last executing test programs:

2m1.98118799s ago: executing program 3 (id=14563):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x0, 0x5}, 0x8, 0x8000, 0x409, 0x4, 0x0, 0x40, 0xfffe, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000003c0)='percpu_alloc_percpu\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigprocmask(0x2, &(0x7f0000000180)={[0xfffffffffffffffc]}, 0x0, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000500), &(0x7f0000000540)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000300)=ANY=[@ANYBLOB="05090000000000007b113000000000008510000002000000850000000000000095000000000000009500a50500000000af3551ed1cfeb597cab3fb3233d1feed58b18138e6f559618bfb413d9e559da29ee1c7f10302ebc9455ab313c6c297926ec62eba125877c25050112c0ee52d"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
keyctl$reject(0x14, 0x0, 0x7fffffffefff, 0x8000000000000001, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000423c0), r4)
sendmsg$NLBL_CALIPSO_C_REMOVE(r4, &(0x7f0000042480)={0x0, 0x0, &(0x7f0000042440)={&(0x7f0000042400)={0x1c, r5, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x8000000)

2m1.794793642s ago: executing program 3 (id=14565):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=""/176, 0xb0}}], 0x1, 0x0, 0x0)

2m1.725340933s ago: executing program 3 (id=14568):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
readv(r1, &(0x7f0000000180)=[{0x0}, {&(0x7f00000012c0)=""/73, 0xfdef}], 0x2)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"})
r2 = syz_open_pts(r1, 0x42)
r3 = dup3(r2, r1, 0x0)
write$UHID_INPUT(r3, &(0x7f00000001c0)={0xd, {"08c39ee52f329f1698b1c4865f8b0a0a5eee9f496a0809c3d21c25867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76013256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xfffffee9)
ioctl$BLKALIGNOFF(r3, 0x127a, &(0x7f0000000040))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000022c0)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006c6f7770616e00000400028008000500", @ANYRES32=r5, @ANYBLOB="d5e24d28181a611d77ce3a8fc4481fed1bf066c105629db97be38e798293286779368715a8d1b7469c8359ea46736a1e129ab9c2a505b856f617fb27fdf4ed849ed31cdb880e00f800000000000000009f3a9f3113e3b81b82e36927925624380c5cb2a4769a2359c98f62a8f3dc49afe5c75135d7563e9f68e03be73f64162ece8e8226b02d84e0f5079708dc6632cb024cc65e93bd9304230ce6c57cfbdeabc253c7c545a964c6436f48b45796a51f43c2da612c9488c4d99fdadc91ef8efc36c6d2870a4b0f26f6a254805d3a505706f73fa033079353b448c9259aa771173154bac16e6524d9df26615e6397df0cc2ce2af45732e7880eb96d4ed94e2bae254b745d23910e7c5f3dec347e9b8a84688ba0554270b5c5e41154b36a1818e69acd0000007995a38bd9af6a11edb20caa00"/323], 0x3c}, 0x1, 0xba01, 0x0, 0x4004001}, 0x40042)
r7 = syz_open_procfs(0x0, &(0x7f0000000080)='syscall\x00')
pread64(r7, &(0x7f0000001280)=""/4107, 0x100b, 0x0)

2m1.395583088s ago: executing program 3 (id=14570):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x3, 0x800000000001}, 0x1180, 0x5dd8, 0x0, 0x8, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
getpgrp(0x0)
ptrace(0x10, r1)
r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
lseek(r4, 0xa, 0x4)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r6, 0x47fa, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ptrace$pokeuser(0x6, r1, 0x378, 0x1)
io_uring_setup(0x51d2, &(0x7f0000000400)={0x0, 0x631d, 0x1000, 0x2, 0x402d7})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x900)
r9 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
r10 = getpid()
fcntl$setownex(r9, 0xf, &(0x7f0000000240)={0x2, r10})
syz_mount_image$vfat(&(0x7f00000079c0), &(0x7f0000000200)='./file0\x00', 0x410, &(0x7f0000007a00)=ANY=[@ANYRES8=0x0, @ANYRESDEC], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file0/file0\x00', 0x2)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan3\x00'})
r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r11, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x48088)

2m0.982150094s ago: executing program 3 (id=14576):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x0, 0x5}, 0x8, 0x8000, 0x409, 0x4, 0x0, 0x40, 0xfffe, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000003c0)='percpu_alloc_percpu\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigprocmask(0x2, &(0x7f0000000180)={[0xfffffffffffffffc]}, 0x0, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000500), &(0x7f0000000540)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000300)=ANY=[@ANYBLOB="05090000000000007b113000000000008510000002000000850000000000000095000000000000009500a50500000000af3551ed1cfeb597cab3fb3233d1feed58b18138e6f559618bfb413d9e559da29ee1c7f10302ebc9455ab313c6c297926ec62eba125877c25050112c0ee52d"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
keyctl$reject(0x14, 0x0, 0x7fffffffefff, 0x8000000000000001, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000423c0), r4)
sendmsg$NLBL_CALIPSO_C_REMOVE(r4, &(0x7f0000042480)={0x0, 0x0, &(0x7f0000042440)={&(0x7f0000042400)={0x1c, r5, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x8000000)

2m0.679210268s ago: executing program 3 (id=14578):
r0 = gettid()
pause()
r1 = syz_open_procfs(r0, &(0x7f0000000180)='wchan\x00')
pread64(r1, &(0x7f000001a240)=""/102400, 0x19000, 0x41e)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1c, 0xd, &(0x7f0000000500)=ANY=[@ANYRESHEX=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b708004f1c0c85913b2b6dff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000954aabc67db11f14e17921b6f200b8777e63fc4b9d6b61676073831fdd"], &(0x7f0000000280)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = io_uring_setup(0x9, &(0x7f00000003c0)={0x0, 0x660a, 0x2, 0x2, 0x54})
io_uring_register$IORING_REGISTER_BUFFERS2(r4, 0xf, &(0x7f00000007c0)={0x1, 0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000004c0)=""/61, 0x3d}], &(0x7f0000000780)=[0x1]}, 0x20)
r5 = socket$caif_seqpacket(0x25, 0x5, 0x5)
recvmmsg(r5, &(0x7f0000004980)=[{{0x0, 0x0, 0x0}, 0xfff}], 0x1, 0x40000101, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x84, &(0x7f0000000140)={r7, @in={{0x2, 0x4e21, @empty}}}, &(0x7f0000000200)=0x90)
connect$tipc(r6, &(0x7f0000000440)=@name={0x1e, 0x2, 0x0, {{0x41}, 0x1}}, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r8, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x104, 0x4, 0x1dc, 0x110, 0x1f8, 0x1f8, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe0}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @rand_addr, @rand_addr, 0x8}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x0, 0x5}}}, {{@arp={@remote, @private, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x0, 'gre0\x00', 'pimreg\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@random="8249ca4ee4e7", @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2}}}}, 0x490)
chdir(&(0x7f0000000140)='./file0\x00')
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000400000000000000000004850000006d00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, &(0x7f0000000400)={0x1, 0x4, 0x3, 0xb, @vifc_lcl_ifindex, @local}, 0x10)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a0000000500010006000000691713000300686173683a6e65742c696661636500000c000780080012400500000005"], 0x58}, 0x1, 0x0, 0x0, 0x20008051}, 0x800)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
execve(0x0, 0x0, 0x0)

2m0.662245098s ago: executing program 32 (id=14578):
r0 = gettid()
pause()
r1 = syz_open_procfs(r0, &(0x7f0000000180)='wchan\x00')
pread64(r1, &(0x7f000001a240)=""/102400, 0x19000, 0x41e)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1c, 0xd, &(0x7f0000000500)=ANY=[@ANYRESHEX=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b708004f1c0c85913b2b6dff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000954aabc67db11f14e17921b6f200b8777e63fc4b9d6b61676073831fdd"], &(0x7f0000000280)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = io_uring_setup(0x9, &(0x7f00000003c0)={0x0, 0x660a, 0x2, 0x2, 0x54})
io_uring_register$IORING_REGISTER_BUFFERS2(r4, 0xf, &(0x7f00000007c0)={0x1, 0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000004c0)=""/61, 0x3d}], &(0x7f0000000780)=[0x1]}, 0x20)
r5 = socket$caif_seqpacket(0x25, 0x5, 0x5)
recvmmsg(r5, &(0x7f0000004980)=[{{0x0, 0x0, 0x0}, 0xfff}], 0x1, 0x40000101, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x84, &(0x7f0000000140)={r7, @in={{0x2, 0x4e21, @empty}}}, &(0x7f0000000200)=0x90)
connect$tipc(r6, &(0x7f0000000440)=@name={0x1e, 0x2, 0x0, {{0x41}, 0x1}}, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r8, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x104, 0x4, 0x1dc, 0x110, 0x1f8, 0x1f8, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe0}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @rand_addr, @rand_addr, 0x8}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x0, 0x5}}}, {{@arp={@remote, @private, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x0, 'gre0\x00', 'pimreg\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@random="8249ca4ee4e7", @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2}}}}, 0x490)
chdir(&(0x7f0000000140)='./file0\x00')
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000400000000000000000004850000006d00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, &(0x7f0000000400)={0x1, 0x4, 0x3, 0xb, @vifc_lcl_ifindex, @local}, 0x10)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a0000000500010006000000691713000300686173683a6e65742c696661636500000c000780080012400500000005"], 0x58}, 0x1, 0x0, 0x0, 0x20008051}, 0x800)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
execve(0x0, 0x0, 0x0)

41.252510729s ago: executing program 1 (id=15657):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e98263b, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, 0x3, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x10, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x108, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x400, 0x0, 0x0, 0x20]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000020}, {0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

40.939889573s ago: executing program 1 (id=15661):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000540), 0x84)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18204, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x24, 0x140f, 0x20, 0x70bd2b, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'uverbs\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080c1}, 0x4000)

40.938308793s ago: executing program 1 (id=15663):
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000300)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x0, 0x56a, 0x32b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x81, 0x10, 0xb, [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x3, 0x1, 0x1, 0x8, {0x9, 0x21, 0x5, 0x9, 0x1, {0x22, 0xe0e}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x3, 0x1, 0x7}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x7, 0xa, 0x40}}]}}}]}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x300, 0x90, 0x9, 0x1, 0xcf, 0x3}, 0x1a, &(0x7f0000000380)={0x5, 0xf, 0x1a, 0x3, [@ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x12, 0x5, 0x7, 0x7ff}, @wireless={0xb, 0x10, 0x1, 0x2, 0x80, 0x9, 0x4, 0x3, 0xff}]}, 0x7, [{0x90, &(0x7f00000004c0)=ANY=[@ANYBLOB="9003cc629df0f46adcf4484ef1152baf54c803db21cb264f5d95b75b5e9a8e7ca33772a11ee8ab6fa4e42b47fd88b9fee23814bad38995ec53820490cf3e550d3dd16648575a71f77f72d0efbf0b74980388bebd31e5187a5c43b2532304f0f3e61673bcb91dfe69a8df89d0c29fae1d7b195405ec50ecbfb04289ff8c9009001d3579778cde55f27a3be267ca53baab"]}, {0x81, &(0x7f0000000600)=@string={0x81, 0x3, "593e52a1c2f7c1a902e4a9afcc78d8f7f8cf03fbfb208b0eb0aa8832bdc26f63a87774c064f9c141d36160784f2385bdd226bf198743499794d7f455d27a38060115908c50d0b6a1f0aad6046f105aa2a1cb8891ddfe2d1de3ddb3232cfe7ee34d9447e43e408bb2eb171140bd93c11846ebd5ec0ed2ae98412576a8c93469"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x44f}}, {0x99, &(0x7f00000006c0)=@string={0x99, 0x3, "c8a7fafc9ea1ecc9047662b977939c26cddfb55164ab2121ce5d56c48e8cf470c93284d28fd6d83624ef993c340ab32f182fcdc9078a3a7b7f823c2f8e8dde7a37a94c942669d443ed01ac259457c005e63a159b0c29f3b7470b839f5b33344121932379a051ad063b93fb046787b3a5766fc2c42663c6d6dcd307724dc6e3d5b88d356ec60bcea4ff4e04c5d26f0014c5632479b29596"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0xc04}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x44e}}, {0x93, &(0x7f0000000780)=@string={0x93, 0x3, "7b7ede5249479f9d8d826e54472cd6de2620aea9ec99752ab26cee91614d44081ec61ca75712cd6eafa7680db4b58463fe2984cda52453d27714ebc41096b0f4e560b4402f6be39d8a9deddb88b569ef4f3ca8c751c8a1f1f726be7136e584edf45929e31b0fa59132177eae0637612dcebb32180864f224455823abf551ca83e7c941d8c0c5e9a8cd425e37be583246eb"}}]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_usb_connect$cdc_ncm(0x5, 0x7a, &(0x7f00000008c0)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x68, 0x2, 0x1, 0x2, 0x50, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, '3'}, {0x5, 0x24, 0x0, 0x2}, {0xd, 0x24, 0xf, 0x1, 0x9, 0xc0, 0xe, 0xa}, {0x6, 0x24, 0x1a, 0x8, 0x1}, [@acm={0x4, 0x24, 0x2, 0x8}, @network_terminal={0x7, 0x24, 0xa, 0x4, 0x0, 0x61, 0x1}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x38, 0x6, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x4, 0x8, 0x43}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x1, 0x5, 0xc1}}}}}}}]}}, &(0x7f0000000ec0)={0xa, &(0x7f0000000940)={0xa, 0x6, 0x300, 0x4, 0x1, 0xf, 0x40, 0xe5}, 0x117, &(0x7f0000000980)={0x5, 0xf, 0x117, 0x3, [@generic={0xea, 0x10, 0x4, "9e0fcc2c91f1a329a5b7f2d98f0a0f99b559ea00837d69e6894a0daa6604f583b593e0abaafb65315bee4bb43b49c826a9248035c8fb4cc9a3bb949a033b309a2055b31c5d6f1162da16a3c0b2f0c6579154b666a82c38b424600a89f3facc9687d4f5f0b011dd9656fc5340937e328311d3722525d6725c75ef114aac6996afa9dc462e1077e30a2687db0b3f24bd5247ed27cf3b529b61f37f6055e267eec1bbb46bef29414078e036a01ac8db070cd44920e12ad992f6c3692c3207d50f39c7ddc6b52a58f8dc3db3dee9fd00b2472b76eefce23b3d79def482360a762894797d5c41464989"}, @ss_container_id={0x14, 0x10, 0x4, 0x8, "bd1a31d14e88188f8a2147cb531bc03d"}, @ss_container_id={0x14, 0x10, 0x4, 0xb9, "fb1489deb9433420fe09058eedb64ea3"}]}, 0x9, [{0x4, &(0x7f0000000ac0)=@lang_id={0x4, 0x3, 0x2409}}, {0x4, &(0x7f0000000b00)=@lang_id={0x4, 0x3, 0x801}}, {0xf3, &(0x7f0000000b40)=@string={0xf3, 0x3, "419e4b065c819da12123a392d3cfa22fa2f10ac43325c6fb13ca78a9f2f5c8d1f662b329baa541a3c8350dd0686e449aba07305119a00e756e96ece3b93ccfdf6e3bff8bb5bcece079d515fb53c70b1e9fd63b9fa272d24d8c64ed99909402b3edc595e68564dbc731d8df89e408430ac1a03e7b118277199ec5478cd91eec6e3b949e7b97b2c5355dc14d9e8defbebf0d60475021622c1d793e1b0b6a6f335fbde698bbd7a38c0b8ac9703d6f644b1c135f4d668fc7f6f380b69ea0dce5be447e3789f9e3d95a5b63ea54e378a92bc654414fe4b284fdbc434e44738d3083961be4c18ea7c4ced5d6fe8cf31daf61ea20"}}, {0xfe, &(0x7f0000000c40)=@string={0xfe, 0x3, "3540e5c3f12687494d849c9ed87c8d80d5c0558b6b5cb33c23d39d121e08adf79dc79f4af7a556092446c5ecc4c4e4b2dbb2d0cc14af41085522bd957280564c96e4cc6eed00a9f879533470611a519d1d775cf8e1fa8d1f41c56324cfe0365fb75211d5c360b08f11d34549fabcd46a6d1e172f1f813494cf334e0e1b4803e3d4ec290cee834a97f8096252f5f4e2b9aeafcec3265215cd19b905c369946c48c3a3cbb4bda0df206df1431e34ba7647389f7aef2e2d5517d8c90f67c3deeae81b6f16b0504c49af89086e5b4c7536cb1a91547335fef5bf4dac0539ebf4e90d1a9bd34321f5fe418432d3298a70c5dc5e90b306b870a5950592cfe3"}}, {0x4, &(0x7f0000000d40)=@lang_id={0x4, 0x3, 0x44a}}, {0x4, &(0x7f0000000d80)=@lang_id={0x4, 0x3, 0x814}}, {0x4, &(0x7f0000000dc0)=@lang_id={0x4, 0x3, 0x807}}, {0x4, &(0x7f0000000e00)=@lang_id={0x4, 0x3, 0x3c01}}, {0x4, &(0x7f0000000e40)=@lang_id={0x4, 0x3, 0xc01}}]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad3, 0x0, 0x2, 0x40}, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010326bd6000000000002d9300000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040814)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000180), 0x12)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x14)
write$cgroup_int(r7, &(0x7f0000000000)=0x921, 0x12)
unshare(0x60000480)

37.890143986s ago: executing program 1 (id=15706):
r0 = syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r1 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5c000000020601036c4000000000000000000000050005000a000000050001000600000005000400000000000900020073797a300000000011000300686173683a69702c706f72742c6e6574000000000c00078008000840000000d802b9a85260f975bd56afd983503f55564ceaa9befc4f91ba04ccd03530f1a35a65f337a609f9c1b732653606394aa6db64d88a91b6c5d47dfde033d7249378f6baaf0a0216d9a0537610d2823333f5df7bc81104af00233f9826035f43382af4eb34c4c55679c73bf24e66fba07a94af46e177b581c78ec8d49a38ea3859840383f4d4a8b9de378807b53d771a279ef06bdc476bbdbccbbbac14bb7563fe38722db7c4e960453533c8d3416f02bd5c2b282c5c099951a39dab5966a8c90fa4750ee90c55951096eb9259c1a7e724448347b38588a8ef81e4be4eb75f87595ff2077fef0586e2ec2f8f46dab77f56b46bf09d721ed20264aeb9a09e0c211b07bba6d29f3bf4995badb250727474ba19d303ed4c9db277a38f831a1d4a03023eecf741af7f2e409d7692e1a7dc48e83f7e7293fce893d04a0af4f8"], 0x5c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000010101010000000000000000070000080c001980088549ac46484d1b"], 0x20}, 0x1, 0x0, 0x0, 0x20000084}, 0x4000800)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)

37.817203427s ago: executing program 1 (id=15708):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)

36.979612009s ago: executing program 1 (id=15719):
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f0000000000)=0x1)

36.969586399s ago: executing program 33 (id=15719):
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f0000000000)=0x1)

5.466566513s ago: executing program 0 (id=16153):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10)
writev(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f00000003c0)="40c176869ad3020724076485586c69f0a94e80e87344ffb7af36ab1b8d8ae88197653d6d2c818ac7099edaac24022c97e22f44ee7fc23447084fa05dc6216efbd4b286d5ddedf62795b1bf0e3915e6183cb51f3a407ba97969de92ecf00d14558febf794ab2e791f84fffee4706aea972e7bde1314d5d27b5ef17cddd8d48ba37c3c5ba4f91fd53c5d96c650c662d25154162bbf6c3fb4d0e2023be96400ebe3873f88d0e973410ac10a7e36edab21c980e7b7406e180f3c597e7c912c4103c141551e3388ca88c149ffc350752ebf5bbffcdc2a690cac75873f6c441137181ec1c984f212e745f4ceff1dcaeb44baa68f8a", 0xf2}, {&(0x7f0000000040)="65f32c6a7001470b623355512e9b9b45d1f8f363acb67a2dd729dc86cb3f1c327d713a141398ff87d7498ac6da101c217052c420", 0x34}, {&(0x7f0000000180)="7abb70d92634be9c2bf2d42181d9fd9e6f88e7d323226b1195531534112e168db4c61df6e613343ad2b6857a79f1673f98ca23af7b7fd78b36a4fb71306a9410a5c56fd539e29669b586e04d81a15109767c8893a068d70ffcae21582c52439cd016e032f272c7a1b96838c2e0c7f6cc27b15149a7efc03a19c9c8", 0x7b}], 0x3)

5.383589684s ago: executing program 0 (id=16154):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, "7817765dc5914c3d", "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", "58a190f0", "2a1e833e7af32011"}, 0x38)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth0_virt_wifi\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3b9aca00}, @TCA_CAKE_NAT={0x8, 0xb, 0x1}]}}]}, 0x48}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_open_dev$evdev(&(0x7f0000000140), 0x97, 0x8000)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace389ff5c0", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d054", "29a78ab9b0a4e8ae"}, 0x38)

5.366104144s ago: executing program 0 (id=16155):
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000000140)={0x1d, r3, 0x2, {0x0, 0xff, 0x1}, 0x1}, 0x18)
sendmsg$sock(r1, &(0x7f0000000440)={&(0x7f0000000040)=@can={0x1d, r3}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000001ac0)="bb05", 0x2}, {0x0}], 0x2}, 0x200400c4)
r4 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r4, &(0x7f0000000440)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
listen(r4, 0x3)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000005c0)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
accept4(r4, 0x0, 0x0, 0x0)

4.487032557s ago: executing program 0 (id=16170):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@s}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xa6b1, 0x0)
syz_open_dev$loop(&(0x7f00000005c0), 0x9, 0x12d600)
syz_open_procfs(0x0, 0x0)
unshare(0x42000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x0, &(0x7f0000000000)={[{@acl}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000048000000030a01010000000000000000010000000900030073797a3100000000080007006e6174000900010073797a310000000014000480080002407c40280f080001"], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000004c0)='kfree\x00', r3}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000040)={0x28, 0x0, 0x2711, @local}, 0x10)
close(r4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r5, 0x11, 0x68, &(0x7f0000000340)=0x1, 0x4)
setsockopt$inet_udp_encap(r5, 0x11, 0x68, &(0x7f0000000500)=0x2, 0x4)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001980)={0xb, {"a2e3ad214fc752f9192909094bf70e0dd038e7ff7fc6e5539b324c078b089b3b353b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d074c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341adbe50861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357ca8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee532592897cd12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ffca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160eca6b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4cf8d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb17167fbeac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bc522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a935908001cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1f1d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd41d95af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f480f6f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000d71f00000000000000000000000000000000000600", 0x1000}}, 0x1006)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='sched_switch\x00'}, 0x10)

3.607140009s ago: executing program 0 (id=16177):
socket$key(0xf, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0xa26}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e98263b, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, 0x3, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x10, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x108, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x400, 0x0, 0x0, 0x20]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000020}, {0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

3.460690132s ago: executing program 0 (id=16180):
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000300)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x0, 0x56a, 0x32b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x81, 0x10, 0xb, [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x3, 0x1, 0x1, 0x8, {0x9, 0x21, 0x5, 0x9, 0x1, {0x22, 0xe0e}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x3, 0x1, 0x7}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x7, 0xa, 0x40}}]}}}]}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x300, 0x90, 0x9, 0x1, 0xcf, 0x3}, 0x1a, &(0x7f0000000380)={0x5, 0xf, 0x1a, 0x3, [@ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x12, 0x5, 0x7, 0x7ff}, @wireless={0xb, 0x10, 0x1, 0x2, 0x80, 0x9, 0x4, 0x3, 0xff}]}, 0x7, [{0x90, &(0x7f00000004c0)=ANY=[@ANYBLOB="9003cc629df0f46adcf4484ef1152baf54c803db21cb264f5d95b75b5e9a8e7ca33772a11ee8ab6fa4e42b47fd88b9fee23814bad38995ec53820490cf3e550d3dd16648575a71f77f72d0efbf0b74980388bebd31e5187a5c43b2532304f0f3e61673bcb91dfe69a8df89d0c29fae1d7b195405ec50ecbfb04289ff8c9009001d3579778cde55f27a3be267ca53baab"]}, {0x81, &(0x7f0000000600)=@string={0x81, 0x3, "593e52a1c2f7c1a902e4a9afcc78d8f7f8cf03fbfb208b0eb0aa8832bdc26f63a87774c064f9c141d36160784f2385bdd226bf198743499794d7f455d27a38060115908c50d0b6a1f0aad6046f105aa2a1cb8891ddfe2d1de3ddb3232cfe7ee34d9447e43e408bb2eb171140bd93c11846ebd5ec0ed2ae98412576a8c93469"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x44f}}, {0x99, &(0x7f00000006c0)=@string={0x99, 0x3, "c8a7fafc9ea1ecc9047662b977939c26cddfb55164ab2121ce5d56c48e8cf470c93284d28fd6d83624ef993c340ab32f182fcdc9078a3a7b7f823c2f8e8dde7a37a94c942669d443ed01ac259457c005e63a159b0c29f3b7470b839f5b33344121932379a051ad063b93fb046787b3a5766fc2c42663c6d6dcd307724dc6e3d5b88d356ec60bcea4ff4e04c5d26f0014c5632479b29596"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0xc04}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x44e}}, {0x93, &(0x7f0000000780)=@string={0x93, 0x3, "7b7ede5249479f9d8d826e54472cd6de2620aea9ec99752ab26cee91614d44081ec61ca75712cd6eafa7680db4b58463fe2984cda52453d27714ebc41096b0f4e560b4402f6be39d8a9deddb88b569ef4f3ca8c751c8a1f1f726be7136e584edf45929e31b0fa59132177eae0637612dcebb32180864f224455823abf551ca83e7c941d8c0c5e9a8cd425e37be583246eb"}}]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_usb_connect$cdc_ncm(0x5, 0x7a, &(0x7f00000008c0)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x68, 0x2, 0x1, 0x2, 0x50, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, '3'}, {0x5, 0x24, 0x0, 0x2}, {0xd, 0x24, 0xf, 0x1, 0x9, 0xc0, 0xe, 0xa}, {0x6, 0x24, 0x1a, 0x8, 0x1}, [@acm={0x4, 0x24, 0x2, 0x8}, @network_terminal={0x7, 0x24, 0xa, 0x4, 0x0, 0x61, 0x1}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x38, 0x6, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x4, 0x8, 0x43}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x1, 0x5, 0xc1}}}}}}}]}}, &(0x7f0000000ec0)={0xa, &(0x7f0000000940)={0xa, 0x6, 0x300, 0x4, 0x1, 0xf, 0x40, 0xe5}, 0x117, &(0x7f0000000980)={0x5, 0xf, 0x117, 0x3, [@generic={0xea, 0x10, 0x4, "9e0fcc2c91f1a329a5b7f2d98f0a0f99b559ea00837d69e6894a0daa6604f583b593e0abaafb65315bee4bb43b49c826a9248035c8fb4cc9a3bb949a033b309a2055b31c5d6f1162da16a3c0b2f0c6579154b666a82c38b424600a89f3facc9687d4f5f0b011dd9656fc5340937e328311d3722525d6725c75ef114aac6996afa9dc462e1077e30a2687db0b3f24bd5247ed27cf3b529b61f37f6055e267eec1bbb46bef29414078e036a01ac8db070cd44920e12ad992f6c3692c3207d50f39c7ddc6b52a58f8dc3db3dee9fd00b2472b76eefce23b3d79def482360a762894797d5c41464989"}, @ss_container_id={0x14, 0x10, 0x4, 0x8, "bd1a31d14e88188f8a2147cb531bc03d"}, @ss_container_id={0x14, 0x10, 0x4, 0xb9, "fb1489deb9433420fe09058eedb64ea3"}]}, 0xa, [{0x4, &(0x7f0000000ac0)=@lang_id={0x4, 0x3, 0x2409}}, {0x4, &(0x7f0000000b00)=@lang_id={0x4, 0x3, 0x801}}, {0xe4, &(0x7f0000000b40)=@string={0xe4, 0x3, "419e4b065c819da12123a392d3cfa22fa2f10ac43325c6fb13ca78a9f2f5c8d1f662b329baa541a3c8350dd0686e449aba07305119a00e756e96ece3b93ccfdf6e3bff8bb5bcece079d515fb53c70b1e9fd63b9fa272d24d8c64ed99909402b3edc595e68564dbc731d8df89e408430ac1a03e7b118277199ec5478cd91eec6e3b949e7b97b2c5355dc14d9e8defbebf0d60475021622c1d793e1b0b6a6f335fbde698bbd7a38c0b8ac9703d6f644b1c135f4d668fc7f6f380b69ea0dce5be447e3789f9e3d95a5b63ea54e378a92bc654414fe4b284fdbc434e44738d3083961be4"}}, {0xfe, &(0x7f0000000c40)=@string={0xfe, 0x3, "3540e5c3f12687494d849c9ed87c8d80d5c0558b6b5cb33c23d39d121e08adf79dc79f4af7a556092446c5ecc4c4e4b2dbb2d0cc14af41085522bd957280564c96e4cc6eed00a9f879533470611a519d1d775cf8e1fa8d1f41c56324cfe0365fb75211d5c360b08f11d34549fabcd46a6d1e172f1f813494cf334e0e1b4803e3d4ec290cee834a97f8096252f5f4e2b9aeafcec3265215cd19b905c369946c48c3a3cbb4bda0df206df1431e34ba7647389f7aef2e2d5517d8c90f67c3deeae81b6f16b0504c49af89086e5b4c7536cb1a91547335fef5bf4dac0539ebf4e90d1a9bd34321f5fe418432d3298a70c5dc5e90b306b870a5950592cfe3"}}, {0x4, &(0x7f0000000d40)=@lang_id={0x4, 0x3, 0x44a}}, {0x4, &(0x7f0000000d80)=@lang_id={0x4, 0x3, 0x814}}, {0x4, &(0x7f0000000dc0)=@lang_id={0x4, 0x3, 0x807}}, {0x4, &(0x7f0000000e00)=@lang_id={0x4, 0x3, 0x3c01}}, {0x4, &(0x7f0000000e40)=@lang_id={0x4, 0x3, 0xc01}}, {0x4, &(0x7f0000000e80)=@lang_id={0x4, 0x3, 0x804}}]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad3, 0x0, 0x2, 0x40}, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r6)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010326bd6000000000002d9300000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040814)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000180), 0x12)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x14)
write$cgroup_int(r10, &(0x7f0000000000)=0x921, 0x12)
unshare(0x60000480)

3.344371263s ago: executing program 4 (id=16181):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, &(0x7f0000000080), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="08000300fbff000000000000003bd81e92f9dc776f0456b368e8119645921f6f3707c53d82a744e5809c3336328fd0f2220802008e6f57310e1132a552d8ec4cb9ff6dfb1d71081154f73d76f4404bf32116d64df8342e3bab367f25168bdcad53a372ac09a2e30ba2555f2d8abb"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
vmsplice(r2, &(0x7f0000000180)=[{&(0x7f0000000100)="eb", 0x1}, {&(0x7f0000000300)="e24f443fe43191e39b92ccf7b81d62e5429142ef5fd73c5bb26cfbe1d02979b462236f8d43eaeeb77c1b5cc0659e05eae0e013", 0x33}], 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$setpipe(r3, 0x407, 0x9)

2.439868486s ago: executing program 4 (id=16188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="a1ab00000000000000003200000008001701"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (fail_nth: 1)

2.331210477s ago: executing program 2 (id=16190):
socket$key(0xf, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0xa26}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e98263b, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, 0x3, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x10, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x108, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x400, 0x0, 0x0, 0x20]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000020}, {0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

2.1499263s ago: executing program 5 (id=16192):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
dup(r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000003c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x1ff)
rt_sigpending(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='f2fs_sync_fs\x00', r1}, 0x18)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000280)={{0x1}})
memfd_create(&(0x7f0000000380)='attr/sockcreate\x00', 0xb)
close(r3)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x601)
unshare(0x2a020400)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r6, 0x29, 0x35, 0x0, 0xffffff29)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000040)={'\x00', 0x7, 0x1, 0xc, 0xb, 0x59c, 0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRESDEC, @ANYRESDEC=r4, @ANYRESDEC=0x0, @ANYRES64, @ANYRES8=r7], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = dup(r10)
fsetxattr$security_selinux(r11, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:cpu_online_t:s0\x00', 0x22, 0x0)

2.14924734s ago: executing program 2 (id=16193):
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f0000000200)={0xb, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x1}}, 0x18)

2.076453541s ago: executing program 2 (id=16194):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}, 0x1c)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x25)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='ext4_es_find_extent_range_enter\x00', r3}, 0x18)
setuid(0xee01)
write(r1, &(0x7f0000004200)='t', 0x1)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd82, @void, @value}, 0x94)
sendfile(r1, r0, 0x0, 0x7ffff000)
ioctl$BTRFS_IOC_QGROUP_CREATE(r5, 0x4010942a, &(0x7f0000000080)={0x0, 0x401})

1.999802772s ago: executing program 5 (id=16196):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x2000000000000025, &(0x7f0000000180)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r2)

1.787931205s ago: executing program 5 (id=16199):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, &(0x7f0000000080), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="08000300fbff000000000000003bd81e92f9dc776f0456b368e8119645921f6f3707c53d82a744e5809c3336328fd0f2220802008e6f57310e1132a552d8ec4cb9ff6dfb1d71081154f73d76f4404bf32116d64df8342e3bab367f25168bdcad53a372ac09a2e30ba2555f2d8abb"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
vmsplice(r2, &(0x7f0000000180)=[{&(0x7f0000000100)="eb", 0x1}, {&(0x7f0000000300)="e24f443fe43191e39b92ccf7b81d62e5429142ef5fd73c5bb26cfbe1d02979b462236f8d43eaeeb77c1b5cc0659e05eae0e01335dac30a620b986a", 0x3b}], 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$setpipe(r3, 0x407, 0x9)

1.699634676s ago: executing program 4 (id=16200):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket(0x11, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
close_range(r1, 0xffffffffffffffff, 0x0)

1.634911837s ago: executing program 4 (id=16201):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080", @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r1}, 0x10)
poll(0x0, 0x0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="1805000053e8bf310000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7040000080000950000000000000f18aefc000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000300)='4', 0x1}, {&(0x7f0000000040)='\x00', 0x1}], 0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r7, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, r8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
writev(r8, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400), 0xffffffffffffffff)
r11 = syz_open_dev$vcsn(&(0x7f0000000000), 0x0, 0x2)
connect$inet(r11, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, r10, 0x1, 0x70bd2d, 0x0, {{}, {}, {0x14, 0x19, {0x0, 0x1, 0x1}}}}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0)

1.021274396s ago: executing program 2 (id=16205):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f0000000200)={0xb, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x1}}, 0x18)

957.749576ms ago: executing program 2 (id=16206):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
dup(r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000003c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x1ff)
rt_sigpending(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='f2fs_sync_fs\x00', r1}, 0x18)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000280)={{0x1}})
memfd_create(&(0x7f0000000380)='attr/sockcreate\x00', 0xb)
close(r3)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x601)
unshare(0x2a020400)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r6, 0x29, 0x35, 0x0, 0xffffff29)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000040)={'\x00', 0x7, 0x1, 0xc, 0xb, 0x59c, 0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRESDEC, @ANYRESDEC=r4, @ANYRESDEC=0x0, @ANYRES64, @ANYRES8=r7], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = dup(r10)
fsetxattr$security_selinux(r11, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:cpu_online_t:s0\x00', 0x22, 0x0)

895.290167ms ago: executing program 5 (id=16208):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

894.606447ms ago: executing program 2 (id=16209):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080", @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r1}, 0x10)
poll(0x0, 0x0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="1805000053e8bf310000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7040000080000950000000000000f18aefc000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000300)='4', 0x1}, {&(0x7f0000000040)='\x00', 0x1}], 0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r7, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, r8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
writev(r8, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400), 0xffffffffffffffff)
r11 = syz_open_dev$vcsn(&(0x7f0000000000), 0x0, 0x2)
connect$inet(r11, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, r10, 0x1, 0x70bd2d, 0x0, {{}, {}, {0x14, 0x19, {0x0, 0x1, 0x1}}}}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0)

829.143709ms ago: executing program 5 (id=16210):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r7, {0xd, 0x7}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x5c, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x4, 0x81, 0x1}, {0x2, 0xa5, 0x2}}}]}}]}]}]}}]}, 0x5c}}, 0x0)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f00000001c0)={0x7, &(0x7f0000000180)=[{0x9, 0x9, 0x9, 0xfffffff7}, {0x1, 0x3, 0x2, 0x71}, {0x8, 0x97, 0x8}, {0x5, 0x7, 0x9, 0x8}, {0x8c, 0x94, 0x3, 0x1ff}, {0x7fff, 0x4, 0x1, 0x4}, {0x80, 0x8, 0x6, 0x7}]}, 0x10)
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet6(0xa, 0xb, 0x51c6)
sendmsg$IPVS_CMD_SET_CONFIG(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01002abd70000000000001"], 0x24}}, 0x0)
getsockopt$SO_J1939_PROMISC(r8, 0x6b, 0x2, &(0x7f0000000540), &(0x7f0000000580)=0x4)
sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x637dc9dafdcc6073}, 0xc, &(0x7f00000004c0)={&(0x7f00000002c0)={0x38, r11, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x30, 0x10}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40084}, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
writev(r9, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r14=>0xffffffffffffffff})
splice(r13, 0x0, r14, 0x0, 0xf3a, 0x0)
write$cgroup_pid(r14, &(0x7f0000000000), 0xffffff98)
splice(r8, 0x0, r14, 0x0, 0x1, 0x4)
write(r12, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')

813.728349ms ago: executing program 6 (id=16211):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket(0x11, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
close_range(r1, 0xffffffffffffffff, 0x0)

755.37066ms ago: executing program 6 (id=16212):
socket$key(0xf, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0xa26}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e98263b, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, 0x3, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x10, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x108, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x400, 0x0, 0x0, 0x20]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000020}, {0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

720.03391ms ago: executing program 6 (id=16213):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xa26}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xc0000000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e98263b, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x0, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, 0x3, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x10, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x108, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x400, 0x0, 0x0, 0x20]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000020}, {0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0)

630.065802ms ago: executing program 6 (id=16214):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1], 0x2c}}, 0x0)

624.535891ms ago: executing program 4 (id=16215):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rt_acct\x00')
connect$pppoe(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x0, {0x2, @broadcast, 'gre0\x00'}}, 0x1e)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8)

577.619692ms ago: executing program 6 (id=16216):
r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f0000000200)={0xb, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x1}}, 0x18)

515.366503ms ago: executing program 4 (id=16217):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xb, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e89"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0xffffffff}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x7, 0xa, 0xfffffff3}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newtfilter={0x3c, 0x2c, 0xd2b, 0x800, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x9}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0xfffa, 0xfff2}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2c04c000}, 0x4000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getpgrp(0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f0000000000), 0xffffff6a)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r8, &(0x7f0000000140)='Q', 0x1, 0x200980)
socket(0xa, 0x3, 0x3a)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x18)

515.126543ms ago: executing program 6 (id=16218):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, &(0x7f0000000080), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="08000300fbff000000000000003bd81e92f9dc776f0456b368e8119645921f6f3707c53d82a744e5809c3336328fd0f2220802008e6f57310e1132a552d8ec4cb9ff6dfb1d71081154f73d76f4404bf32116d64df8342e3bab367f25168bdcad53a372ac09a2e30ba2555f2d8abb"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
vmsplice(r2, &(0x7f0000000180)=[{&(0x7f0000000100)="eb", 0x1}, {&(0x7f0000000300)="e24f443fe43191e39b92ccf7b81d62e5429142ef5fd73c5bb26cfbe1d02979b462236f8d43eaeeb77c1b5cc0659e05eae0e01335dac30a620b986a", 0x3b}], 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fcntl$setpipe(r3, 0x407, 0x9)

0s ago: executing program 5 (id=16219):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0)
writev(r1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r3, 0x0, 0xf7}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x44800)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@errors_remount}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_io_uring_setup(0x3466, &(0x7f00000005c0)={0x0, 0x923b, 0x10000, 0xffffffff, 0x4c}, 0x0, 0x0)
timer_create(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff})
ioctl$FIDEDUPERANGE(r5, 0xc0189436, &(0x7f00000005c0)=ANY=[])
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file0/file0\x00', 0x2)

kernel console output (not intermixed with test programs):

eftover after parsing attributes in process `syz.1.15572'.
[ 1116.881734][T14834] loop1: detected capacity change from 0 to 1024
[ 1116.888337][T14834] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1116.910922][T14838] syz.4.15571: attempt to access beyond end of device
[ 1116.910922][T14838] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1116.993181][T14844] 9pnet_fd: Insufficient options for proto=fd
[ 1117.017468][T14846] loop1: detected capacity change from 0 to 128
[ 1118.037319][T14865] loop2: detected capacity change from 0 to 2048
[ 1118.048024][T14869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15585'.
[ 1118.072199][T14865] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1118.080997][T14869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15585'.
[ 1118.109138][   T29] kauditd_printk_skb: 228 callbacks suppressed
[ 1118.109154][   T29] audit: type=1400 audit(1746957137.329:102679): avc:  denied  { create } for  pid=14864 comm="syz.2.15583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1118.167276][T14881] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15588'.
[ 1118.213454][T14881] loop5: detected capacity change from 0 to 1024
[ 1118.229104][T14883] loop1: detected capacity change from 0 to 512
[ 1118.235633][   T29] audit: type=1400 audit(1746957137.329:102680): avc:  denied  { create } for  pid=14874 comm="syz.1.15587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1118.256661][   T29] audit: type=1400 audit(1746957137.329:102681): avc:  denied  { write } for  pid=14874 comm="syz.1.15587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1118.277498][   T29] audit: type=1400 audit(1746957137.329:102682): avc:  denied  { read } for  pid=14874 comm="syz.1.15587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1118.298273][   T29] audit: type=1400 audit(1746957137.329:102683): avc:  denied  { map_create } for  pid=14874 comm="syz.1.15587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1118.317874][   T29] audit: type=1400 audit(1746957137.329:102684): avc:  denied  { perfmon } for  pid=14874 comm="syz.1.15587" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1118.322416][T14881] EXT4-fs: Ignoring removed nobh option
[ 1118.339113][   T29] audit: type=1400 audit(1746957137.329:102685): avc:  denied  { map_read map_write } for  pid=14874 comm="syz.1.15587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1118.344673][T14881] EXT4-fs: Ignoring removed bh option
[ 1118.364866][   T29] audit: type=1400 audit(1746957137.349:102686): avc:  denied  { prog_load } for  pid=14874 comm="syz.1.15587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1118.390059][   T29] audit: type=1400 audit(1746957137.349:102687): avc:  denied  { bpf } for  pid=14874 comm="syz.1.15587" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1118.411024][   T29] audit: type=1400 audit(1746957137.349:102688): avc:  denied  { prog_run } for  pid=14874 comm="syz.1.15587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1118.509427][ T4865] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:67: bg 0: block 345: padding at end of block bitmap is not set
[ 1118.527156][T14883] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1118.544204][ T4865] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 919 with error 117
[ 1118.556802][ T4865] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1118.556802][ T4865] 
[ 1118.599396][T14883] EXT4-fs (loop1): mount failed
[ 1118.627706][T14883] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1118.668428][T14894] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1118.700669][T14894] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1119.165562][T14907] loop4: detected capacity change from 0 to 1024
[ 1119.172729][T14907] EXT4-fs: Ignoring removed oldalloc option
[ 1119.178669][T14907] EXT4-fs: Ignoring removed bh option
[ 1119.186026][T14907] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1119.196974][T14907] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[ 1119.207561][T14907] JBD2: no valid journal superblock found
[ 1119.213427][T14907] EXT4-fs (loop4): Could not load journal inode
[ 1119.220942][T14911] blktrace: Concurrent blktraces are not allowed on sg0
[ 1119.233857][T14915] loop2: detected capacity change from 0 to 512
[ 1119.240830][T14915] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1119.241782][T14907] netlink: 76 bytes leftover after parsing attributes in process `syz.4.15596'.
[ 1119.257046][T14915] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1119.272626][T14915] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1119.289064][T14915] EXT4-fs (loop2): 1 truncate cleaned up
[ 1119.335216][T14923] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15603'.
[ 1119.365622][T14923] loop5: detected capacity change from 0 to 1024
[ 1119.373043][T14923] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1119.381493][T14936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1119.390744][T14936] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1119.401315][T14936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1119.410547][T14936] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1119.538986][T14951] netlink: 76 bytes leftover after parsing attributes in process `syz.0.15612'.
[ 1119.615140][T14961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1119.633773][T14961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1119.661220][T14964] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15615'.
[ 1119.677452][T14958] loop5: detected capacity change from 0 to 1024
[ 1119.684864][T14958] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1119.751954][T14971] loop4: detected capacity change from 0 to 2048
[ 1119.764206][T14973] loop5: detected capacity change from 0 to 512
[ 1119.771013][T14973] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1119.779371][T14973] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1119.810551][T14976] syz.1.15606: attempt to access beyond end of device
[ 1119.810551][T14976] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1119.834707][T14973] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1119.869553][T14973] EXT4-fs (loop5): 1 truncate cleaned up
[ 1120.249723][T14919] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1120.282453][T14992] loop2: detected capacity change from 0 to 2048
[ 1120.371093][T14996] loop5: detected capacity change from 0 to 2048
[ 1120.393770][T14996] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1120.521529][T15012] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15628'.
[ 1120.567335][T15012] loop4: detected capacity change from 0 to 1024
[ 1120.567873][T15012] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1120.656933][ T3393] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:54: bg 0: block 345: padding at end of block bitmap is not set
[ 1120.661928][ T3393] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 226 with error 117
[ 1120.661953][ T3393] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1120.661953][ T3393] 
[ 1120.810031][T15001] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1121.209854][T15031] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15633'.
[ 1121.277407][T15034] netlink: 44 bytes leftover after parsing attributes in process `syz.2.15635'.
[ 1121.460200][T15039] loop4: detected capacity change from 0 to 8192
[ 1121.487820][T15047] loop5: detected capacity change from 0 to 512
[ 1121.504891][T15047] EXT4-fs (loop5): 1 orphan inode deleted
[ 1121.511570][T15047] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1121.532791][ T3404] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:62: Failed to release dquot type 1
[ 1121.553509][T15047] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.15640: corrupted inode contents
[ 1121.561701][T15051] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15641'.
[ 1121.575073][T15047] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #16: comm syz.5.15640: mark_inode_dirty error
[ 1121.586784][T15051] loop2: detected capacity change from 0 to 1024
[ 1121.593425][T15051] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1121.638736][T15047] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.15640: corrupted inode contents
[ 1121.653530][T15047] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #16: comm syz.5.15640: mark_inode_dirty error
[ 1121.668828][T15047] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #16: comm syz.5.15640: mark inode dirty (error -117)
[ 1121.682430][T15047] EXT4-fs warning (device loop5): ext4_evict_inode:279: xattr delete (err -117)
[ 1121.741643][T15061] loop2: detected capacity change from 0 to 1024
[ 1121.748349][T15061] EXT4-fs: Ignoring removed oldalloc option
[ 1121.754574][T15061] EXT4-fs: Ignoring removed bh option
[ 1121.768209][T15061] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1121.779439][T15061] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[ 1121.789492][T15063] loop5: detected capacity change from 0 to 128
[ 1121.798757][T15061] JBD2: no valid journal superblock found
[ 1121.804626][T15061] EXT4-fs (loop2): Could not load journal inode
[ 1121.909546][T15061] netlink: 76 bytes leftover after parsing attributes in process `syz.2.15644'.
[ 1121.956805][T15068] loop2: detected capacity change from 0 to 128
[ 1121.965320][T15068] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1122.530847][T15083] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15651'.
[ 1122.616937][T15091] blktrace: Concurrent blktraces are not allowed on sg0
[ 1122.672463][T15094] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1122.683316][T15096] FAULT_INJECTION: forcing a failure.
[ 1122.683316][T15096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1122.696554][T15096] CPU: 0 UID: 0 PID: 15096 Comm: syz.5.15658 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1122.696675][T15096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1122.696738][T15096] Call Trace:
[ 1122.696744][T15096]  <TASK>
[ 1122.696752][T15096]  __dump_stack+0x1d/0x30
[ 1122.696777][T15096]  dump_stack_lvl+0xe8/0x140
[ 1122.696801][T15096]  dump_stack+0x15/0x1b
[ 1122.696820][T15096]  should_fail_ex+0x265/0x280
[ 1122.696896][T15096]  should_fail+0xb/0x20
[ 1122.696931][T15096]  should_fail_usercopy+0x1a/0x20
[ 1122.696952][T15096]  _copy_from_user+0x1c/0xb0
[ 1122.697014][T15096]  ___sys_sendmsg+0xc1/0x1d0
[ 1122.697052][T15096]  __x64_sys_sendmsg+0xd4/0x160
[ 1122.697077][T15096]  x64_sys_call+0x2999/0x2fb0
[ 1122.697138][T15096]  do_syscall_64+0xd0/0x1a0
[ 1122.697165][T15096]  ? clear_bhb_loop+0x25/0x80
[ 1122.697192][T15096]  ? clear_bhb_loop+0x25/0x80
[ 1122.697296][T15096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1122.697327][T15096] RIP: 0033:0x7f471911e969
[ 1122.697344][T15096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1122.697366][T15096] RSP: 002b:00007f4717787038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1122.697512][T15096] RAX: ffffffffffffffda RBX: 00007f4719345fa0 RCX: 00007f471911e969
[ 1122.697528][T15096] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1122.697543][T15096] RBP: 00007f4717787090 R08: 0000000000000000 R09: 0000000000000000
[ 1122.697557][T15096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1122.697571][T15096] R13: 0000000000000000 R14: 00007f4719345fa0 R15: 00007ffc408e5ec8
[ 1122.697595][T15096]  </TASK>
[ 1122.697947][T15098] netlink: 'syz.2.15659': attribute type 39 has an invalid length.
[ 1122.949612][T15111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1122.964509][T15111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1122.983340][T15111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1123.019483][T15111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1123.053787][T15112] loop4: detected capacity change from 0 to 8192
[ 1123.249968][T15122] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15666'.
[ 1123.306267][   T29] kauditd_printk_skb: 438 callbacks suppressed
[ 1123.306285][   T29] audit: type=1400 audit(1746957142.529:103125): avc:  denied  { create } for  pid=15124 comm="syz.2.15667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1123.412425][   T29] audit: type=1400 audit(1746957142.609:103126): avc:  denied  { mount } for  pid=15124 comm="syz.2.15667" name="/" dev="ramfs" ino=161606 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 1123.412812][T15126] syz.1.15663: attempt to access beyond end of device
[ 1123.412812][T15126] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1123.545675][T15129] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15668'.
[ 1123.581890][T15129] loop2: detected capacity change from 0 to 1024
[ 1123.608761][T15129] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1123.643216][   T29] audit: type=1326 audit(1746957142.869:103127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15131 comm="syz.0.15669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18daf3e969 code=0x7ffc0000
[ 1123.667136][   T29] audit: type=1326 audit(1746957142.869:103128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15131 comm="syz.0.15669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18daf3e969 code=0x7ffc0000
[ 1123.691239][   T29] audit: type=1326 audit(1746957142.869:103129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15131 comm="syz.0.15669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f18daf3e969 code=0x7ffc0000
[ 1123.693894][T15132] blktrace: Concurrent blktraces are not allowed on sg0
[ 1123.729352][   T29] audit: type=1326 audit(1746957142.869:103130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15131 comm="syz.0.15669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18daf3e969 code=0x7ffc0000
[ 1123.753248][   T29] audit: type=1326 audit(1746957142.879:103131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15131 comm="syz.0.15669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f18daf3e969 code=0x7ffc0000
[ 1123.777245][   T29] audit: type=1326 audit(1746957142.879:103132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15131 comm="syz.0.15669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18daf3e969 code=0x7ffc0000
[ 1123.801041][   T29] audit: type=1326 audit(1746957142.879:103133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15131 comm="syz.0.15669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18daf3e969 code=0x7ffc0000
[ 1123.824898][   T29] audit: type=1326 audit(1746957142.879:103134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15131 comm="syz.0.15669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f18daf3e969 code=0x7ffc0000
[ 1123.936089][T15138] netlink: 76 bytes leftover after parsing attributes in process `syz.0.15671'.
[ 1124.010639][T15145] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15674'.
[ 1124.013911][T15147] loop2: detected capacity change from 0 to 512
[ 1124.046585][T15147] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1124.047601][T15145] loop5: detected capacity change from 0 to 1024
[ 1124.056870][T15147] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1124.077118][T15145] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1124.101414][T15147] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1124.129579][T15147] EXT4-fs (loop2): 1 truncate cleaned up
[ 1124.184096][T15155] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15677'.
[ 1124.304561][T15166] blktrace: Concurrent blktraces are not allowed on sg0
[ 1124.675057][T15187] loop5: detected capacity change from 0 to 4096
[ 1124.683853][T15189] loop2: detected capacity change from 0 to 512
[ 1124.723068][T15189] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1124.757210][T15194] hub 1-0:1.0: USB hub found
[ 1124.772456][T15194] hub 1-0:1.0: 8 ports detected
[ 1124.777572][T15189] EXT4-fs (loop2): mount failed
[ 1125.027696][T15202] loop5: detected capacity change from 0 to 512
[ 1125.068227][T15202] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1125.072457][T15197] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1125.087825][T15197] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1125.109354][T15202] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1125.210833][T15202] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1125.249954][T15202] EXT4-fs (loop5): 1 truncate cleaned up
[ 1125.771000][T15218] loop2: detected capacity change from 0 to 512
[ 1125.783487][T15218] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1125.810856][T15223] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1125.819416][T15223] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1125.831676][T15218] EXT4-fs (loop2): 1 truncate cleaned up
[ 1125.901607][T15229] loop4: detected capacity change from 0 to 4096
[ 1125.992130][T15239] hub 1-0:1.0: USB hub found
[ 1126.002063][T15239] hub 1-0:1.0: 8 ports detected
[ 1126.040470][T15244] loop1: detected capacity change from 0 to 4096
[ 1126.078379][T11443] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /225/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.100189][T11443] EXT4-fs error (device loop1): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.119976][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.131768][T11443] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /225/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.159738][T11443] EXT4-fs error (device loop1): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.181745][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.201416][T11443] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /225/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.230591][T11443] EXT4-fs error (device loop1): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.251501][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.264347][T11443] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /225/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.287164][T11443] EXT4-fs error (device loop1): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.310878][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.326900][T11443] EXT4-fs error (device loop1): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /225/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.350608][T11443] EXT4-fs error (device loop1): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1126.407144][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.423201][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.451955][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.500755][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.513545][T15258] loop4: detected capacity change from 0 to 2048
[ 1126.522249][T15261] loop5: detected capacity change from 0 to 2048
[ 1126.536232][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.556559][T11443] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[ 1126.571407][T15261] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1126.594471][T15258] ext4 filesystem being mounted at /581/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1126.887152][ T4865] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1126.972203][ T4865] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.038372][ T3412] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:66: bg 0: block 345: padding at end of block bitmap is not set
[ 1127.043799][ T3393] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:54: bg 0: block 345: padding at end of block bitmap is not set
[ 1127.102181][ T4865] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.128855][ T3412] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 738 with error 117
[ 1127.130169][ T3393] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[ 1127.141519][ T3412] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1127.141519][ T3412] 
[ 1127.154074][ T3393] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1127.154074][ T3393] 
[ 1127.196718][T15292] loop2: detected capacity change from 0 to 512
[ 1127.222415][ T4865] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.243789][T15292] EXT4-fs (loop2): 1 orphan inode deleted
[ 1127.250636][T15292] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1127.261420][ T3373] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:39: Failed to release dquot type 1
[ 1127.289982][ T3412] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 174 with error 28
[ 1127.302832][ T3412] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1127.302832][ T3412] 
[ 1127.312509][ T3412] EXT4-fs (loop5): Total free blocks count 0
[ 1127.318519][ T3412] EXT4-fs (loop5): Free/Dirty block details
[ 1127.324535][ T3412] EXT4-fs (loop5): free_blocks=0
[ 1127.329536][ T3412] EXT4-fs (loop5): dirty_blocks=192
[ 1127.334743][ T3412] EXT4-fs (loop5): Block reservation details
[ 1127.340762][ T3412] EXT4-fs (loop5): i_reserved_data_blocks=12
[ 1127.378887][T15292] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #16: comm syz.2.15722: corrupted inode contents
[ 1127.414720][T15292] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #16: comm syz.2.15722: mark_inode_dirty error
[ 1127.449751][T15292] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #16: comm syz.2.15722: corrupted inode contents
[ 1127.467143][T15292] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #16: comm syz.2.15722: mark_inode_dirty error
[ 1127.485572][T15292] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #16: comm syz.2.15722: mark inode dirty (error -117)
[ 1127.499005][T15292] EXT4-fs warning (device loop2): ext4_evict_inode:279: xattr delete (err -117)
[ 1127.569995][ T4865] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1127.591046][ T4865] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1127.623964][ T4865] bond0 (unregistering): Released all slaves
[ 1127.702110][T15306] __nla_validate_parse: 1 callbacks suppressed
[ 1127.702128][T15306] netlink: 44 bytes leftover after parsing attributes in process `syz.5.15727'.
[ 1127.774053][ T4865] IPVS: stopping master sync thread 12063 ...
[ 1127.796725][ T4865] hsr_slave_0: left promiscuous mode
[ 1127.824504][T15317] hub 1-0:1.0: USB hub found
[ 1127.832799][ T4865] hsr_slave_1: left promiscuous mode
[ 1127.840391][T15315] loop2: detected capacity change from 0 to 4096
[ 1127.847283][T15317] hub 1-0:1.0: 8 ports detected
[ 1127.854035][ T4865] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1127.861482][ T4865] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1127.892955][ T4865] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1127.900450][ T4865] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1127.934701][ T4865] veth1_macvtap: left promiscuous mode
[ 1127.944216][T15320] netlink: 76 bytes leftover after parsing attributes in process `syz.0.15728'.
[ 1127.959901][ T4865] veth0_macvtap: left promiscuous mode
[ 1127.975990][ T4865] veth1_vlan: left promiscuous mode
[ 1127.986137][ T4865] veth0_vlan: left promiscuous mode
[ 1128.012131][T15324] hub 1-0:1.0: USB hub found
[ 1128.022217][T15324] hub 1-0:1.0: 8 ports detected
[ 1128.057641][T15327] loop4: detected capacity change from 0 to 512
[ 1128.071931][T15327] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1128.087085][T15327] EXT4-fs (loop4): mount failed
[ 1128.111119][ T4865] team0 (unregistering): Port device team_slave_1 removed
[ 1128.121721][ T4865] team0 (unregistering): Port device team_slave_0 removed
[ 1128.198849][T15287] chnl_net:caif_netlink_parms(): no params data found
[ 1128.216114][T15341] netlink: 16 bytes leftover after parsing attributes in process `syz.5.15738'.
[ 1128.252052][T15341] bond0: (slave bond_slave_0): Releasing backup interface
[ 1128.262337][T15341] bond0: (slave bond_slave_1): Releasing backup interface
[ 1128.275206][T15341] team0: Port device team_slave_0 removed
[ 1128.284287][T15341] team0: Port device team_slave_1 removed
[ 1128.291152][T15341] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1128.298575][T15341] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1128.307450][T15341] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1128.315079][T15341] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1128.366864][   T29] kauditd_printk_skb: 357 callbacks suppressed
[ 1128.366881][   T29] audit: type=1400 audit(1746957147.589:103489): avc:  denied  { append } for  pid=15348 comm="syz.5.15741" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1128.404641][T15287] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1128.412103][T15287] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1128.419866][T15287] bridge_slave_0: entered allmulticast mode
[ 1128.426794][T15287] bridge_slave_0: entered promiscuous mode
[ 1128.434754][T15287] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1128.441920][T15287] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1128.449362][T15287] bridge_slave_1: entered allmulticast mode
[ 1128.456283][T15287] bridge_slave_1: entered promiscuous mode
[ 1128.481788][T15287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1128.501527][T15287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1128.539829][T15287] team0: Port device team_slave_0 added
[ 1128.546690][T15287] team0: Port device team_slave_1 added
[ 1128.613938][T15287] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1128.620985][T15287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1128.647005][T15287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1128.654183][T15361] loop5: detected capacity change from 0 to 2048
[ 1128.671912][T15287] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1128.678983][T15287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1128.704995][T15287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1128.708585][T15365] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15747'.
[ 1128.738056][T15363] netlink: 76 bytes leftover after parsing attributes in process `syz.0.15746'.
[ 1128.793224][T15287] hsr_slave_0: entered promiscuous mode
[ 1128.804136][T15287] hsr_slave_1: entered promiscuous mode
[ 1128.812469][T15287] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1128.816402][T15374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1128.820379][   T29] audit: type=1400 audit(1746957148.039:103490): avc:  denied  { read write } for  pid=15373 comm="syz.0.15750" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1128.831729][T15374] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1128.852361][   T29] audit: type=1400 audit(1746957148.039:103491): avc:  denied  { open } for  pid=15373 comm="syz.0.15750" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1128.867073][T15374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1128.883787][   T29] audit: type=1400 audit(1746957148.039:103492): avc:  denied  { ioctl } for  pid=15373 comm="syz.0.15750" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1128.884546][T15287] Cannot create hsr debugfs directory
[ 1128.892303][T15374] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1128.931870][T15349] netlink: 52 bytes leftover after parsing attributes in process `syz.5.15741'.
[ 1128.945287][   T29] audit: type=1400 audit(1746957148.169:103493): avc:  denied  { sqpoll } for  pid=15369 comm="syz.2.15748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1128.977890][T15375] netlink: 40 bytes leftover after parsing attributes in process `syz.2.15748'.
[ 1128.987209][   T29] audit: type=1400 audit(1746957148.199:103494): avc:  denied  { create } for  pid=15369 comm="syz.2.15748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1129.007171][   T29] audit: type=1400 audit(1746957148.199:103495): avc:  denied  { read } for  pid=15369 comm="syz.2.15748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1129.050782][T15375] loop2: detected capacity change from 0 to 512
[ 1129.057884][T15375] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1129.067834][   T29] audit: type=1400 audit(1746957148.289:103496): avc:  denied  { create } for  pid=15348 comm="syz.5.15741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1129.087957][   T29] audit: type=1400 audit(1746957148.289:103497): avc:  denied  { connect } for  pid=15348 comm="syz.5.15741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1129.091830][T15380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1129.111751][T15375] EXT4-fs (loop2): 1 truncate cleaned up
[ 1129.116844][T15380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1129.131900][T15375] EXT4-fs mount: 44 callbacks suppressed
[ 1129.131917][T15375] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1129.169373][T15382] syz.0.15750: attempt to access beyond end of device
[ 1129.169373][T15382] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1129.307720][T15380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1129.349050][T15380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1129.552978][T15287] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1129.564667][T15287] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1129.567440][T15287] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1129.988161][T15385] syz.4.15751: attempt to access beyond end of device
[ 1129.988161][T15385] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1130.035108][T13455] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.200903][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.267531][T15287] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1130.314034][T15287] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1130.319939][   T29] audit: type=1400 audit(1746957149.539:103498): avc:  denied  { ioctl } for  pid=15386 comm="syz.2.15752" path="socket:[164366]" dev="sockfs" ino=164366 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1130.325684][T15287] 8021q: adding VLAN 0 to HW filter on device team0
[ 1130.360831][ T3359] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1130.367970][ T3359] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1130.397933][ T3393] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1130.397967][ T3393] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1130.435477][T15287] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1130.446044][T15287] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1130.467752][T15399] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15757'.
[ 1130.508593][T15287] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1130.571650][T15287] veth0_vlan: entered promiscuous mode
[ 1130.580091][T15287] veth1_vlan: entered promiscuous mode
[ 1130.597258][T15287] veth0_macvtap: entered promiscuous mode
[ 1130.607823][T15287] veth1_macvtap: entered promiscuous mode
[ 1130.620699][T15287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1130.631283][T15287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.641196][T15287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1130.651725][T15287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.661630][T15287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1130.672079][T15287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.684335][T15287] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1130.695584][T15287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1130.706272][T15287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.716184][T15287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1130.719817][T15404] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1130.726701][T15287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.735277][T15404] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1130.744903][T15287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1130.763057][T15287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.774324][T15287] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1130.785275][T15287] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.794133][T15287] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.802988][T15287] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.811764][T15287] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.868923][T15425] loop6: detected capacity change from 0 to 1024
[ 1130.875665][T15425] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1130.959548][T15429] netlink: 40 bytes leftover after parsing attributes in process `syz.6.15761'.
[ 1130.971960][T15429] loop6: detected capacity change from 0 to 512
[ 1130.979318][T15429] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1130.992049][T15429] EXT4-fs (loop6): 1 truncate cleaned up
[ 1130.998102][T15429] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1131.330795][T15436] 9pnet: Could not find request transport: fd0x0000000000000005
[ 1131.383040][T15441] loop5: detected capacity change from 0 to 512
[ 1131.401652][T15441] EXT4-fs (loop5): 1 orphan inode deleted
[ 1131.407873][T15441] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1131.421946][T15441] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1131.433918][ T4865] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:67: Failed to release dquot type 1
[ 1131.446501][T15441] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.15765: corrupted inode contents
[ 1131.459120][T15441] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #16: comm syz.5.15765: mark_inode_dirty error
[ 1131.472002][T15441] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.15765: corrupted inode contents
[ 1131.484768][T15441] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #16: comm syz.5.15765: mark_inode_dirty error
[ 1131.500764][T15441] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #16: comm syz.5.15765: mark inode dirty (error -117)
[ 1131.514148][T15441] EXT4-fs warning (device loop5): ext4_evict_inode:279: xattr delete (err -117)
[ 1131.520156][T15445] loop2: detected capacity change from 0 to 512
[ 1131.536840][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1131.543192][T15445] EXT4-fs (loop2): 1 orphan inode deleted
[ 1131.546333][ T3412] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:66: Failed to release dquot type 1
[ 1131.552886][T15445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1131.577131][T15445] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1131.592751][T15449] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15767'.
[ 1131.602756][T15445] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #16: comm syz.2.15766: corrupted inode contents
[ 1131.615250][T15445] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #16: comm syz.2.15766: mark_inode_dirty error
[ 1131.627359][T15445] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #16: comm syz.2.15766: corrupted inode contents
[ 1131.640702][T15445] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #16: comm syz.2.15766: mark_inode_dirty error
[ 1131.653964][T15445] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #16: comm syz.2.15766: mark inode dirty (error -117)
[ 1131.666955][T15445] EXT4-fs warning (device loop2): ext4_evict_inode:279: xattr delete (err -117)
[ 1131.690814][T13455] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1131.749620][T15287] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1131.842307][T15464] SELinux: syz.5.15773 (15464) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[ 1131.973654][T15460] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1131.993295][T15480] loop5: detected capacity change from 0 to 512
[ 1132.001248][T15460] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1132.009885][T15480] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1132.030362][T15480] EXT4-fs (loop5): 1 truncate cleaned up
[ 1132.036603][T15480] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1132.059532][T15486] loop2: detected capacity change from 0 to 1024
[ 1132.066722][T15486] EXT4-fs: Ignoring removed nobh option
[ 1132.072520][T15486] EXT4-fs: Ignoring removed bh option
[ 1132.192450][T15486] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1132.265535][T13455] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1132.328421][T15498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1132.352779][T15498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1132.378294][T15498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1132.386997][T15498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1132.598911][T15504] syz.2.15784: attempt to access beyond end of device
[ 1132.598911][T15504] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1132.993735][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1133.020519][T15506] loop5: detected capacity change from 0 to 512
[ 1133.027377][T15506] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1133.043063][T15508] __nla_validate_parse: 3 callbacks suppressed
[ 1133.043082][T15508] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15789'.
[ 1133.059130][T15506] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1133.077142][T15506] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1133.107644][T15506] EXT4-fs (loop5): 1 truncate cleaned up
[ 1133.117230][T15506] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1133.149537][T15518] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15794'.
[ 1133.185078][T15523] blktrace: Concurrent blktraces are not allowed on sg0
[ 1133.192262][T15518] loop4: detected capacity change from 0 to 1024
[ 1133.206420][T15518] EXT4-fs: Ignoring removed nobh option
[ 1133.212082][T15518] EXT4-fs: Ignoring removed bh option
[ 1133.242357][T15518] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1133.280193][ T7065] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1133.291675][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1133.360859][T15544] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15800'.
[ 1133.373876][   T29] kauditd_printk_skb: 168 callbacks suppressed
[ 1133.373895][   T29] audit: type=1326 audit(1746957152.599:103665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.375953][T15543] blktrace: Concurrent blktraces are not allowed on sg0
[ 1133.380186][   T29] audit: type=1326 audit(1746957152.599:103666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.434731][   T29] audit: type=1326 audit(1746957152.599:103667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f22c359d2d0 code=0x7ffc0000
[ 1133.458714][   T29] audit: type=1326 audit(1746957152.599:103668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.482554][   T29] audit: type=1326 audit(1746957152.599:103669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.506413][   T29] audit: type=1326 audit(1746957152.599:103670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.523784][T15534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1133.530215][   T29] audit: type=1326 audit(1746957152.599:103671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.540221][T15534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1133.562404][   T29] audit: type=1326 audit(1746957152.599:103672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.594263][   T29] audit: type=1326 audit(1746957152.599:103673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.618028][   T29] audit: type=1326 audit(1746957152.599:103674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15542 comm="syz.6.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1133.653156][T15548] 9pnet_fd: Insufficient options for proto=fd
[ 1133.676293][T15553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1133.684891][T15553] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1133.694105][T15553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1133.702739][T15553] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1133.711916][T15556] program syz.6.15808 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1133.743429][T15558] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15809'.
[ 1133.758450][T15558] loop6: detected capacity change from 0 to 1024
[ 1133.765436][T15558] EXT4-fs: Ignoring removed nobh option
[ 1133.771053][T15558] EXT4-fs: Ignoring removed bh option
[ 1133.781024][T15558] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1133.811159][T15287] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.020428][T15571] FAULT_INJECTION: forcing a failure.
[ 1134.020428][T15571] name failslab, interval 1, probability 0, space 0, times 0
[ 1134.033138][T15571] CPU: 1 UID: 0 PID: 15571 Comm: syz.6.15813 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1134.033173][T15571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1134.033187][T15571] Call Trace:
[ 1134.033193][T15571]  <TASK>
[ 1134.033201][T15571]  __dump_stack+0x1d/0x30
[ 1134.033229][T15571]  dump_stack_lvl+0xe8/0x140
[ 1134.033273][T15571]  dump_stack+0x15/0x1b
[ 1134.033293][T15571]  should_fail_ex+0x265/0x280
[ 1134.033329][T15571]  should_failslab+0x8c/0xb0
[ 1134.033423][T15571]  kmem_cache_alloc_noprof+0x50/0x310
[ 1134.033456][T15571]  ? skb_clone+0x151/0x1f0
[ 1134.033476][T15571]  skb_clone+0x151/0x1f0
[ 1134.033497][T15571]  __netlink_deliver_tap+0x2c9/0x500
[ 1134.033582][T15571]  netlink_unicast+0x64c/0x670
[ 1134.033610][T15571]  netlink_sendmsg+0x58b/0x6b0
[ 1134.033644][T15571]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1134.033698][T15571]  __sock_sendmsg+0x142/0x180
[ 1134.033727][T15571]  ____sys_sendmsg+0x31e/0x4e0
[ 1134.033748][T15571]  ___sys_sendmsg+0x17b/0x1d0
[ 1134.033838][T15571]  __x64_sys_sendmsg+0xd4/0x160
[ 1134.033866][T15571]  x64_sys_call+0x2999/0x2fb0
[ 1134.033892][T15571]  do_syscall_64+0xd0/0x1a0
[ 1134.033924][T15571]  ? clear_bhb_loop+0x25/0x80
[ 1134.033944][T15571]  ? clear_bhb_loop+0x25/0x80
[ 1134.034039][T15571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1134.034060][T15571] RIP: 0033:0x7f22c359e969
[ 1134.034075][T15571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1134.034092][T15571] RSP: 002b:00007f22c1c07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1134.034111][T15571] RAX: ffffffffffffffda RBX: 00007f22c37c5fa0 RCX: 00007f22c359e969
[ 1134.034126][T15571] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1134.034149][T15571] RBP: 00007f22c1c07090 R08: 0000000000000000 R09: 0000000000000000
[ 1134.034164][T15571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1134.034178][T15571] R13: 0000000000000000 R14: 00007f22c37c5fa0 R15: 00007ffce2212068
[ 1134.034200][T15571]  </TASK>
[ 1134.258978][T15553] syz.4.15806: attempt to access beyond end of device
[ 1134.258978][T15553] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1134.510796][T15587] loop6: detected capacity change from 0 to 8192
[ 1134.518982][T15590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15821'.
[ 1134.876950][T15605] loop5: detected capacity change from 0 to 512
[ 1134.892565][T15605] EXT4-fs (loop5): 1 orphan inode deleted
[ 1134.899188][T15605] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1134.913317][T15605] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1134.919591][ T3359] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:25: Failed to release dquot type 1
[ 1134.938846][T15605] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.15825: corrupted inode contents
[ 1134.955108][T15605] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #16: comm syz.5.15825: mark_inode_dirty error
[ 1134.967634][T15605] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.15825: corrupted inode contents
[ 1134.980030][T15605] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #16: comm syz.5.15825: mark_inode_dirty error
[ 1134.993789][T15605] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #16: comm syz.5.15825: mark inode dirty (error -117)
[ 1135.007115][T15605] EXT4-fs warning (device loop5): ext4_evict_inode:279: xattr delete (err -117)
[ 1135.032379][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1135.078295][T15611] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15827'.
[ 1135.094796][T15611] loop5: detected capacity change from 0 to 1024
[ 1135.101919][T15609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1135.112108][T15609] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1135.112164][T15611] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1135.165067][T15616] loop5: detected capacity change from 0 to 512
[ 1135.173869][T15616] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1135.196470][T15616] EXT4-fs (loop5): 1 truncate cleaned up
[ 1135.203145][T15616] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1135.217700][T15616] EXT4-fs error (device loop5): __ext4_iget:5025: inode #12: block 2: comm syz.5.15828: invalid block
[ 1135.230627][T15616] EXT4-fs (loop5): Remounting filesystem read-only
[ 1135.266436][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1135.295059][T15619] loop5: detected capacity change from 0 to 128
[ 1135.312205][T15619] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1135.373756][T15619] ext4 filesystem being mounted at /257/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1135.408820][T15626] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1135.417787][T15626] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1135.527480][T15635] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15836'.
[ 1135.559563][T15640] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15838'.
[ 1135.559794][T15641] loop4: detected capacity change from 0 to 512
[ 1135.568719][T15640] bridge_slave_1: left allmulticast mode
[ 1135.576705][T15641] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1135.580910][T15640] bridge_slave_1: left promiscuous mode
[ 1135.592132][T15641] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1135.593081][T15640] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1135.605105][T15641] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1135.625551][T15641] EXT4-fs (loop4): 1 truncate cleaned up
[ 1135.625952][T15640] bridge_slave_0: left allmulticast mode
[ 1135.637188][T15640] bridge_slave_0: left promiscuous mode
[ 1135.637541][T15641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1135.643019][T15640] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1135.655823][T15644] loop6: detected capacity change from 0 to 1024
[ 1135.678777][T15644] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1135.745185][T15650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15840'.
[ 1135.816771][T15654] SELinux: failed to load policy
[ 1135.847190][T15658] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15844'.
[ 1135.912782][T15666] loop6: detected capacity change from 0 to 128
[ 1135.921757][T15666] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1135.934225][T15666] ext4 filesystem being mounted at /29/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1135.983381][T15287] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1135.991964][T15663] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15663 comm=syz.0.15847
[ 1136.033922][T15676] FAULT_INJECTION: forcing a failure.
[ 1136.033922][T15676] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1136.047197][T15676] CPU: 0 UID: 0 PID: 15676 Comm: syz.6.15852 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1136.047228][T15676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1136.047244][T15676] Call Trace:
[ 1136.047251][T15676]  <TASK>
[ 1136.047261][T15676]  __dump_stack+0x1d/0x30
[ 1136.047287][T15676]  dump_stack_lvl+0xe8/0x140
[ 1136.047391][T15676]  dump_stack+0x15/0x1b
[ 1136.047432][T15676]  should_fail_ex+0x265/0x280
[ 1136.047473][T15676]  should_fail+0xb/0x20
[ 1136.047531][T15676]  should_fail_usercopy+0x1a/0x20
[ 1136.047549][T15676]  _copy_from_user+0x1c/0xb0
[ 1136.047569][T15676]  ___sys_sendmsg+0xc1/0x1d0
[ 1136.047698][T15676]  __x64_sys_sendmsg+0xd4/0x160
[ 1136.047729][T15676]  x64_sys_call+0x2999/0x2fb0
[ 1136.047848][T15676]  do_syscall_64+0xd0/0x1a0
[ 1136.047873][T15676]  ? clear_bhb_loop+0x25/0x80
[ 1136.047962][T15676]  ? clear_bhb_loop+0x25/0x80
[ 1136.047988][T15676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1136.048029][T15676] RIP: 0033:0x7f22c359e969
[ 1136.048046][T15676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1136.048102][T15676] RSP: 002b:00007f22c1c07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1136.048121][T15676] RAX: ffffffffffffffda RBX: 00007f22c37c5fa0 RCX: 00007f22c359e969
[ 1136.048136][T15676] RDX: 0000000000000080 RSI: 0000200000001080 RDI: 0000000000000003
[ 1136.048194][T15676] RBP: 00007f22c1c07090 R08: 0000000000000000 R09: 0000000000000000
[ 1136.048206][T15676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1136.048217][T15676] R13: 0000000000000000 R14: 00007f22c37c5fa0 R15: 00007ffce2212068
[ 1136.048235][T15676]  </TASK>
[ 1136.230932][T15670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1136.241168][T15670] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1136.250914][T11931] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1136.263142][T15678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1136.272001][T15678] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1136.281175][T15678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1136.289647][T15678] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1136.410005][ T7065] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1136.506938][T15698] syz.6.15855: attempt to access beyond end of device
[ 1136.506938][T15698] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1137.293782][T15720] netlink: 'syz.2.15862': attribute type 16 has an invalid length.
[ 1137.301757][T15720] netlink: 'syz.2.15862': attribute type 17 has an invalid length.
[ 1137.504557][T15707] loop2: detected capacity change from 0 to 512
[ 1137.585340][T15707] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1137.599441][T15707] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1137.623326][T15700] chnl_net:caif_netlink_parms(): no params data found
[ 1137.625260][T15728] FAULT_INJECTION: forcing a failure.
[ 1137.625260][T15728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1137.643352][T15728] CPU: 1 UID: 0 PID: 15728 Comm: syz.0.15865 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1137.643423][T15728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1137.643439][T15728] Call Trace:
[ 1137.643448][T15728]  <TASK>
[ 1137.643487][T15728]  __dump_stack+0x1d/0x30
[ 1137.643512][T15728]  dump_stack_lvl+0xe8/0x140
[ 1137.643533][T15728]  dump_stack+0x15/0x1b
[ 1137.643552][T15728]  should_fail_ex+0x265/0x280
[ 1137.643588][T15728]  should_fail+0xb/0x20
[ 1137.643636][T15728]  should_fail_usercopy+0x1a/0x20
[ 1137.643654][T15728]  _copy_from_user+0x1c/0xb0
[ 1137.643748][T15728]  proc_control+0x43/0xa0
[ 1137.643776][T15728]  usbdev_ioctl+0x948/0x1710
[ 1137.643809][T15728]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 1137.643906][T15728]  __se_sys_ioctl+0xcb/0x140
[ 1137.643928][T15728]  __x64_sys_ioctl+0x43/0x50
[ 1137.644010][T15728]  x64_sys_call+0x19a8/0x2fb0
[ 1137.644031][T15728]  do_syscall_64+0xd0/0x1a0
[ 1137.644147][T15728]  ? clear_bhb_loop+0x25/0x80
[ 1137.644174][T15728]  ? clear_bhb_loop+0x25/0x80
[ 1137.644245][T15728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1137.644275][T15728] RIP: 0033:0x7f18daf3e969
[ 1137.644294][T15728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1137.644317][T15728] RSP: 002b:00007f18d95a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1137.644338][T15728] RAX: ffffffffffffffda RBX: 00007f18db165fa0 RCX: 00007f18daf3e969
[ 1137.644425][T15728] RDX: 00002000000000c0 RSI: 00000000c0185500 RDI: 0000000000000005
[ 1137.644501][T15728] RBP: 00007f18d95a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1137.644516][T15728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1137.644530][T15728] R13: 0000000000000000 R14: 00007f18db165fa0 R15: 00007ffd72ac9438
[ 1137.644623][T15728]  </TASK>
[ 1137.968343][T15700] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1137.975541][T15700] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1138.038514][T15700] bridge_slave_0: entered allmulticast mode
[ 1138.072555][T15700] bridge_slave_0: entered promiscuous mode
[ 1138.102170][T15700] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1138.109287][T15700] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1138.139453][T15700] bridge_slave_1: entered allmulticast mode
[ 1138.160047][T15700] bridge_slave_1: entered promiscuous mode
[ 1138.185967][T15739] __nla_validate_parse: 5 callbacks suppressed
[ 1138.185987][T15739] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15868'.
[ 1138.224801][T15700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1138.233008][T15739] loop5: detected capacity change from 0 to 1024
[ 1138.249184][T15739] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1138.260209][T15700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1138.329037][T15700] team0: Port device team_slave_0 added
[ 1138.352238][T15700] team0: Port device team_slave_1 added
[ 1138.389053][T15746] loop5: detected capacity change from 0 to 512
[ 1138.402780][T15700] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1138.404188][T15746] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1138.409751][T15700] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1138.442378][T15700] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1138.453723][T15746] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1138.521630][T15746] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1138.570236][T15746] EXT4-fs (loop5): 1 truncate cleaned up
[ 1138.585798][T15746] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1138.611526][T15700] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1138.618591][T15700] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1138.644531][T15700] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1138.755655][T15700] hsr_slave_0: entered promiscuous mode
[ 1138.768244][T15700] hsr_slave_1: entered promiscuous mode
[ 1138.774244][T15700] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1138.781906][T15700] Cannot create hsr debugfs directory
[ 1138.864356][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1138.929955][T15700] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1139.003840][T15700] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1139.063291][T15700] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1139.093632][T15752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1139.102520][T15752] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1139.126732][T15700] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1139.198737][T15700] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1139.209577][T15700] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1139.218633][T15700] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1139.229782][T15700] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1139.284403][T15700] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1139.296262][T15700] 8021q: adding VLAN 0 to HW filter on device team0
[ 1139.336565][ T3393] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1139.343674][ T3393] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1139.353137][ T3393] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1139.360245][ T3393] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1139.393339][T15762] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1139.401963][T15762] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1139.488112][T15700] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1139.497413][   T29] kauditd_printk_skb: 195 callbacks suppressed
[ 1139.497429][   T29] audit: type=1326 audit(1746957158.719:103869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.529028][   T29] audit: type=1326 audit(1746957158.719:103870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.552940][   T29] audit: type=1326 audit(1746957158.749:103871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.576785][   T29] audit: type=1326 audit(1746957158.749:103872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.600590][   T29] audit: type=1326 audit(1746957158.749:103873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.651390][T15775] netlink: 16 bytes leftover after parsing attributes in process `syz.6.15877'.
[ 1139.686059][   T29] audit: type=1326 audit(1746957158.749:103874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.710060][   T29] audit: type=1326 audit(1746957158.749:103875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.733932][   T29] audit: type=1326 audit(1746957158.759:103876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.757879][   T29] audit: type=1326 audit(1746957158.759:103877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.781721][   T29] audit: type=1326 audit(1746957158.759:103878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15770 comm="syz.6.15877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22c359e969 code=0x7ffc0000
[ 1139.861171][T15782] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15878'.
[ 1139.886268][T15782] loop5: detected capacity change from 0 to 1024
[ 1139.900683][T15782] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1139.901484][T15700] veth0_vlan: entered promiscuous mode
[ 1139.917785][T15700] veth1_vlan: entered promiscuous mode
[ 1139.936312][T15700] veth0_macvtap: entered promiscuous mode
[ 1139.973415][T15700] veth1_macvtap: entered promiscuous mode
[ 1139.985270][T15799] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15881'.
[ 1139.997360][T15700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1140.007858][T15700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.017786][T15700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1140.028255][T15700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.038136][T15700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1140.048733][T15700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.058682][T15700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1140.069168][T15700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.081500][T15700] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1140.100250][T15700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1140.110849][T15700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.120755][T15700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1140.131508][T15700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.141520][T15700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1140.151994][T15700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.161815][T15700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1140.172297][T15700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1140.185200][T15700] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1140.197091][T15700] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1140.205961][T15700] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1140.214714][T15700] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1140.223513][T15700] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1140.316107][T13455] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1140.331036][T15820] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15889'.
[ 1140.341794][T15820] bridge_slave_1: left allmulticast mode
[ 1140.347532][T15820] bridge_slave_1: left promiscuous mode
[ 1140.353424][T15820] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1140.362791][T15820] bridge_slave_0: left allmulticast mode
[ 1140.368509][T15820] bridge_slave_0: left promiscuous mode
[ 1140.368814][T15824] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1140.374277][T15820] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1140.385585][T15824] loop2: detected capacity change from 0 to 128
[ 1140.406844][T15825] loop4: detected capacity change from 0 to 1024
[ 1140.415289][T15825] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1140.490001][T15835] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1140.498780][T15835] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1140.649368][T15845] blktrace: Concurrent blktraces are not allowed on sg0
[ 1140.655877][T15847] FAULT_INJECTION: forcing a failure.
[ 1140.655877][T15847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1140.669635][T15847] CPU: 1 UID: 0 PID: 15847 Comm: syz.6.15899 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1140.669671][T15847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1140.669687][T15847] Call Trace:
[ 1140.669694][T15847]  <TASK>
[ 1140.669703][T15847]  __dump_stack+0x1d/0x30
[ 1140.669725][T15847]  dump_stack_lvl+0xe8/0x140
[ 1140.669750][T15847]  dump_stack+0x15/0x1b
[ 1140.669765][T15847]  should_fail_ex+0x265/0x280
[ 1140.669800][T15847]  should_fail+0xb/0x20
[ 1140.669835][T15847]  should_fail_usercopy+0x1a/0x20
[ 1140.669856][T15847]  _copy_from_user+0x1c/0xb0
[ 1140.669945][T15847]  __sys_bpf+0x178/0x790
[ 1140.669984][T15847]  __x64_sys_bpf+0x41/0x50
[ 1140.670015][T15847]  x64_sys_call+0x2478/0x2fb0
[ 1140.670107][T15847]  do_syscall_64+0xd0/0x1a0
[ 1140.670135][T15847]  ? clear_bhb_loop+0x25/0x80
[ 1140.670161][T15847]  ? clear_bhb_loop+0x25/0x80
[ 1140.670282][T15847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1140.670353][T15847] RIP: 0033:0x7f22c359e969
[ 1140.670372][T15847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1140.670401][T15847] RSP: 002b:00007f22c1c07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1140.670425][T15847] RAX: ffffffffffffffda RBX: 00007f22c37c5fa0 RCX: 00007f22c359e969
[ 1140.670481][T15847] RDX: 0000000000000020 RSI: 0000200000000400 RDI: 0000000000000015
[ 1140.670497][T15847] RBP: 00007f22c1c07090 R08: 0000000000000000 R09: 0000000000000000
[ 1140.670512][T15847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1140.670527][T15847] R13: 0000000000000000 R14: 00007f22c37c5fa0 R15: 00007ffce2212068
[ 1140.670553][T15847]  </TASK>
[ 1140.731907][T15851] netlink: 56 bytes leftover after parsing attributes in process `syz.6.15901'.
[ 1140.855721][T15851] netlink: 40 bytes leftover after parsing attributes in process `syz.6.15901'.
[ 1140.922621][T15867] xt_CT: No such helper "pptp"
[ 1141.027704][T15877] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1141.071147][T15885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1141.081362][T15885] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1141.107714][T15891] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1141.337659][T15893] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1141.346724][T15893] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1141.396684][T15901] loop5: detected capacity change from 0 to 8192
[ 1141.576347][T15906] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1141.624183][T15908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1141.641650][T15908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1141.708089][T15914] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15926'.
[ 1141.746325][T15910] loop6: detected capacity change from 0 to 1024
[ 1141.759536][T15910] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1142.275269][T15936] loop2: detected capacity change from 0 to 1024
[ 1142.290631][T15936] EXT4-fs: Ignoring removed oldalloc option
[ 1142.296614][T15936] EXT4-fs: Ignoring removed bh option
[ 1142.313235][T15936] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1142.324271][T15936] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[ 1142.410135][T15936] JBD2: no valid journal superblock found
[ 1142.416049][T15936] EXT4-fs (loop2): Could not load journal inode
[ 1142.474631][T15946] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15942'.
[ 1142.521081][T15946] loop4: detected capacity change from 0 to 1024
[ 1142.530030][T15946] EXT4-fs: Ignoring removed nobh option
[ 1142.535626][T15946] EXT4-fs: Ignoring removed bh option
[ 1142.635997][T15946] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1142.658100][T15962] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1142.723564][T15962] loop2: detected capacity change from 0 to 128
[ 1142.752331][T15700] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1142.877577][T15970] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15950'.
[ 1142.977791][T15978] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1142.996245][T15977] loop4: detected capacity change from 0 to 512
[ 1142.998393][T15978] loop2: detected capacity change from 0 to 128
[ 1143.041092][T15977] EXT4-fs (loop4): 1 orphan inode deleted
[ 1143.050728][T15977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1143.064504][ T3373] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:39: Failed to release dquot type 1
[ 1143.118121][T15977] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1143.157311][T15977] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.15953: corrupted inode contents
[ 1143.206048][T15977] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #16: comm syz.4.15953: mark_inode_dirty error
[ 1143.246421][T15977] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.15953: corrupted inode contents
[ 1143.289501][T15977] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #16: comm syz.4.15953: mark_inode_dirty error
[ 1143.334132][T15977] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #16: comm syz.4.15953: mark inode dirty (error -117)
[ 1143.361985][T15977] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -117)
[ 1143.412954][T15700] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1143.436255][T15983] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1143.463211][T15983] loop6: detected capacity change from 0 to 128
[ 1143.472368][T15985] __nla_validate_parse: 1 callbacks suppressed
[ 1143.472384][T15985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15955'.
[ 1143.537809][T15985] loop4: detected capacity change from 0 to 1024
[ 1143.548802][T15985] EXT4-fs: Ignoring removed nobh option
[ 1143.554446][T15985] EXT4-fs: Ignoring removed bh option
[ 1143.574172][T15985] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1143.655349][T15991] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15958'.
[ 1143.685216][T15991] loop6: detected capacity change from 0 to 1024
[ 1143.694618][T15700] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1143.705701][T15991] EXT4-fs: Ignoring removed nobh option
[ 1143.711309][T15991] EXT4-fs: Ignoring removed bh option
[ 1143.743825][T15991] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1143.792820][T15287] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1143.995137][T16013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1144.023898][T16013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1144.042193][T16014] xt_hashlimit: max too large, truncated to 1048576
[ 1144.052428][T16013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1144.078079][T16005] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1144.084495][T16013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1144.096168][T16005] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1144.337863][T16019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15969'.
[ 1144.420416][T16022] syz.2.15967: attempt to access beyond end of device
[ 1144.420416][T16022] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1144.591009][   T29] kauditd_printk_skb: 256 callbacks suppressed
[ 1144.591023][   T29] audit: type=1400 audit(1746957163.819:104134): avc:  denied  { create } for  pid=16029 comm="syz.0.15974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1144.652489][   T29] audit: type=1400 audit(1746957163.839:104135): avc:  denied  { bind } for  pid=16029 comm="syz.0.15974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1144.672242][   T29] audit: type=1400 audit(1746957163.839:104136): avc:  denied  { name_bind } for  pid=16029 comm="syz.0.15974" src=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[ 1144.693330][   T29] audit: type=1400 audit(1746957163.839:104137): avc:  denied  { node_bind } for  pid=16029 comm="syz.0.15974" src=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1144.714378][   T29] audit: type=1400 audit(1746957163.839:104138): avc:  denied  { connect } for  pid=16029 comm="syz.0.15974" lport=105 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1144.845114][T16040] loop6: detected capacity change from 0 to 512
[ 1144.856628][T16042] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15980'.
[ 1144.870991][T16040] EXT4-fs: Ignoring removed orlov option
[ 1144.880426][   T29] audit: type=1400 audit(1746957164.049:104139): avc:  denied  { ioctl } for  pid=16039 comm="syz.6.15978" path="socket:[166922]" dev="sockfs" ino=166922 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1144.932246][T16040] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1144.956691][T16048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1144.975193][T16040] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1144.979103][T16048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1145.007535][   T29] audit: type=1400 audit(1746957164.229:104140): avc:  denied  { write open } for  pid=16039 comm="syz.6.15978" path="/66/bus/bus" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1145.030861][   T29] audit: type=1400 audit(1746957164.229:104141): avc:  denied  { append } for  pid=16039 comm="syz.6.15978" name="file2" dev="loop6" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1145.059219][T16040] vlan2: entered allmulticast mode
[ 1145.064503][T16040] bridge_slave_0: entered allmulticast mode
[ 1145.139316][T16058] loop4: detected capacity change from 0 to 4096
[ 1145.148175][T16058] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1145.220521][T15700] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1145.231330][T15287] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1145.264460][   T29] audit: type=1400 audit(1746957164.489:104142): avc:  denied  { append } for  pid=16065 comm="syz.4.15989" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1145.287877][T16068] loop4: detected capacity change from 0 to 1024
[ 1145.301394][T16068] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1145.305076][T16072] loop6: detected capacity change from 0 to 512
[ 1145.321609][T16068] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.15990: Allocating blocks 385-513 which overlap fs metadata
[ 1145.322097][T16072] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1145.335739][T16056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1145.345443][T16072] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1145.350903][T16056] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1145.362876][T16068] EXT4-fs (loop4): pa ffff888104d509a0: logic 16, phys. 129, len 24
[ 1145.376354][T16068] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[ 1145.383751][T16072] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1145.400973][T16072] EXT4-fs (loop6): 1 truncate cleaned up
[ 1145.407056][T16072] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1145.420838][T15700] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1145.445375][T16076] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15992'.
[ 1145.457780][T16076] loop4: detected capacity change from 0 to 1024
[ 1145.464470][T16076] EXT4-fs: Ignoring removed nobh option
[ 1145.470172][T16076] EXT4-fs: Ignoring removed bh option
[ 1145.480653][T16076] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1145.505929][T15700] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1145.546382][T16083] loop5: detected capacity change from 0 to 2048
[ 1145.555939][T15287] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1145.566387][T16083] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1145.580420][T16083] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1145.584056][T16088] loop6: detected capacity change from 0 to 512
[ 1145.595877][T16086] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15993'.
[ 1145.597283][   T29] audit: type=1400 audit(1746957164.819:104143): avc:  denied  { sqpoll } for  pid=16080 comm="syz.4.15993" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1145.641778][T16088] EXT4-fs (loop6): 1 orphan inode deleted
[ 1145.648445][T16088] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1145.662471][T16092] loop4: detected capacity change from 0 to 512
[ 1145.665599][T16088] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1145.679190][ T3393] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:54: Failed to release dquot type 1
[ 1145.691344][T16092] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1145.718448][T16088] EXT4-fs error (device loop6): ext4_do_update_inode:5211: inode #16: comm syz.6.15995: corrupted inode contents
[ 1145.735526][T16088] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #16: comm syz.6.15995: mark_inode_dirty error
[ 1145.748903][T16092] EXT4-fs (loop4): 1 truncate cleaned up
[ 1145.757118][T16092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1145.769923][ T3393] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:54: bg 0: block 345: padding at end of block bitmap is not set
[ 1145.786834][T16088] EXT4-fs error (device loop6): ext4_do_update_inode:5211: inode #16: comm syz.6.15995: corrupted inode contents
[ 1145.802037][T16088] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2991: inode #16: comm syz.6.15995: mark_inode_dirty error
[ 1145.816789][ T3393] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 89 with error 117
[ 1145.829441][ T3393] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1145.829441][ T3393] 
[ 1145.842009][T16088] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2994: inode #16: comm syz.6.15995: mark inode dirty (error -117)
[ 1145.856951][T16088] EXT4-fs warning (device loop6): ext4_evict_inode:279: xattr delete (err -117)
[ 1145.881538][T15287] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1146.048409][T16102] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1146.056953][T16102] loop6: detected capacity change from 0 to 128
[ 1146.595712][T16109] netlink: 100 bytes leftover after parsing attributes in process `syz.6.16001'.
[ 1146.621322][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1146.644438][T15700] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1146.644444][T16111] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16003'.
[ 1146.649915][T16111] loop6: detected capacity change from 0 to 1024
[ 1146.671220][T16111] EXT4-fs: Ignoring removed nobh option
[ 1146.676869][T16111] EXT4-fs: Ignoring removed bh option
[ 1146.684152][T16113] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1146.697607][T16111] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1146.736600][T15287] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1146.747460][T16123] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1146.752647][T16125] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1146.756924][T16123] loop5: detected capacity change from 0 to 128
[ 1146.763373][T16125] loop4: detected capacity change from 0 to 128
[ 1146.830825][T16128] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1146.968118][T16138] FAULT_INJECTION: forcing a failure.
[ 1146.968118][T16138] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1146.981315][T16138] CPU: 1 UID: 0 PID: 16138 Comm: syz.6.16013 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1146.981347][T16138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1146.981360][T16138] Call Trace:
[ 1146.981366][T16138]  <TASK>
[ 1146.981374][T16138]  __dump_stack+0x1d/0x30
[ 1146.981399][T16138]  dump_stack_lvl+0xe8/0x140
[ 1146.981483][T16138]  dump_stack+0x15/0x1b
[ 1146.981501][T16138]  should_fail_ex+0x265/0x280
[ 1146.981557][T16138]  should_fail+0xb/0x20
[ 1146.981583][T16138]  should_fail_usercopy+0x1a/0x20
[ 1146.981605][T16138]  _copy_to_user+0x20/0xa0
[ 1146.981632][T16138]  simple_read_from_buffer+0xb5/0x130
[ 1146.981656][T16138]  proc_fail_nth_read+0x100/0x140
[ 1146.981753][T16138]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1146.981833][T16138]  vfs_read+0x19d/0x6f0
[ 1146.981878][T16138]  ? kmem_cache_free+0xdd/0x2f0
[ 1146.981942][T16138]  ? fdget+0xbd/0x110
[ 1146.981969][T16138]  ? __sys_connect+0x20b/0x2b0
[ 1146.982010][T16138]  ksys_read+0xda/0x1a0
[ 1146.982078][T16138]  __x64_sys_read+0x40/0x50
[ 1146.982105][T16138]  x64_sys_call+0x2d77/0x2fb0
[ 1146.982125][T16138]  do_syscall_64+0xd0/0x1a0
[ 1146.982147][T16138]  ? clear_bhb_loop+0x25/0x80
[ 1146.982168][T16138]  ? clear_bhb_loop+0x25/0x80
[ 1146.982263][T16138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1146.982288][T16138] RIP: 0033:0x7f22c359d37c
[ 1146.982305][T16138] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1146.982328][T16138] RSP: 002b:00007f22c1c07030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1146.982381][T16138] RAX: ffffffffffffffda RBX: 00007f22c37c5fa0 RCX: 00007f22c359d37c
[ 1146.982396][T16138] RDX: 000000000000000f RSI: 00007f22c1c070a0 RDI: 0000000000000004
[ 1146.982412][T16138] RBP: 00007f22c1c07090 R08: 0000000000000000 R09: 0000000000000000
[ 1146.982494][T16138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1146.982519][T16138] R13: 0000000000000000 R14: 00007f22c37c5fa0 R15: 00007ffce2212068
[ 1146.982554][T16138]  </TASK>
[ 1147.284452][T16152] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16019'.
[ 1147.297051][T16154] loop6: detected capacity change from 0 to 128
[ 1147.299752][T16152] loop2: detected capacity change from 0 to 1024
[ 1147.310244][T16152] EXT4-fs: Ignoring removed nobh option
[ 1147.315869][T16152] EXT4-fs: Ignoring removed bh option
[ 1147.421567][T16152] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1147.448451][T13455] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1147.536565][T16161] loop2: detected capacity change from 0 to 2048
[ 1147.583419][T16161] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1147.641519][T16161] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1148.197506][T16172] blktrace: Concurrent blktraces are not allowed on sg0
[ 1148.462337][T16200] loop4: detected capacity change from 0 to 512
[ 1148.479928][T16200] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1148.551379][T16203] loop5: detected capacity change from 0 to 128
[ 1148.594441][T16200] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1148.614220][T16204] loop6: detected capacity change from 0 to 2048
[ 1148.642342][T16200] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1148.696973][ T3393] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:54: bg 0: block 345: padding at end of block bitmap is not set
[ 1148.726009][T16200] EXT4-fs (loop4): 1 truncate cleaned up
[ 1148.759223][T16200] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1148.793793][ T3393] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 833 with error 117
[ 1148.806418][ T3393] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1148.806418][ T3393] 
[ 1149.051767][T16204] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1149.312615][T16216] FAULT_INJECTION: forcing a failure.
[ 1149.312615][T16216] name failslab, interval 1, probability 0, space 0, times 0
[ 1149.325337][T16216] CPU: 1 UID: 0 PID: 16216 Comm: +}[@ Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1149.325429][T16216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1149.325443][T16216] Call Trace:
[ 1149.325450][T16216]  <TASK>
[ 1149.325458][T16216]  __dump_stack+0x1d/0x30
[ 1149.325481][T16216]  dump_stack_lvl+0xe8/0x140
[ 1149.325503][T16216]  dump_stack+0x15/0x1b
[ 1149.325524][T16216]  should_fail_ex+0x265/0x280
[ 1149.325566][T16216]  ? alloc_super+0x3d/0x570
[ 1149.325591][T16216]  should_failslab+0x8c/0xb0
[ 1149.325626][T16216]  __kmalloc_cache_noprof+0x4c/0x320
[ 1149.325652][T16216]  ? avc_has_perm_noaudit+0x1b1/0x200
[ 1149.325755][T16216]  alloc_super+0x3d/0x570
[ 1149.325775][T16216]  ? selinux_capable+0x1f9/0x270
[ 1149.325798][T16216]  sget_fc+0x24e/0x6e0
[ 1149.325817][T16216]  ? __pfx_set_anon_super_fc+0x10/0x10
[ 1149.325857][T16216]  ? __pfx_proc_fill_super+0x10/0x10
[ 1149.325890][T16216]  get_tree_nodev+0x2a/0x100
[ 1149.325914][T16216]  proc_get_tree+0x1c/0x30
[ 1149.325965][T16216]  vfs_get_tree+0x54/0x1d0
[ 1149.326002][T16216]  vfs_cmd_create+0x8a/0x140
[ 1149.326030][T16216]  vfs_fsconfig_locked+0x6f/0x210
[ 1149.326125][T16216]  __se_sys_fsconfig+0x648/0x770
[ 1149.326157][T16216]  __x64_sys_fsconfig+0x67/0x80
[ 1149.326186][T16216]  x64_sys_call+0x3b8/0x2fb0
[ 1149.326208][T16216]  do_syscall_64+0xd0/0x1a0
[ 1149.326231][T16216]  ? clear_bhb_loop+0x25/0x80
[ 1149.326309][T16216]  ? clear_bhb_loop+0x25/0x80
[ 1149.326331][T16216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1149.326354][T16216] RIP: 0033:0x7f22c359e969
[ 1149.326415][T16216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1149.326434][T16216] RSP: 002b:00007f22c1c07038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 1149.326454][T16216] RAX: ffffffffffffffda RBX: 00007f22c37c5fa0 RCX: 00007f22c359e969
[ 1149.326467][T16216] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[ 1149.326481][T16216] RBP: 00007f22c1c07090 R08: 0000000000000000 R09: 0000000000000000
[ 1149.326495][T16216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1149.326586][T16216] R13: 0000000000000000 R14: 00007f22c37c5fa0 R15: 00007ffce2212068
[ 1149.326609][T16216]  </TASK>
[ 1149.608593][T16218] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16039'.
[ 1149.623294][   T29] kauditd_printk_skb: 363 callbacks suppressed
[ 1149.623310][   T29] audit: type=1400 audit(1746957168.849:104506): avc:  denied  { create } for  pid=16219 comm="syz.0.16040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1149.657734][T16224] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1149.679883][T16223] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1149.697706][   T29] audit: type=1400 audit(1746957168.899:104507): avc:  denied  { create } for  pid=16217 comm="syz.5.16039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1149.717880][   T29] audit: type=1400 audit(1746957168.899:104508): avc:  denied  { setopt } for  pid=16219 comm="syz.0.16040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1149.737985][   T29] audit: type=1400 audit(1746957168.899:104509): avc:  denied  { bind } for  pid=16219 comm="syz.0.16040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1149.757712][   T29] audit: type=1400 audit(1746957168.899:104510): avc:  denied  { name_bind } for  pid=16219 comm="syz.0.16040" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[ 1149.779937][   T29] audit: type=1400 audit(1746957168.899:104511): avc:  denied  { node_bind } for  pid=16219 comm="syz.0.16040" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[ 1149.810519][   T29] audit: type=1400 audit(1746957169.039:104512): avc:  denied  { mount } for  pid=16227 comm="+}[@" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1149.889717][   T29] audit: type=1400 audit(1746957169.119:104513): avc:  denied  { kexec_image_load } for  pid=16229 comm="syz.0.16046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[ 1149.928283][T16242] loop2: detected capacity change from 0 to 128
[ 1149.977074][   T29] audit: type=1326 audit(1746957169.199:104514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16233 comm="syz.4.16048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec8e85e969 code=0x7ffc0000
[ 1150.055865][   T29] audit: type=1326 audit(1746957169.229:104515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16233 comm="syz.4.16048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec8e85e969 code=0x7ffc0000
[ 1150.196861][T16232] loop5: detected capacity change from 0 to 2048
[ 1150.209039][T16254] loop4: detected capacity change from 0 to 2048
[ 1150.213825][T16259] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1150.262664][T16261] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1150.486903][T16274] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1150.698140][T16254] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1150.708723][T16281] loop6: detected capacity change from 0 to 2048
[ 1150.732396][T16281] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1151.025417][T16297] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1151.136955][T16302] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1151.166066][T16302] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1151.168558][ T3393] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm kworker/u8:54: bg 0: block 345: padding at end of block bitmap is not set
[ 1151.190310][ T3359] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:25: bg 0: block 345: padding at end of block bitmap is not set
[ 1151.207893][T16302] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1151.216501][T16302] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1151.229361][ T3359] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[ 1151.242052][ T3359] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1151.242052][ T3359] 
[ 1151.277398][ T3393] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 697 with error 117
[ 1151.290010][ T3393] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1151.290010][ T3393] 
[ 1151.455245][ T3359] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 713 with max blocks 1 with error 28
[ 1151.467703][ T3359] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1151.467703][ T3359] 
[ 1151.477533][ T3359] EXT4-fs (loop6): Total free blocks count 0
[ 1151.483644][ T3359] EXT4-fs (loop6): Free/Dirty block details
[ 1151.489606][ T3359] EXT4-fs (loop6): free_blocks=0
[ 1151.494589][ T3359] EXT4-fs (loop6): dirty_blocks=16
[ 1151.499808][ T3359] EXT4-fs (loop6): Block reservation details
[ 1151.505797][ T3359] EXT4-fs (loop6): i_reserved_data_blocks=1
[ 1151.593836][T16313] syz.2.16072: attempt to access beyond end of device
[ 1151.593836][T16313] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1151.767757][T16316] loop5: detected capacity change from 0 to 128
[ 1152.576354][ T3359] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 2048 with error 117
[ 1152.589520][ T3359] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1152.589520][ T3359] 
[ 1152.622613][ T3359] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3081 with max blocks 29 with error 28
[ 1152.635321][ T3359] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1152.635321][ T3359] 
[ 1152.645012][ T3359] EXT4-fs (loop4): Total free blocks count 0
[ 1152.651128][ T3359] EXT4-fs (loop4): Free/Dirty block details
[ 1152.657036][ T3359] EXT4-fs (loop4): free_blocks=0
[ 1152.662069][ T3359] EXT4-fs (loop4): dirty_blocks=48
[ 1152.664104][T16328] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1152.699408][T16330] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1152.701550][T16332] loop6: detected capacity change from 0 to 128
[ 1152.716490][T16330] loop5: detected capacity change from 0 to 128
[ 1152.730061][T16332] ext4 filesystem being mounted at /95/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1152.906591][T16341] loop4: detected capacity change from 0 to 2048
[ 1152.931290][T16341] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1153.251452][ T3369] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:35: bg 0: block 345: padding at end of block bitmap is not set
[ 1153.421005][T16353] netlink: 'syz.0.16090': attribute type 16 has an invalid length.
[ 1153.428968][T16353] netlink: 'syz.0.16090': attribute type 17 has an invalid length.
[ 1153.581167][ T3369] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[ 1153.593911][ T3369] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1153.593911][ T3369] 
[ 1153.881226][T16357] blktrace: Concurrent blktraces are not allowed on sg0
[ 1153.923139][T16359] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16093'.
[ 1154.005151][T16360] loop6: detected capacity change from 0 to 1024
[ 1154.019033][T16360] EXT4-fs: Ignoring removed nobh option
[ 1154.024682][T16360] EXT4-fs: Ignoring removed bh option
[ 1154.178372][T16366] loop2: detected capacity change from 0 to 128
[ 1154.994342][ T3369] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 568 with error 28
[ 1155.007088][ T3369] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1155.007088][ T3369] 
[ 1155.016752][ T3369] EXT4-fs (loop4): Total free blocks count 0
[ 1155.022814][ T3369] EXT4-fs (loop4): Free/Dirty block details
[ 1155.028899][ T3369] EXT4-fs (loop4): free_blocks=0
[ 1155.033894][ T3369] EXT4-fs (loop4): dirty_blocks=576
[ 1155.039105][ T3369] EXT4-fs (loop4): Block reservation details
[ 1155.045118][ T3369] EXT4-fs (loop4): i_reserved_data_blocks=36
[ 1155.166086][   T29] kauditd_printk_skb: 276 callbacks suppressed
[ 1155.166103][   T29] audit: type=1400 audit(1746957174.389:104792): avc:  denied  { sqpoll } for  pid=16375 comm="syz.6.16099" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1155.212030][T16372] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16096'.
[ 1155.248194][   T29] audit: type=1400 audit(1746957174.429:104793): avc:  denied  { write } for  pid=16369 comm="syz.5.16096" name="rt_acct" dev="proc" ino=4026532459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 1155.271644][   T29] audit: type=1400 audit(1746957174.439:104794): avc:  denied  { create } for  pid=16369 comm="syz.5.16096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1155.291576][   T29] audit: type=1400 audit(1746957174.439:104795): avc:  denied  { connect } for  pid=16369 comm="syz.5.16096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1155.311598][   T29] audit: type=1400 audit(1746957174.439:104796): avc:  denied  { write } for  pid=16369 comm="syz.5.16096" path="socket:[167491]" dev="sockfs" ino=167491 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1155.340321][   T29] audit: type=1400 audit(1746957174.569:104797): avc:  denied  { ioctl } for  pid=16375 comm="syz.6.16099" path="socket:[168360]" dev="sockfs" ino=168360 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1155.353837][T16383] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1155.365749][   T29] audit: type=1400 audit(1746957174.569:104798): avc:  denied  { module_request } for  pid=16375 comm="syz.6.16099" kmod="netdev-bridge0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 1155.389671][T16384] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16099'.
[ 1155.415644][T16385] loop5: detected capacity change from 0 to 128
[ 1155.452676][T16384] loop6: detected capacity change from 0 to 1024
[ 1155.470242][T16384] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1155.476393][   T29] audit: type=1400 audit(1746957174.629:104799): avc:  denied  { sys_module } for  pid=16375 comm="syz.6.16099" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1155.500470][   T29] audit: type=1400 audit(1746957174.649:104800): avc:  denied  { read } for  pid=16379 comm="syz.2.16100" name="event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1155.524281][   T29] audit: type=1400 audit(1746957174.649:104801): avc:  denied  { open } for  pid=16379 comm="syz.2.16100" path="/dev/input/event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1155.550761][T16388] loop2: detected capacity change from 0 to 128
[ 1155.572547][T16388] ext4 filesystem being mounted at /184/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1155.780836][T16400] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1156.077816][T16409] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16110'.
[ 1156.111342][T16406] loop6: detected capacity change from 0 to 1024
[ 1156.112197][T16416] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1156.120176][T16406] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1156.244566][T16428] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1156.395436][T16451] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1156.435406][T16456] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16132'.
[ 1156.455435][T16458] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1156.476344][T16459] loop4: detected capacity change from 0 to 2048
[ 1156.486358][T16462] loop6: detected capacity change from 0 to 128
[ 1156.510874][T16462] ext4 filesystem being mounted at /109/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1156.703751][T16478] loop2: detected capacity change from 0 to 128
[ 1156.730135][T16478] syz.2.16139: attempt to access beyond end of device
[ 1156.730135][T16478] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[ 1156.749329][T16478] syz.2.16139: attempt to access beyond end of device
[ 1156.749329][T16478] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[ 1157.119619][T16491] netlink: 'syz.4.16144': attribute type 16 has an invalid length.
[ 1157.127555][T16491] netlink: 'syz.4.16144': attribute type 17 has an invalid length.
[ 1157.364167][T16495] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1157.526977][T16499] loop5: detected capacity change from 0 to 128
[ 1157.609864][T16503] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1158.501835][T16519] netlink: 16 bytes leftover after parsing attributes in process `syz.5.16152'.
[ 1158.551528][T16522] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 1158.558817][T16520] loop2: detected capacity change from 0 to 2048
[ 1158.623214][T16529] loop6: detected capacity change from 0 to 128
[ 1158.632663][T16529] ext4 filesystem being mounted at /112/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1158.779617][T16525] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1158.882952][T16541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16160'.
[ 1158.897966][T16541] loop2: detected capacity change from 0 to 1024
[ 1158.904731][T16541] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1158.971493][T16553] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1159.012803][T16556] xt_hashlimit: max too large, truncated to 1048576
[ 1159.058333][T16562] loop4: detected capacity change from 0 to 128
[ 1159.498843][T15287] EXT4-fs unmount: 24 callbacks suppressed
[ 1159.498927][T15287] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1159.833551][T16577] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1160.010373][T16581] netlink: 'syz.6.16171': attribute type 16 has an invalid length.
[ 1160.010396][T16581] netlink: 'syz.6.16171': attribute type 17 has an invalid length.
[ 1160.335748][T16588] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1160.465544][T16593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1160.492136][T16593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1160.567207][T16593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1160.575811][T16593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1160.676254][T16597] loop4: detected capacity change from 0 to 128
[ 1160.692696][T16597] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1160.705162][T16597] ext4 filesystem being mounted at /60/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1160.803478][T16601] syz.0.16180: attempt to access beyond end of device
[ 1160.803478][T16601] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1160.816708][   T29] kauditd_printk_skb: 178 callbacks suppressed
[ 1160.822960][   T29] audit: type=1326 audit(1746957179.789:104980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec8e85e969 code=0x7ffc0000
[ 1160.846747][   T29] audit: type=1326 audit(1746957179.789:104981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fec8e85e969 code=0x7ffc0000
[ 1160.870621][   T29] audit: type=1326 audit(1746957179.789:104982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fec8e85e9a3 code=0x7ffc0000
[ 1160.894440][   T29] audit: type=1326 audit(1746957179.789:104983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fec8e85d41f code=0x7ffc0000
[ 1160.918193][   T29] audit: type=1326 audit(1746957179.789:104984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fec8e85e9f7 code=0x7ffc0000
[ 1160.941997][   T29] audit: type=1326 audit(1746957179.789:104985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fec8e85d2d0 code=0x7ffc0000
[ 1160.965875][   T29] audit: type=1326 audit(1746957179.899:104986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fec8e85e56b code=0x7ffc0000
[ 1160.989626][   T29] audit: type=1326 audit(1746957179.909:104987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fec8e85d5ca code=0x7ffc0000
[ 1161.013256][   T29] audit: type=1326 audit(1746957179.919:104988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fec8e85d5ca code=0x7ffc0000
[ 1161.036897][   T29] audit: type=1326 audit(1746957179.919:104989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16596 comm="syz.4.16181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fec8e85d1d7 code=0x7ffc0000
[ 1161.213317][T16610] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1161.464697][T15700] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1161.673665][T16623] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1161.797506][T16628] blktrace: Concurrent blktraces are not allowed on sg0
[ 1161.861699][T16632] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1161.896080][T16634] loop2: detected capacity change from 0 to 2048
[ 1161.913113][T16636] FAULT_INJECTION: forcing a failure.
[ 1161.913113][T16636] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1161.926327][T16636] CPU: 0 UID: 0 PID: 16636 Comm: syz.4.16188 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1161.926356][T16636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1161.926412][T16636] Call Trace:
[ 1161.926419][T16636]  <TASK>
[ 1161.926429][T16636]  __dump_stack+0x1d/0x30
[ 1161.926455][T16636]  dump_stack_lvl+0xe8/0x140
[ 1161.926491][T16636]  dump_stack+0x15/0x1b
[ 1161.926511][T16636]  should_fail_ex+0x265/0x280
[ 1161.926639][T16636]  should_fail+0xb/0x20
[ 1161.926674][T16636]  should_fail_usercopy+0x1a/0x20
[ 1161.926698][T16636]  _copy_from_user+0x1c/0xb0
[ 1161.926725][T16636]  ___sys_sendmsg+0xc1/0x1d0
[ 1161.926827][T16636]  __x64_sys_sendmsg+0xd4/0x160
[ 1161.926857][T16636]  x64_sys_call+0x2999/0x2fb0
[ 1161.926964][T16636]  do_syscall_64+0xd0/0x1a0
[ 1161.927026][T16636]  ? clear_bhb_loop+0x25/0x80
[ 1161.927051][T16636]  ? clear_bhb_loop+0x25/0x80
[ 1161.927122][T16636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1161.927149][T16636] RIP: 0033:0x7fec8e85e969
[ 1161.927201][T16636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1161.927224][T16636] RSP: 002b:00007fec8cec7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1161.927288][T16636] RAX: ffffffffffffffda RBX: 00007fec8ea85fa0 RCX: 00007fec8e85e969
[ 1161.927318][T16636] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[ 1161.927333][T16636] RBP: 00007fec8cec7090 R08: 0000000000000000 R09: 0000000000000000
[ 1161.927347][T16636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1161.927361][T16636] R13: 0000000000000000 R14: 00007fec8ea85fa0 R15: 00007ffe9105b7b8
[ 1161.927380][T16636]  </TASK>
[ 1162.130451][T16634] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1162.146185][T16645] loop5: detected capacity change from 0 to 128
[ 1162.185852][T16645] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1162.207422][T16645] ext4 filesystem being mounted at /314/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1162.327365][T16656] loop4: detected capacity change from 0 to 2048
[ 1162.352241][T16656] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1162.367910][T16656] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1162.386696][T16658] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16202'.
[ 1162.482442][T16658] loop6: detected capacity change from 0 to 1024
[ 1162.528890][ T3373] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:39: bg 0: block 345: padding at end of block bitmap is not set
[ 1162.547850][T16658] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1162.580246][T16658] netlink: 24 bytes leftover after parsing attributes in process `syz.6.16202'.
[ 1162.603895][ T3373] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 113 with error 117
[ 1162.616615][ T3373] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1162.616615][ T3373] 
[ 1162.636551][ T3373] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 129 with max blocks 2 with error 117
[ 1162.649169][ T3373] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1162.649169][ T3373] 
[ 1162.830710][T16670] loop6: detected capacity change from 0 to 1024
[ 1162.857901][T16670] EXT4-fs: Ignoring removed nobh option
[ 1162.863544][T16670] EXT4-fs: Ignoring removed bh option
[ 1162.883210][T13455] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1162.894835][T16670] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1162.964266][T16676] blktrace: Concurrent blktraces are not allowed on sg0
[ 1162.974157][T15287] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1162.984371][T11931] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1163.037874][T16681] loop2: detected capacity change from 0 to 2048
[ 1163.051210][T16681] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1163.076036][T16681] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1163.103986][T16691] netlink: 16 bytes leftover after parsing attributes in process `syz.5.16210'.
[ 1163.162052][T16693] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1163.220462][T16696] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[ 1163.279871][T15700] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1163.387473][T16709] loop6: detected capacity change from 0 to 128
[ 1163.465139][T16709] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1163.482803][T16709] ext4 filesystem being mounted at /126/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1163.565119][ T3373] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:39: bg 0: block 345: padding at end of block bitmap is not set
[ 1163.645019][ T3373] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1016 with error 117
[ 1163.657749][ T3373] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1163.657749][ T3373] 
[ 1163.748066][T16713] loop4: detected capacity change from 0 to 8192
[ 1163.928898][ T3393] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1032 with max blocks 80 with error 28
[ 1163.941513][ T3393] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1163.941513][ T3393] 
[ 1163.951615][ T3393] EXT4-fs (loop2): Total free blocks count 0
[ 1163.957999][ T3393] EXT4-fs (loop2): Free/Dirty block details
[ 1163.964449][ T3393] EXT4-fs (loop2): free_blocks=0
[ 1163.969546][ T3393] EXT4-fs (loop2): dirty_blocks=96
[ 1163.974765][ T3393] EXT4-fs (loop2): Block reservation details
[ 1163.986432][T16718] loop5: detected capacity change from 0 to 1024
[ 1164.009781][T16718] EXT4-fs: Ignoring removed nobh option
[ 1164.015388][T16718] EXT4-fs: Ignoring removed bh option
[ 1164.063123][T16718] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1164.117185][ T3369] ==================================================================
[ 1164.125303][ T3369] BUG: KCSAN: data-race in xas_find_marked / xas_init_marks
[ 1164.132636][ T3369] 
[ 1164.134971][ T3369] read-write to 0xffff888116e76fe8 of 8 bytes by task 16681 on cpu 0:
[ 1164.143125][ T3369]  xas_init_marks+0x18a/0x320
[ 1164.147812][ T3369]  __filemap_remove_folio+0x19d/0x2a0
[ 1164.153191][ T3369]  __remove_mapping+0x338/0x460
[ 1164.158054][ T3369]  shrink_folio_list+0x1888/0x2670
[ 1164.163196][ T3369]  evict_folios+0x2888/0x33d0
[ 1164.167879][ T3369]  try_to_shrink_lruvec+0x45a/0x7e0
[ 1164.173090][ T3369]  shrink_lruvec+0x22e/0x1a40
[ 1164.177789][ T3369]  shrink_node+0x686/0x2110
[ 1164.182297][ T3369]  do_try_to_free_pages+0x3f6/0xcd0
[ 1164.187517][ T3369]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[ 1164.193427][ T3369]  try_charge_memcg+0x3ab/0x870
[ 1164.198285][ T3369]  obj_cgroup_charge_pages+0xb7/0x1a0
[ 1164.203665][ T3369]  __memcg_kmem_charge_page+0x9f/0x170
[ 1164.209132][ T3369]  __alloc_frozen_pages_noprof+0x188/0x360
[ 1164.214945][ T3369]  alloc_pages_mpol+0xb3/0x250
[ 1164.219713][ T3369]  alloc_pages_noprof+0x90/0x130
[ 1164.224655][ T3369]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[ 1164.230469][ T3369]  __kvmalloc_node_noprof+0x2f3/0x4d0
[ 1164.235842][ T3369]  ip_set_alloc+0x1f/0x30
[ 1164.240199][ T3369]  hash_netiface_create+0x282/0x740
[ 1164.245409][ T3369]  ip_set_create+0x3c9/0x960
[ 1164.250010][ T3369]  nfnetlink_rcv_msg+0x4c3/0x590
[ 1164.254968][ T3369]  netlink_rcv_skb+0x120/0x220
[ 1164.259746][ T3369]  nfnetlink_rcv+0x16b/0x1690
[ 1164.264429][ T3369]  netlink_unicast+0x59e/0x670
[ 1164.269236][ T3369]  netlink_sendmsg+0x58b/0x6b0
[ 1164.274021][ T3369]  __sock_sendmsg+0x142/0x180
[ 1164.278706][ T3369]  ____sys_sendmsg+0x31e/0x4e0
[ 1164.283469][ T3369]  ___sys_sendmsg+0x17b/0x1d0
[ 1164.288175][ T3369]  __x64_sys_sendmsg+0xd4/0x160
[ 1164.293029][ T3369]  x64_sys_call+0x2999/0x2fb0
[ 1164.297713][ T3369]  do_syscall_64+0xd0/0x1a0
[ 1164.302223][ T3369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1164.308123][ T3369] 
[ 1164.310445][ T3369] read to 0xffff888116e76fe8 of 8 bytes by task 3369 on cpu 1:
[ 1164.317987][ T3369]  xas_find_marked+0x218/0x620
[ 1164.322777][ T3369]  find_get_entry+0x5d/0x380
[ 1164.327378][ T3369]  filemap_get_folios_tag+0x13b/0x210
[ 1164.332761][ T3369]  mpage_prepare_extent_to_map+0x330/0xb80
[ 1164.338597][ T3369]  ext4_do_writepages+0x6eb/0x2270
[ 1164.343719][ T3369]  ext4_writepages+0x176/0x300
[ 1164.348496][ T3369]  do_writepages+0x1d2/0x480
[ 1164.353098][ T3369]  __writeback_single_inode+0x80/0x7c0
[ 1164.358572][ T3369]  writeback_sb_inodes+0x480/0xa20
[ 1164.363698][ T3369]  wb_writeback+0x252/0x5c0
[ 1164.368217][ T3369]  wb_workfn+0x194/0x910
[ 1164.372468][ T3369]  process_scheduled_works+0x4cb/0x9d0
[ 1164.377937][ T3369]  worker_thread+0x582/0x770
[ 1164.382625][ T3369]  kthread+0x486/0x510
[ 1164.386724][ T3369]  ret_from_fork+0x4b/0x60
[ 1164.391139][ T3369]  ret_from_fork_asm+0x1a/0x30
[ 1164.395909][ T3369] 
[ 1164.398228][ T3369] value changed: 0x3ffe000000000000 -> 0x03fe000000000000
[ 1164.405357][ T3369] 
[ 1164.407679][ T3369] Reported by Kernel Concurrency Sanitizer on:
[ 1164.413831][ T3369] CPU: 1 UID: 0 PID: 3369 Comm: kworker/u8:35 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(voluntary) 
[ 1164.426509][ T3369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1164.436569][ T3369] Workqueue: writeback wb_workfn (flush-7:2)
[ 1164.442572][ T3369] ==================================================================
[ 1164.659408][T15287] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1164.707665][T11931] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.