCYj8wm04bnWwmy5uNZKGVzVdblyKivjifJtNpu9bKFjrN1hfzDdaaUfSVNWaarflis2Pbh//Xm72/AeB28PqbF86dXl1dfm1z40BsnbOlMRxF4y+7xfQbt3qMAMBmqjQAAAAAAAAAAAAAANz+tt+ul8/d85a+QY19cfVr7Yur6uIaG/nQenPe+fnXXvzYI/1kNPLh3QZp3NrGC089dW6nmGcuHpq7su0M/p8y6FbXtw9E3PmLH3bnPH2zRvr+5QP7alZfK+0Sc2vPSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwyP8DAAD//82FVnI=")
write$binfmt_register(r2, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x6)

2.55625356s ago: executing program 0 (id=986):
socket$inet6(0xa, 0x1, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r2 = syz_open_pts(r1, 0x0)
dup3(r2, r1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
sendmsg$can_raw(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000094e2f9663a918fa1efd9b0b"}, 0x48}, 0x2}, 0x4000000)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}}, 0x0)

2.52308532s ago: executing program 0 (id=989):
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x51, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x44490, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b75, 0x4, @perf_config_ext={0x8, 0x7}, 0x14101, 0x32, 0xfffffbff, 0x9, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffff7fffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8912, &(0x7f0000000080))
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

2.419804152s ago: executing program 1 (id=995):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
iopl(0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000800000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
syslog(0x2, &(0x7f0000000200)=""/224, 0xe0)

2.336100393s ago: executing program 1 (id=997):
socket$kcm(0x10, 0x2, 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='system.posix_acl_access\x00', &(0x7f0000001140)=ANY=[], 0x24, 0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000400)='.\x00', 0xa4000021)
read(r1, 0x0, 0x0)
close(r1)
creat(&(0x7f0000000080)='./file0\x00', 0x11c)

1.983423909s ago: executing program 4 (id=1003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)

1.956566489s ago: executing program 4 (id=1004):
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x5d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x8400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYRES16=r1], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x181, 0x0)
ioctl$TIOCGPKT(r3, 0x80045438, &(0x7f0000000140))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0x17, &(0x7f0000000080)=0x1000, 0x4)
getsockname$packet(r6, &(0x7f0000000340)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x1d, r7}, 0x10, &(0x7f0000000500)={&(0x7f00000004c0)=@can={{0x2, 0x1, 0x0, 0x1}, 0x4, 0x1, 0x0, 0x0, "f936211c3bc2e6c3"}, 0x10}, 0x1, 0x0, 0x0, 0x6000001}, 0x24008080)
fstatfs(0xffffffffffffffff, &(0x7f0000000680)=""/153)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', r7, 0x4, 0xaa, 0x3, 0x0, 0x4e, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1, 0x40, 0x0, 0x8}})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff", @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r10, &(0x7f0000004200)='t', 0x1)
sendfile(r10, r9, 0x0, 0x3ffff)

1.522391896s ago: executing program 1 (id=1017):
r0 = perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x5d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x8400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x17, &(0x7f0000000080)=0x1000, 0x4)
getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x1d, r4}, 0x10, &(0x7f0000000500)={&(0x7f00000004c0)=@can={{0x2, 0x1, 0x0, 0x1}, 0x4, 0x1, 0x0, 0x0, "f936211c3bc2e6c3"}, 0x10}, 0x1, 0x0, 0x0, 0x6000001}, 0x24008080)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', <r5=>r4, 0x4, 0xaa, 0x3, 0x0, 0x4e, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1, 0x40, 0x0, 0x8}})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff", @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r9, &(0x7f0000004200)='t', 0x1)
sendfile(r9, r8, 0x0, 0x3ffff)
sendfile(r9, r8, 0x0, 0x7ffff000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES8=r5, @ANYRESHEX=r0, @ANYRES16=r7, @ANYRES64=r1, @ANYRES16=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.469704827s ago: executing program 3 (id=1018):
socket$inet6(0xa, 0x1, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r2 = syz_open_pts(r1, 0x0)
dup3(r2, r1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
sendmsg$can_raw(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000094e2f9663a918fa1efd9b0b"}, 0x48}, 0x2}, 0x4000000)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}}, 0x0)

1.419865978s ago: executing program 3 (id=1019):
socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x10020, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3ff, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_int(r2, 0x6, 0x19, &(0x7f00000000c0)=0x9, 0x4)
sendto$inet6(r2, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)

1.022024144s ago: executing program 4 (id=1020):
r0 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000380)={&(0x7f0000000e00)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000180)="27050200590200000600002fb96dbcf706e105000700810000008100accb", 0x1e}, {&(0x7f00000002c0)="88a8", 0x2}], 0x2}, 0x0)

916.709336ms ago: executing program 4 (id=1021):
syz_open_dev$usbfs(&(0x7f0000000000), 0x5, 0x424000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r3 = inotify_init1(0x0)
dup3(r3, r2, 0x0)

876.036856ms ago: executing program 4 (id=1022):
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64, @ANYRES16=0x0], 0x1, 0x371, &(0x7f0000000f80)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPsmk/C8gZkcvPfVx826Z9atjmQNlYyIyCORsmQlkYlu8pJiT16+9OfD56/fvPV2pVq9sqV6tXLjlU1VXV374ZPPinG3BwXZL39wIMZv+0/vP3vw342PGp42PG21O2rp7favHeu2Y+t2w2uaqtcc2/JsbbQ8243a21F73Wnv7PTUam1fXtlxbc9Tq9XTpt3TTls7bk+tD61GS03T1MsracM9x4wZcmp3t7asyow7vDNjHubtH9/3j2l23Yq1JGIWj7TU7j7RcQEAgIU0Uv9/k9QIZcn2C8pMvBbIh/HwMiCo/5M4rP+DxcJh/X/vhZ86l969vxrX/w/yafX/q79E+UP1f7D3udf/343cP1oRnXm7J+n8WPU/FsPa8Dvy98MVeyyo/4N3Q39F/8X799bDgPofAAAAAAAAAAAAAAAAAAAAAICz4JHvl3zfLyW3yd/hKQTx/eTecSca48wZ9/oX4isK9I8HnEvXb94SIzxxL7cq4nzZrXVr0W3cnnRcl5L8Gx4PseiCE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh/ne7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHX+OJfmfb6i++U51JL8Y9kvz+pN9SQAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo98P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4q2NNOVkwpaDIDdFn6HgYRgsH9dnaWCG0245H/+CxrTDcL2eTD3mJPirIKlPZnIJ16EmI/1ZnTJI5j9FZ+OkL4HrZU8+d9v11oLx6EzTGQiSr43G9ZFrs255XJBcOXdS52e+/vbv2XaRia/aO9j02n1jwkyDg8TNjDyyN+Gg/cP3J45nOf3T4vtZfmQGAAAAwIJIiv6ilzzyxukOCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAC2iul0kbE5z2HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBF8X8AAAD//0Ze9VM=")
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0)
add_key(&(0x7f0000000880)='id_resolver\x00', &(0x7f00000008c0)={'syz', 0x3}, &(0x7f0000000900)="fe5d3bfd72865ae1fba5c3c568b182066d820afa7ce3751534c6f1ee6b5662eab1422de2a7c6d804fddb9966a879c5fe2e8faa0016bc75b023b2706ac05c0038a5c37b035570f63d8af6f11c5f2104f0b4d4e51b7cd457cf8347523c98b1ab49182984a110decb4995bf6cdf6c191b2255cc1ad7d7732ae7807b08e4ae91300d3b84d12dd1cfe4e36b04c6b9c9b8249d0c5fab36f7d81b658ff3243df5fedae094815d38cb2c12e01bd4ec06a402ea7773a9b86262f9d37bdb7748d4c3ffde793e0f4798af3ef21d8892e40b068502d3f1077a09fc7dc29f1ca363052a6aeed14496aed397", 0xe5, 0xfffffffffffffffb)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x4, 0x4, 0x12, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r6, &(0x7f0000000100)={0x0, 0xffffffffffffff57, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r7, 0x1, 0x3, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x0, 0x8c, 0x4}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r0, &(0x7f0000000780)}, 0x20)

744.611418ms ago: executing program 2 (id=1023):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x2, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000007c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
fspick(r3, &(0x7f00000002c0)='./file0\x00', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
ustat(0x8, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
socket(0x26, 0x800, 0x6)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
lsm_get_self_attr(0x64, &(0x7f0000000040), &(0x7f0000000000)=0x101, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r7}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

599.66402ms ago: executing program 3 (id=1024):
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @mcast2, 0x1}, 0x1c)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000005400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/4096, 0x1000}}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, &(0x7f0000005100)=[{&(0x7f0000004f40)=""/101, 0x65}], 0x1}}], 0x3, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYRES8=r1], 0xb4}}, 0x200000d4)
keyctl$search(0xa, r2, &(0x7f0000000200)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, r2)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000140)={'syztnl0\x00', 0x0, 0x4, 0x9, 0xc0, 0xffffff03, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @local}, 0x8000, 0x40, 0x7, 0x8}})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee01}}, './file0\x00'})
inotify_init1(0x300)
r4 = socket$kcm(0x10, 0x2, 0x4)
close(r4)
r5 = socket$kcm(0x10, 0x2, 0x4)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000014c0)='rcu_stall_warning\x00', r7}, 0x18)
r8 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r8, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
sendmsg$inet(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000003c0)="5c00000014006b02c84e21100af32c6e0a0675f8d3446040000000000000a9fb5ef364504b649087303c5c1e6182949a36c23d3b48dfd8ddbf9367b498fa51f60a64c9f4d493803792684b71bdd70000b6c0504bb9183132be471b93c91b5d7870743719b4b53cf2", 0x68}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="e03f030013006bcd9e3fe3dc6e48aa31086b8700350000007ea60264160af3653c002e000d000af08bc3a0e69ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg(r4, &(0x7f0000001500)={0x0, 0x300, 0x0, 0x6}, 0x10001)
r9 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r9, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r9, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
sendto$inet6(r9, &(0x7f0000000e80)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb704ee58e707d1e69b3c3a1c2c37f9c0402e14abdeb32086a49aff25e5c0f0131d59b4783316b9fa2c71c51ce76942d5f519145c9e3bf0d4182b4a62970b2ce81d35a7afc8384b387b8e21f2051d90d92323a710cabe5275d335b64453e759251a140de480541d8dd7662a14296a59eba99b95bfdf5b22992c323865b471d13ad79867e2692fd4eece299a81e2b33336b6801f51c2ae8d73e4df90c9bd70cd535b72cbdf67754acdc44b3780450308d9c5527c3314eb7b2cc38b61e96403a30a8ba0c8a357aa04d3c62bc51bcf55cf214f44a909b29c30c18c3a43c86472612086664a80f2aa8490e58352732acb96eb46deab42895d1957a6029ad86e7a5ced6bde89c158aaee721954beeebe5973059007f7dd5459029af6d3f1d73d35f07d19b7cedfc80d1d7ef37f8b113f564afd0f093202929fef43e788619ca522c7f679dd2f27949d879b4dab46581a0e054b4ed1db37e43f528748b56ec5a54b7af198d4ae551046f7814fe3a5cbc1cc7cb6655fc198939b049f3c02443148c588e34d6ebef81096b4e48f468016d2bde0828664c0874d71e2d88b3bc04079d4a504255a83c3f07a4f1c3e5a4c66f55f36e51e344392487c8299d8d1bfb568780c0d57df48990cb5d6b35c3f7445f80312186d8598faf61072d4eefc961fb5a7e72b971c8f94a8346effd27362cee8d72a98b55e317de280d2d63ee83ca7140b7913122d402c536d914c8510c81d08f0ad1c952f5b7ad5e7ef72d7c58cb4d5bafbea535b381df6ebe94c62cf782cf7ab81c017c296a88ca91d641b45748d230cf5e87e5dbee4764ea4d131ae022e6bbf3ffc3ea7b264737d9db44354bfffa63d79bc403d3ac23fb615edc382d18b0daf1bbb2fbd708d1830ddac1c3f098b8cb1ef9a0019d804bf5d953110f12f3b9a8b9b7e0c61cb5d34116add1fc9a92721ffa5fdc83e1488cf88aa6e56ad2dd55e0aadd827cc7b4e7242f01241f49e905e5e7451092c28c3f6560a6a0002e5d91fc253a5a8fd8f27e42f4f02f5849528b7d93df9b0c568022acaff410e797e88d2f8eeadbba66e423335b843df734d203fa62a861b712da8f33d5ea721767871aa2cd53e659e505507de9a54d7e6fa3c20bbfb28cd6dd2b314dabbb59e9ce15c0a94ec3b3efc54eaaa27bd7576a687dcaf58dc182662539943014a02e76dc89f48c9f83cc7199038418f965ad3dc866098b89cabcac8691b0f51ffb71902337e49293309c4480a8f1b32411cc1b55a0ec0fe2c2572fe9d488a25bfc12ba74048e1d7beee93321c7aa49ea17cb9728dc46e5272154b3b995feacbacb8885621b335274af4df9365f8c8121ff323b572d320c8fc46acd6218b9579d43005e7b0506ccb14d9a0dac4cc6efaf5366c44342eaea8b5a11457f5afbea913ce4975ab67e6a85bc46e714ca5741da38a7cceb9e85d77fd03f83f7a5ecc7241e69e2bda327f769b48ba5f13662585c72778d12bd0e9a62a3d0dbe376d1aee81e6845c2cf23f42c458ae5668c8d387bf9ab224bc9703f1c08347be810d2f19278fe8d97560b3c9f1816667d0461a25e778eb1404dcaac1ed0a6a0745f3a5d2dc1b6babf98f5135d531cb26334ef2fec4c78c95b7193935139664fc65f17b047eb3dc39e251ba52ce33f8099719f1a789db1690347355e7b02d4c522692b9597fd31abb90f973ae4eb0bd0d900cdd887ff01d4845d7f0aee39b220a65a5aeee0fd386054070723c841c042d5339cc6325f07f0f733d124c6524f388ef7419f42c06278b8fceaa3a16b202dfb539b129762397e29cdd679ca6240272fa0c3e2e8c0a27aaa407f30b4024d0638dfca1bc9483db3ccc2880f", 0x5c6, 0x6d91fb6102d8910c, 0x0, 0xfffffffffffffe38)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="75e0afc85830e98e5d5afe1cbf053b1aa926faceed6815d525cde586ec3fab7fd72f3cb118211f04ed3417b38b9907d0ac4fcfbfca544de96b7f8a612008b6ad66028edfc495e47b281d3acf23bd0f4ae0907fefbc1c41b5a6b949a6b06ed825183f3414bd1dd074df08af59a4f8828c4a49a6dd1ee0968d10c5acaa3ccdd4e55e4be0588c1b5e67c6cc626786a812693c5559ba6c78409f492bb42a9ad9952123a5cd57baed84085f1d9a9c9d441e581df7730619be48bb1da529f6cce39ffc26c8b27c4dd11c76bd29a10e2c6cd326f9b2b68830c3722607b23191b396dc1bbd73688e7dd14dae", @ANYRESDEC=0x0], &(0x7f0000000200)='GPL\x00', 0x80, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendto$inet6(r9, 0x0, 0x0, 0x40000, 0x0, 0x0)
recvfrom(r9, &(0x7f0000002a80)=""/4039, 0xfc7, 0x100, 0x0, 0x0)

559.268891ms ago: executing program 2 (id=1025):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000180)={@initdev}, &(0x7f0000000280)=0x14)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

557.517761ms ago: executing program 3 (id=1026):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18050000000000000000817211f9386a791249ca1168caffcd4c73761658000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa10000000000000701000002ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="00000000000000000000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x9, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0)
close(r1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r5, &(0x7f0000000000)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x7fff, @remote, 0x7ff}}, 0x24)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r5, 0x110, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000001000030500000000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0000000000fbff002000128008000100687372001400028008000100", @ANYRES32=r8, @ANYBLOB="08000200", @ANYRES32], 0x40}}, 0x0)

497.950762ms ago: executing program 1 (id=1027):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000001fc0)={@fallback, 0xffffffffffffffff, 0x18, 0x0, 0xffffffffffffffff, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x1f0, 0x0)
socket$inet6(0xa, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x8}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@deltaction={0x4c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x80, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x6, 0x1, 'tunnel_key\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x4c}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x17, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x5c)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x6400, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1820c100000006eda000000000000000850000000700000000000000000000036e97e24bd7100095"], &(0x7f00000000c0)='GPL\x00', 0x401, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r8}, 0x10)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB="540100001a001307000000000000001cac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x154}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x4, &(0x7f0000000180)=[{0x2d, 0x0, 0x2}, {}, {}, {0x6}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r9}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)

435.914053ms ago: executing program 2 (id=1028):
socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socket$kcm(0x2, 0xa, 0x73)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x26, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000b40)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000001ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x0, 0x5f4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xe8}, 0x160)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8946, &(0x7f0000000080))

433.125443ms ago: executing program 3 (id=1029):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0e000000040000000400000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x3c)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x3, 0x13, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000900000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000000000bf090000000000005509010000000000852000000300000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x62, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
socket(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
memfd_secret(0x0)

406.722343ms ago: executing program 3 (id=1030):
r0 = perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x5d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x8400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x17, &(0x7f0000000080)=0x1000, 0x4)
getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x1d, r4}, 0x10, &(0x7f0000000500)={&(0x7f00000004c0)=@can={{0x2, 0x1, 0x0, 0x1}, 0x4, 0x1, 0x0, 0x0, "f936211c3bc2e6c3"}, 0x10}, 0x1, 0x0, 0x0, 0x6000001}, 0x24008080)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', <r5=>r4, 0x4, 0xaa, 0x3, 0x0, 0x4e, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1, 0x40, 0x0, 0x8}})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff", @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r9, &(0x7f0000004200)='t', 0x1)
sendfile(r9, r8, 0x0, 0x3ffff)
sendfile(r9, r8, 0x0, 0x7ffff000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f00000007c0)=ANY=[@ANYRES8=r5, @ANYRESHEX=r0, @ANYRES16=r7, @ANYRES64=r1, @ANYRES16=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

352.630754ms ago: executing program 2 (id=1031):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000e00)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000180)="27050200590200000600002fb96dbcf706e105000700810000008100accb", 0x1e}, {&(0x7f00000002c0)="88a8", 0x2}], 0x2}, 0x0)

276.724346ms ago: executing program 2 (id=1032):
syz_open_dev$usbfs(&(0x7f0000000000), 0x5, 0x424000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
dup3(r2, r1, 0x0)

276.256576ms ago: executing program 2 (id=1033):
socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x10020, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3ff, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x2f, 0x80, 0x7, 0x100, 0x42, @loopback, @rand_addr=' \x01\x00', 0x8000, 0x10, 0x9, 0x1}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000003c0)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0xffffffffffffffc7, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_int(r5, 0x6, 0x19, &(0x7f00000000c0)=0x9, 0x4)
sendto$inet6(r5, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
readv(r6, &(0x7f0000002980)=[{&(0x7f0000000700)=""/163, 0xa3}], 0x2)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYRESHEX=r8], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r9}, 0x10)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r10, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r8, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x3a)

0s ago: executing program 4 (id=1034):
socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x10020, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3ff, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_int(r2, 0x6, 0x19, &(0x7f00000000c0)=0x9, 0x4)
sendto$inet6(r2, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)

kernel console output (not intermixed with test programs):

:4050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4443 comm="syz.2.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   59.207674][   T29] audit: type=1326 audit(1744315633.926:4051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4443 comm="syz.2.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   59.296890][ T4444] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   59.318483][ T4446] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   59.344370][ T4444] SELinux: failed to load policy
[   59.355759][ T4446] EXT4-fs (loop1): mount failed
[   59.418084][ T4455] IPv6: Can't replace route, no match found
[   59.442964][ T4463] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   59.463542][ T4465] IPv6: Can't replace route, no match found
[   59.478111][ T4463] SELinux: failed to load policy
[   59.507324][ T4467] loop1: detected capacity change from 0 to 1024
[   59.517442][ T4467] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   59.529012][ T4467] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   59.540655][ T4467] JBD2: no valid journal superblock found
[   59.546610][ T4467] EXT4-fs (loop1): Could not load journal inode
[   59.557563][ T4471] loop3: detected capacity change from 0 to 512
[   59.564105][ T4474] loop0: detected capacity change from 0 to 1024
[   59.571244][ T4474] EXT4-fs: Mount option(s) incompatible with ext3
[   59.584986][ T4471] EXT4-fs (loop3): 1 orphan inode deleted
[   59.593867][ T4471] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.596978][ T4474] pim6reg: entered allmulticast mode
[   59.613760][ T4471] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.625211][   T85] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1
[   59.676486][ T4471] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.761167][ T4488] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   59.763381][ T4491] FAULT_INJECTION: forcing a failure.
[   59.763381][ T4491] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.771031][ T4488] SELinux: failed to load policy
[   59.785249][ T4491] CPU: 1 UID: 0 PID: 4491 Comm: syz.2.321 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   59.785285][ T4491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   59.785300][ T4491] Call Trace:
[   59.785309][ T4491]  <TASK>
[   59.785319][ T4491]  dump_stack_lvl+0xf6/0x150
[   59.785485][ T4491]  dump_stack+0x15/0x1a
[   59.785506][ T4491]  should_fail_ex+0x261/0x270
[   59.785541][ T4491]  should_fail+0xb/0x10
[   59.785627][ T4491]  should_fail_usercopy+0x1a/0x20
[   59.785676][ T4491]  _copy_from_user+0x1c/0xa0
[   59.785797][ T4491]  move_addr_to_kernel+0x8c/0x130
[   59.785841][ T4491]  __sys_sendto+0x130/0x230
[   59.785883][ T4491]  __x64_sys_sendto+0x78/0x90
[   59.785914][ T4491]  x64_sys_call+0x2bcb/0x2e10
[   59.786066][ T4491]  do_syscall_64+0xc9/0x1c0
[   59.786103][ T4491]  ? clear_bhb_loop+0x25/0x80
[   59.786194][ T4491]  ? clear_bhb_loop+0x25/0x80
[   59.786222][ T4491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.786249][ T4491] RIP: 0033:0x7f24699ad169
[   59.786275][ T4491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.786298][ T4491] RSP: 002b:00007f246800f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   59.786321][ T4491] RAX: ffffffffffffffda RBX: 00007f2469bc5fa0 RCX: 00007f24699ad169
[   59.786481][ T4491] RDX: 000000000000ffe0 RSI: 0000200000000780 RDI: 0000000000000006
[   59.786496][ T4491] RBP: 00007f246800f090 R08: 0000200000000140 R09: 000000000000001c
[   59.786511][ T4491] R10: 000000000000c0d4 R11: 0000000000000246 R12: 0000000000000001
[   59.786525][ T4491] R13: 0000000000000000 R14: 00007f2469bc5fa0 R15: 00007ffd0d856408
[   59.786549][ T4491]  </TASK>
[   59.830039][ T4493] FAULT_INJECTION: forcing a failure.
[   59.830039][ T4493] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.996102][ T4493] CPU: 1 UID: 0 PID: 4493 Comm: syz.2.322 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   59.996126][ T4493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   59.996137][ T4493] Call Trace:
[   59.996143][ T4493]  <TASK>
[   59.996150][ T4493]  dump_stack_lvl+0xf6/0x150
[   59.996170][ T4493]  dump_stack+0x15/0x1a
[   59.996253][ T4493]  should_fail_ex+0x261/0x270
[   59.996349][ T4493]  should_fail+0xb/0x10
[   59.996369][ T4493]  should_fail_usercopy+0x1a/0x20
[   59.996393][ T4493]  _copy_from_user+0x1c/0xa0
[   59.996552][ T4493]  copy_msghdr_from_user+0x54/0x2b0
[   59.996591][ T4493]  ? __fget_files+0x186/0x1c0
[   59.996619][ T4493]  __sys_sendmsg+0x141/0x240
[   59.996745][ T4493]  __x64_sys_sendmsg+0x46/0x50
[   59.996792][ T4493]  x64_sys_call+0x26f3/0x2e10
[   59.996874][ T4493]  do_syscall_64+0xc9/0x1c0
[   59.996901][ T4493]  ? clear_bhb_loop+0x25/0x80
[   59.996922][ T4493]  ? clear_bhb_loop+0x25/0x80
[   59.996944][ T4493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.996961][ T4493] RIP: 0033:0x7f24699ad169
[   59.996974][ T4493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.997042][ T4493] RSP: 002b:00007f246800f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   59.997081][ T4493] RAX: ffffffffffffffda RBX: 00007f2469bc5fa0 RCX: 00007f24699ad169
[   59.997092][ T4493] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000a
[   59.997102][ T4493] RBP: 00007f246800f090 R08: 0000000000000000 R09: 0000000000000000
[   59.997112][ T4493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.997122][ T4493] R13: 0000000000000000 R14: 00007f2469bc5fa0 R15: 00007ffd0d856408
[   59.997213][ T4493]  </TASK>
[   60.194457][ T4499] IPv6: Can't replace route, no match found
[   60.252227][ T4503] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   60.263597][ T4503] SELinux: failed to load policy
[   60.265907][ T4505] __nla_validate_parse: 12 callbacks suppressed
[   60.265925][ T4505] netlink: 64 bytes leftover after parsing attributes in process `syz.2.327'.
[   60.290492][ T4505] loop2: detected capacity change from 0 to 1024
[   60.297522][ T4505] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   60.309128][ T4505] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   60.321181][ T4505] JBD2: no valid journal superblock found
[   60.328139][ T4505] EXT4-fs (loop2): Could not load journal inode
[   60.328281][ T4468] pim6reg: left allmulticast mode
[   60.347126][ T4505] netlink: 32 bytes leftover after parsing attributes in process `syz.2.327'.
[   60.356841][ T4507] loop3: detected capacity change from 0 to 512
[   60.390722][ T4507] EXT4-fs (loop3): 1 orphan inode deleted
[   60.398273][ T4507] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.412864][   T85] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1
[   60.427847][ T4507] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.435532][ T4512] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   60.497711][ T4514] netlink: 28 bytes leftover after parsing attributes in process `syz.0.330'.
[   60.507596][ T4514] netlink: 28 bytes leftover after parsing attributes in process `syz.0.330'.
[   60.520012][ T4516] netlink: 28 bytes leftover after parsing attributes in process `syz.1.331'.
[   60.530883][ T4507] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.609970][ T4520] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   60.636277][ T4520] SELinux: failed to load policy
[   60.676675][ T4526] netlink: 10 bytes leftover after parsing attributes in process `syz.0.336'.
[   60.715596][ T4530] FAULT_INJECTION: forcing a failure.
[   60.715596][ T4530] name failslab, interval 1, probability 0, space 0, times 0
[   60.731237][ T4530] CPU: 0 UID: 0 PID: 4530 Comm: syz.3.337 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   60.731269][ T4530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   60.731283][ T4530] Call Trace:
[   60.731291][ T4530]  <TASK>
[   60.731299][ T4530]  dump_stack_lvl+0xf6/0x150
[   60.731438][ T4530]  dump_stack+0x15/0x1a
[   60.731459][ T4530]  should_fail_ex+0x261/0x270
[   60.731492][ T4530]  should_failslab+0x8f/0xb0
[   60.731585][ T4530]  __kmalloc_cache_noprof+0x55/0x320
[   60.731613][ T4530]  ? inet6_dump_fib+0x187/0x700
[   60.731642][ T4530]  inet6_dump_fib+0x187/0x700
[   60.731733][ T4530]  ? __pfx_inet6_dump_fib+0x10/0x10
[   60.731814][ T4530]  rtnl_dumpit+0x94/0x130
[   60.731860][ T4530]  netlink_dump+0x3a6/0x810
[   60.731904][ T4530]  __netlink_dump_start+0x433/0x520
[   60.731959][ T4530]  ? __pfx_inet6_dump_fib+0x10/0x10
[   60.731987][ T4530]  rtnetlink_rcv_msg+0x5ad/0x740
[   60.732023][ T4530]  ? __pfx_inet6_dump_fib+0x10/0x10
[   60.732082][ T4530]  ? should_fail_ex+0xd7/0x270
[   60.732112][ T4530]  ? __pfx_rtnl_dumpit+0x10/0x10
[   60.732197][ T4530]  ? __pfx_inet6_dump_fib+0x10/0x10
[   60.732228][ T4530]  netlink_rcv_skb+0x12f/0x230
[   60.732256][ T4530]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   60.732298][ T4530]  rtnetlink_rcv+0x1c/0x30
[   60.732339][ T4530]  netlink_unicast+0x605/0x6c0
[   60.732434][ T4530]  netlink_sendmsg+0x609/0x720
[   60.732470][ T4530]  ? __pfx_netlink_sendmsg+0x10/0x10
[   60.732501][ T4530]  __sock_sendmsg+0x140/0x180
[   60.732541][ T4530]  sock_write_iter+0x186/0x1c0
[   60.732582][ T4530]  vfs_write+0x79b/0x950
[   60.732619][ T4530]  ? __pfx_sock_write_iter+0x10/0x10
[   60.732658][ T4530]  ksys_write+0xeb/0x1b0
[   60.732692][ T4530]  __x64_sys_write+0x42/0x50
[   60.732775][ T4530]  x64_sys_call+0x2a45/0x2e10
[   60.732801][ T4530]  do_syscall_64+0xc9/0x1c0
[   60.732833][ T4530]  ? clear_bhb_loop+0x25/0x80
[   60.732865][ T4530]  ? clear_bhb_loop+0x25/0x80
[   60.732889][ T4516] loop1: detected capacity change from 0 to 1024
[   60.732891][ T4530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.732978][ T4530] RIP: 0033:0x7fc49311d169
[   60.732998][ T4530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.733022][ T4530] RSP: 002b:00007fc491787038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   60.733061][ T4530] RAX: ffffffffffffffda RBX: 00007fc493335fa0 RCX: 00007fc49311d169
[   60.733078][ T4530] RDX: 0000000000000085 RSI: 0000200000000000 RDI: 0000000000000003
[   60.733092][ T4530] RBP: 00007fc491787090 R08: 0000000000000000 R09: 0000000000000000
[   60.733106][ T4530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.733121][ T4530] R13: 0000000000000000 R14: 00007fc493335fa0 R15: 00007ffd5c397868
[   60.733213][ T4530]  </TASK>
[   60.776590][ T4531] netlink: 12 bytes leftover after parsing attributes in process `syz.0.338'.
[   60.807431][ T4534] netlink: 64 bytes leftover after parsing attributes in process `syz.3.339'.
[   60.817151][ T4516] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   60.832977][ T4534] loop3: detected capacity change from 0 to 1024
[   60.837892][ T4516] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   60.844263][ T4534] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   60.850882][ T4516] JBD2: no valid journal superblock found
[   60.853859][ T4534] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   60.859888][ T4516] EXT4-fs (loop1): Could not load journal inode
[   60.866778][ T4534] JBD2: no valid journal superblock found
[   61.134397][ T4534] EXT4-fs (loop3): Could not load journal inode
[   61.156098][ T4534] netlink: 32 bytes leftover after parsing attributes in process `syz.3.339'.
[   61.162984][ T4516] 9pnet: Could not find request transport: fd
[   61.200526][ T4542] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   61.201395][ T4543] netlink: 64 bytes leftover after parsing attributes in process `syz.0.351'.
[   61.210575][ T4542] SELinux: failed to load policy
[   61.240654][ T4543] loop0: detected capacity change from 0 to 1024
[   61.244386][ T4545] IPv6: Can't replace route, no match found
[   61.254019][ T4546] loop1: detected capacity change from 0 to 1024
[   61.276078][ T4546] EXT4-fs: Mount option(s) incompatible with ext3
[   61.283455][ T4543] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   61.294812][ T4543] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   61.316715][ T4546] pim6reg: entered allmulticast mode
[   61.327011][ T4543] JBD2: no valid journal superblock found
[   61.333445][ T4543] EXT4-fs (loop0): Could not load journal inode
[   61.359986][ T4550] loop2: detected capacity change from 0 to 512
[   61.362339][ T4552] loop0: detected capacity change from 0 to 128
[   61.390967][ T4550] EXT4-fs (loop2): 1 orphan inode deleted
[   61.399203][ T4550] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.413489][ T3431] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1
[   61.417881][ T4552] syz.0.346: attempt to access beyond end of device
[   61.417881][ T4552] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[   61.481586][ T4557] loop2: detected capacity change from 0 to 128
[   61.529045][ T4557] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.563157][ T4559] loop0: detected capacity change from 0 to 128
[   61.595358][ T4559] syz.0.348: attempt to access beyond end of device
[   61.595358][ T4559] loop0: rw=0, sector=121, nr_sectors = 920 limit=128
[   61.622522][ T4557] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.661948][ T4557] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.703613][ T4562] Zero length message leads to an empty skb
[   61.767669][ T4557] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.892487][ T4566] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   61.915564][ T4566] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   61.958319][ T4557] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.000030][ T4557] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.045086][ T4557] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.057113][ T4539] pim6reg: left allmulticast mode
[   62.080340][ T4557] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.153832][ T4569] loop0: detected capacity change from 0 to 128
[   62.175949][ T4576] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   62.191459][ T4386] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.218251][ T4576] SELinux: failed to load policy
[   62.219426][ T4386] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.259524][ T4386] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.275835][ T4577] loop1: detected capacity change from 0 to 1024
[   62.284121][ T4577] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   62.296879][ T4577] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   62.309462][ T4577] JBD2: no valid journal superblock found
[   62.311439][ T4569] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.316274][ T4577] EXT4-fs (loop1): Could not load journal inode
[   62.351502][ T4386] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.367330][ T4577] 9pnet: Could not find request transport: fd
[   62.386960][ T4590] loop3: detected capacity change from 0 to 1024
[   62.395097][ T4590] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   62.408442][ T4590] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   62.421878][ T4590] JBD2: no valid journal superblock found
[   62.428409][ T4590] EXT4-fs (loop3): Could not load journal inode
[   62.467812][ T4595] loop1: detected capacity change from 0 to 1024
[   62.481570][ T4569] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.503089][ T4596] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   62.515310][ T4595] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   62.515714][ T4596] SELinux: failed to load policy
[   62.539528][ T4598] IPv6: Can't replace route, no match found
[   62.551572][ T4595] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.359: missing EA_INODE flag
[   62.569396][ T4595] EXT4-fs (loop1): Remounting filesystem read-only
[   62.577010][ T4595] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   62.615547][ T4569] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.662698][ T4608] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   62.697973][ T4569] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.711306][ T4610] FAULT_INJECTION: forcing a failure.
[   62.711306][ T4610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.726610][ T4610] CPU: 1 UID: 0 PID: 4610 Comm: syz.3.368 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   62.726643][ T4610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.726658][ T4610] Call Trace:
[   62.726665][ T4610]  <TASK>
[   62.726673][ T4610]  dump_stack_lvl+0xf6/0x150
[   62.726711][ T4610]  dump_stack+0x15/0x1a
[   62.726732][ T4610]  should_fail_ex+0x261/0x270
[   62.726765][ T4610]  should_fail+0xb/0x10
[   62.726792][ T4610]  should_fail_usercopy+0x1a/0x20
[   62.726827][ T4610]  _copy_from_user+0x1c/0xa0
[   62.726900][ T4610]  copy_msghdr_from_user+0x54/0x2b0
[   62.726939][ T4610]  ? __fget_files+0x186/0x1c0
[   62.727105][ T4610]  __sys_sendmsg+0x141/0x240
[   62.727151][ T4610]  __x64_sys_sendmsg+0x46/0x50
[   62.727178][ T4610]  x64_sys_call+0x26f3/0x2e10
[   62.727203][ T4610]  do_syscall_64+0xc9/0x1c0
[   62.727281][ T4610]  ? clear_bhb_loop+0x25/0x80
[   62.727308][ T4610]  ? clear_bhb_loop+0x25/0x80
[   62.727344][ T4610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.727366][ T4610] RIP: 0033:0x7fc49311d169
[   62.727384][ T4610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.727407][ T4610] RSP: 002b:00007fc491787038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.727429][ T4610] RAX: ffffffffffffffda RBX: 00007fc493335fa0 RCX: 00007fc49311d169
[   62.727444][ T4610] RDX: 0000000000008800 RSI: 0000200000000340 RDI: 0000000000000005
[   62.727459][ T4610] RBP: 00007fc491787090 R08: 0000000000000000 R09: 0000000000000000
[   62.727472][ T4610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.727526][ T4610] R13: 0000000000000000 R14: 00007fc493335fa0 R15: 00007ffd5c397868
[   62.727547][ T4610]  </TASK>
[   62.982796][ T4569] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.000202][ T4569] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.020642][ T4569] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.039158][ T4569] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.109893][ T4622] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   63.126126][ T4622] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   63.170542][ T4614] loop3: detected capacity change from 0 to 2048
[   63.183370][ T4624] loop0: detected capacity change from 0 to 1024
[   63.208606][ T4624] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   63.219971][ T4624] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   63.232519][ T4624] JBD2: no valid journal superblock found
[   63.235286][ T4626] IPv6: Can't replace route, no match found
[   63.238948][ T4624] EXT4-fs (loop0): Could not load journal inode
[   63.314767][ T4630] IPv6: Can't replace route, no match found
[   63.379047][ T4633] loop0: detected capacity change from 0 to 128
[   63.391756][ T4637] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   63.400903][ T4637] sel_write_load: 1 callbacks suppressed
[   63.400960][ T4637] SELinux: failed to load policy
[   63.456321][ T4635] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   63.485601][ T4639] loop4: detected capacity change from 0 to 128
[   63.492376][ T4635] SELinux: failed to load policy
[   63.502855][ T4641] loop0: detected capacity change from 0 to 164
[   63.516743][ T4641] syz.0.383: attempt to access beyond end of device
[   63.516743][ T4641] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   63.531596][ T4641] syz.0.383: attempt to access beyond end of device
[   63.531596][ T4641] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[   63.532731][ T4645] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   63.616253][ T4651] loop3: detected capacity change from 0 to 2048
[   63.622783][ T4656] loop1: detected capacity change from 0 to 1024
[   63.634208][ T4658] IPv6: Can't replace route, no match found
[   63.643781][ T4656] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   63.656001][ T4656] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   63.670718][ T4656] JBD2: no valid journal superblock found
[   63.677237][ T4656] EXT4-fs (loop1): Could not load journal inode
[   63.772699][ T4670] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   63.782079][ T4670] SELinux: failed to load policy
[   63.838512][ T4676] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   63.849833][ T4673] loop3: detected capacity change from 0 to 128
[   63.877465][ T4676] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   63.912776][ T4681] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   63.926744][ T4681] SELinux: failed to load policy
[   64.016680][ T4691] loop3: detected capacity change from 0 to 1024
[   64.024783][ T4691] EXT4-fs: Ignoring removed orlov option
[   64.032882][ T4691] EXT4-fs: Ignoring removed nomblk_io_submit option
[   64.048148][ T4691] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[   64.060281][ T4693] loop2: detected capacity change from 0 to 1024
[   64.068684][ T4693] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   64.080426][ T4693] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   64.093078][   T29] kauditd_printk_skb: 629 callbacks suppressed
[   64.093095][   T29] audit: type=1326 audit(1744315638.916:4678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc49311bad0 code=0x7ffc0000
[   64.093224][ T4693] JBD2: no valid journal superblock found
[   64.099817][   T29] audit: type=1326 audit(1744315638.916:4679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc49311cd6b code=0x7ffc0000
[   64.099924][   T29] audit: type=1326 audit(1744315638.916:4680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc49311bdca code=0x7ffc0000
[   64.124789][ T4693] EXT4-fs (loop2): Could not load journal inode
[   64.191871][   T29] audit: type=1326 audit(1744315639.016:4681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   64.216069][   T29] audit: type=1326 audit(1744315639.016:4682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   64.241298][   T29] audit: type=1326 audit(1744315639.016:4683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   64.265870][   T29] audit: type=1326 audit(1744315639.016:4684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   64.291113][   T29] audit: type=1326 audit(1744315639.016:4685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   64.316245][   T29] audit: type=1326 audit(1744315639.016:4686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   64.340267][   T29] audit: type=1326 audit(1744315639.016:4687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4689 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   64.377320][ T4700] loop0: detected capacity change from 0 to 2048
[   64.454664][ T4711] loop3: detected capacity change from 0 to 128
[   64.490605][ T4714] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   64.500760][ T4714] SELinux: failed to load policy
[   64.560624][ T4722] loop0: detected capacity change from 0 to 2048
[   64.586855][ T4725] loop1: detected capacity change from 0 to 512
[   64.619062][ T4725] EXT4-fs (loop1): 1 orphan inode deleted
[   64.629392][ T4725] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.650915][   T85] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1
[   64.671148][ T4722] loop0: detected capacity change from 0 to 2048
[   64.679739][ T4729] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   64.687748][ T4729] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   64.741204][ T4722] loop0: detected capacity change from 0 to 2048
[   64.749615][ T4731] loop1: detected capacity change from 0 to 1024
[   64.756828][ T4731] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   64.768449][ T4731] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   64.781018][ T4731] JBD2: no valid journal superblock found
[   64.787694][ T4731] EXT4-fs (loop1): Could not load journal inode
[   64.824115][ T4722] loop0: detected capacity change from 0 to 2048
[   64.869501][ T4737] loop1: detected capacity change from 0 to 2048
[   64.880903][ T4722] loop0: detected capacity change from 0 to 2048
[   64.939800][ T4722] loop0: detected capacity change from 0 to 2048
[   65.009713][ T4722] loop0: detected capacity change from 0 to 2048
[   65.020439][ T4746] loop1: detected capacity change from 0 to 128
[   65.087802][ T4748] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   65.101149][ T4722] loop0: detected capacity change from 0 to 2048
[   65.101358][ T4748] SELinux: failed to load policy
[   65.150118][ T4722] loop0: detected capacity change from 0 to 2048
[   65.176940][ T4755] loop3: detected capacity change from 0 to 512
[   65.210750][ T4755] EXT4-fs (loop3): 1 orphan inode deleted
[   65.218805][ T4722] loop0: detected capacity change from 0 to 2048
[   65.219996][ T4755] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.232919][ T3431] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1
[   65.282956][ T4722] loop0: detected capacity change from 0 to 2048
[   65.355747][ T4763] __nla_validate_parse: 19 callbacks suppressed
[   65.355766][ T4763] netlink: 64 bytes leftover after parsing attributes in process `syz.3.426'.
[   65.374576][ T4722] loop0: detected capacity change from 0 to 2048
[   65.405492][ T4763] loop3: detected capacity change from 0 to 1024
[   65.411887][ T4766] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   65.420359][ T4763] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   65.432280][ T4763] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   65.442867][ T4766] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   65.452613][ T4763] JBD2: no valid journal superblock found
[   65.459083][ T4763] EXT4-fs (loop3): Could not load journal inode
[   65.470625][ T4763] netlink: 32 bytes leftover after parsing attributes in process `syz.3.426'.
[   65.504464][ T4769] loop3: detected capacity change from 0 to 2048
[   65.611631][ T4776] loop3: detected capacity change from 0 to 128
[   65.714002][ T4790] loop3: detected capacity change from 0 to 512
[   65.729400][ T4790] EXT4-fs (loop3): 1 orphan inode deleted
[   65.736973][ T4790] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.748201][   T37] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1
[   65.832093][ T4795] loop3: detected capacity change from 0 to 2048
[   65.847153][ T4795] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.863216][ T4795] netlink: 8 bytes leftover after parsing attributes in process `syz.3.437'.
[   65.872216][ T4795] netlink: 12 bytes leftover after parsing attributes in process `syz.3.437'.
[   66.406886][ T4807] loop0: detected capacity change from 0 to 2048
[   66.467663][ T4812] netlink: 'syz.0.442': attribute type 11 has an invalid length.
[   66.475756][ T4812] netlink: 372 bytes leftover after parsing attributes in process `syz.0.442'.
[   66.508603][ T4812] IPv6: NLM_F_CREATE should be specified when creating new route
[   66.548688][ T4816] loop2: detected capacity change from 0 to 128
[   66.634355][ T4823] loop0: detected capacity change from 0 to 512
[   66.660396][ T4823] EXT4-fs (loop0): 1 orphan inode deleted
[   66.668439][ T4823] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.681143][ T3431] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1
[   66.708678][ T4829] netlink: 'syz.3.449': attribute type 7 has an invalid length.
[   66.716735][ T4829] netlink: 8 bytes leftover after parsing attributes in process `syz.3.449'.
[   66.743914][ T4831] 9pnet_fd: Insufficient options for proto=fd
[   66.756273][ T4829] SELinux: failed to load policy
[   66.772302][ T4833] IPv6: Can't replace route, no match found
[   66.792748][ T4835] loop3: detected capacity change from 0 to 2048
[   66.803889][ T4837] loop0: detected capacity change from 0 to 128
[   66.813083][ T4837] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.993565][ T4862] netlink: 64 bytes leftover after parsing attributes in process `syz.1.460'.
[   67.008029][ T4862] loop1: detected capacity change from 0 to 1024
[   67.015227][ T4862] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   67.026950][ T4862] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   67.038457][ T4862] JBD2: no valid journal superblock found
[   67.044569][ T4862] EXT4-fs (loop1): Could not load journal inode
[   67.082388][ T4868] FAULT_INJECTION: forcing a failure.
[   67.082388][ T4868] name failslab, interval 1, probability 0, space 0, times 0
[   67.095528][ T4868] CPU: 1 UID: 0 PID: 4868 Comm: syz.1.462 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   67.095611][ T4868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   67.095625][ T4868] Call Trace:
[   67.095634][ T4868]  <TASK>
[   67.095643][ T4868]  dump_stack_lvl+0xf6/0x150
[   67.095751][ T4868]  dump_stack+0x15/0x1a
[   67.095772][ T4868]  should_fail_ex+0x261/0x270
[   67.095804][ T4868]  should_failslab+0x8f/0xb0
[   67.095888][ T4868]  kmem_cache_alloc_noprof+0x59/0x340
[   67.095915][ T4868]  ? audit_log_start+0x37f/0x6e0
[   67.095988][ T4868]  audit_log_start+0x37f/0x6e0
[   67.096016][ T4868]  ? kstrtouint+0x7b/0xc0
[   67.096045][ T4868]  audit_seccomp+0x4b/0x130
[   67.096069][ T4868]  __seccomp_filter+0x694/0x10e0
[   67.096175][ T4868]  ? vfs_write+0x669/0x950
[   67.096202][ T4868]  ? putname+0xe1/0x100
[   67.096226][ T4868]  __secure_computing+0x7e/0x160
[   67.096261][ T4868]  syscall_trace_enter+0xcf/0x1f0
[   67.096334][ T4868]  ? fpregs_assert_state_consistent+0x83/0xa0
[   67.096373][ T4868]  do_syscall_64+0xaa/0x1c0
[   67.096408][ T4868]  ? clear_bhb_loop+0x25/0x80
[   67.096489][ T4868]  ? clear_bhb_loop+0x25/0x80
[   67.096512][ T4868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.096537][ T4868] RIP: 0033:0x7f9232fdd169
[   67.096624][ T4868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.096646][ T4868] RSP: 002b:00007f923163f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[   67.096667][ T4868] RAX: ffffffffffffffda RBX: 00007f92331f5fa0 RCX: 00007f9232fdd169
[   67.096682][ T4868] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   67.096696][ T4868] RBP: 00007f923163f090 R08: 0000000000000000 R09: 0000000000000000
[   67.096709][ T4868] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[   67.096722][ T4868] R13: 0000000000000000 R14: 00007f92331f5fa0 R15: 00007ffd68b22658
[   67.096743][ T4868]  </TASK>
[   67.335935][ T4875] loop1: detected capacity change from 0 to 2048
[   67.390693][ T4880] IPv6: Can't replace route, no match found
[   67.481363][ T4885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.490182][ T4885] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.556939][ T4886] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   67.564493][ T4886] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   67.694574][ T4894] netlink: 64 bytes leftover after parsing attributes in process `syz.1.472'.
[   67.708130][ T4894] loop1: detected capacity change from 0 to 1024
[   67.715338][ T4894] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   67.726446][ T4894] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   67.737683][ T4894] JBD2: no valid journal superblock found
[   67.743654][ T4894] EXT4-fs (loop1): Could not load journal inode
[   67.751882][ T4896] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   67.765182][ T4896] SELinux: failed to load policy
[   67.782102][ T4898] netlink: 'syz.1.474': attribute type 1 has an invalid length.
[   67.794596][ T4901] netlink: 'syz.3.475': attribute type 21 has an invalid length.
[   67.796456][ T4898] 8021q: adding VLAN 0 to HW filter on device bond1
[   67.812157][ T4901] netlink: 152 bytes leftover after parsing attributes in process `syz.3.475'.
[   67.825462][ T4898] 8021q: adding VLAN 0 to HW filter on device bond1
[   67.832813][ T4898] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[   67.844718][ T4898] bond1: (slave wireguard0): Error -95 calling set_mac_address
[   67.886267][ T4904] loop3: detected capacity change from 0 to 2048
[   67.907546][ T4904] EXT4-fs mount: 30 callbacks suppressed
[   67.907561][ T4904] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.969831][ T4909] IPv6: Can't replace route, no match found
[   67.993302][ T4911] loop0: detected capacity change from 0 to 512
[   68.016701][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.102935][ T4911] EXT4-fs (loop0): 1 orphan inode deleted
[   68.111229][ T4911] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.125700][   T37] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1
[   68.141206][ T4911] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.154412][ T4927] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   68.211927][ T4925] netlink: 64 bytes leftover after parsing attributes in process `syz.4.484'.
[   68.229833][ T4927] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   68.239416][ T4931] loop3: detected capacity change from 0 to 128
[   68.247948][ T4911] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.259174][ T4925] loop4: detected capacity change from 0 to 1024
[   68.270033][ T4925] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   68.281468][ T4925] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   68.295773][ T4925] JBD2: no valid journal superblock found
[   68.301959][ T4925] EXT4-fs (loop4): Could not load journal inode
[   68.329464][ T4931] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.377215][ T4943] FAULT_INJECTION: forcing a failure.
[   68.377215][ T4943] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.390810][ T4943] CPU: 1 UID: 0 PID: 4943 Comm: syz.4.490 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   68.390840][ T4943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   68.390852][ T4943] Call Trace:
[   68.390859][ T4943]  <TASK>
[   68.390867][ T4943]  dump_stack_lvl+0xf6/0x150
[   68.390965][ T4943]  dump_stack+0x15/0x1a
[   68.390987][ T4943]  should_fail_ex+0x261/0x270
[   68.391017][ T4943]  should_fail+0xb/0x10
[   68.391048][ T4943]  should_fail_usercopy+0x1a/0x20
[   68.391087][ T4943]  _copy_from_user+0x1c/0xa0
[   68.391127][ T4943]  copy_msghdr_from_user+0x54/0x2b0
[   68.391169][ T4943]  ? __fget_files+0x186/0x1c0
[   68.391191][ T4943]  __sys_sendmsg+0x141/0x240
[   68.391233][ T4943]  __x64_sys_sendmsg+0x46/0x50
[   68.391344][ T4943]  x64_sys_call+0x26f3/0x2e10
[   68.391371][ T4943]  do_syscall_64+0xc9/0x1c0
[   68.391418][ T4943]  ? clear_bhb_loop+0x25/0x80
[   68.391439][ T4943]  ? clear_bhb_loop+0x25/0x80
[   68.391462][ T4943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.391483][ T4943] RIP: 0033:0x7fda944ed169
[   68.391575][ T4943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.391637][ T4943] RSP: 002b:00007fda92b4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.391657][ T4943] RAX: ffffffffffffffda RBX: 00007fda94705fa0 RCX: 00007fda944ed169
[   68.391672][ T4943] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[   68.391684][ T4943] RBP: 00007fda92b4f090 R08: 0000000000000000 R09: 0000000000000000
[   68.391703][ T4943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.391715][ T4943] R13: 0000000000000000 R14: 00007fda94705fa0 R15: 00007ffd32eb2658
[   68.391734][ T4943]  </TASK>
[   68.639538][ T4931] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.657355][ T4951] loop0: detected capacity change from 0 to 2048
[   68.687032][ T4951] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.750789][ T4931] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.751706][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.828486][ T4931] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.882653][ T4966] loop1: detected capacity change from 0 to 1024
[   68.889795][ T4966] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   68.900880][ T4966] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   68.903870][ T4970] loop0: detected capacity change from 0 to 512
[   68.912124][ T4966] JBD2: no valid journal superblock found
[   68.923325][ T4966] EXT4-fs (loop1): Could not load journal inode
[   68.934056][ T4966] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   68.946268][ T4970] EXT4-fs: Mount option(s) incompatible with ext3
[   68.987487][ T4972] loop1: detected capacity change from 0 to 1024
[   68.994885][ T4972] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   69.007294][ T4972] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   69.026680][ T4972] JBD2: no valid journal superblock found
[   69.032995][ T4972] EXT4-fs (loop1): Could not load journal inode
[   69.033423][ T4931] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.055417][ T4931] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.082247][ T4976] IPv6: Can't replace route, no match found
[   69.108783][ T4979] loop1: detected capacity change from 0 to 128
[   69.127510][ T4979] syz.1.501: attempt to access beyond end of device
[   69.127510][ T4979] loop1: rw=2049, sector=153, nr_sectors = 8 limit=128
[   69.141923][ T4931] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.151753][ T4979] syz.1.501: attempt to access beyond end of device
[   69.151753][ T4979] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[   69.169383][ T4931] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.177910][ T4979] syz.1.501: attempt to access beyond end of device
[   69.177910][ T4979] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[   69.193259][ T4981] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   69.210749][ T4981] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   69.218467][ T4979] syz.1.501: attempt to access beyond end of device
[   69.218467][ T4979] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[   69.232734][ T4979] syz.1.501: attempt to access beyond end of device
[   69.232734][ T4979] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[   69.249240][ T4979] syz.1.501: attempt to access beyond end of device
[   69.249240][ T4979] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[   69.266237][ T4979] syz.1.501: attempt to access beyond end of device
[   69.266237][ T4979] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128
[   69.285450][   T29] kauditd_printk_skb: 634 callbacks suppressed
[   69.285509][   T29] audit: type=1326 audit(1744315644.096:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.316021][   T29] audit: type=1326 audit(1744315644.096:5316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.339979][   T29] audit: type=1326 audit(1744315644.106:5317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.344106][ T4979] syz.1.501: attempt to access beyond end of device
[   69.344106][ T4979] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   69.363837][   T29] audit: type=1326 audit(1744315644.106:5318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.363874][   T29] audit: type=1326 audit(1744315644.106:5319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.429345][   T29] audit: type=1326 audit(1744315644.106:5320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.438277][ T4979] syz.1.501: attempt to access beyond end of device
[   69.438277][ T4979] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   69.453180][   T29] audit: type=1326 audit(1744315644.106:5321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.470223][ T4979] syz.1.501: attempt to access beyond end of device
[   69.470223][ T4979] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[   69.490875][   T29] audit: type=1326 audit(1744315644.106:5322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.505774][ T4979] Buffer I/O error on dev loop1, logical block 353, lost async page write
[   69.528474][   T29] audit: type=1326 audit(1744315644.106:5323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.528512][   T29] audit: type=1326 audit(1744315644.106:5324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4982 comm="syz.3.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   69.542446][ T4979] Buffer I/O error on dev loop1, logical block 354, lost async page write
[   69.597750][ T4979] Buffer I/O error on dev loop1, logical block 355, lost async page write
[   69.607835][ T4979] Buffer I/O error on dev loop1, logical block 356, lost async page write
[   69.616946][ T4979] Buffer I/O error on dev loop1, logical block 357, lost async page write
[   69.631861][ T4992] loop3: detected capacity change from 0 to 2048
[   69.649239][ T4979] Buffer I/O error on dev loop1, logical block 358, lost async page write
[   69.660292][ T4979] Buffer I/O error on dev loop1, logical block 359, lost async page write
[   69.716298][ T4992] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.756857][ T5003] loop1: detected capacity change from 0 to 1024
[   69.766805][ T5003] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   69.779041][ T5003] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   69.793284][ T5003] JBD2: no valid journal superblock found
[   69.795149][ T4992] 9pnet_fd: Insufficient options for proto=fd
[   69.799991][ T5003] EXT4-fs (loop1): Could not load journal inode
[   69.818046][ T4995] loop0: detected capacity change from 0 to 1024
[   69.827049][ T4995] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   69.839210][ T4995] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   69.851891][ T4995] JBD2: no valid journal superblock found
[   69.857954][ T4995] EXT4-fs (loop0): Could not load journal inode
[   69.870945][ T4995] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   69.881658][ T5008] IPv6: Can't replace route, no match found
[   69.902073][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.941353][ T5011] 9pnet_virtio: no channels available for device ./file0
[   69.954768][ T5014] loop3: detected capacity change from 0 to 128
[   69.992184][ T5014] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.020433][ T5020] loop0: detected capacity change from 0 to 512
[   70.029283][ T5020] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   70.050500][ T5020] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[   70.058950][ T5020] EXT4-fs error (device loop0): ext4_iget_extra_inode:4692: inode #15: comm syz.0.517: corrupted in-inode xattr: e_value size too large
[   70.073821][ T5020] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.517: couldn't read orphan inode 15 (err -117)
[   70.087296][ T5020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.120090][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.171769][ T5014] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.234499][ T5026] vlan2: entered allmulticast mode
[   70.244951][ T5026] batadv0: entered allmulticast mode
[   70.290332][ T5014] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.395752][ T5014] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.396921][ T5029] 9pnet_fd: Insufficient options for proto=fd
[   70.470535][ T5033] __nla_validate_parse: 13 callbacks suppressed
[   70.470594][ T5033] netlink: 64 bytes leftover after parsing attributes in process `syz.0.521'.
[   70.490842][ T5033] loop0: detected capacity change from 0 to 1024
[   70.498236][ T5033] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   70.510930][ T5033] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   70.524286][ T5033] JBD2: no valid journal superblock found
[   70.530630][ T5033] EXT4-fs (loop0): Could not load journal inode
[   70.537401][ T5035] loop4: detected capacity change from 0 to 2048
[   70.547088][ T5035] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.548736][ T5033] netlink: 104 bytes leftover after parsing attributes in process `syz.0.521'.
[   70.568039][ T5035] 9pnet_fd: Insufficient options for proto=fd
[   70.624279][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.689539][ T5047] netlink: 'syz.2.526': attribute type 10 has an invalid length.
[   70.699697][ T5047] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.709324][ T5047] batman_adv: batadv0: Removing interface: batadv_slave_0
[   70.721716][ T5047] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[   70.898367][ T5059] delete_channel: no stack
[   70.910214][ T5059] delete_channel: no stack
[   70.924701][ T5066] syzkaller0: entered promiscuous mode
[   70.931355][ T5066] syzkaller0: entered allmulticast mode
[   71.450204][ T5117] netlink: 'syz.0.549': attribute type 10 has an invalid length.
[   72.328091][ T5263] netlink: 132 bytes leftover after parsing attributes in process `syz.1.563'.
[   72.433358][ T5274] netlink: 'syz.4.568': attribute type 10 has an invalid length.
[   72.442949][ T5274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.454372][ T5274] batman_adv: batadv0: Removing interface: batadv_slave_0
[   72.473385][ T5274] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[   72.487732][ T5284] netlink: 'syz.1.573': attribute type 2 has an invalid length.
[   72.495690][ T5284] netlink: 'syz.1.573': attribute type 1 has an invalid length.
[   72.587169][ T5292] netlink: 2 bytes leftover after parsing attributes in process `syz.1.577'.
[   72.639554][ T5292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.650483][ T5292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.660493][ T5292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.671176][ T5292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.681132][ T5292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.691688][ T5292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.701734][ T5292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.712281][ T5292] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.722606][ T5292] batadv_slave_1: entered promiscuous mode
[   72.981630][ T5316] netlink: 'syz.2.588': attribute type 10 has an invalid length.
[   72.993460][ T5316] team0: Device hsr_slave_0 failed to register rx_handler
[   73.143683][ T5322] syzkaller0: entered promiscuous mode
[   73.149536][ T5322] syzkaller0: entered allmulticast mode
[   73.332512][ T5014] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.361928][ T5014] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.374329][ T5014] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.386965][ T5014] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.464701][ T5342] loop1: detected capacity change from 0 to 2048
[   73.473481][ T5340] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   73.482543][ T5340] SELinux: failed to load policy
[   73.502459][ T5345] FAULT_INJECTION: forcing a failure.
[   73.502459][ T5345] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.516063][ T5345] CPU: 1 UID: 0 PID: 5345 Comm: syz.3.601 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   73.516169][ T5345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   73.516185][ T5345] Call Trace:
[   73.516193][ T5345]  <TASK>
[   73.516202][ T5345]  dump_stack_lvl+0xf6/0x150
[   73.516228][ T5345]  dump_stack+0x15/0x1a
[   73.516248][ T5345]  should_fail_ex+0x261/0x270
[   73.516282][ T5345]  should_fail+0xb/0x10
[   73.516365][ T5345]  should_fail_usercopy+0x1a/0x20
[   73.516401][ T5345]  _copy_from_user+0x1c/0xa0
[   73.516440][ T5345]  __sys_bpf+0x16a/0x800
[   73.516470][ T5345]  __x64_sys_bpf+0x43/0x50
[   73.516527][ T5345]  x64_sys_call+0x23da/0x2e10
[   73.516553][ T5345]  do_syscall_64+0xc9/0x1c0
[   73.516590][ T5345]  ? clear_bhb_loop+0x25/0x80
[   73.516616][ T5345]  ? clear_bhb_loop+0x25/0x80
[   73.516646][ T5345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.516669][ T5345] RIP: 0033:0x7fc49311d169
[   73.516684][ T5345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.516701][ T5345] RSP: 002b:00007fc491787038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   73.516758][ T5345] RAX: ffffffffffffffda RBX: 00007fc493335fa0 RCX: 00007fc49311d169
[   73.516773][ T5345] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000012
[   73.516802][ T5345] RBP: 00007fc491787090 R08: 0000000000000000 R09: 0000000000000000
[   73.516815][ T5345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.516827][ T5345] R13: 0000000000000000 R14: 00007fc493335fa0 R15: 00007ffd5c397868
[   73.516844][ T5345]  </TASK>
[   73.692739][ T5349] syzkaller0: entered promiscuous mode
[   73.698627][ T5349] syzkaller0: entered allmulticast mode
[   73.704743][ T5342] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.730952][ T5342] 9pnet_fd: Insufficient options for proto=fd
[   73.778268][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.897888][ T5379] netlink: 28 bytes leftover after parsing attributes in process `syz.1.613'.
[   73.920566][ T5379] FAULT_INJECTION: forcing a failure.
[   73.920566][ T5379] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   73.934050][ T5379] CPU: 0 UID: 0 PID: 5379 Comm: syz.1.613 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   73.934083][ T5379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   73.934127][ T5379] Call Trace:
[   73.934135][ T5379]  <TASK>
[   73.934143][ T5379]  dump_stack_lvl+0xf6/0x150
[   73.934173][ T5379]  dump_stack+0x15/0x1a
[   73.934197][ T5379]  should_fail_ex+0x261/0x270
[   73.934231][ T5379]  should_fail_alloc_page+0xfd/0x110
[   73.934294][ T5379]  __alloc_frozen_pages_noprof+0x11d/0x360
[   73.934334][ T5379]  alloc_pages_mpol+0xb6/0x260
[   73.934364][ T5379]  alloc_pages_noprof+0xe8/0x130
[   73.934433][ T5379]  pte_alloc_one+0x2f/0x110
[   73.934475][ T5379]  __do_fault+0x79/0x200
[   73.934497][ T5379]  handle_mm_fault+0xc86/0x2e80
[   73.934558][ T5379]  ? avc_has_perm+0xd6/0x150
[   73.934601][ T5379]  __get_user_pages+0xf4e/0x2340
[   73.934651][ T5379]  faultin_page_range+0x101/0x5d0
[   73.934680][ T5379]  madvise_do_behavior+0x10e/0x2530
[   73.934706][ T5379]  ? 0xffffffff81000000
[   73.934721][ T5379]  ? __rcu_read_unlock+0x4e/0x70
[   73.934757][ T5379]  ? proc_fail_nth_write+0x12d/0x160
[   73.934785][ T5379]  ? down_read+0x173/0x4c0
[   73.934922][ T5379]  ? __fget_files+0x186/0x1c0
[   73.934951][ T5379]  __x64_sys_madvise+0xcb/0x100
[   73.934979][ T5379]  x64_sys_call+0x23b8/0x2e10
[   73.935052][ T5379]  do_syscall_64+0xc9/0x1c0
[   73.935088][ T5379]  ? clear_bhb_loop+0x25/0x80
[   73.935115][ T5379]  ? clear_bhb_loop+0x25/0x80
[   73.935141][ T5379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.935168][ T5379] RIP: 0033:0x7f9232fdd169
[   73.935253][ T5379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.935275][ T5379] RSP: 002b:00007f923163f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[   73.935297][ T5379] RAX: ffffffffffffffda RBX: 00007f92331f5fa0 RCX: 00007f9232fdd169
[   73.935311][ T5379] RDX: 0000000000000017 RSI: 0000000000800000 RDI: 00002000000ec000
[   73.935325][ T5379] RBP: 00007f923163f090 R08: 0000000000000000 R09: 0000000000000000
[   73.935339][ T5379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.935353][ T5379] R13: 0000000000000000 R14: 00007f92331f5fa0 R15: 00007ffd68b22658
[   73.935482][ T5379]  </TASK>
[   74.179487][ T5379] loop1: detected capacity change from 0 to 1024
[   74.187819][ T5379] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   74.199082][ T5379] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   74.212368][ T5379] JBD2: no valid journal superblock found
[   74.218220][ T5379] EXT4-fs (loop1): Could not load journal inode
[   74.227128][ T5379] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   74.239907][ T5383] netlink: 28 bytes leftover after parsing attributes in process `syz.2.615'.
[   74.250099][ T5379] 9pnet: Could not find request transport: fd
[   74.500649][ T5399] netlink: 'syz.2.617': attribute type 3 has an invalid length.
[   74.523151][ T5401] syzkaller0: entered promiscuous mode
[   74.528957][ T5401] syzkaller0: entered allmulticast mode
[   74.576684][ T5408] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   74.598303][   T29] kauditd_printk_skb: 13 callbacks suppressed
[   74.598321][   T29] audit: type=1400 audit(1744315649.426:5338): avc:  denied  { create } for  pid=5411 comm="syz.3.627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   74.626617][ T5408] SELinux: failed to load policy
[   74.647757][   T29] audit: type=1326 audit(1744315649.466:5339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.672097][   T29] audit: type=1326 audit(1744315649.466:5340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.695862][   T29] audit: type=1326 audit(1744315649.466:5341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.719517][   T29] audit: type=1326 audit(1744315649.466:5342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.745971][   T29] audit: type=1326 audit(1744315649.466:5343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.753759][ T5416] loop4: detected capacity change from 0 to 128
[   74.771171][   T29] audit: type=1326 audit(1744315649.466:5344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.771210][   T29] audit: type=1326 audit(1744315649.466:5345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.771268][   T29] audit: type=1326 audit(1744315649.466:5346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.771301][   T29] audit: type=1326 audit(1744315649.466:5347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   74.801222][ T5414] netlink: 'syz.2.626': attribute type 25 has an invalid length.
[   74.881404][ T5416] netlink: 8 bytes leftover after parsing attributes in process `syz.4.628'.
[   74.911599][ T5420] capability: warning: `syz.1.630' uses 32-bit capabilities (legacy support in use)
[   74.922129][ T5420] FAULT_INJECTION: forcing a failure.
[   74.922129][ T5420] name failslab, interval 1, probability 0, space 0, times 0
[   74.935271][ T5420] CPU: 1 UID: 0 PID: 5420 Comm: syz.1.630 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   74.935298][ T5420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   74.935382][ T5420] Call Trace:
[   74.935389][ T5420]  <TASK>
[   74.935398][ T5420]  dump_stack_lvl+0xf6/0x150
[   74.935424][ T5420]  dump_stack+0x15/0x1a
[   74.935440][ T5420]  should_fail_ex+0x261/0x270
[   74.935469][ T5420]  should_failslab+0x8f/0xb0
[   74.935504][ T5420]  kmem_cache_alloc_noprof+0x59/0x340
[   74.935580][ T5420]  ? alloc_empty_file+0x78/0x200
[   74.935605][ T5420]  alloc_empty_file+0x78/0x200
[   74.935627][ T5420]  path_openat+0x6f/0x2000
[   74.935657][ T5420]  ? _parse_integer_limit+0x167/0x180
[   74.935692][ T5420]  ? kstrtoull+0x115/0x140
[   74.935719][ T5420]  ? kstrtouint+0x7b/0xc0
[   74.935780][ T5420]  do_filp_open+0x115/0x240
[   74.935821][ T5420]  do_sys_openat2+0xaa/0x110
[   74.935866][ T5420]  __x64_sys_openat+0xf8/0x120
[   74.935913][ T5420]  x64_sys_call+0x1ac/0x2e10
[   74.935999][ T5420]  do_syscall_64+0xc9/0x1c0
[   74.936033][ T5420]  ? clear_bhb_loop+0x25/0x80
[   74.936059][ T5420]  ? clear_bhb_loop+0x25/0x80
[   74.936086][ T5420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.936138][ T5420] RIP: 0033:0x7f9232fdd169
[   74.936156][ T5420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.936235][ T5420] RSP: 002b:00007f923163f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   74.936258][ T5420] RAX: ffffffffffffffda RBX: 00007f92331f5fa0 RCX: 00007f9232fdd169
[   74.936329][ T5420] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   74.936343][ T5420] RBP: 00007f923163f090 R08: 0000000000000000 R09: 0000000000000000
[   74.936356][ T5420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.936370][ T5420] R13: 0000000000000000 R14: 00007f92331f5fa0 R15: 00007ffd68b22658
[   74.936392][ T5420]  </TASK>
[   75.173530][ T5425] 9p: Unknown Cache mode or invalid value l
[   75.183784][ T5416] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.233314][ T5429] loop2: detected capacity change from 0 to 512
[   75.245685][ T5430] vlan2: entered allmulticast mode
[   75.260786][ T5429] EXT4-fs (loop2): 1 orphan inode deleted
[   75.267550][ T5429] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.280618][ T5249] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 1
[   75.292980][ T5429] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.307328][ T5425] sch_fq: defrate 2048 ignored.
[   75.344211][ T5416] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.359863][ T5429] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.426004][ T5441] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   75.433661][ T5441] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   75.441280][ T5445] loop2: detected capacity change from 0 to 2048
[   75.470731][ T5445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.472882][ T5416] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.493254][ T5441] loop0: detected capacity change from 0 to 512
[   75.500875][ T5449] tipc: Started in network mode
[   75.504255][ T5445] 9pnet_fd: Insufficient options for proto=fd
[   75.505875][ T5449] tipc: Node identity ac14140f, cluster identity 4711
[   75.513448][ T5441] EXT4-fs error (device loop0): __ext4_iget:5004: inode #11: block 1: comm syz.0.638: invalid block
[   75.519780][ T5449] tipc: New replicast peer: 255.255.255.255
[   75.532682][ T5441] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.638: couldn't read orphan inode 11 (err -117)
[   75.536368][ T5449] tipc: Enabled bearer <udp:syz2>, priority 10
[   75.561596][ T5416] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.579637][ T5441] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.616610][ T5441] sd 0:0:1:0: device reset
[   75.620771][ T5416] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.635332][ T5416] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.649343][ T5416] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.664334][ T5416] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.676504][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.677640][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.766435][ T5485] netlink: 28 bytes leftover after parsing attributes in process `syz.0.653'.
[   75.843202][ T5502] netlink: 132 bytes leftover after parsing attributes in process `syz.3.658'.
[   75.862731][ T5499] loop4: detected capacity change from 0 to 2048
[   75.881419][ T5501] loop1: detected capacity change from 0 to 2048
[   75.881900][ T5505] FAULT_INJECTION: forcing a failure.
[   75.881900][ T5505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.902528][ T5505] CPU: 1 UID: 0 PID: 5505 Comm: syz.3.661 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   75.902576][ T5505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   75.902588][ T5505] Call Trace:
[   75.902595][ T5505]  <TASK>
[   75.902603][ T5505]  dump_stack_lvl+0xf6/0x150
[   75.902626][ T5505]  dump_stack+0x15/0x1a
[   75.902694][ T5505]  should_fail_ex+0x261/0x270
[   75.902808][ T5505]  should_fail+0xb/0x10
[   75.902831][ T5505]  should_fail_usercopy+0x1a/0x20
[   75.902863][ T5505]  _copy_from_user+0x1c/0xa0
[   75.902898][ T5505]  copy_msghdr_from_user+0x54/0x2b0
[   75.902966][ T5505]  ? __fget_files+0x186/0x1c0
[   75.902987][ T5505]  __sys_sendmsg+0x141/0x240
[   75.903078][ T5505]  __x64_sys_sendmsg+0x46/0x50
[   75.903111][ T5505]  x64_sys_call+0x26f3/0x2e10
[   75.903136][ T5505]  do_syscall_64+0xc9/0x1c0
[   75.903242][ T5505]  ? clear_bhb_loop+0x25/0x80
[   75.903265][ T5505]  ? clear_bhb_loop+0x25/0x80
[   75.903293][ T5505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.903316][ T5505] RIP: 0033:0x7fc49311d169
[   75.903331][ T5505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.903352][ T5505] RSP: 002b:00007fc491787038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.903375][ T5505] RAX: ffffffffffffffda RBX: 00007fc493335fa0 RCX: 00007fc49311d169
[   75.903408][ T5505] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[   75.903420][ T5505] RBP: 00007fc491787090 R08: 0000000000000000 R09: 0000000000000000
[   75.903431][ T5505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.903443][ T5505] R13: 0000000000000000 R14: 00007fc493335fa0 R15: 00007ffd5c397868
[   75.903461][ T5505]  </TASK>
[   76.086596][ T5485] loop0: detected capacity change from 0 to 1024
[   76.094073][ T5501] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.094149][ T5499] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.116063][ T5501] 9pnet_fd: Insufficient options for proto=fd
[   76.125391][ T5485] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   76.137081][ T5485] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   76.155303][ T5485] JBD2: no valid journal superblock found
[   76.161189][ T5485] EXT4-fs (loop0): Could not load journal inode
[   76.182955][ T5499] 9pnet_fd: Insufficient options for proto=fd
[   76.221863][ T5514] loop3: detected capacity change from 0 to 128
[   76.235695][ T5485] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   76.259411][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.265856][ T5514] netlink: 8 bytes leftover after parsing attributes in process `syz.3.663'.
[   76.313521][ T5514] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.361170][ T5523] netlink: 64 bytes leftover after parsing attributes in process `syz.0.666'.
[   76.379646][ T5523] loop0: detected capacity change from 0 to 1024
[   76.390401][ T5524] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[   76.390401][ T5524]    program syz.4.664 not setting count and/or reply_len properly
[   76.397097][ T5523] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   76.418884][ T5523] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   76.443147][ T5523] JBD2: no valid journal superblock found
[   76.447871][ T5514] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.449391][ T5523] EXT4-fs (loop0): Could not load journal inode
[   76.452260][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.547849][ T5514] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.566008][ T3377] tipc: Node number set to 2886997007
[   76.589661][ T5537] loop4: detected capacity change from 0 to 128
[   76.629008][ T5543] syzkaller0: entered promiscuous mode
[   76.634728][ T5543] syzkaller0: entered allmulticast mode
[   76.692252][ T5514] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.751866][ T5549] loop2: detected capacity change from 0 to 2048
[   76.769083][ T5549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.810077][ T5553] IPv6: Can't replace route, no match found
[   76.826802][ T5549] 9pnet_fd: Insufficient options for proto=fd
[   76.874620][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.902360][ T5561] loop2: detected capacity change from 0 to 1024
[   76.915885][ T5561] EXT4-fs: Ignoring removed orlov option
[   76.921836][ T5561] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.968008][ T5561] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.057205][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.123265][ T5578] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   77.132566][ T5578] SELinux: failed to load policy
[   77.192490][ T5583] loop4: detected capacity change from 0 to 512
[   77.200740][ T5585] loop2: detected capacity change from 0 to 512
[   77.219124][ T5585] EXT4-fs (loop2): 1 orphan inode deleted
[   77.226503][ T5585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.240129][ T5585] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.242145][   T85] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1
[   77.265873][ T5583] EXT4-fs (loop4): 1 orphan inode deleted
[   77.272883][ T5583] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.286438][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 1
[   77.287617][ T5583] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.311705][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.339064][ T5591] loop2: detected capacity change from 0 to 2048
[   77.348239][ T5583] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.360004][ T5591] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.376791][ T5591] 9pnet_fd: Insufficient options for proto=fd
[   77.414252][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.450903][ T5603] FAULT_INJECTION: forcing a failure.
[   77.450903][ T5603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   77.464466][ T5603] CPU: 1 UID: 0 PID: 5603 Comm: syz.2.692 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   77.464570][ T5603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   77.464586][ T5603] Call Trace:
[   77.464595][ T5603]  <TASK>
[   77.464605][ T5603]  dump_stack_lvl+0xf6/0x150
[   77.464641][ T5603]  dump_stack+0x15/0x1a
[   77.464662][ T5603]  should_fail_ex+0x261/0x270
[   77.464696][ T5603]  should_fail+0xb/0x10
[   77.464856][ T5603]  should_fail_usercopy+0x1a/0x20
[   77.464890][ T5603]  _copy_from_user+0x1c/0xa0
[   77.464927][ T5603]  do_ip6t_set_ctl+0x44d/0x8c0
[   77.464994][ T5603]  ? kstrtouint+0x7b/0xc0
[   77.465114][ T5603]  nf_setsockopt+0x195/0x1b0
[   77.465190][ T5603]  ipv6_setsockopt+0x10f/0x130
[   77.465224][ T5603]  tcp_setsockopt+0x93/0xb0
[   77.465308][ T5603]  sock_common_setsockopt+0x64/0x80
[   77.465333][ T5603]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   77.465354][ T5603]  __sys_setsockopt+0x187/0x200
[   77.465446][ T5603]  __x64_sys_setsockopt+0x66/0x80
[   77.465479][ T5603]  x64_sys_call+0x2a09/0x2e10
[   77.465507][ T5603]  do_syscall_64+0xc9/0x1c0
[   77.465579][ T5603]  ? clear_bhb_loop+0x25/0x80
[   77.465607][ T5603]  ? clear_bhb_loop+0x25/0x80
[   77.465639][ T5603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.465709][ T5603] RIP: 0033:0x7f24699ad169
[   77.465723][ T5603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.465745][ T5603] RSP: 002b:00007f246800f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   77.465840][ T5603] RAX: ffffffffffffffda RBX: 00007f2469bc5fa0 RCX: 00007f24699ad169
[   77.465854][ T5603] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[   77.465869][ T5603] RBP: 00007f246800f090 R08: 0000000000000308 R09: 0000000000000000
[   77.465883][ T5603] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.465949][ T5603] R13: 0000000000000000 R14: 00007f2469bc5fa0 R15: 00007ffd0d856408
[   77.465970][ T5603]  </TASK>
[   77.478040][ T5605] 9p: Unknown Cache mode or invalid value l
[   77.540128][ T5608] vlan0: entered allmulticast mode
[   77.581014][ T5610] loop2: detected capacity change from 0 to 2048
[   77.717998][ T5610] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.789198][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.825194][ T5620] loop2: detected capacity change from 0 to 512
[   77.839221][ T5618] loop1: detected capacity change from 0 to 512
[   77.843588][ T5571] syz.0.681 (5571) used greatest stack depth: 9600 bytes left
[   77.847708][ T5618] EXT4-fs: Invalid want_extra_isize 7
[   77.856387][ T5620] EXT4-fs (loop2): 1 orphan inode deleted
[   77.867397][ T5620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.877903][   T85] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1
[   77.901010][ T5620] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.991289][ T5632] vlan2: entered allmulticast mode
[   77.996716][ T5632] geneve0: entered allmulticast mode
[   78.038041][ T5620] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.099310][ T5644] loop0: detected capacity change from 0 to 1024
[   78.107230][ T5644] EXT4-fs: Ignoring removed orlov option
[   78.113066][ T5644] EXT4-fs: Ignoring removed nomblk_io_submit option
[   78.129399][ T5644] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.234671][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.260699][ T5650] loop0: detected capacity change from 0 to 1024
[   78.268209][ T5650] EXT4-fs: Ignoring removed orlov option
[   78.274064][ T5650] EXT4-fs: Ignoring removed nomblk_io_submit option
[   78.298883][ T5650] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.343001][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.368027][ T5656] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   78.378446][ T5656] SELinux: failed to load policy
[   78.401981][ T5660] netlink: 28 bytes leftover after parsing attributes in process `syz.2.712'.
[   78.517764][ T5677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   78.528985][ T5660] loop2: detected capacity change from 0 to 1024
[   78.536264][ T5677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.544674][ T5660] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   78.556351][ T5660] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   78.572010][ T5660] JBD2: no valid journal superblock found
[   78.577857][ T5660] EXT4-fs (loop2): Could not load journal inode
[   78.600060][ T5660] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   78.633767][ T5677] Falling back ldisc for ttyS3.
[   78.641343][ T5694] IPv6: Can't replace route, no match found
[   78.655494][ T5514] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.683234][ T5514] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.706370][ T5705] loop2: detected capacity change from 0 to 1024
[   78.714967][ T5514] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.723886][ T5705] EXT4-fs: Ignoring removed orlov option
[   78.730082][ T5705] EXT4-fs: Ignoring removed nomblk_io_submit option
[   78.740094][ T5514] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.765784][ T5705] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.806745][ T5724] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   78.886207][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.971992][ T5740] cgroup: Invalid name
[   78.978432][ T5741] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   78.999803][ T5741] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   79.010950][ T5743] loop2: detected capacity change from 0 to 1024
[   79.035458][ T5743] EXT4-fs: Ignoring removed orlov option
[   79.042055][ T5743] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.087210][ T5743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.204013][ T5774] loop1: detected capacity change from 0 to 512
[   79.212235][ T5774] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   79.229515][ T5774] EXT4-fs (loop1): 1 truncate cleaned up
[   79.236121][ T5774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.467627][ T5783] bond2: entered promiscuous mode
[   79.473872][ T5783] bond2: entered allmulticast mode
[   79.482432][ T5783] 8021q: adding VLAN 0 to HW filter on device bond2
[   79.553204][ T5783] bond2 (unregistering): Released all slaves
[   79.638848][ T5789] IPv6: Can't replace route, no match found
[   79.647889][ T5792] vlan2: entered allmulticast mode
[   79.666644][ T5832] loop4: detected capacity change from 0 to 512
[   79.688230][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.702519][ T5832] EXT4-fs (loop4): 1 orphan inode deleted
[   79.709084][ T5832] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.722085][   T29] kauditd_printk_skb: 460 callbacks suppressed
[   79.722135][   T29] audit: type=1400 audit(1744316422.600:5804): avc:  denied  { tracepoint } for  pid=5835 comm="syz.1.732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   79.723180][ T5832] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.728737][   T85] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   79.770669][   T85] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1
[   79.786215][   T29] audit: type=1400 audit(1744316422.642:5805): avc:  denied  { ioctl } for  pid=5831 comm="syz.4.731" path="socket:[14203]" dev="sockfs" ino=14203 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   79.813541][   T29] audit: type=1400 audit(1744316422.663:5806): avc:  denied  { append } for  pid=5831 comm="syz.4.731" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   79.842335][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.897562][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.940609][ T5844] netlink: 'syz.4.737': attribute type 25 has an invalid length.
[   79.979921][ T5850] netlink: 28 bytes leftover after parsing attributes in process `syz.4.739'.
[   80.071617][   T29] audit: type=1400 audit(1744316422.977:5807): avc:  denied  { read write } for  pid=5851 comm="syz.3.740" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   80.096863][   T29] audit: type=1400 audit(1744316422.988:5808): avc:  denied  { open } for  pid=5851 comm="syz.3.740" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   80.122464][ T5861] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   80.131671][ T5861] SELinux: failed to load policy
[   80.143390][ T5850] loop4: detected capacity change from 0 to 1024
[   80.151769][ T5850] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   80.163269][ T5850] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   80.175893][ T5850] JBD2: no valid journal superblock found
[   80.181886][ T5850] EXT4-fs (loop4): Could not load journal inode
[   80.194893][ T5850] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   80.204933][ T5864] loop2: detected capacity change from 0 to 1024
[   80.211940][ T5864] EXT4-fs: Ignoring removed orlov option
[   80.221829][ T5864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.240614][   T29] audit: type=1400 audit(1744316423.145:5809): avc:  denied  { read } for  pid=5866 comm="syz.4.744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   80.261372][   T29] audit: type=1400 audit(1744316423.145:5810): avc:  denied  { create } for  pid=5866 comm="syz.4.744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   80.282087][   T29] audit: type=1400 audit(1744316423.156:5811): avc:  denied  { ioctl } for  pid=5866 comm="syz.4.744" path="socket:[14973]" dev="sockfs" ino=14973 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   80.347103][ T5872] loop0: detected capacity change from 0 to 1024
[   80.354223][ T5872] EXT4-fs: Ignoring removed orlov option
[   80.360057][ T5872] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.370726][ T5875] vlan0: entered allmulticast mode
[   80.389644][ T5872] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.437800][ T5879] loop4: detected capacity change from 0 to 1024
[   80.445147][ T5879] EXT4-fs: Ignoring removed orlov option
[   80.451137][ T5879] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.474098][ T5879] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.514721][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.544964][ T5883] loop4: detected capacity change from 0 to 2048
[   80.562328][ T5883] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.582299][ T5883] 9pnet_fd: Insufficient options for proto=fd
[   80.627114][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.735671][ T5894] loop4: detected capacity change from 0 to 128
[   80.746804][ T5894] tipc: Started in network mode
[   80.753721][ T5894] tipc: Node identity 4, cluster identity 4711
[   80.760679][ T5894] tipc: Node number set to 4
[   80.766906][   T29] audit: type=1400 audit(1744316423.702:5812): avc:  denied  { getopt } for  pid=5893 comm="syz.4.752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   80.852249][ T5898] loop3: detected capacity change from 0 to 512
[   80.884909][ T5898] EXT4-fs (loop3): 1 orphan inode deleted
[   80.891561][ T5898] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.905196][   T37] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1
[   80.905211][ T5898] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.982531][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.104210][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.114571][ T5908] loop4: detected capacity change from 0 to 2048
[   81.148500][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.155612][ T5908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.187792][ T5908] 9pnet_fd: Insufficient options for proto=fd
[   81.208419][ T5919] loop2: detected capacity change from 0 to 128
[   81.231528][ T5917] loop0: detected capacity change from 0 to 128
[   81.268300][ T5919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.762'.
[   81.285184][ T5917] netlink: 8 bytes leftover after parsing attributes in process `syz.0.761'.
[   81.286629][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.324249][ T5917] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.348208][ T5919] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.383276][ T5917] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.412017][ T5919] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.441514][ T5917] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.492789][ T5919] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.515720][ T5917] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.549936][ T5919] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.618783][ T5917] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.643937][ T5917] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.711390][ T5917] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.763662][ T5917] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.842929][ T5919] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.856499][ T5930] netlink: 64 bytes leftover after parsing attributes in process `syz.0.766'.
[   81.871421][ T5930] loop0: detected capacity change from 0 to 1024
[   81.879744][ T5930] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   81.891068][ T5930] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   81.903493][ T5930] JBD2: no valid journal superblock found
[   81.909447][ T5930] EXT4-fs (loop0): Could not load journal inode
[   81.918403][ T5919] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.921684][ T5930] netlink: 104 bytes leftover after parsing attributes in process `syz.0.766'.
[   82.008829][ T5919] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.019476][ T5933] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   82.038449][ T5919] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.136921][ T5941] FAULT_INJECTION: forcing a failure.
[   82.136921][ T5941] name failslab, interval 1, probability 0, space 0, times 0
[   82.150513][ T5941] CPU: 1 UID: 0 PID: 5941 Comm: syz.4.771 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   82.150687][ T5941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   82.150702][ T5941] Call Trace:
[   82.150709][ T5941]  <TASK>
[   82.150719][ T5941]  dump_stack_lvl+0xf6/0x150
[   82.150748][ T5941]  dump_stack+0x15/0x1a
[   82.150766][ T5941]  should_fail_ex+0x261/0x270
[   82.150831][ T5941]  should_failslab+0x8f/0xb0
[   82.150909][ T5941]  kmem_cache_alloc_noprof+0x59/0x340
[   82.150932][ T5941]  ? alloc_empty_file+0x78/0x200
[   82.150956][ T5941]  alloc_empty_file+0x78/0x200
[   82.151045][ T5941]  path_openat+0x6f/0x2000
[   82.151076][ T5941]  ? _parse_integer_limit+0x167/0x180
[   82.151105][ T5941]  ? kstrtoull+0x115/0x140
[   82.151133][ T5941]  ? kstrtouint+0x7b/0xc0
[   82.151164][ T5941]  do_filp_open+0x115/0x240
[   82.151233][ T5941]  do_sys_openat2+0xaa/0x110
[   82.151256][ T5941]  __x64_sys_openat+0xf8/0x120
[   82.151288][ T5941]  x64_sys_call+0x1ac/0x2e10
[   82.151316][ T5941]  do_syscall_64+0xc9/0x1c0
[   82.151415][ T5941]  ? clear_bhb_loop+0x25/0x80
[   82.151437][ T5941]  ? clear_bhb_loop+0x25/0x80
[   82.151459][ T5941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.151485][ T5941] RIP: 0033:0x7fda944ed169
[   82.151557][ T5941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.151584][ T5941] RSP: 002b:00007fda92b4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   82.151604][ T5941] RAX: ffffffffffffffda RBX: 00007fda94705fa0 RCX: 00007fda944ed169
[   82.151619][ T5941] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   82.151662][ T5941] RBP: 00007fda92b4f090 R08: 0000000000000000 R09: 0000000000000000
[   82.151676][ T5941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.151691][ T5941] R13: 0000000000000000 R14: 00007fda94705fa0 R15: 00007ffd32eb2658
[   82.151714][ T5941]  </TASK>
[   82.376458][    T9] IPVS: starting estimator thread 0...
[   82.388459][ T5945] loop4: detected capacity change from 0 to 1024
[   82.395717][ T5945] EXT4-fs: Ignoring removed orlov option
[   82.401833][ T5945] EXT4-fs: Ignoring removed nomblk_io_submit option
[   82.426289][ T5945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.454950][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.472034][ T5943] IPVS: using max 2400 ests per chain, 120000 per kthread
[   82.746698][ T5966] netlink: 'syz.1.779': attribute type 25 has an invalid length.
[   82.776014][ T5970] FAULT_INJECTION: forcing a failure.
[   82.776014][ T5970] name failslab, interval 1, probability 0, space 0, times 0
[   82.789151][ T5970] CPU: 1 UID: 0 PID: 5970 Comm: syz.2.781 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   82.789184][ T5970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   82.789199][ T5970] Call Trace:
[   82.789372][ T5970]  <TASK>
[   82.789383][ T5970]  dump_stack_lvl+0xf6/0x150
[   82.789446][ T5970]  dump_stack+0x15/0x1a
[   82.789462][ T5970]  should_fail_ex+0x261/0x270
[   82.789509][ T5970]  should_failslab+0x8f/0xb0
[   82.789535][ T5970]  kmem_cache_alloc_lru_noprof+0x5e/0x330
[   82.789555][ T5970]  ? hugetlbfs_alloc_inode+0xbc/0x100
[   82.789631][ T5970]  hugetlbfs_alloc_inode+0xbc/0x100
[   82.789725][ T5970]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[   82.789760][ T5970]  alloc_inode+0x40/0x170
[   82.789846][ T5970]  new_inode+0x1e/0xe0
[   82.789862][ T5970]  hugetlbfs_get_inode+0x7d/0x380
[   82.789969][ T5970]  hugetlb_file_setup+0x188/0x3c0
[   82.789996][ T5970]  ksys_mmap_pgoff+0x174/0x340
[   82.790023][ T5970]  x64_sys_call+0x1945/0x2e10
[   82.790079][ T5970]  do_syscall_64+0xc9/0x1c0
[   82.790150][ T5970]  ? clear_bhb_loop+0x25/0x80
[   82.790169][ T5970]  ? clear_bhb_loop+0x25/0x80
[   82.790229][ T5970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.790314][ T5970] RIP: 0033:0x7f24699ad169
[   82.790327][ T5970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.790343][ T5970] RSP: 002b:00007f246800f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   82.790360][ T5970] RAX: ffffffffffffffda RBX: 00007f2469bc5fa0 RCX: 00007f24699ad169
[   82.790371][ T5970] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000200000000000
[   82.790395][ T5970] RBP: 00007f246800f090 R08: ffffffffffffffff R09: 0000000000000000
[   82.790405][ T5970] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[   82.790424][ T5970] R13: 0000000000000000 R14: 00007f2469bc5fa0 R15: 00007ffd0d856408
[   82.790441][ T5970]  </TASK>
[   83.030081][ T5975] loop2: detected capacity change from 0 to 1024
[   83.042635][ T5975] EXT4-fs: Ignoring removed orlov option
[   83.048758][ T5975] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.117014][ T5992] loop2: detected capacity change from 0 to 1024
[   83.124413][ T5992] EXT4-fs: Ignoring removed orlov option
[   83.131286][ T5992] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.209174][ T6000] loop2: detected capacity change from 0 to 512
[   83.226599][ T6000] EXT4-fs (loop2): 1 orphan inode deleted
[   83.233241][ T6000] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.324039][ T6005] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   83.440005][ T6009] netlink: 'syz.4.795': attribute type 25 has an invalid length.
[   83.505861][ T6013] loop4: detected capacity change from 0 to 512
[   83.521421][ T6013] EXT4-fs (loop4): 1 orphan inode deleted
[   83.527884][ T6013] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.538589][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 1
[   83.661346][ T6025] loop4: detected capacity change from 0 to 1024
[   83.668198][ T6025] EXT4-fs: Ignoring removed orlov option
[   83.674111][ T6025] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.851913][ T6038] netlink: 'syz.1.806': attribute type 25 has an invalid length.
[   84.634618][ T6069] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   84.644088][ T6069] SELinux: failed to load policy
[   84.678830][ T6073] netlink: 'syz.4.819': attribute type 25 has an invalid length.
[   84.704644][   T29] kauditd_printk_skb: 129 callbacks suppressed
[   84.704662][   T29] audit: type=1326 audit(1744316427.839:5940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.744190][   T29] audit: type=1326 audit(1744316427.860:5941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.768005][   T29] audit: type=1326 audit(1744316427.860:5942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.792196][   T29] audit: type=1326 audit(1744316427.860:5943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.817361][   T29] audit: type=1326 audit(1744316427.860:5944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.840726][   T29] audit: type=1326 audit(1744316427.860:5945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.864426][   T29] audit: type=1326 audit(1744316427.860:5946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.888057][   T29] audit: type=1326 audit(1744316427.860:5947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.911643][   T29] audit: type=1326 audit(1744316427.860:5948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   84.935104][   T29] audit: type=1326 audit(1744316427.860:5949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.2.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f24699ad169 code=0x7ffc0000
[   85.105184][ T6087] loop3: detected capacity change from 0 to 1024
[   85.113693][ T6087] EXT4-fs: Ignoring removed orlov option
[   85.119614][ T6087] EXT4-fs: Ignoring removed nomblk_io_submit option
[   85.128804][ T6090] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   85.133691][ T6092] netlink: 3 bytes leftover after parsing attributes in process `syz.4.828'.
[   85.138459][ T6090] SELinux: failed to load policy
[   85.174417][ T6092] 0ªX¹¦À: renamed from caif0
[   85.181498][ T6092] 0ªX¹¦À: entered allmulticast mode
[   85.187122][ T6092] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   85.235518][ T6096] loop2: detected capacity change from 0 to 8192
[   85.272677][ T6096]  loop2: p2 p3 p4
[   85.279206][ T6096] loop2: p2 start 452985600 is beyond EOD, truncated
[   85.286231][ T6096] loop2: p3 size 33554432 extends beyond EOD, truncated
[   85.295340][ T6096] loop2: p4 start 8388607 is beyond EOD, truncated
[   85.334536][ T6106] netlink: 'syz.3.834': attribute type 25 has an invalid length.
[   85.450878][ T6114] IPv6: NLM_F_CREATE should be specified when creating new route
[   85.465697][ T6114] netlink: 28 bytes leftover after parsing attributes in process `syz.2.838'.
[   85.508443][ T6119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.517906][ T6119] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.545392][ T6121] netlink: 64 bytes leftover after parsing attributes in process `syz.1.840'.
[   85.558402][ T6121] loop1: detected capacity change from 0 to 1024
[   85.565571][ T6121] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   85.576848][ T6121] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   85.589481][ T6121] JBD2: no valid journal superblock found
[   85.595420][ T6121] EXT4-fs (loop1): Could not load journal inode
[   85.605562][ T6121] netlink: 104 bytes leftover after parsing attributes in process `syz.1.840'.
[   85.852026][ T6134] pimreg0: tun_chr_ioctl cmd 35108
[   85.940315][ T6136] loop1: detected capacity change from 0 to 128
[   85.966818][ T6136] netlink: 8 bytes leftover after parsing attributes in process `syz.1.845'.
[   85.986684][ T6136] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.025556][ T6139] loop3: detected capacity change from 0 to 128
[   86.032814][ T6139] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   86.045489][ T6139] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   86.059963][ T6136] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.150965][ T6136] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.244004][ T6136] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.420155][ T3377] IPVS: starting estimator thread 0...
[   86.520134][ T6150] IPVS: using max 2208 ests per chain, 110400 per kthread
[   86.754822][ T6152] loop2: detected capacity change from 0 to 128
[   86.766858][ T6136] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.779084][ T6136] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.791410][ T6136] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.803116][ T6136] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.818769][ T6152] netlink: 8 bytes leftover after parsing attributes in process `syz.2.849'.
[   86.837908][   T85] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   86.867084][ T6152] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.889823][ T6156] loop1: detected capacity change from 0 to 2048
[   86.945431][ T6163] 9p: Unknown Cache mode or invalid value l
[   86.975926][ T6165] loop4: detected capacity change from 0 to 1024
[   86.980989][ T6156] 9pnet_fd: Insufficient options for proto=fd
[   86.983048][ T6165] EXT4-fs: Ignoring removed orlov option
[   86.994564][ T6165] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.007834][ T6167] vlan2: entered allmulticast mode
[   87.042792][ T6152] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.075644][ T6172] loop1: detected capacity change from 0 to 1024
[   87.082834][ T6172] EXT4-fs: Ignoring removed orlov option
[   87.088715][ T6172] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.117386][ T6176] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.126207][ T6176] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.181180][ T6152] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.279332][ T6152] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.366143][ T6152] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.392438][ T6152] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.418365][ T6152] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.449618][ T6152] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.610011][ T6186] netlink: 64 bytes leftover after parsing attributes in process `syz.0.860'.
[   87.625759][ T6186] loop0: detected capacity change from 0 to 1024
[   87.632867][ T6186] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   87.644002][ T6186] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   87.665118][ T6186] JBD2: no valid journal superblock found
[   87.671025][ T6186] EXT4-fs (loop0): Could not load journal inode
[   87.689900][ T6188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.861'.
[   87.699084][ T6188] netlink: 12 bytes leftover after parsing attributes in process `syz.3.861'.
[   87.736541][ T6186] netlink: 104 bytes leftover after parsing attributes in process `syz.0.860'.
[   87.801737][ T6195] loop4: detected capacity change from 0 to 512
[   87.812214][ T6196] syzkaller0: entered promiscuous mode
[   87.817906][ T6196] syzkaller0: entered allmulticast mode
[   87.829371][ T6195] EXT4-fs (loop4): 1 orphan inode deleted
[   87.841234][ T6195] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.852706][  T383] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[   87.878541][  T383] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[   87.905753][ T6200] netlink: 'syz.4.866': attribute type 25 has an invalid length.
[   87.981453][ T6204] loop4: detected capacity change from 0 to 1024
[   87.997823][ T6204] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.268863][ T6228] netlink: 'syz.4.878': attribute type 25 has an invalid length.
[   88.371357][ T6234] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   88.380701][ T6234] SELinux: failed to load policy
[   88.414004][ T6238] 9p: Unknown Cache mode or invalid value l
[   88.458657][ T6238] vlan2: entered allmulticast mode
[   88.500996][ T6240] 9p: Unknown Cache mode or invalid value l
[   88.553150][ T6240] vlan0: entered allmulticast mode
[   88.565786][ T6245] loop3: detected capacity change from 0 to 1024
[   88.573304][ T6245] EXT4-fs: Ignoring removed orlov option
[   88.579460][ T6245] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.662527][ T6257] loop3: detected capacity change from 0 to 1024
[   88.695966][ T6262] loop4: detected capacity change from 0 to 128
[   88.705551][ T6257] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.742497][ T6262] netlink: 8 bytes leftover after parsing attributes in process `syz.4.892'.
[   88.772363][ T6269] loop2: detected capacity change from 0 to 2048
[   88.794598][ T6262] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.815270][ T6269] 9pnet: Could not find request transport: fd0x000000000000000c
[   88.870890][ T6278] 9p: Unknown Cache mode or invalid value l
[   88.898108][ T6262] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.922046][ T6279] vlan2: entered allmulticast mode
[   88.985808][ T6262] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.046930][ T6262] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.090036][ T6285] 9p: Unknown Cache mode or invalid value l
[   89.142453][ T6262] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.232139][ T6262] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.260250][ T6262] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.285922][ T6262] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.335348][ T6293] netlink: 28 bytes leftover after parsing attributes in process `syz.4.903'.
[   89.443190][ T6293] loop4: detected capacity change from 0 to 1024
[   89.451064][ T6299] loop2: detected capacity change from 0 to 2048
[   89.458121][ T6293] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   89.469424][ T6293] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   89.479400][ T6299] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.488246][ T6293] JBD2: no valid journal superblock found
[   89.494494][ T6293] EXT4-fs (loop4): Could not load journal inode
[   89.506510][ T6293] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   89.523717][ T6293] 9pnet: Could not find request transport: TU
[   89.559661][ T6304] loop4: detected capacity change from 0 to 2048
[   89.602820][ T6304] 9pnet: Could not find request transport: fd0x000000000000000c
[   89.641087][ T6312] vlan2: entered allmulticast mode
[   89.673695][ T6314] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   89.683990][ T6314] SELinux: failed to load policy
[   89.693288][ T6316] IPv6: Can't replace route, no match found
[   89.725870][ T6322] loop4: detected capacity change from 0 to 512
[   89.737030][   T29] kauditd_printk_skb: 204 callbacks suppressed
[   89.737048][   T29] audit: type=1326 audit(1744316433.120:6152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   89.770165][ T6322] EXT4-fs (loop4): orphan cleanup on readonly fs
[   89.776307][   T29] audit: type=1326 audit(1744316433.130:6153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   89.778892][ T6322] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.912: bg 0: block 248: padding at end of block bitmap is not set
[   89.800959][   T29] audit: type=1326 audit(1744316433.130:6154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   89.839552][   T29] audit: type=1326 audit(1744316433.130:6155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   89.841254][ T6322] Quota error (device loop4): write_blk: dquota write failed
[   89.863275][   T29] audit: type=1326 audit(1744316433.130:6156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   89.863334][   T29] audit: type=1326 audit(1744316433.130:6157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   89.870770][ T6322] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   89.894680][   T29] audit: type=1326 audit(1744316433.130:6158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   89.918262][ T6322] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.912: Failed to acquire dquot type 1
[   89.963810][   T29] audit: type=1326 audit(1744316433.130:6159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6317 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc49311d169 code=0x7ffc0000
[   89.991126][ T6322] EXT4-fs (loop4): 1 truncate cleaned up
[   90.015862][ T6334] netlink: 64 bytes leftover after parsing attributes in process `syz.2.918'.
[   90.029782][ T6334] loop2: detected capacity change from 0 to 1024
[   90.042904][ T6334] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   90.054106][ T6334] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   90.071734][ T6322] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   90.087825][ T6318] loop3: detected capacity change from 0 to 1024
[   90.089321][ T6334] JBD2: no valid journal superblock found
[   90.100234][ T6334] EXT4-fs (loop2): Could not load journal inode
[   90.108109][ T6322] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.912: Failed to acquire dquot type 1
[   90.121525][ T6322] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[   90.123814][ T6334] netlink: 104 bytes leftover after parsing attributes in process `syz.2.918'.
[   90.175054][ T6336] EXT4-fs error (device loop4): ext4_lookup:1793: inode #2: comm syz.4.912: deleted inode referenced: 12
[   90.190952][ T6342] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   90.200222][ T6342] SELinux: failed to load policy
[   90.230015][ T6322] EXT4-fs error (device loop4): ext4_lookup:1793: inode #2: comm syz.4.912: deleted inode referenced: 12
[   90.243626][ T6322] EXT4-fs error (device loop4): ext4_lookup:1793: inode #2: comm syz.4.912: deleted inode referenced: 12
[   90.270870][ T6322] syz.4.912 (6322) used greatest stack depth: 9216 bytes left
[   90.307063][ T6359] loop4: detected capacity change from 0 to 1024
[   90.320066][ T6359] EXT4-fs: Ignoring removed orlov option
[   90.326371][ T6359] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.355007][ T6362] loop1: detected capacity change from 0 to 512
[   90.362514][ T6362] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   90.376465][ T6365] netlink: 64 bytes leftover after parsing attributes in process `syz.3.932'.
[   90.383191][ T6362] EXT4-fs (loop1): 1 truncate cleaned up
[   90.393280][ T6365] loop3: detected capacity change from 0 to 1024
[   90.413432][ T6365] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   90.424746][ T6365] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   90.446353][ T6365] JBD2: no valid journal superblock found
[   90.452306][ T6365] EXT4-fs (loop3): Could not load journal inode
[   90.533075][ T6386] loop1: detected capacity change from 0 to 512
[   90.580479][ T6386] EXT4-fs (loop1): 1 orphan inode deleted
[   90.584640][ T6397] loop4: detected capacity change from 0 to 1024
[   90.587094][ T6386] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.593825][ T6397] EXT4-fs: Ignoring removed orlov option
[   90.605474][ T3431] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1
[   90.611009][ T6397] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.634448][ T6387] batadv0: entered promiscuous mode
[   90.649459][ T6387] batadv0: left promiscuous mode
[   90.657693][ T3431] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1
[   90.669708][ T6399] loop2: detected capacity change from 0 to 1024
[   90.677227][ T6399] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   90.688574][ T6399] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   90.700768][ T6399] JBD2: no valid journal superblock found
[   90.706682][ T6399] EXT4-fs (loop2): Could not load journal inode
[   90.893521][ T6430] loop0: detected capacity change from 0 to 1024
[   90.911317][ T6430] EXT4-fs: Ignoring removed orlov option
[   90.917070][ T6430] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.999120][ T6428] loop4: detected capacity change from 0 to 1024
[   91.008369][ T6428] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   91.019388][ T6428] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   91.034024][ T6428] JBD2: no valid journal superblock found
[   91.039844][ T6428] EXT4-fs (loop4): Could not load journal inode
[   91.065300][ T6428] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   91.098454][ T6428] 9pnet: Could not find request transport: fU
[   91.134722][ T6456] vlan0: entered allmulticast mode
[   91.190732][ T6457] hub 2-0:1.0: USB hub found
[   91.195641][ T6457] hub 2-0:1.0: 8 ports detected
[   91.208215][ T6457] 9p: Unknown Cache mode or invalid value l
[   91.638551][ T6479] __nla_validate_parse: 11 callbacks suppressed
[   91.638567][ T6479] netlink: 28 bytes leftover after parsing attributes in process `syz.3.979'.
[   91.745020][ T6479] loop3: detected capacity change from 0 to 1024
[   91.753216][ T6479] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   91.764718][ T6479] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   91.776349][ T6479] JBD2: no valid journal superblock found
[   91.778944][ T6486] vlan2: entered allmulticast mode
[   91.782189][ T6479] EXT4-fs (loop3): Could not load journal inode
[   91.797223][ T6479] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   91.813792][ T6479] 9pnet: Could not find request transport: fU
[   91.845033][ T6489] loop3: detected capacity change from 0 to 1024
[   91.849894][ T6491] loop1: detected capacity change from 0 to 512
[   91.852417][ T6489] EXT4-fs: Ignoring removed orlov option
[   91.863757][ T6489] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.875414][ T6491] EXT4-fs (loop1): orphan cleanup on readonly fs
[   91.882987][ T6491] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.984: bg 0: block 248: padding at end of block bitmap is not set
[   91.898926][ T6491] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.984: Failed to acquire dquot type 1
[   91.913973][ T6491] EXT4-fs (loop1): 1 truncate cleaned up
[   91.936829][ T6498] netlink: 4 bytes leftover after parsing attributes in process `syz.0.986'.
[   91.946182][ T6491] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   91.983733][ T6491] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.984: Failed to acquire dquot type 1
[   92.005389][ T6508] EXT4-fs error (device loop1): ext4_lookup:1793: inode #2: comm syz.1.984: deleted inode referenced: 12
[   92.018537][ T6491] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[   92.075511][ T6516] netlink: 28 bytes leftover after parsing attributes in process `syz.3.994'.
[   92.087610][ T6512] SELinux:  policydb version 1199315858 does not match my version range 15-34
[   92.099062][ T6512] SELinux: failed to load policy
[   92.220577][ T6516] loop3: detected capacity change from 0 to 1024
[   92.238577][ T6516] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   92.249745][ T6516] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   92.261971][ T6516] JBD2: no valid journal superblock found
[   92.267799][ T6516] EXT4-fs (loop3): Could not load journal inode
[   92.278310][ T6516] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   92.293960][ T6525] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   92.309760][ T6516] 9pnet: Could not find request transport: fU
[   92.394905][ T6535] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   92.443050][ T6535] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   92.459760][ T6540] loop3: detected capacity change from 0 to 1024
[   92.477526][ T6540] EXT4-fs: Ignoring removed orlov option
[   92.483355][ T6540] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.568742][ T6546] loop4: detected capacity change from 0 to 1024
[   92.580779][ T6546] EXT4-fs: Ignoring removed orlov option
[   92.633920][ T6553] vlan2: entered allmulticast mode
[   92.673585][ T6556] loop3: detected capacity change from 0 to 2048
[   92.774114][ T6562] vlan2: entered allmulticast mode
[   92.808536][ T6566] batadv0: entered promiscuous mode
[   92.816368][ T6566] batadv0: left promiscuous mode
[   92.879230][ T6570] loop2: detected capacity change from 0 to 1024
[   92.886547][ T6570] EXT4-fs: Ignoring removed orlov option
[   92.940563][ T6575] loop3: detected capacity change from 0 to 1024
[   92.948009][ T6575] EXT4-fs: Ignoring removed orlov option
[   92.954000][ T6575] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.984867][ T6580] loop1: detected capacity change from 0 to 1024
[   92.991614][ T6580] EXT4-fs: Ignoring removed orlov option
[   93.041449][ T6584] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1018'.
[   93.050861][ T6584] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1018'.
[   93.667451][ T6594] loop4: detected capacity change from 0 to 128
[   93.768775][ T6594] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1022'.
[   93.834400][ T6594] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.956692][ T6605] vlan2: entered allmulticast mode
[   94.004496][ T6594] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.027048][ T6608] IPv6: NLM_F_CREATE should be specified when creating new route
[   94.046484][ T6608] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1027'.
[   94.090686][ T6594] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.170632][ T6594] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.213022][ T6621] loop3: detected capacity change from 0 to 1024
[   94.220493][ T6621] EXT4-fs: Ignoring removed orlov option
[   94.412999][ T6594] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.441554][ T6594] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.454328][ T6594] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.468090][ T6594] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.742186][ T6614] ==================================================================
[   94.750321][ T6614] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark
[   94.758340][ T6614] 
[   94.760757][ T6614] write to 0xffff888106a63c54 of 4 bytes by task 6621 on cpu 1:
[   94.768418][ T6614]  xas_set_mark+0x13d/0x150
[   94.772941][ T6614]  __folio_start_writeback+0x1ea/0x440
[   94.778409][ T6614]  ext4_bio_write_folio+0x591/0x9d0
[   94.783626][ T6614]  mpage_process_page_bufs+0x488/0x5d0
[   94.789120][ T6614]  mpage_prepare_extent_to_map+0x791/0xb80
[   94.795130][ T6614]  ext4_do_writepages+0xa3b/0x21d0
[   94.800273][ T6614]  ext4_writepages+0x183/0x320
[   94.805145][ T6614]  do_writepages+0x1d8/0x480
[   94.809752][ T6614]  file_write_and_wait_range+0x16e/0x2f0
[   94.815757][ T6614]  generic_buffers_fsync_noflush+0x46/0x120
[   94.821675][ T6614]  ext4_sync_file+0x1c3/0x6c0
[   94.826380][ T6614]  vfs_fsync_range+0x116/0x130
[   94.831205][ T6614]  ext4_buffered_write_iter+0x358/0x3c0
[   94.836874][ T6614]  ext4_file_write_iter+0x3b2/0xf80
[   94.842375][ T6614]  iter_file_splice_write+0x5f2/0x980
[   94.847772][ T6614]  direct_splice_actor+0x160/0x2c0
[   94.853196][ T6614]  splice_direct_to_actor+0x305/0x680
[   94.858616][ T6614]  do_splice_direct+0xd9/0x150
[   94.863619][ T6614]  do_sendfile+0x40a/0x690
[   94.868198][ T6614]  __x64_sys_sendfile64+0x113/0x160
[   94.873403][ T6614]  x64_sys_call+0xfc3/0x2e10
[   94.878526][ T6614]  do_syscall_64+0xc9/0x1c0
[   94.883159][ T6614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.889065][ T6614] 
[   94.891557][ T6614] read to 0xffff888106a63c54 of 4 bytes by task 6614 on cpu 0:
[   94.899219][ T6614]  __writeback_single_inode+0x210/0x850
[   94.904878][ T6614]  writeback_single_inode+0x16c/0x3f0
[   94.910678][ T6614]  sync_inode_metadata+0x60/0x90
[   94.915634][ T6614]  generic_buffers_fsync_noflush+0xd8/0x120
[   94.921628][ T6614]  ext4_sync_file+0x1c3/0x6c0
[   94.926429][ T6614]  vfs_fsync_range+0x116/0x130
[   94.931259][ T6614]  ext4_buffered_write_iter+0x358/0x3c0
[   94.937314][ T6614]  ext4_file_write_iter+0x3b2/0xf80
[   94.942715][ T6614]  iter_file_splice_write+0x5f2/0x980
[   94.949103][ T6614]  direct_splice_actor+0x160/0x2c0
[   94.954463][ T6614]  splice_direct_to_actor+0x305/0x680
[   94.959964][ T6614]  do_splice_direct+0xd9/0x150
[   94.965045][ T6614]  do_sendfile+0x40a/0x690
[   94.969528][ T6614]  __x64_sys_sendfile64+0x113/0x160
[   94.975009][ T6614]  x64_sys_call+0xfc3/0x2e10
[   94.979610][ T6614]  do_syscall_64+0xc9/0x1c0
[   94.984496][ T6614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.990693][ T6614] 
[   94.993053][ T6614] value changed: 0x0a000021 -> 0x04000021
[   94.998899][ T6614] 
[   95.001225][ T6614] Reported by Kernel Concurrency Sanitizer on:
[   95.007673][ T6614] CPU: 0 UID: 0 PID: 6614 Comm: syz.3.1030 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   95.020281][ T6614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   95.031338][ T6614] ==================================================================