last executing test programs:

9.597227859s ago: executing program 4 (id=1158):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100000006000000080000000000800000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r2, &(0x7f0000000500)={0xa, 0x1000, 0x0, @mcast1, 0x9}, 0x1c)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000440), 0x1000a)
sendfile(r2, r3, &(0x7f0000000000), 0x1001)
r4 = socket(0x10, 0x803, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401)
ioctl$USBDEVFS_REAPURBNDELAY(r5, 0x4008550d, 0x0)
r6 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r6, 0x107, 0x8, &(0x7f0000000500), 0x4)
recvmsg$kcm(r6, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETGEN(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)={0x14, 0x10, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
getpeername$inet(r4, &(0x7f0000000100)={0x2, 0x0, @broadcast}, &(0x7f0000000140)=0x10)
r9 = socket$inet(0x2, 0x2, 0x0)
r10 = memfd_secret(0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYRES64=r10], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r11, r10, 0x2f, 0x4608, @void}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={r11, r10, 0x2f, 0x4608, @val=@iter={0x0, 0x2}}, 0x40)
ioctl$SG_SET_TIMEOUT(r10, 0x2201, &(0x7f0000000180)=0x80000001)
setsockopt$inet_mreqsrc(r9, 0x0, 0x25, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r12=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r12, @ANYBLOB="140001000040000003000000000000000000000014000200fe8000000000000004000000002300aa140006"], 0x54}}, 0x0)

5.252800583s ago: executing program 2 (id=1186):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")

4.957657244s ago: executing program 2 (id=1189):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
syz_open_pts(r0, 0x0)

4.563820196s ago: executing program 2 (id=1193):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
r1 = socket$kcm(0x29, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00')
r3 = dup(r1)
sendmsg$kcm(r3, &(0x7f0000002f80)={0x0, 0x0, 0x0}, 0x44004)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'macvtap0\x00', <r5=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r5, 0x1, 0x1, 0x6, @remote}, 0x14)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x421, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}}]}, 0x50}}, 0x0)
preadv(r2, &(0x7f0000000700)=[{&(0x7f0000000280)=""/124, 0x7c}], 0x1, 0x17d, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0xd, 0x13, r9, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0xb, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r10 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r10, 0x2007ffc)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
sendfile(r10, r10, 0x0, 0x800000009)

3.485182362s ago: executing program 2 (id=1203):
r0 = socket$inet6(0xa, 0x80002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b00000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r1, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socketpair(0x1c, 0x2, 0xf43e, &(0x7f0000000400))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x8}}, './file0\x00'})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x2803fc89f0e2de04, 0x36, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @alu={0x7, 0x1, 0x5, 0x6, 0x4, 0x100}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffff8}}, @alu={0x4, 0x1, 0xa, 0x7, 0x4, 0xfffffffffffffff0}, @map_fd={0x18, 0xa, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='GPL\x00', 0x9, 0x7c, &(0x7f0000000440)=""/124, 0x41000, 0x28, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000200)={0x6, 0x4}, 0x8, 0x10, &(0x7f00000004c0)={0x2, 0xf, 0x3, 0x9}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000500)=[{0x4, 0x3, 0x5, 0x3}, {0x5, 0x5, 0x9, 0xb}, {0x3, 0x4, 0x5, 0x7}, {0x4, 0x4, 0x2, 0xc}, {0x1, 0x1, 0x4, 0x3}, {0x5, 0x5, 0xa, 0xa}, {0x0, 0x2, 0x8, 0x2}, {0x5, 0x4, 0x4, 0xc}], 0x10, 0x8, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x19, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x80040, &(0x7f0000000000))
signalfd(0xffffffffffffffff, &(0x7f0000000640)={[0x20000000]}, 0x8)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r6, 0x0)
connect$unix(r5, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r6, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x4400, &(0x7f0000000940)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@sysvgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x363}}, {@orlov}, {@debug}, {@noblock_validity}, {@errors_continue}]}, 0xd, 0x600, &(0x7f0000001500)="$eJzs3c9vVNUeAPDvnWlLf/BeC3l57+FCGo2BRGlpAUOMC9ga0uCPuHFjpQWRAg2t0aIJJcGFJsaNMSauXIj/hRLZstKVCzeuDAlRw9KEMTO9t7Qzd/qL6Uzlfj7JdM49Z27PuQzf3nPPnHMngMIarv4oReyLiNkkYjBZXC7rirRweOl19//88Ez1kUSl8urvSSRpXvb6JH0eSHfujYgff0hib7mx3rmFqxcmZ2amr6Tbo/MXZ0fnFq4eOn9x8tz0uelL48+PHz929NjxscP1u368keO6lpN36sY77w1+MvHGN1/9lYx9+8tEEifipfSFK4+jVYZjuPZvkjQWDRxvdWUdUk7/n6x8i5OuDjaITcnev+6I+F8MRjkevnmD8dHLHW0csK0qSUQFKKhE/ENBZf2A7Nq+/jq41JFeCdAO904uDQA0xn/X0thg9NbGBvrvJ7FyWCeJiIaRuS3YHRF3bk/cOHt74kZs0zgckG/xekT8Py/+k1r8D0VvDNXiv7Qq/qv9gtPpczX/lS3WXz9ULP6hfZbiv3fN+I8m8f/mivh/a4v1Dz9Mvt23Kv77tnpIAAAAAAAAUFi3TkbEc3mf/5eW5/9EzvyfgYg40YL6h+u2Gz//L91t2GlXCyoGavP/Xsyd/1vKZv8OldPUv2rzAbqTs+dnpg9HxL8j4mB076puj61Rx6FP937ZrGw4nf+XPar130nnAqbtuNuVxfuDpaepyfnJVhw7FN296xFP5M7/TZbP/0nO+b/692B2g3Xsfebm6WZl68c/sF0qX0ccyD3/P7xrRbL2/TlGa/2B0axX0OjJDz77rln99fFfjo3Fv1tMwKOrnv/7147/oWTl/XrmNl/HkYWuSrOyTfX/U9X+f0/yWu2WMz1p3vuT8/NXxiJ6klPlau6q/PHNtxkeR1k8ZPFSjf+DT689/pfX/++LiMW63538sXpNcea/DwZ+bdYe/X/onGr8T23q/L/5xPjNoe+b1b+x8//R2rn+YJpj/A+WfJGFac/q/Jxw7Morand7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBxUIqI3ZGURpbTpdLISMRARPwn+kszl+fmnz17+d1LU9Wy2vf/l7Jv+h1c2k6y7/8fWrE9Xrd9JCL2RMTn5b7a9siZyzNTnT54AAAAAAAAAAAAAAAAAAAA2CEGmqz/r/qt3OnWAduuq9MNADomJ/5/6kQ7gPZz/ofiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAA8Vvbsv/VzEhGLL/TVHlU9aVl3R1sGbLdSpxsAdIxb/EBxmfoDxeUaH4psYz2A3rzMZPnHFs2eeYSdAQAAAAAAAAAAAKBwDuyz/h+Kyvp/KK6trv/f1eJ2AO2Xrf7bv87rnupvQ2OAtnKND8Q6K/lz1/+vuxcAAAAAAAAAAAAA0EpzC1cvTM7MTF9pSSK7c0DLfmE7E6/vjGa0M1GpVK79Y9+vnZfIpsLvlPbUJbK1fhvbqzN/jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEZ/BwAA//9QPSE5")
r7 = fcntl$dupfd(r6, 0x0, r5)
accept4$packet(r7, 0x0, 0x0, 0x80800)
sendto$inet6(r0, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
write$sndseq(r8, &(0x7f0000000080)=[{0xe, 0xfd, 0x0, 0xfd, @time={0x5, 0x1}, {0x3}, {0xe}, @connect}], 0x1c)
sendto$inet6(r0, 0x0, 0x5b, 0x0, 0x0, 0xfffffffffffffc42)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r11)

2.691813386s ago: executing program 4 (id=1211):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000031c0000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000200)='./file0\x00', 0x0)
close(r2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

2.446552138s ago: executing program 3 (id=1214):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")

2.266588199s ago: executing program 3 (id=1215):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
syz_open_pts(r0, 0x0)

2.112884869s ago: executing program 3 (id=1217):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@lazytime}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nombcache}, {@quota}, {@quota}]}, 0xff, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x40000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00'}, 0x10)
epoll_create1(0x80000)
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, &(0x7f0000000080))
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r5}, 0x10)
r6 = getpgid(0x0)
r7 = gettid()
rt_tgsigqueueinfo(r6, r7, 0x0, &(0x7f0000000080))
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0xe4, 0x48})
truncate(&(0x7f00000000c0)='./file1\x00', 0x8)

2.097601029s ago: executing program 1 (id=1218):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000740)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000184b4da6d81b10186271b0690c2afbd482862ff5b58ffecae66bf6bbe01a33965dc86c895c12ca02ca4c5585a1519e3c36020b64c6f0e31cae91fe3bf38985430759492058e68874000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xa)
setresgid(0x0, 0x0, r7)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f00000007c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000840)="0b5c0708dbc39545c2dc7638cd14ebeb7932decc4cfabdb5639d3601f12f62748af32e8187e43804a52a0c001232b923e971bf8c7a734767207015d4737a6d01800ed4d074e72049440a3e54f1ffc76dc8b78d2b09764c3b97e3d5f02d66670157ea0482be921b029d03c8f28a92a53a9142d6a1db9001f1a4d492462258e67dc287412c33c3a5d0e09d5b", 0x8b}, {&(0x7f0000000900)="511e3b753d5534ea752d4af86f26046f86e6d970e26cd51c974475187eba253ba955e97ad7e2d91b511b1e4e4d65e3351a2f7c1710aab9586ec9d40da5b43cc0e731b3c1aadb2b9ab03adc8d5ef55c82865147d20d956c9b477f805e0c5b1b1d5778f4c58440abae49d512a2176e38d087d58432ed43e5776326db9545f153c989804132784d04f0c19f8124e1c0828bb43a1f80675f970e58f89242d4307ad565471698619b6917e9fceda214689c15db8215de8c66489d36b01a94cd5f5071b7c99a82dc38a76d1ba0137bc57ff1c9a9fc6dd9be773cf17595d3e865e0519db2", 0xe1}, {&(0x7f0000000a00)="befcf71d6c261f2a921e69b291e610119318db172abd669451afd969d53eba7f9c84b8ac8db3d1fab7b30bc1a55266631b4e71d06f3288a0120acf95adca9a9beeb744c0acf486acafe56229a3720005ed6f088b3a3958fbcfcdefab18f32445beb445b5a7a988cebe6c58f59cc33a818a8d6d97f553741bf0aa5e69a14f91", 0x7f}], 0x3, &(0x7f0000001140)=[@rights={{0x18, 0x1, 0x1, [r5, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [r3, r4, r4, r5, r5, r2]}}, @cred={{0x1c, 0x1, 0x2, {r0}}}, @rights={{0x20, 0x1, 0x1, [r1, r1, r5, r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r7}}}, @rights={{0x14, 0x1, 0x1, [r2]}}], 0xb8, 0x8000}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000fcff0018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', 0xffffffffffffffff, 0x0, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_read_part_table(0x5c0, &(0x7f0000000000)="$eJzs27+KJFUUB+BfVXdXdYNLa2KoDZsYuYHxsKOyOywYLIKZoKmJiGAgKFONookamRj4AptMIBgZD6IvIMIwBoJmIgZq4Fyp/jc1YySNqPB9QXHuufeccxuqwwr/b2U+SkbXkuO6rrbx/I9k+dLTSbtYrSebfH/ghQd37t5b3K+aXa5KfuqSetOnfzTJY7vGWWyiL8b58MHR+x99/FaTLt35cZJPky4p7fZqq9p80vzl0r9V2+b8u564tq52j16XhzNdRbeyectGq3TaPmre23v+ycHp8nYflPXQWXM5Pcnh1dN1jm+uo0l+vsikXuy2Nm/T7fX1rmqTUspk0Gb7L5gMpj315XfHWTbrndGgtnc2S147e/7JatADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/nrKxWhzmkWlSJeN+9dkzVbc+NF5nnm3G6/Xvw6L9nByczt959/U6bx688s2rb39/9OP0lySj3Dp6qLTt7tzLaQdV46S+SPLobN/5Zdv2jReH6UWW+ermt4/Xo5Qyv8xPqv75edLluctaAAAAAAAAAAAAAAAAAAAA2NOdu/cW9+vZ9uv6epsvmSbVtQ/cy6+llMOU5kp2luTr81RJfkiphltNMr+RpP2gyWajS0q5Mf3nfhF/x58BAAD//++eW/s=")
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}]}, 0x3, 0x453, &(0x7f0000000cc0)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06Z2O9L87/IKcBdLot8tAPqjPN1n17/l1sPpR99deql+AZTFfbXY6nuGiilQ/dpo2zrVPx4Rh5f/+SrbYp3uQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GeTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjUcoNubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22l95eJo499c2eToVuHv8qurDOtPJ1xJP1/l+OlvhLyerrk1P/i9r8vqnyqLjRz7+cf7NT/XcUfxdk/b+5+fhvLTKWNK7XLq69jvO/f9rxmuZ2j/+R5O28X0aKxz6YXVo6NR0xkhzK802Pz1x/bpkvy2fxT+xtP/53FM/J6nkoIrKD+OGIeCQiHi3a/lhEPB4Re1eJ/8eXO+/bCP0/1/bz79rx39L/a09Ujv/wXaf6b63/D+SpieKR/PPvJm61gXfy3gEAAMB/RZp/Bz5JJ6+l03Rysv4d/p2xOa0tLC49fWTh/ZNz9e/Kj8VwWt7pGm24HzqdLBevWM/PFPeKy/37i/vGX1T+n+cnqwu1uT7HDoNuS4fxn/mj0u/WAeuu3TrazEgfGgL0XOv4T5uz597oZWOAnvJ7bRhcNxn/aa/aAfSe8z8Mrnbj/1xL3loA3J2c/2FwGf8wuIx/GFzGPwykO/ldf1NiqNsvKLGxE5FuiGZIrFOizx9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXfJvAAAA//9Kfetm")

1.9474689s ago: executing program 4 (id=1219):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$tipc(0x1e, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000002b80)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002b00)={0xffffffffffffff81, 0x2a, 0x9, 0x0, 0x0, {0xa}, [@nested={0x48, 0x1, 0x0, 0x1, [@typed={0x41, 0x2c, 0x0, 0x0, @binary="104d8685810bd51f6588212ad0f1ca4f967ffb634f1dd948134adc7cd72a0fac3466f74e5962c3c869e3b97e210973fe619bc4942f4d016c8ffd3fbdd2"}]}]}, 0x5c}}, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f00000000c0)={0x1d, r3}, 0x18)
connect$can_j1939(r2, &(0x7f0000000140)={0x1d, r3}, 0x18)
sendmsg$can_j1939(r2, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000026c0)={&(0x7f0000002680)="cdf5083070ea05552d", 0x9}}, 0x0)
r4 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080)=<r5=>0x0, &(0x7f0000000000))
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000073000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000280)=""/55, 0x37}, {&(0x7f00000002c0)=""/88, 0x58}, {0x0}, {&(0x7f0000000380)=""/43, 0x2b}], 0x0, 0x5}, 0x20)
recvmmsg(r2, &(0x7f000000a840)=[{{&(0x7f0000002740)=@l2tp6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f0000003cc0)=[{&(0x7f00000027c0)=""/132, 0x84}, {&(0x7f0000002880)=""/211, 0xd3}, {&(0x7f0000002980)=""/70, 0x46}, {&(0x7f0000002a00)=""/252, 0xfc}, {&(0x7f000000a400)=""/177, 0xb1}, {&(0x7f0000002640)=""/44, 0x2c}, {&(0x7f0000002bc0)=""/231, 0xe7}, {&(0x7f0000002cc0)=""/4096, 0x1000}], 0x8, &(0x7f0000003d40)=""/127, 0x7f}, 0xec}, {{&(0x7f0000003dc0)=@alg, 0x80, &(0x7f0000004040)=[{&(0x7f0000003e40)=""/163, 0xa3}, {&(0x7f0000003f00)=""/236, 0xec}, {&(0x7f0000004000)=""/50, 0x32}], 0x3, &(0x7f0000004080)=""/65, 0x41}, 0x2}, {{0x0, 0x0, &(0x7f0000004280)=[{&(0x7f0000004100)=""/58, 0x3a}, {&(0x7f0000004140)=""/203, 0xcb}, {&(0x7f0000004240)=""/30, 0x1e}], 0x3, &(0x7f00000042c0)=""/4096, 0x1000}, 0x28bd}, {{0x0, 0x0, &(0x7f0000005540)=[{&(0x7f00000052c0)=""/195, 0xc3}, {&(0x7f00000053c0)=""/165, 0xa5}, {&(0x7f0000005480)=""/52, 0x34}, {&(0x7f00000054c0)=""/69, 0x45}], 0x4, &(0x7f0000005580)=""/76, 0x4c}, 0xffff7fff}, {{&(0x7f0000005600)=@isdn, 0x80, &(0x7f0000006c80)=[{&(0x7f0000005680)=""/4096, 0x1000}, {&(0x7f0000006680)=""/221, 0xdd}, {&(0x7f0000006780)=""/137, 0x89}, {&(0x7f0000006840)=""/206, 0xce}, {&(0x7f0000006940)=""/125, 0x7d}, {&(0x7f00000069c0)=""/35, 0x23}, {&(0x7f0000006a00)=""/162, 0xa2}, {&(0x7f0000006ac0)=""/118, 0x76}, {&(0x7f0000006b40)=""/62, 0x3e}, {&(0x7f0000006bc0)=""/145, 0x91}], 0xa, &(0x7f0000006d40)=""/122, 0x7a}, 0x566}, {{&(0x7f0000006dc0)=@xdp, 0x80, &(0x7f0000007f00)=[{&(0x7f0000006e40)=""/48, 0x30}, {&(0x7f0000006e80)=""/4096, 0x1000}, {&(0x7f0000007e80)=""/97, 0x61}], 0x3}, 0x4b4}, {{&(0x7f0000007f40)=@nfc, 0x80, &(0x7f0000008fc0)=[{&(0x7f0000007fc0)=""/4096, 0x1000}], 0x1, &(0x7f0000009000)=""/102, 0x66}, 0x1}, {{&(0x7f0000009080)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private2}}, 0x80, &(0x7f000000a280)=[{&(0x7f0000009100)=""/103, 0x67}, {&(0x7f0000009180)=""/64, 0x40}, {&(0x7f00000091c0)=""/83, 0x53}, {&(0x7f0000009240)=""/7, 0x7}, {&(0x7f0000009280)=""/4096, 0x1000}], 0x5, &(0x7f000000a300)=""/84, 0x54}, 0x100000}, {{&(0x7f000000a380)=@rc={0x1f, @fixed}, 0x80, &(0x7f000000a780), 0x0, &(0x7f000000a800)=""/33, 0x21}, 0x7}], 0x9, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vxcan1\x00'})
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f00000000c0)={0x1d, r8}, 0x18)
connect$can_j1939(r7, &(0x7f0000000140)={0x1d, r8, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18)
sendmsg$can_j1939(r7, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000026c0)={&(0x7f0000002680)="cdf5083070ea05552d", 0x9}}, 0x0)
recvmmsg(r7, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)=""/189}, {&(0x7f00000002c0)=""/182}, {&(0x7f0000000380)=""/4096}, {&(0x7f0000001380)=""/198}, {&(0x7f0000001480)=""/169}, {&(0x7f0000001540)=""/4096}], 0x10, &(0x7f0000002540)=""/216}}], 0x2, 0x0, 0x0)
sendmsg$can_j1939(r1, &(0x7f0000000080)={&(0x7f00000000c0)={0x1d, 0x0, 0x0, {0x2, 0x1ee, 0x2}}, 0x18, &(0x7f00000004c0)={&(0x7f00000001c0)='\x00', 0x1}, 0x1, 0x0, 0x0, 0x20020000}, 0x8001)
syz_io_uring_complete(r5)

1.784071601s ago: executing program 0 (id=1220):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x80000, 0x3, 0xfc, "0062ba7d82000000000000000000f7ffffff00"})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r3 = syz_open_pts(r0, 0x0)
r4 = dup(r3)
fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

1.641963432s ago: executing program 1 (id=1221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000719dab000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000a800000000c0a01010000000000000000010000000900020073797a32000000005400038050000080080003400000000244000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000050c0002400000000000000000140001800a0001006c696d6974000000040002800900010073797a30000000001400000010000100"/260], 0x104}}, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300), 0x4)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000002c0)={'syztnl1\x00', &(0x7f0000000640)={'ip_vti0\x00', 0x0, 0x10, 0x40, 0x60, 0x7, {{0x2d, 0x4, 0x3, 0x11, 0xb4, 0x67, 0x0, 0xdb, 0x2f, 0x0, @broadcast, @remote, {[@cipso={0x86, 0xe, 0x0, [{0x5, 0x8, "b589cb3f46df"}]}, @timestamp_addr={0x44, 0x3c, 0x3e, 0x1, 0xb, [{@broadcast, 0xaec}, {@loopback, 0x1ff}, {@private=0xa010101, 0x7fc00}, {@dev={0xac, 0x14, 0x14, 0x10}, 0x2}, {@remote, 0xb9b}, {@local, 0x7d}, {@dev={0xac, 0x14, 0x14, 0x36}, 0x6}]}, @timestamp={0x44, 0x28, 0xeb, 0x0, 0x5, [0x0, 0xc, 0x5, 0x82, 0x8001, 0x3, 0xfe30, 0x3, 0xed]}, @rr={0x7, 0x2b, 0x9d, [@private=0xa010101, @broadcast, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x3c}]}]}}}}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1e0000000a000000070000000600000001000000", @ANYRES32=0x1, @ANYBLOB="03000000000b00"/20, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="0500000004000000020000000a00"/28], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb090018000000004300000000000000000000020400000000"], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r6}, 0x8)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x7a05, 0x1700)
syz_io_uring_setup(0xd2, &(0x7f0000000440)={0x0, 0x61b, 0x0, 0x2, 0x1ce}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000080)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r7, 0xffffffffffffffff, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b000000020000000800000001000000042c0600", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000ff0f00000000000000000000000000000000d44320616ce35bb61ac88fac204a1f75efd8b2823c56aaddb52e4279f520b76d6a1724f3840597d31b548e221fc3c7b998bf2e400a9f715261d0cd901b2f2b8e19190c5344a80700b72f77b1340c445ab7375fa3c8de0d916d5e4d7fc729a991e8ec9fdf8f09b75d54fa9ce6cdfb5f1bec83a8b925803c381fd4a6b36167d6225e737cb19a9e641e0489a685ef5bbe71396d3d67c2dfee0f8aed1c30c67236ecbb197f8ee2b91bdb100000000000000000"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="04000000040000000400000025bf000004100000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
sendfile(r5, r5, 0x0, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
eventfd2(0x800, 0x80000)

1.551122002s ago: executing program 1 (id=1222):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffffb, 0x810, r0, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000700)="0034142324cd317100009d335f34330500000049e0a6b4d63c959f0f06556250", 0x20}], 0x1, 0x7a00, 0x0, 0x3)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x84182, 0x0)
preadv2(r2, &(0x7f0000000400), 0x0, 0x10000, 0x0, 0x1d)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000009, 0x80010, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000080)={&(0x7f00001ce000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/196, 0xc4, 0x1, &(0x7f0000000540)=""/92, 0x5c}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
copy_file_range(0xffffffffffffffff, 0x0, r4, 0x0, 0xfffffffffffffffa, 0x0)

1.482749912s ago: executing program 0 (id=1223):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x80000, 0x3, 0xfc, "0062ba7d82000000000000000000f7ffffff00"})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r3 = syz_open_pts(r0, 0x0)
r4 = dup(r3)
fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

1.474399803s ago: executing program 2 (id=1224):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
sendto$inet(r2, 0x0, 0x0, 0x20048404, &(0x7f0000000080)={0x2, 0x4e03, @empty}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x57}], 0xee01}, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="54010000100001000000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000320000000000000000000000000000000000100100000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x154}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$inet(0x2, 0x80001, 0x84)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x10)

1.470009803s ago: executing program 3 (id=1225):
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000002180)={0x2, 0x80, 0x4f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0x8, 0xffffffffffffffff, 0x2)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
syz_clone(0x40100000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="580000001000370400"/20, @ANYRES32=0x0, @ANYBLOB], 0x58}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socket$inet6_dccp(0xa, 0x6, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x285d, &(0x7f0000000480)={0x0, 0xb418, 0x0, 0x2, 0x5}, &(0x7f00000000c0), &(0x7f0000000080))
r1 = memfd_create(&(0x7f0000000200)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05', 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x32, &(0x7f00000008c0)={0x3b, 0x34c, 0x4}, 0x0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r1, 0x0)

1.304444564s ago: executing program 0 (id=1226):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
sendto$inet(r2, 0x0, 0x0, 0x20048404, &(0x7f0000000080)={0x2, 0x4e03, @empty}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x57}], 0xee01}, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="54010000100001000000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000320000000000000000000000000000000000100100000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x154}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$inet(0x2, 0x80001, 0x84)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x10)

1.129281045s ago: executing program 1 (id=1227):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
syz_open_pts(r0, 0x0)

1.015749435s ago: executing program 4 (id=1228):
socket$inet6(0xa, 0x800000000000002, 0x0)
unshare(0x20000400)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000002180)={0x2, 0x80, 0x4f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0x200000000, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000002090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r2}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300))
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x2000000)

956.866175ms ago: executing program 1 (id=1229):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{}, {@max_batch_time={'max_batch_time', 0x3d, 0x8000}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800, 0x0, 0xbc, 0x0, &(0x7f00000000c0))
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

803.827606ms ago: executing program 3 (id=1230):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x13, r0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/1, 0x214000, 0x800, 0x0, 0x1}, 0x20)

790.469086ms ago: executing program 4 (id=1231):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000740)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000184b4da6d81b10186271b0690c2afbd482862ff5b58ffecae66bf6bbe01a33965dc86c895c12ca02ca4c5585a1519e3c36020b64c6f0e31cae91fe3bf38985430759492058e68874000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xa)
setresgid(0x0, 0x0, r7)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f00000007c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000840)="0b5c0708dbc39545c2dc7638cd14ebeb7932decc4cfabdb5639d3601f12f62748af32e8187e43804a52a0c001232b923e971bf8c7a734767207015d4737a6d01800ed4d074e72049440a3e54f1ffc76dc8b78d2b09764c3b97e3d5f02d66670157ea0482be921b029d03c8f28a92a53a9142d6a1db9001f1a4d492462258e67dc287412c33c3a5d0e09d5b", 0x8b}, {&(0x7f0000000900)="511e3b753d5534ea752d4af86f26046f86e6d970e26cd51c974475187eba253ba955e97ad7e2d91b511b1e4e4d65e3351a2f7c1710aab9586ec9d40da5b43cc0e731b3c1aadb2b9ab03adc8d5ef55c82865147d20d956c9b477f805e0c5b1b1d5778f4c58440abae49d512a2176e38d087d58432ed43e5776326db9545f153c989804132784d04f0c19f8124e1c0828bb43a1f80675f970e58f89242d4307ad565471698619b6917e9fceda214689c15db8215de8c66489d36b01a94cd5f5071b7c99a82dc38a76d1ba0137bc57ff1c9a9fc6dd9be773cf17595d3e865e0519db2", 0xe1}, {&(0x7f0000000a00)="befcf71d6c261f2a921e69b291e610119318db172abd669451afd969d53eba7f9c84b8ac8db3d1fab7b30bc1a55266631b4e71d06f3288a0120acf95adca9a9beeb744c0acf486acafe56229a3720005ed6f088b3a3958fbcfcdefab18f32445beb445b5a7a988cebe6c58f59cc33a818a8d6d97f553741bf0aa5e69a14f91", 0x7f}], 0x3, &(0x7f0000001140)=[@rights={{0x18, 0x1, 0x1, [r5, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [r3, r4, r4, r5, r5, r2]}}, @cred={{0x1c, 0x1, 0x2, {r0}}}, @rights={{0x20, 0x1, 0x1, [r1, r1, r5, r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r7}}}, @rights={{0x14, 0x1, 0x1, [r2]}}], 0xb8, 0x8000}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000fcff0018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', 0xffffffffffffffff, 0x0, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_read_part_table(0x5c0, &(0x7f0000000000)="$eJzs27+KJFUUB+BfVXdXdYNLa2KoDZsYuYHxsKOyOywYLIKZoKmJiGAgKFONookamRj4AptMIBgZD6IvIMIwBoJmIgZq4Fyp/jc1YySNqPB9QXHuufeccxuqwwr/b2U+SkbXkuO6rrbx/I9k+dLTSbtYrSebfH/ghQd37t5b3K+aXa5KfuqSetOnfzTJY7vGWWyiL8b58MHR+x99/FaTLt35cZJPky4p7fZqq9p80vzl0r9V2+b8u564tq52j16XhzNdRbeyectGq3TaPmre23v+ycHp8nYflPXQWXM5Pcnh1dN1jm+uo0l+vsikXuy2Nm/T7fX1rmqTUspk0Gb7L5gMpj315XfHWTbrndGgtnc2S147e/7JatADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/nrKxWhzmkWlSJeN+9dkzVbc+NF5nnm3G6/Xvw6L9nByczt959/U6bx688s2rb39/9OP0lySj3Dp6qLTt7tzLaQdV46S+SPLobN/5Zdv2jReH6UWW+ermt4/Xo5Qyv8xPqv75edLluctaAAAAAAAAAAAAAAAAAAAA2NOdu/cW9+vZ9uv6epsvmSbVtQ/cy6+llMOU5kp2luTr81RJfkiphltNMr+RpP2gyWajS0q5Mf3nfhF/x58BAAD//++eW/s=")
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}]}, 0x3, 0x453, &(0x7f0000000cc0)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06Z2O9L87/IKcBdLot8tAPqjPN1n17/l1sPpR99deql+AZTFfbXY6nuGiilQ/dpo2zrVPx4Rh5f/+SrbYp3uQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GeTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjUcoNubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22l95eJo499c2eToVuHv8qurDOtPJ1xJP1/l+OlvhLyerrk1P/i9r8vqnyqLjRz7+cf7NT/XcUfxdk/b+5+fhvLTKWNK7XLq69jvO/f9rxmuZ2j/+R5O28X0aKxz6YXVo6NR0xkhzK802Pz1x/bpkvy2fxT+xtP/53FM/J6nkoIrKD+OGIeCQiHi3a/lhEPB4Re1eJ/8eXO+/bCP0/1/bz79rx39L/a09Ujv/wXaf6b63/D+SpieKR/PPvJm61gXfy3gEAAMB/RZp/Bz5JJ6+l03Rysv4d/p2xOa0tLC49fWTh/ZNz9e/Kj8VwWt7pGm24HzqdLBevWM/PFPeKy/37i/vGX1T+n+cnqwu1uT7HDoNuS4fxn/mj0u/WAeuu3TrazEgfGgL0XOv4T5uz597oZWOAnvJ7bRhcNxn/aa/aAfSe8z8Mrnbj/1xL3loA3J2c/2FwGf8wuIx/GFzGPwykO/ldf1NiqNsvKLGxE5FuiGZIrFOizx9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXfJvAAAA//9Kfetm")

707.907957ms ago: executing program 1 (id=1232):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
sendto$inet(r1, 0x0, 0x0, 0x20048404, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x57}], 0xee01}, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="54010000100001000000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000320000000000000000000000000000000000100100000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x154}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
socket$inet(0x2, 0x80001, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

653.973537ms ago: executing program 2 (id=1233):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@lazytime}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nombcache}, {@quota}, {@quota}]}, 0xff, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x40000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00'}, 0x10)
epoll_create1(0x80000)
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, &(0x7f0000000080))
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r5}, 0x10)
r6 = getpgid(0x0)
r7 = gettid()
rt_tgsigqueueinfo(r6, r7, 0x0, &(0x7f0000000080))
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0xe4, 0x48})
truncate(&(0x7f00000000c0)='./file1\x00', 0x8)

561.599348ms ago: executing program 0 (id=1234):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x80000, 0x3, 0xfc, "0062ba7d82000000000000000000f7ffffff00"})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r3 = syz_open_pts(r0, 0x0)
r4 = dup(r3)
fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

550.274728ms ago: executing program 3 (id=1235):
r0 = socket$inet6(0xa, 0x80002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r1, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socketpair(0x1c, 0x2, 0xf43e, &(0x7f0000000400))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x8}}, './file0\x00'})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x2803fc89f0e2de04, 0x36, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @alu={0x7, 0x1, 0x5, 0x6, 0x4, 0x100}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffff8}}, @alu={0x4, 0x1, 0xa, 0x7, 0x4, 0xfffffffffffffff0}, @map_fd={0x18, 0xa, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='GPL\x00', 0x9, 0x7c, &(0x7f0000000440)=""/124, 0x41000, 0x28, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000200)={0x6, 0x4}, 0x8, 0x10, &(0x7f00000004c0)={0x2, 0xf, 0x3, 0x9}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000500)=[{0x4, 0x3, 0x5, 0x3}, {0x5, 0x5, 0x9, 0xb}, {0x3, 0x4, 0x5, 0x7}, {0x4, 0x4, 0x2, 0xc}, {0x1, 0x1, 0x4, 0x3}, {0x5, 0x5, 0xa, 0xa}, {0x0, 0x2, 0x8, 0x2}, {0x5, 0x4, 0x4, 0xc}], 0x10, 0x8, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x19, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x80040, &(0x7f0000000000))
signalfd(0xffffffffffffffff, &(0x7f0000000640)={[0x20000000]}, 0x8)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r6, 0x0)
connect$unix(r5, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r6, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x4400, &(0x7f0000000940)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@sysvgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x363}}, {@orlov}, {@debug}, {@noblock_validity}, {@errors_continue}]}, 0xd, 0x600, &(0x7f0000001500)="$eJzs3c9vVNUeAPDvnWlLf/BeC3l57+FCGo2BRGlpAUOMC9ga0uCPuHFjpQWRAg2t0aIJJcGFJsaNMSauXIj/hRLZstKVCzeuDAlRw9KEMTO9t7Qzd/qL6Uzlfj7JdM49Z27PuQzf3nPPnHMngMIarv4oReyLiNkkYjBZXC7rirRweOl19//88Ez1kUSl8urvSSRpXvb6JH0eSHfujYgff0hib7mx3rmFqxcmZ2amr6Tbo/MXZ0fnFq4eOn9x8tz0uelL48+PHz929NjxscP1u368keO6lpN36sY77w1+MvHGN1/9lYx9+8tEEifipfSFK4+jVYZjuPZvkjQWDRxvdWUdUk7/n6x8i5OuDjaITcnev+6I+F8MRjkevnmD8dHLHW0csK0qSUQFKKhE/ENBZf2A7Nq+/jq41JFeCdAO904uDQA0xn/X0thg9NbGBvrvJ7FyWCeJiIaRuS3YHRF3bk/cOHt74kZs0zgckG/xekT8Py/+k1r8D0VvDNXiv7Qq/qv9gtPpczX/lS3WXz9ULP6hfZbiv3fN+I8m8f/mivh/a4v1Dz9Mvt23Kv77tnpIAAAAAAAAUFi3TkbEc3mf/5eW5/9EzvyfgYg40YL6h+u2Gz//L91t2GlXCyoGavP/Xsyd/1vKZv8OldPUv2rzAbqTs+dnpg9HxL8j4mB076puj61Rx6FP937ZrGw4nf+XPar130nnAqbtuNuVxfuDpaepyfnJVhw7FN296xFP5M7/TZbP/0nO+b/692B2g3Xsfebm6WZl68c/sF0qX0ccyD3/P7xrRbL2/TlGa/2B0axX0OjJDz77rln99fFfjo3Fv1tMwKOrnv/7147/oWTl/XrmNl/HkYWuSrOyTfX/U9X+f0/yWu2WMz1p3vuT8/NXxiJ6klPlau6q/PHNtxkeR1k8ZPFSjf+DT689/pfX/++LiMW63538sXpNcea/DwZ+bdYe/X/onGr8T23q/L/5xPjNoe+b1b+x8//R2rn+YJpj/A+WfJGFac/q/Jxw7Morand7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBxUIqI3ZGURpbTpdLISMRARPwn+kszl+fmnz17+d1LU9Wy2vf/l7Jv+h1c2k6y7/8fWrE9Xrd9JCL2RMTn5b7a9siZyzNTnT54AAAAAAAAAAAAAAAAAAAA2CEGmqz/r/qt3OnWAduuq9MNADomJ/5/6kQ7gPZz/ofiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAA8Vvbsv/VzEhGLL/TVHlU9aVl3R1sGbLdSpxsAdIxb/EBxmfoDxeUaH4psYz2A3rzMZPnHFs2eeYSdAQAAAAAAAAAAAKBwDuyz/h+Kyvp/KK6trv/f1eJ2AO2Xrf7bv87rnupvQ2OAtnKND8Q6K/lz1/+vuxcAAAAAAAAAAAAA0EpzC1cvTM7MTF9pSSK7c0DLfmE7E6/vjGa0M1GpVK79Y9+vnZfIpsLvlPbUJbK1fhvbqzN/jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEZ/BwAA//9QPSE5")
r7 = fcntl$dupfd(r6, 0x0, r5)
accept4$packet(r7, 0x0, 0x0, 0x80800)
sendto$inet6(r0, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
write$sndseq(r8, &(0x7f0000000080)=[{0xe, 0xfd, 0x0, 0xfd, @time={0x5, 0x1}, {0x3}, {0xe}, @connect}], 0x1c)
sendto$inet6(r0, 0x0, 0x5b, 0x0, 0x0, 0xfffffffffffffc42)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r11)

364.992089ms ago: executing program 0 (id=1236):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x13}]}}}, {0x1c, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x9c}}, 0x0) (fail_nth: 1)

137.96276ms ago: executing program 4 (id=1237):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffffb, 0x810, r0, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000700)="0034142324cd317100009d335f34330500000049e0a6b4d63c959f0f06556250", 0x20}], 0x1, 0x7a00, 0x0, 0x3)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x84182, 0x0)
preadv2(r2, &(0x7f0000000400), 0x0, 0x10000, 0x0, 0x1d)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000009, 0x80010, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000080)={&(0x7f00001ce000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/196, 0xc4, 0x1, &(0x7f0000000540)=""/92, 0x5c}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
copy_file_range(0xffffffffffffffff, 0x0, r4, 0x0, 0xfffffffffffffffa, 0x0)

0s ago: executing program 0 (id=1238):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
syz_mount_image$msdos(&(0x7f00000022c0), &(0x7f0000000100)='.\x00', 0x1a4242c, &(0x7f0000006500)=ANY=[@ANYRESDEC, @ANYRES64, @ANYRES8, @ANYBLOB="56c9411a4feb04b50d09080f3ed1b8fa8d08c2f77c7ee4df7c3608f374ea926d86d048cf759c9b8b6da9237cd933851912b19c2d5484291853fa3035517e6f8894ae060ecfdefdb196d7bd06de09e6a051348a5dc105f6492ae2c1c58d0f1d1e9d25343611f063f49e468f94473351f4058b3f6ce3a782e5f9c80f5b4bd170703cb783a5fd9125025216cd6bcaa574e733d06b2526473728e31e8eb89463b7d6024c930691df161cc621bbd75b1d462b16ba090584995ccc1f148c547e1a3b7fc030b401e194de4b9c7ef72859f4ad2441690cd87e7f227e45a446f1c3fb78aa1a48ced424459843887d8f8f5b0b7ce7aed5e552d6bd14ad4039c97fa495c9d249130fce8d9b4bc45ef3e62a4152cc3fcb9129124168ff28c9d3c45f722547487fd4c1f33bf4c0c1a0754cd950323b371a8bd49903f0ddb0b0312eb147ad4747903c7e83121dd40c33af0625d8036ad8a0860b7bc2f94f6f8cadce612ffc929e88bc3cbfab91396259f2e3370bb7ede9a4c953210beaa88f05198250db31531be43816aedcd88534c9325f581372bad51b76a4fd7e190e7b03e6f11c993a9902c0008daa6441b07557e43c03274fb0cb044ac9cda81fcf11886465422675d120917bacd82103b5b30541c309e8728fde7bde2c3b827269b17d2805892cf2d5d6ce3134d906851f5f9e10c731f87138f4e554f50317439d222188c06bb2c77a7fcfce2a7c0c699f1c7e703a9491a9c7288868507bf445a99c9c0b3c1eee6fca7e061d3a1be9da029e5b8493b0dc96362590827ee153de6a3fdb0feb2991b79a99fa5d8b6f006a99e7f547abe8e2598ab882dc397b2789887b5893b7a8200ecac0a2e1a05b67c6ae5c7995bd0d32e7f71fa74ab3b93e9071b59961e658219d2574b9ed99c8bea775163828965b83614a66cc80656b3305f0d92ef968b1d783fa4f84218573dc7ccaa453c0ecd02580dbeb364b5d4faf5a8adb5818aac912456d4df13881dbbe0b146e5817f8ad767869d6abd0e88f80a3e9af7b149c0eda58e3cc96ff842acca774bbc74a94cf2ea1d909a639575a213ead027d2dc85b95b0473b41785b87e32e606343dc601c89f8f2913ad9d4af166836bf300ac4b9afcc2987593c693210d291461b933496139b940be713f5b89b0b584742a27557ac5441516e5f56a326eb21f3bc6a9e46350e9f486ee0af612d1417da21bfc74f7eab2bd4cb92aac716724ee76f3fbdf8faec4e9552ccf4e1c467ee78303df43032792f77f3683defaefe52112be53b368b5dd43f008e869cb99c57254867dadd09cba9dba34a04788808122489351f40b4425b9ad5909d476c2cec575222221bccb71e63a7730b09e1e9bde4cd3b50b681002e121744598cc6669a1a88db68d4deca934e0ec17fc46805d8b2e1db6db080952efe423afd0343da2378a1b9662d09c8a39a0934e3bb9cd2b305e7b930f0ab457b4b860b4603a7b240e8c8a91e86925a18830ce6b1f5b3cb1b3b00f314ad2c3faba4668677eca479840e6f201c6088e971623d1cedfc3dba6af75709d36ec8e44927a564626ee6c30e427b7dd6500daf8e6f17995dbccbcc31964b5c5358f845d4b33c1b0e9e0cc00feaf2ab5eab68c46a54b28ce7ddbcc6054afdc3eed1c6699fc0f9724a91cd193e2d21160fcdee25f6cf9d8bfd860752834d6df350bd3794832bb7ddc52b0110836ab840dd3f4f7e03fd7c76eb040d1b8965ed0f2f5503c4d7c6ad5b2c4999529f5646b4947153a674e7ffb00d17333b7dd3421e36eb35293060cf742cb3ca59de07ac4a8c44337be4b320c7aeda7f0e7f77398e898cade5b4dae66683931526ae0b1e9183423519936c8407e7040ebc209900c05695fefb31c354f47631999c7a97509d02ee050f0b42a4eab0449319344b5803f04b0262f2189c94760f3bebbce8242065681e10208b9f01eb459d4627511edb996049ff41c848eb487324018b61a00f15032522cc2ef0a64d1e719d062a7d27427147fdd05267a84582e9140e47ec721b9a2508ba0d1f5015707def0cfb98c05c44db8e6d64b04dec2a9b1e2da50c3443ce6963684fbe61a4dc9e4ff7f3aa7639d82c9d1456c97158b06cfc94b9a3e24062ce323bca2eeb4bda48eb63ca3c81eb1fcf28e67475864dc6b38b60c63b1dfc40b7de04d4aad3ecb5bbdc7d673ccc8a41878f16ba43be0f1b066c66d2995ba95644cc485c4ef16f647dd30b7b476e470442632baab0de94ad6ba8d6a8746894345f924a4085d3b9de37714f5c73bd4d8384340e4e7da2edf41eb791d505bf31fa14a6fcfb4c804f13e1eef1a3a1541010ae995ba697e60493f8dd2eeffa3d622bbb62834daefae0fb3e403d8c55b4bd4242d1c633b46793f297f5ac754b9a88cb5bb95f0d6e54a5833c540c6651bfe0e37f6f2f607282bffb348b3188786e1169f469fd85fe0d09b8f7ccb478025f8c3c133d17a56acc00b09cae3aea9f0822a29d97f1c7e3b14f14767147917d92b306cb6ef3353c787c19f3871985e14b4ed945c5f883ff730c541937d8cdb98bda33d43b0abcb170ffeec63f4736a81a0cd9c08a8d93302fc31d378fd153e2c9b0ad1a1b93f6b87a3b09b61c295130dbe09baab74b2b5bbdf5c8e9e97c18c7ab54ca5e90f219b4b28684371678fca7000281fe68e72f152b7c6d029e2ecb638e4cdfdfc880e362d014653a90fa0f35249746294106e0ae7eeb124f18762eb050d26127ec26d742242b7a97b9d88d2957a3c3514d136b1d65ab270ccb4105793be68a2d4dd1fca1e564e06ff93c3086b628fef39ffacf615ec85c425bdc506312ce5b693531457046802db9832d55881763b25ee06c074cb8ea724ea3d8b712e17a699f6de9596f2833382985b93304982cd90e867c138651e9fa080082b1463e902967b32aa8d0ec9ea87346dde402fd5944963d8ac81e554c9e3ebe32f1ace1f33876d4e1570489df2f19cb497435222c7fe055e6c2e2035584f51ae765d21bfbafc4902bc1b1a884a95349afb736c3eb0ba963649deca1674160b57eb5c93241891115232bed254683d96870c8260de590ac2724ced4d2359138450c427d7c28daaa55ebb6be422c57bb25c1ea97448531f3712dabaafc0363ebe7164b4b76da27f7609b900d0b59cade9ea146c5aa35fa302a481e7cf1f846ce609cdd8597c6d6984f4691b566f1c03a704bd78dc63e89bdec83e03f5141bf6ef70f830a455aa5832513206edfab8167fb1924529aacd522ff7a58ae15ac6f8d35eb0af3e47cac483ee7ee95454d1d853a88fb2058a88493653828b6d9a4957427bfdf448f396c81aee2f5951e06e94c78a9d1face8490d0689cc408549e56a0605dc607e928f7edd38b223b5f1d490b0fa0c9b120f44075bc142b34befc9de12c17694211f7c047b31f150dec8f2d80a8eb26d0d50c01149fa8545ab0427d13abbc5292d7baffab3f1edc4910dbecae62963c1d5e18d391f5804674b40b1540383e8896eb0fe3c1e68be15d31803a7964e4bd4b4df8d990df8fb1bb8a795b690c6904d5118914c2b10dabef915732d6c970d2021cdef0179e2ff410a17941d9b09ffb285f276676e4c3c6056bcbd979478439daad08abf3969031851a06b74da900925f3824da23f4fb1c3e12f51b69c96672c01be36f4c430d494c5da28f79618aec0deeb311bac5aba86f36075e19a27d47f7a741974deeb52ead7f90558d2530bbb3753723feb9c10cec3c8dc7db5994615f34c2377e69e61174245925498dc0e707414a5cf3a065e417d26670e3bf1119669c558efdd17c3e6a598acdecb39a9708c30e83d6f6f6addd3adf5c495c20f275be569b55910100e09f94d10795c86857180edc64bdb732eff85d5e5fefef754c82f7b84725837782c573e1f0f81aadf08dd709eeb30a7cd7020d53c4dad58f12baa1353ce780e27d25229078e20bee4e2bf788450355ed373cf835679a9b3740ae911bd8a38f6ec208cfb7c18f92cfb0b5d5000c8f279e3ddee5e455eeefc53c953254056c12780e3658c47c05a7eb0a87f27cbf92d5c3af3e1ddc00c43918b24c7871fd3da6ebf9b1f575552825878d514dc4bc600e230e5801f850a6498255604b5a2279126f2199ac1afdc6648746dbe00b7665587c56c242de60d188e03fafc6dec22bc91bbebc68da97a29e55a89f09d73ce0c6115c7143d746958494668c54deeb72baff017b9080bca62327db9db6446ee0b43c5ffde89fe0a85f7a894c59849978e8ebf0ec963f8b7659328644423e6c663b906312f3f48adb1eea83fc8eeca89707642c198021fe812d6766cdb94d745ac3c9f25811d0f20e1e294c67ff887dc64ac9a14252386da62331224f9253016385ed9f4343491ba54dde1da88f65df9b40e228b63a4ef1bff3c5d6c6a9f5061217020965692e8decd8aa08e877091aef87e564297ff68ca0c06178d9b2ee55c103ab57c58a6fbdd962003496fd405b4c92943e14104ea15038a8ba793a6e4e1e95508216b415e4633925a32a4b2c4e83aea4d9f852bb40eabe96cff2c180a36dd33952c51a817d15ea96fdea3756c5f10f7491edc6d0fc7650380a9eb05298ad7ea73b8e436cda5108825b9dd534ae55f12960b822322da18f66bcd4a94c25ff5d00be575c79fe9c90bfcedbd34010e8a4a5eaeee0dfa7247327ad927f65e29f44e59e0c75c97e1e73a225bd680edf765ba469872a1966bb7776425a43634634f839c2ffa1b1285d1b6fb31a08d97885db08b31324334136523d6bf5b27d19e91717e53609ff28c64e057f78fbe6dc86f594272cf5e11199da27d50070bd0d70ddbf215c5ee79128d7000f09f58a92e530c5b4267c4bfe50a912b60a9609cf82ebcf7323f9653c9116753eedce40da6197a387dada311b8b4f43ac95a60abf23465ee3f7d55280790270e24763bfbd4958cdea483b6faaa29c77e84aaef3b7d3151dcc92e6167645f8a59855f8d3cbab1d9f40e8a840323ed84f5e3ba84b9a06d248eba3978304b582ce1682b26b77ee1a1cbc2732f41c9df2395fd7b20f20d6f901172ec526742cb9d9b401716ad89d9f46612f8d3270a1454f3fdc01d7ef94b2baa151270bc1c53501c29bdfdcdc2f20e925583f2c28818fa1b4f658743fb3153f1aa607ae0f6020d539fae15b15204e443165570780552eb5d339c67041a050e8ed39fde8f02fc2278ed489ed8357397f027494cb8db45afa50a15cf6ee17d2d008f86f98f04c2ec6bb456f76a510641485ad72eb243056ec3be8e2d452f163a109f009681df336582b249fc1fa4708aa8762ee61f341da7a4a9436b880c1f5af9274b7f8480ca3d10de68b094049675331dce08867afeeb31ed3c346f161fb9fb6f5fd8da46b637c79a968f7cf49abab413d5fd76dc24c51c1d70256d84b276de1d6a9af090734ef23962d77012f4a8aefddfec29cc464c377645409175644dad4a49b67837924a1ec1510af2de0bd1373c48454ac512cf1d56be704db3a2fdf4082d23ec9b8415d7c8736685ce459002dfa86aed38287ce67b960c4fa5a06ed51a72ed526f4f754723b48a5e69c44b96f175263a367a50482d138cf227b91fc7ea325bd29a8240d14587ad57bc91f86e32d2bb1ce438a9abc6dc38860bc284a4a8ead9ab17335d66537cebf5b48868acdfed21a01f81a0b589be1ad31d7062a06e5497f8acb41ea843f1fc99eb086aad60fc0b648f21f59dba4f05a8c2b18db772b421d1a7d252ca0ed139ea78905827990261818f4ae101220b4281a15a78ea31690e05070322e992597c0a0311812", @ANYRESHEX=r1, @ANYRESHEX=r1, @ANYRES64, @ANYRES32, @ANYRES64, @ANYRES8=0x0], 0x5, 0x0, &(0x7f0000000000))
r2 = open(&(0x7f0000000080)='./bus\x00', 0x10b942, 0x0)
sendfile(r2, r0, 0x0, 0x80000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
timerfd_create(0x0, 0x0)

kernel console output (not intermixed with test programs):

58916.450:6397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5482 comm="syz.4.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa37522d0b7 code=0x7ffc0000
[  144.868855][ T5492] netlink: 28 bytes leftover after parsing attributes in process `syz.4.657'.
[  145.272317][ T5505] loop0: detected capacity change from 0 to 4096
[  146.640392][ T5535] netlink: 'syz.4.674': attribute type 8 has an invalid length.
[  147.348837][ T5572] loop2: detected capacity change from 0 to 512
[  147.431039][ T5572] ext4 filesystem being mounted at /128/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  147.449732][ T5575] loop4: detected capacity change from 0 to 512
[  147.571605][ T5581] netlink: 28 bytes leftover after parsing attributes in process `syz.2.691'.
[  147.591172][ T5575] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  149.328023][ T5609] loop4: detected capacity change from 0 to 512
[  149.369535][ T5609] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  149.390953][ T5609] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  149.430542][ T5609] EXT4-fs (loop4): 1 truncate cleaned up
[  149.462830][ T5621] loop2: detected capacity change from 0 to 4096
[  149.505500][ T5619] netlink: 'syz.1.702': attribute type 8 has an invalid length.
[  149.587309][ T5624] loop0: detected capacity change from 0 to 512
[  149.596894][ T5624] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  149.625173][ T5624] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  149.667384][ T5624] EXT4-fs (loop0): 1 truncate cleaned up
[  149.736951][   T29] kauditd_printk_skb: 282 callbacks suppressed
[  149.737118][   T29] audit: type=1326 audit(1732158921.460:6680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.784643][   T29] audit: type=1326 audit(1732158921.510:6681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.808390][   T29] audit: type=1326 audit(1732158921.510:6682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.832073][   T29] audit: type=1326 audit(1732158921.510:6683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.855791][   T29] audit: type=1326 audit(1732158921.510:6684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.879415][   T29] audit: type=1326 audit(1732158921.510:6685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.903063][   T29] audit: type=1326 audit(1732158921.510:6686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.927676][   T29] audit: type=1326 audit(1732158921.510:6687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.951425][   T29] audit: type=1326 audit(1732158921.510:6688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  149.954647][ T5631] loop3: detected capacity change from 0 to 4096
[  149.975261][   T29] audit: type=1326 audit(1732158921.510:6689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5623 comm="syz.0.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  150.076473][ T5637] loop4: detected capacity change from 0 to 2048
[  150.113135][ T5637]  loop4: p3 < > p4 < >
[  150.117422][ T5637] loop4: partition table partially beyond EOD, truncated
[  150.138089][ T5637] loop4: p3 start 4284289 is beyond EOD, truncated
[  150.361257][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  151.728443][ T5674] sctp: [Deprecated]: syz.0.720 (pid 5674) Use of int in max_burst socket option.
[  151.728443][ T5674] Use struct sctp_assoc_value instead
[  152.811549][ T5681] netlink: 'syz.4.722': attribute type 8 has an invalid length.
[  152.898239][ T5691] loop1: detected capacity change from 0 to 512
[  152.983603][ T5691] EXT4-fs mount: 32 callbacks suppressed
[  152.983644][ T5691] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.022684][ T5691] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  153.131579][ T5698] loop3: detected capacity change from 0 to 512
[  153.138838][ T5701] netlink: 28 bytes leftover after parsing attributes in process `syz.1.725'.
[  153.155582][ T5698] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  153.176085][ T5698] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  153.199838][ T5698] EXT4-fs (loop3): 1 truncate cleaned up
[  153.206514][ T5698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.261021][ T5700] loop4: detected capacity change from 0 to 2048
[  153.356756][ T5700]  loop4: p3 < > p4 < >
[  153.361145][ T5700] loop4: partition table partially beyond EOD, truncated
[  153.362298][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.368650][ T5700] loop4: p3 start 4284289 is beyond EOD, truncated
[  153.399473][ T3017]  loop4: p3 < > p4 < >
[  153.403750][ T3017] loop4: partition table partially beyond EOD, truncated
[  153.413059][ T3017] loop4: p3 start 4284289 is beyond EOD, truncated
[  153.483452][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  153.499334][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.531110][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  153.607314][ T5713] loop4: detected capacity change from 0 to 1024
[  153.626687][ T5713] EXT4-fs: Ignoring removed orlov option
[  153.648338][ T5713] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  153.777272][ T5716] loop3: detected capacity change from 0 to 4096
[  153.875520][ T5713] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.919445][ T5716] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.974036][ T5713] EXT4-fs error (device loop4): ext4_check_all_de:656: inode #12: block 7: comm syz.4.735: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  154.002056][ T5713] EXT4-fs (loop4): Remounting filesystem read-only
[  155.156804][   T29] kauditd_printk_skb: 210 callbacks suppressed
[  155.156844][   T29] audit: type=1326 audit(1732158926.880:6900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.186782][   T29] audit: type=1326 audit(1732158926.880:6901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.201701][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.210317][   T29] audit: type=1326 audit(1732158926.880:6902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.242983][   T29] audit: type=1326 audit(1732158926.880:6903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.267066][   T29] audit: type=1326 audit(1732158926.880:6904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.290672][   T29] audit: type=1326 audit(1732158926.880:6905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.314189][   T29] audit: type=1326 audit(1732158926.880:6906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.337709][   T29] audit: type=1326 audit(1732158926.880:6907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.361357][   T29] audit: type=1326 audit(1732158926.880:6908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.384872][   T29] audit: type=1326 audit(1732158926.880:6909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5732 comm="syz.2.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  155.439395][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.526232][ T5743] netlink: 'syz.4.739': attribute type 8 has an invalid length.
[  155.593168][ T5747] loop2: detected capacity change from 0 to 512
[  155.680219][ T5753] loop1: detected capacity change from 0 to 512
[  155.701764][ T5753] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  155.729261][ T5747] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.766899][ T5747] ext4 filesystem being mounted at /141/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  155.769241][ T5753] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  155.885337][ T5753] EXT4-fs (loop1): 1 truncate cleaned up
[  155.892229][ T5753] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.894927][ T5760] loop0: detected capacity change from 0 to 512
[  155.914968][ T5760] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  155.925397][ T5761] netlink: 28 bytes leftover after parsing attributes in process `syz.2.744'.
[  156.245476][ T5760] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  156.903231][ T5760] EXT4-fs (loop0): 1 truncate cleaned up
[  156.915172][ T5760] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.258982][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.432530][ T5767] loop4: detected capacity change from 0 to 4096
[  157.465085][ T5767] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.563899][ T5772] syz.2.749[5772] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.564097][ T5772] syz.2.749[5772] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.564749][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.576133][ T5772] syz.2.749[5772] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.599308][ T5770] loop3: detected capacity change from 0 to 512
[  157.633491][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.668734][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.703490][ T5778] sctp: [Deprecated]: syz.0.752 (pid 5778) Use of int in max_burst socket option.
[  157.703490][ T5778] Use struct sctp_assoc_value instead
[  157.716017][ T5776] loop1: detected capacity change from 0 to 512
[  157.740424][ T5779] netlink: 'syz.2.749': attribute type 8 has an invalid length.
[  157.742977][ T5770] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.770999][ T5770] ext4 filesystem being mounted at /126/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  157.797460][ T5776] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.818311][ T5776] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  157.932354][ T5789] netlink: 28 bytes leftover after parsing attributes in process `syz.3.751'.
[  157.942149][ T5790] netlink: 28 bytes leftover after parsing attributes in process `syz.1.753'.
[  157.961864][ T5792] sctp: [Deprecated]: syz.0.756 (pid 5792) Use of int in max_burst socket option.
[  157.961864][ T5792] Use struct sctp_assoc_value instead
[  158.045207][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.073135][ T5794] loop4: detected capacity change from 0 to 4096
[  158.133549][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.143245][ T5794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.836229][ T5816] netlink: 'syz.0.760': attribute type 8 has an invalid length.
[  161.873669][ T5830] loop1: detected capacity change from 0 to 512
[  161.882638][   T29] kauditd_printk_skb: 273 callbacks suppressed
[  161.882677][   T29] audit: type=1326 audit(1732158933.610:7183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  161.924427][   T29] audit: type=1326 audit(1732158933.610:7184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  161.931581][ T5830] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  161.947940][   T29] audit: type=1326 audit(1732158933.610:7185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  161.975960][ T5832] sctp: [Deprecated]: syz.0.765 (pid 5832) Use of int in max_burst socket option.
[  161.975960][ T5832] Use struct sctp_assoc_value instead
[  161.981338][   T29] audit: type=1326 audit(1732158933.610:7186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  162.019418][   T29] audit: type=1326 audit(1732158933.610:7187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  162.042920][   T29] audit: type=1326 audit(1732158933.610:7188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  162.066449][   T29] audit: type=1326 audit(1732158933.610:7189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  162.089988][   T29] audit: type=1326 audit(1732158933.620:7190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  162.113531][   T29] audit: type=1326 audit(1732158933.620:7191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  162.137310][   T29] audit: type=1326 audit(1732158933.620:7192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  162.161506][ T5830] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  162.182323][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.199227][ T5830] EXT4-fs (loop1): 1 truncate cleaned up
[  162.209050][ T5830] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.317898][ T5846] netlink: 8 bytes leftover after parsing attributes in process `syz.4.768'.
[  162.485474][ T5848] loop2: detected capacity change from 0 to 512
[  162.538416][ T5848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.578091][ T5848] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.588053][ T5855] sctp: [Deprecated]: syz.3.772 (pid 5855) Use of int in max_burst socket option.
[  162.588053][ T5855] Use struct sctp_assoc_value instead
[  162.696351][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.750715][ T5864] loop0: detected capacity change from 0 to 4096
[  162.787331][ T5864] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.825285][ T5871] netlink: 28 bytes leftover after parsing attributes in process `syz.2.770'.
[  162.981792][ T5874] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  163.019605][ T5877] loop3: detected capacity change from 0 to 512
[  163.056092][ T5877] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.076688][ T5877] ext4 filesystem being mounted at /131/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  163.108415][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.189921][ T5881] loop4: detected capacity change from 0 to 2048
[  163.234004][ T5881]  loop4: p3 < > p4 < >
[  163.238328][ T5881] loop4: partition table partially beyond EOD, truncated
[  163.261234][ T5881] loop4: p3 start 4284289 is beyond EOD, truncated
[  163.276024][ T3017]  loop4: p3 < > p4 < >
[  163.280362][ T3017] loop4: partition table partially beyond EOD, truncated
[  163.301714][ T3017] loop4: p3 start 4284289 is beyond EOD, truncated
[  163.327760][ T5888] netlink: 28 bytes leftover after parsing attributes in process `syz.3.779'.
[  163.379909][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  163.424995][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  163.461154][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.672786][ T5896] loop1: detected capacity change from 0 to 4096
[  163.819738][ T5896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.960719][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.122113][ T5915] loop2: detected capacity change from 0 to 4096
[  165.152232][ T5915] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.284164][ T5914] loop0: detected capacity change from 0 to 512
[  165.421441][ T5914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.445143][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.454506][ T5914] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  165.666140][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.731200][ T5914] netlink: 28 bytes leftover after parsing attributes in process `syz.0.788'.
[  165.764696][ T5931] loop2: detected capacity change from 0 to 2048
[  165.823391][ T5931]  loop2: p3 < > p4 < >
[  165.827732][ T5931] loop2: partition table partially beyond EOD, truncated
[  165.845868][ T5931] loop2: p3 start 4284289 is beyond EOD, truncated
[  165.882153][ T3017]  loop2: p3 < > p4 < >
[  165.886480][ T3017] loop2: partition table partially beyond EOD, truncated
[  165.910369][ T3017] loop2: p3 start 4284289 is beyond EOD, truncated
[  165.925720][ T5940] loop1: detected capacity change from 0 to 2048
[  166.056840][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  166.154962][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  166.182474][ T5940]  loop1: p3 < > p4 < >
[  166.186750][ T5940] loop1: partition table partially beyond EOD, truncated
[  166.194154][ T5940] loop1: p3 start 4284289 is beyond EOD, truncated
[  167.167820][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  167.310602][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.337725][ T5957] loop1: detected capacity change from 0 to 512
[  167.348147][ T5957] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  167.390891][ T5957] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  167.585067][ T5957] EXT4-fs (loop1): 1 truncate cleaned up
[  167.607133][   T29] kauditd_printk_skb: 464 callbacks suppressed
[  167.607179][   T29] audit: type=1326 audit(1732158939.330:7657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  167.639777][ T5957] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.661254][ T5966] loop3: detected capacity change from 0 to 512
[  167.669470][   T29] audit: type=1326 audit(1732158939.390:7658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  167.693165][   T29] audit: type=1326 audit(1732158939.390:7659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f91d371e853 code=0x7ffc0000
[  167.716567][   T29] audit: type=1326 audit(1732158939.390:7660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f91d371d2ff code=0x7ffc0000
[  167.740090][   T29] audit: type=1326 audit(1732158939.390:7661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f91d371e8a7 code=0x7ffc0000
[  167.763635][   T29] audit: type=1326 audit(1732158939.390:7662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f91d371d1b0 code=0x7ffc0000
[  167.787307][   T29] audit: type=1326 audit(1732158939.390:7663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f91d371e41b code=0x7ffc0000
[  167.810773][   T29] audit: type=1326 audit(1732158939.400:7664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f91d371d4aa code=0x7ffc0000
[  167.834102][   T29] audit: type=1326 audit(1732158939.400:7665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f91d371d4aa code=0x7ffc0000
[  167.857473][   T29] audit: type=1326 audit(1732158939.400:7666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5962 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f91d371d0b7 code=0x7ffc0000
[  167.950757][ T5966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.965852][ T5966] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  168.001590][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.095222][ T5974] loop2: detected capacity change from 0 to 4096
[  168.142566][ T5974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.152856][ T5977] loop1: detected capacity change from 0 to 4096
[  168.186424][ T5977] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.313949][ T5983] loop0: detected capacity change from 0 to 1024
[  168.327132][ T5983] EXT4-fs: Ignoring removed orlov option
[  168.349671][ T5983] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  168.372616][ T5983] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.414602][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.427423][ T5983] EXT4-fs error (device loop0): ext4_check_all_de:656: inode #12: block 7: comm syz.0.812: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  168.448382][ T5988] netlink: 28 bytes leftover after parsing attributes in process `syz.3.806'.
[  168.468196][ T5983] EXT4-fs (loop0): Remounting filesystem read-only
[  168.490534][ T5989] netlink: 'syz.4.813': attribute type 8 has an invalid length.
[  168.521462][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.594213][ T5992] loop0: detected capacity change from 0 to 1024
[  168.611831][ T5992] EXT4-fs: Ignoring removed orlov option
[  168.626860][ T5992] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  168.651513][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.695511][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.710329][ T5992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.810642][ T5992] EXT4-fs error (device loop0): ext4_check_all_de:656: inode #12: block 7: comm syz.0.815: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  168.841690][ T5992] EXT4-fs (loop0): Remounting filesystem read-only
[  168.886284][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.918959][ T6005] loop3: detected capacity change from 0 to 4096
[  168.933267][ T6005] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.964362][ T6002] loop1: detected capacity change from 0 to 2048
[  168.993858][ T6012] sctp: [Deprecated]: syz.0.821 (pid 6012) Use of int in max_burst socket option.
[  168.993858][ T6012] Use struct sctp_assoc_value instead
[  169.084926][ T6002]  loop1: p3 < > p4 < >
[  169.089442][ T6002] loop1: partition table partially beyond EOD, truncated
[  169.105329][ T6002] loop1: p3 start 4284289 is beyond EOD, truncated
[  169.240647][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  169.285077][ T6021] sctp: [Deprecated]: syz.0.823 (pid 6021) Use of int in max_burst socket option.
[  169.285077][ T6021] Use struct sctp_assoc_value instead
[  169.558433][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.769353][ T6035] loop1: detected capacity change from 0 to 512
[  169.837983][ T6035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.905764][ T6035] ext4 filesystem being mounted at /173/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.054798][ T6049] netlink: 28 bytes leftover after parsing attributes in process `syz.1.828'.
[  170.102139][ T6050] loop2: detected capacity change from 0 to 1024
[  170.131491][ T6052] sctp: [Deprecated]: syz.3.833 (pid 6052) Use of int in max_burst socket option.
[  170.131491][ T6052] Use struct sctp_assoc_value instead
[  170.147172][ T6050] EXT4-fs: Invalid want_extra_isize 867
[  170.264820][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.414931][ T6059] loop1: detected capacity change from 0 to 512
[  170.435795][ T6059] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  170.629402][ T6059] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  170.698070][ T6059] EXT4-fs (loop1): 1 truncate cleaned up
[  170.717255][ T6059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.736918][ T6064] loop0: detected capacity change from 0 to 1024
[  170.769061][ T6064] EXT4-fs: Invalid want_extra_isize 867
[  171.714730][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.744865][ T6072] netlink: 28 bytes leftover after parsing attributes in process `syz.4.840'.
[  172.602103][ T6089] loop1: detected capacity change from 0 to 512
[  172.622814][ T6089] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  172.649092][ T6089] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  172.665419][ T6088] loop4: detected capacity change from 0 to 2048
[  172.684478][ T6089] EXT4-fs (loop1): 1 truncate cleaned up
[  172.710210][ T6089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.812330][ T6088]  loop4: p3 < > p4 < >
[  172.816690][ T6088] loop4: partition table partially beyond EOD, truncated
[  173.139818][ T6088] loop4: p3 start 4284289 is beyond EOD, truncated
[  173.594881][   T29] kauditd_printk_skb: 264 callbacks suppressed
[  173.594947][   T29] audit: type=1326 audit(1732158945.320:7931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6086 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  173.718402][   T29] audit: type=1326 audit(1732158945.450:7932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6086 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  173.743631][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  173.774046][   T29] audit: type=1326 audit(1732158945.450:7933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6086 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  173.797848][   T29] audit: type=1326 audit(1732158945.450:7934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6086 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  173.886741][   T29] audit: type=1326 audit(1732158945.570:7935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6086 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  173.910401][   T29] audit: type=1326 audit(1732158945.570:7936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6086 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  173.933970][   T29] audit: type=1326 audit(1732158945.570:7937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6086 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  174.005047][ T6097] loop3: detected capacity change from 0 to 4096
[  174.036586][ T6100] loop2: detected capacity change from 0 to 512
[  174.047975][ T6100] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  174.060462][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.062924][ T6100] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  174.087932][ T6100] EXT4-fs (loop2): 1 truncate cleaned up
[  174.094430][ T6100] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.139938][ T6097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.188352][   T29] audit: type=1326 audit(1732158945.920:7938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6099 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  174.213751][   T29] audit: type=1326 audit(1732158945.940:7939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6099 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  174.237550][   T29] audit: type=1326 audit(1732158945.940:7940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6099 comm="syz.2.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  174.578545][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.686760][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.712743][ T6116] loop0: detected capacity change from 0 to 1024
[  174.725052][ T6119] loop2: detected capacity change from 0 to 512
[  174.745456][ T6119] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  174.756216][ T6116] EXT4-fs: Ignoring removed orlov option
[  174.780063][ T6116] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  174.814544][ T6119] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  174.838172][ T6119] EXT4-fs (loop2): 1 truncate cleaned up
[  174.844757][ T6119] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.923966][ T6116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.976149][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.984100][ T6128] loop3: detected capacity change from 0 to 1024
[  174.993697][ T6128] EXT4-fs: Ignoring removed orlov option
[  175.002534][ T6128] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  175.012912][ T6116] EXT4-fs error (device loop0): ext4_check_all_de:656: inode #12: block 7: comm syz.0.856: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  175.035688][ T6116] EXT4-fs (loop0): Remounting filesystem read-only
[  175.143415][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.240010][ T6137] loop2: detected capacity change from 0 to 512
[  175.265500][ T6128] EXT4-fs error (device loop3): ext4_check_all_de:656: inode #12: block 7: comm syz.3.860: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  175.288993][ T6128] EXT4-fs (loop3): Remounting filesystem read-only
[  175.357940][ T6137] ext4 filesystem being mounted at /165/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  175.391464][ T6145] loop4: detected capacity change from 0 to 1024
[  175.412592][ T6145] EXT4-fs: Invalid want_extra_isize 867
[  175.415356][ T6142] loop0: detected capacity change from 0 to 4096
[  175.448948][ T6140] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  175.502816][ T6148] netlink: 28 bytes leftover after parsing attributes in process `syz.2.863'.
[  176.992052][ T6158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.866'.
[  177.001064][ T6158] netlink: 28 bytes leftover after parsing attributes in process `syz.0.866'.
[  177.113509][ T6162] netlink: 8 bytes leftover after parsing attributes in process `syz.3.871'.
[  177.217187][ T6170] loop2: detected capacity change from 0 to 1024
[  177.228668][ T6170] EXT4-fs: Ignoring removed orlov option
[  177.240636][ T6170] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  177.319650][ T6170] EXT4-fs error (device loop2): ext4_check_all_de:656: inode #12: block 7: comm syz.2.874: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  177.383256][ T6170] EXT4-fs (loop2): Remounting filesystem read-only
[  177.558774][ T6182] loop2: detected capacity change from 0 to 512
[  177.693023][ T6182] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  177.908625][ T6188] netlink: 28 bytes leftover after parsing attributes in process `syz.2.879'.
[  177.971010][ T6191] netlink: 'syz.0.880': attribute type 8 has an invalid length.
[  177.999463][ T6189] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  178.503423][ T6203] loop1: detected capacity change from 0 to 512
[  178.535607][ T6199] loop3: detected capacity change from 0 to 2048
[  178.543252][ T6203] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  178.570037][ T6203] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  178.592446][ T6199]  loop3: p3 < > p4 < >
[  178.595238][ T6205] loop2: detected capacity change from 0 to 512
[  178.596708][ T6199] loop3: partition table partially beyond EOD, truncated
[  178.615135][   T29] kauditd_printk_skb: 188 callbacks suppressed
[  178.615177][   T29] audit: type=1326 audit(1732158950.320:8129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f891fdbe8a7 code=0x7ffc0000
[  178.628040][ T6199] loop3: p3 start 4284289 is beyond EOD, 
[  178.644943][   T29] audit: type=1326 audit(1732158950.320:8130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f891fdbd1b0 code=0x7ffc0000
[  178.645086][   T29] audit: type=1326 audit(1732158950.320:8131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f891fdbe41b code=0x7ffc0000
[  178.650901][ T6199] truncated
[  178.674197][   T29] audit: type=1326 audit(1732158950.340:8132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f891fdbd4aa code=0x7ffc0000
[  178.724201][   T29] audit: type=1326 audit(1732158950.340:8133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f891fdbd4aa code=0x7ffc0000
[  178.747554][   T29] audit: type=1326 audit(1732158950.340:8134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f891fdbd0b7 code=0x7ffc0000
[  178.771064][   T29] audit: type=1326 audit(1732158950.340:8135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f891fdbffba code=0x7ffc0000
[  178.797869][ T6203] EXT4-fs (loop1): 1 truncate cleaned up
[  178.817479][ T6205] ext4 filesystem being mounted at /172/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  178.849894][   T29] audit: type=1326 audit(1732158950.560:8136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6202 comm="syz.1.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  178.873612][   T29] audit: type=1326 audit(1732158950.560:8137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6202 comm="syz.1.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  178.897172][   T29] audit: type=1326 audit(1732158950.560:8138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6202 comm="syz.1.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  179.094845][ T6212] loop0: detected capacity change from 0 to 4096
[  179.264050][ T6216] netlink: 28 bytes leftover after parsing attributes in process `syz.2.887'.
[  179.331410][ T6222] loop1: detected capacity change from 0 to 1024
[  179.348663][ T6222] EXT4-fs: Ignoring removed orlov option
[  179.383268][ T6222] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  179.433297][ T6226] loop2: detected capacity change from 0 to 512
[  179.459545][ T6226] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  179.510044][ T6226] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  179.512221][ T6222] EXT4-fs error (device loop1): ext4_check_all_de:656: inode #12: block 7: comm syz.1.891: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  179.555728][ T6226] EXT4-fs (loop2): 1 truncate cleaned up
[  179.598087][ T6222] EXT4-fs (loop1): Remounting filesystem read-only
[  179.716416][ T6236] netlink: 8 bytes leftover after parsing attributes in process `syz.3.895'.
[  179.725504][ T6236] netlink: 28 bytes leftover after parsing attributes in process `syz.3.895'.
[  179.912963][ T6244] loop3: detected capacity change from 0 to 512
[  179.941347][ T6244] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.018275][ T6240] loop1: detected capacity change from 0 to 4096
[  180.038052][ T6247] netlink: 28 bytes leftover after parsing attributes in process `syz.3.899'.
[  183.130070][ T6264] loop3: detected capacity change from 0 to 512
[  183.163633][ T6266] netlink: 52 bytes leftover after parsing attributes in process `syz.0.901'.
[  183.321585][ T6264] EXT4-fs mount: 24 callbacks suppressed
[  183.321627][ T6264] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.340263][ T6264] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  183.354072][ T6265] loop2: detected capacity change from 0 to 2048
[  183.401159][ T6265]  loop2: p3 < > p4 < >
[  183.405547][ T6265] loop2: partition table partially beyond EOD, truncated
[  183.413030][ T6265] loop2: p3 start 4284289 is beyond EOD, truncated
[  183.494622][ T6278] loop0: detected capacity change from 0 to 1024
[  183.516844][ T6278] EXT4-fs: Invalid want_extra_isize 867
[  183.569710][ T6283] netlink: 28 bytes leftover after parsing attributes in process `syz.3.903'.
[  183.621176][ T6285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.909'.
[  183.632290][   T29] kauditd_printk_skb: 264 callbacks suppressed
[  183.632330][   T29] audit: type=1326 audit(1732158955.360:8403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.700520][ T6288] sctp: [Deprecated]: syz.4.910 (pid 6288) Use of int in max_burst socket option.
[  183.700520][ T6288] Use struct sctp_assoc_value instead
[  183.728344][   T29] audit: type=1326 audit(1732158955.400:8404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.751957][   T29] audit: type=1326 audit(1732158955.400:8405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.775452][   T29] audit: type=1326 audit(1732158955.400:8406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.798896][   T29] audit: type=1326 audit(1732158955.400:8407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.822493][   T29] audit: type=1326 audit(1732158955.400:8408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.846014][   T29] audit: type=1326 audit(1732158955.410:8409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.869517][   T29] audit: type=1326 audit(1732158955.410:8410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.892394][ T6292] loop1: detected capacity change from 0 to 512
[  183.892990][   T29] audit: type=1326 audit(1732158955.410:8411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.911632][ T6292] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  183.922606][   T29] audit: type=1326 audit(1732158955.410:8412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.3.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  183.982172][ T6296] loop2: detected capacity change from 0 to 512
[  183.983399][ T6292] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  184.018557][ T6292] EXT4-fs (loop1): 1 truncate cleaned up
[  184.028356][ T6292] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.079112][ T6296] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.096368][ T6296] ext4 filesystem being mounted at /179/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  184.135293][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.182722][ T6303] netlink: 28 bytes leftover after parsing attributes in process `syz.2.912'.
[  184.298521][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.389736][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.508142][ T6313] loop1: detected capacity change from 0 to 1024
[  184.524397][ T6313] EXT4-fs: Invalid want_extra_isize 867
[  184.801999][ T6323] loop2: detected capacity change from 0 to 1024
[  184.818650][ T6323] EXT4-fs: Ignoring removed orlov option
[  184.848073][ T6323] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  184.902217][ T6323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.970553][ T6323] EXT4-fs error (device loop2): ext4_check_all_de:656: inode #12: block 7: comm syz.2.922: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  185.034799][ T6323] EXT4-fs (loop2): Remounting filesystem read-only
[  185.094944][ T6327] loop4: detected capacity change from 0 to 4096
[  185.127924][ T6327] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.146626][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.322124][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.464048][ T6330] loop2: detected capacity change from 0 to 2048
[  185.475874][ T6335] loop4: detected capacity change from 0 to 512
[  185.524975][ T6335] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.548177][ T6330]  loop2: p3 < > p4 < >
[  185.552491][ T6330] loop2: partition table partially beyond EOD, truncated
[  185.568367][ T6335] ext4 filesystem being mounted at /204/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.596812][ T6330] loop2: p3 start 4284289 is beyond EOD, truncated
[  185.640321][ T6335] netlink: 28 bytes leftover after parsing attributes in process `syz.4.925'.
[  185.670114][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  185.725456][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  185.792699][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.864286][ T6346] loop3: detected capacity change from 0 to 512
[  186.039697][ T6346] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.090527][ T6346] ext4 filesystem being mounted at /171/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.318617][ T6346] netlink: 28 bytes leftover after parsing attributes in process `syz.3.930'.
[  186.607074][ T6360] loop4: detected capacity change from 0 to 512
[  186.630174][ T6360] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  187.552605][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.565319][ T6360] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  187.655016][ T6360] EXT4-fs (loop4): 1 truncate cleaned up
[  187.669287][ T6360] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.952061][ T6370] loop2: detected capacity change from 0 to 1024
[  187.965635][ T6370] EXT4-fs: Ignoring removed orlov option
[  187.975287][ T6370] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  187.986639][ T6371] netlink: 'syz.3.936': attribute type 8 has an invalid length.
[  187.989185][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.053672][ T6370] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.081171][ T6370] EXT4-fs error (device loop2): ext4_check_all_de:656: inode #12: block 7: comm syz.2.937: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  188.120716][ T6370] EXT4-fs (loop2): Remounting filesystem read-only
[  188.259906][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.359826][ T6379] loop4: detected capacity change from 0 to 2048
[  188.433088][ T6379]  loop4: p3 < > p4 < >
[  188.437470][ T6379] loop4: partition table partially beyond EOD, truncated
[  188.445479][ T6379] loop4: p3 start 4284289 is beyond EOD, truncated
[  188.621378][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  188.643260][   T29] kauditd_printk_skb: 372 callbacks suppressed
[  188.643299][   T29] audit: type=1326 audit(1732158960.370:8785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.380260][    C0] vcan0: j1939_tp_rxtimer: 0xffff888118a5a800: rx timeout, send abort
[  189.397880][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888118a5a800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  189.491453][   T29] audit: type=1326 audit(1732158960.380:8786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.515053][   T29] audit: type=1326 audit(1732158960.410:8787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.538575][   T29] audit: type=1326 audit(1732158960.410:8788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.562218][   T29] audit: type=1326 audit(1732158960.410:8789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.585823][   T29] audit: type=1326 audit(1732158960.410:8790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.609616][   T29] audit: type=1326 audit(1732158960.410:8791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.633137][   T29] audit: type=1326 audit(1732158960.410:8792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.657094][   T29] audit: type=1326 audit(1732158960.410:8793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.680543][   T29] audit: type=1326 audit(1732158960.410:8794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6386 comm="syz.1.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  189.856811][ T6397] loop0: detected capacity change from 0 to 2048
[  189.899048][ T6400] loop1: detected capacity change from 0 to 2048
[  189.949454][ T6400]  loop1: p3 < > p4 < >
[  189.953805][ T6400] loop1: partition table partially beyond EOD, truncated
[  189.962785][ T6400] loop1: p3 start 4284289 is beyond EOD, truncated
[  189.987001][ T6397]  loop0: p3 < > p4 < >
[  189.991356][ T6397] loop0: partition table partially beyond EOD, truncated
[  190.014446][ T6406] netlink: 'syz.4.944': attribute type 8 has an invalid length.
[  190.036400][ T6397] loop0: p3 start 4284289 is beyond EOD, truncated
[  190.116348][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  190.197539][ T6409] loop2: detected capacity change from 0 to 1024
[  190.224647][ T6409] EXT4-fs: Invalid want_extra_isize 867
[  190.306937][ T6413] loop0: detected capacity change from 0 to 4096
[  190.332609][ T6413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.367535][ T6415] loop1: detected capacity change from 0 to 4096
[  190.401694][ T6415] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.514990][ T6420] loop2: detected capacity change from 0 to 4096
[  190.526572][ T6420] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.722832][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.867034][ T6427] loop4: detected capacity change from 0 to 4096
[  191.929990][ T6427] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.006503][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.478249][ T6451] loop1: detected capacity change from 0 to 1024
[  193.485578][ T6451] EXT4-fs: Ignoring removed orlov option
[  193.510585][ T6451] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  193.543569][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.544697][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.608713][ T6451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.629091][ T6457] loop3: detected capacity change from 0 to 4096
[  193.640387][ T6451] EXT4-fs error (device loop1): ext4_check_all_de:656: inode #12: block 7: comm syz.1.960: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  193.688057][ T6451] EXT4-fs (loop1): Remounting filesystem read-only
[  193.724228][ T6457] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.821440][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.845089][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.875669][ T6462] loop2: detected capacity change from 0 to 4096
[  193.879021][ T6464] loop0: detected capacity change from 0 to 1024
[  193.890297][ T6464] EXT4-fs: Ignoring removed orlov option
[  193.898971][ T6464] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  193.923891][ T6453] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  193.988919][ T6462] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.020651][ T6464] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.045105][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  194.045146][   T29] audit: type=1326 audit(1732158965.770:8828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  194.097361][ T6467] loop1: detected capacity change from 0 to 512
[  194.126562][ T6464] EXT4-fs error (device loop0): ext4_check_all_de:656: inode #12: block 7: comm syz.0.961: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  194.197004][ T6467] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.212811][   T29] audit: type=1326 audit(1732158965.820:8829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  194.236405][   T29] audit: type=1326 audit(1732158965.820:8830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5133eee853 code=0x7ffc0000
[  194.259912][   T29] audit: type=1326 audit(1732158965.820:8831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5133eed2ff code=0x7ffc0000
[  194.283277][   T29] audit: type=1326 audit(1732158965.820:8832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5133eee8a7 code=0x7ffc0000
[  194.306778][   T29] audit: type=1326 audit(1732158965.820:8833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5133eed1b0 code=0x7ffc0000
[  194.330334][   T29] audit: type=1326 audit(1732158965.820:8834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5133eee41b code=0x7ffc0000
[  194.353819][   T29] audit: type=1326 audit(1732158965.880:8835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5133eed4aa code=0x7ffc0000
[  194.377396][   T29] audit: type=1326 audit(1732158965.880:8836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5133eed4aa code=0x7ffc0000
[  194.400796][   T29] audit: type=1326 audit(1732158965.880:8837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6465 comm="syz.1.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5133eed0b7 code=0x7ffc0000
[  194.424552][ T6467] ext4 filesystem being mounted at /201/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  194.447309][ T6464] EXT4-fs (loop0): Remounting filesystem read-only
[  194.498539][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.508935][ T6480] loop4: detected capacity change from 0 to 1024
[  194.526284][ T6480] EXT4-fs: Ignoring removed orlov option
[  194.535407][ T6480] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  194.551770][ T6481] netlink: 28 bytes leftover after parsing attributes in process `syz.1.966'.
[  194.592964][ T6480] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.629205][ T6480] EXT4-fs error (device loop4): ext4_check_all_de:656: inode #12: block 7: comm syz.4.967: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  194.655369][ T6485] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22
[  194.656914][ T6480] EXT4-fs (loop4): Remounting filesystem read-only
[  194.708193][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.810747][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.881662][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.034225][ T6500] FAULT_INJECTION: forcing a failure.
[  195.034225][ T6500] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.047523][ T6500] CPU: 0 UID: 0 PID: 6500 Comm: syz.3.973 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  195.059496][ T6500] Tainted: [W]=WARN
[  195.063468][ T6500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  195.073652][ T6500] Call Trace:
[  195.077029][ T6500]  <TASK>
[  195.080059][ T6500]  dump_stack_lvl+0xf2/0x150
[  195.085018][ T6500]  dump_stack+0x15/0x20
[  195.089394][ T6500]  should_fail_ex+0x223/0x230
[  195.094294][ T6500]  should_fail+0xb/0x10
[  195.098639][ T6500]  should_fail_usercopy+0x1a/0x20
[  195.103827][ T6500]  _copy_from_user+0x1e/0xb0
[  195.108651][ T6500]  copy_msghdr_from_user+0x54/0x2a0
[  195.114038][ T6500]  ? __fget_files+0x17c/0x1c0
[  195.118900][ T6500]  __sys_sendmsg+0x13e/0x230
[  195.123747][ T6500]  __x64_sys_sendmsg+0x46/0x50
[  195.128712][ T6500]  x64_sys_call+0x2734/0x2dc0
[  195.133662][ T6500]  do_syscall_64+0xc9/0x1c0
[  195.138343][ T6500]  ? clear_bhb_loop+0x55/0xb0
[  195.143212][ T6500]  ? clear_bhb_loop+0x55/0xb0
[  195.148059][ T6500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.154112][ T6500] RIP: 0033:0x7f91d371e819
[  195.158725][ T6500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.178594][ T6500] RSP: 002b:00007f91d1d97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.187170][ T6500] RAX: ffffffffffffffda RBX: 00007f91d38d5fa0 RCX: 00007f91d371e819
[  195.195346][ T6500] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  195.203524][ T6500] RBP: 00007f91d1d97090 R08: 0000000000000000 R09: 0000000000000000
[  195.211623][ T6500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.219729][ T6500] R13: 0000000000000000 R14: 00007f91d38d5fa0 R15: 00007ffe5fcecf78
[  195.227921][ T6500]  </TASK>
[  195.243260][ T6502] loop1: detected capacity change from 0 to 512
[  195.261185][ T6502] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  195.276704][ T6502] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  195.294496][ T6502] EXT4-fs (loop1): 1 truncate cleaned up
[  195.301410][ T6502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.503098][ T6511] netlink: 'syz.4.971': attribute type 8 has an invalid length.
[  195.559623][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.682704][ T6494] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  195.753564][ T6516] loop1: detected capacity change from 0 to 4096
[  195.761901][ T6514] loop0: detected capacity change from 0 to 1024
[  195.769157][ T6514] EXT4-fs: Ignoring removed orlov option
[  195.776466][ T6510] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  195.826531][ T6514] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  195.859934][ T6516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.887345][ T6514] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.914382][ T6524] loop2: detected capacity change from 0 to 256
[  195.967471][ T6524] FAT-fs (loop2): Directory bread(block 64) failed
[  195.998877][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.020725][ T6514] EXT4-fs error (device loop0): ext4_check_all_de:656: inode #12: block 7: comm syz.0.979: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  196.042364][ T6524] FAT-fs (loop2): Directory bread(block 65) failed
[  196.054647][ T6524] FAT-fs (loop2): Directory bread(block 66) failed
[  196.061431][ T6524] FAT-fs (loop2): Directory bread(block 67) failed
[  196.069619][ T6514] EXT4-fs (loop0): Remounting filesystem read-only
[  196.079354][ T6526] loop3: detected capacity change from 0 to 4096
[  196.098047][ T6524] FAT-fs (loop2): Directory bread(block 68) failed
[  196.105199][ T6524] FAT-fs (loop2): Directory bread(block 69) failed
[  196.114497][ T6524] FAT-fs (loop2): Directory bread(block 70) failed
[  196.121417][ T6524] FAT-fs (loop2): Directory bread(block 71) failed
[  196.128272][ T6524] FAT-fs (loop2): Directory bread(block 72) failed
[  196.135104][ T6524] FAT-fs (loop2): Directory bread(block 73) failed
[  196.143065][ T6526] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.198264][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.284963][ T6538] loop1: detected capacity change from 0 to 1024
[  196.353078][ T6538] EXT4-fs: Invalid want_extra_isize 867
[  196.384074][ T6543] loop2: detected capacity change from 0 to 512
[  196.453134][ T6543] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.486036][ T6543] ext4 filesystem being mounted at /195/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  196.534661][ T6551] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  196.568130][ T6551] vlan2: entered promiscuous mode
[  196.639357][ T6543] netlink: 28 bytes leftover after parsing attributes in process `syz.2.986'.
[  196.788416][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.839140][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.940513][ T6563] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  197.019654][ T6565] netlink: 56 bytes leftover after parsing attributes in process `syz.3.990'.
[  197.033981][ T6562] loop2: detected capacity change from 0 to 4096
[  197.073969][ T6562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.254155][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.282740][ T6572] FAULT_INJECTION: forcing a failure.
[  197.282740][ T6572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.296154][ T6572] CPU: 0 UID: 0 PID: 6572 Comm: syz.0.996 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  197.308049][ T6572] Tainted: [W]=WARN
[  197.311945][ T6572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  197.322121][ T6572] Call Trace:
[  197.325493][ T6572]  <TASK>
[  197.328523][ T6572]  dump_stack_lvl+0xf2/0x150
[  197.333295][ T6572]  dump_stack+0x15/0x20
[  197.337709][ T6572]  should_fail_ex+0x223/0x230
[  197.342578][ T6572]  should_fail+0xb/0x10
[  197.346913][ T6572]  should_fail_usercopy+0x1a/0x20
[  197.352111][ T6572]  _copy_from_user+0x1e/0xb0
[  197.356858][ T6572]  __sys_bpf+0x14e/0x7a0
[  197.361307][ T6572]  __x64_sys_bpf+0x43/0x50
[  197.365866][ T6572]  x64_sys_call+0x2914/0x2dc0
[  197.370723][ T6572]  do_syscall_64+0xc9/0x1c0
[  197.375475][ T6572]  ? clear_bhb_loop+0x55/0xb0
[  197.380356][ T6572]  ? clear_bhb_loop+0x55/0xb0
[  197.385182][ T6572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.391281][ T6572] RIP: 0033:0x7f96998ce819
[  197.395868][ T6572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.415629][ T6572] RSP: 002b:00007f9697f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  197.424196][ T6572] RAX: ffffffffffffffda RBX: 00007f9699a85fa0 RCX: 00007f96998ce819
[  197.432288][ T6572] RDX: 0000000000000094 RSI: 0000000020000300 RDI: 0000000000000005
[  197.440480][ T6572] RBP: 00007f9697f47090 R08: 0000000000000000 R09: 0000000000000000
[  197.448578][ T6572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.456703][ T6572] R13: 0000000000000001 R14: 00007f9699a85fa0 R15: 00007ffc1da8ee58
[  197.464914][ T6572]  </TASK>
[  197.762266][ T6575] loop0: detected capacity change from 0 to 512
[  197.912935][ T6575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.960966][ T6579] loop2: detected capacity change from 0 to 1024
[  197.967667][ T6575] ext4 filesystem being mounted at /186/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  198.019668][ T6579] EXT4-fs: Ignoring removed orlov option
[  198.057293][ T6579] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  198.108622][ T6579] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.132254][ T6579] EXT4-fs error (device loop2): ext4_check_all_de:656: inode #12: block 7: comm syz.2.997: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  198.175761][ T6592] Cannot find del_set index 0 as target
[  198.183765][  T291] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x21
[  198.205053][ T6591] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2051 sclass=netlink_route_socket pid=6591 comm=syz.4.1000
[  198.224617][ T6579] EXT4-fs (loop2): Remounting filesystem read-only
[  198.268698][ T6593] netlink: 4972 bytes leftover after parsing attributes in process `syz.4.1000'.
[  198.303537][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.601230][ T3321] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  198.650468][ T6599] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1003'.
[  198.656646][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.666480][ T6597] loop4: detected capacity change from 0 to 4096
[  198.731094][ T6597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.742182][ T6604] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  198.766003][ T6604] vlan2: entered promiscuous mode
[  199.003542][ T6612] loop2: detected capacity change from 0 to 512
[  199.025355][ T6609] loop3: detected capacity change from 0 to 4096
[  199.029761][ T6612] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  199.072158][ T6609] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.085620][ T6612] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  199.102247][   T29] kauditd_printk_skb: 241 callbacks suppressed
[  199.102288][   T29] audit: type=1326 audit(1732158970.800:9079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.132374][   T29] audit: type=1326 audit(1732158970.830:9080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.155905][   T29] audit: type=1326 audit(1732158970.830:9081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.177523][ T6612] EXT4-fs (loop2): 1 truncate cleaned up
[  199.179564][   T29] audit: type=1326 audit(1732158970.890:9082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.179718][   T29] audit: type=1326 audit(1732158970.890:9083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.186349][ T6612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.209249][   T29] audit: type=1326 audit(1732158970.890:9084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.268940][   T29] audit: type=1326 audit(1732158970.890:9085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.292530][   T29] audit: type=1326 audit(1732158970.890:9086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.316067][   T29] audit: type=1326 audit(1732158970.890:9087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.339742][   T29] audit: type=1326 audit(1732158970.970:9088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6610 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f96998ce819 code=0x7ffc0000
[  199.403993][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.506383][ T6619] loop3: detected capacity change from 0 to 512
[  199.547149][ T6619] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  199.578502][ T6619] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  199.705401][ T6619] EXT4-fs (loop3): 1 truncate cleaned up
[  199.715773][ T6619] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.861659][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.924330][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.963472][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.029162][ T6628] loop2: detected capacity change from 0 to 2048
[  200.137595][ T6628]  loop2: p3 < > p4 < >
[  200.141933][ T6628] loop2: partition table partially beyond EOD, truncated
[  200.152094][ T6628] loop2: p3 start 4284289 is beyond EOD, truncated
[  200.304682][ T3017]  loop2: p3 < > p4 < >
[  200.309112][ T3017] loop2: partition table partially beyond EOD, truncated
[  200.334858][ T3017] loop2: p3 start 4284289 is beyond EOD, truncated
[  200.520166][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  200.733643][ T6651] loop0: detected capacity change from 0 to 4096
[  200.774732][ T6651] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.043992][ T6664] loop3: detected capacity change from 0 to 4096
[  201.084836][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.126189][    C0] vcan0: j1939_tp_rxtimer: 0xffff888118a40800: rx timeout, send abort
[  202.137846][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888118a40800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  203.205229][ T6681] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1028'.
[  203.444406][ T6690] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  203.499124][ T6694] loop4: detected capacity change from 0 to 512
[  203.538341][ T6694] ext4 filesystem being mounted at /231/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  203.588024][ T6694] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1032'.
[  203.782821][ T6705] loop1: detected capacity change from 0 to 2048
[  203.831715][ T3395]  loop1: p3 < > p4 < >
[  203.836023][ T3395] loop1: partition table partially beyond EOD, truncated
[  203.843525][ T3395] loop1: p3 start 4284289 is beyond EOD, truncated
[  203.864735][ T6708] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1038'.
[  203.911517][ T6708] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1038'.
[  203.937752][ T6708] loop3: detected capacity change from 0 to 2048
[  203.977309][ T6708] EXT4-fs: inline encryption not supported
[  203.994656][ T6705]  loop1: p3 < > p4 < >
[  203.999030][ T6705] loop1: partition table partially beyond EOD, truncated
[  204.788504][ T6705] loop1: p3 start 4284289 is beyond EOD, truncated
[  204.824969][ T6708] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  204.984120][ T6719] loop0: detected capacity change from 0 to 512
[  204.993101][ T3017]  loop1: p3 < > p4 < >
[  204.997343][ T3017] loop1: partition table partially beyond EOD, truncated
[  205.025679][ T3017] loop1: p3 start 4284289 is beyond EOD, truncated
[  205.084748][ T6720] netlink: 'syz.4.1039': attribute type 8 has an invalid length.
[  205.093479][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  205.162017][   T29] kauditd_printk_skb: 272 callbacks suppressed
[  205.162059][   T29] audit: type=1400 audit(1732158976.870:9361): avc:  denied  { map } for  pid=6722 comm="syz.3.1042" path="socket:[14270]" dev="sockfs" ino=14270 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  205.192039][   T29] audit: type=1400 audit(1732158976.870:9362): avc:  denied  { read } for  pid=6722 comm="syz.3.1042" path="socket:[14270]" dev="sockfs" ino=14270 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  205.216513][ T6719] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #17: comm syz.0.1041: iget: bogus i_mode (0)
[  205.237857][ T6719] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.1041: couldn't read orphan inode 17 (err -117)
[  205.289971][ T6726] loop1: detected capacity change from 0 to 2048
[  205.343618][   T29] audit: type=1326 audit(1732158977.070:9363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6729 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  205.367368][   T29] audit: type=1326 audit(1732158977.070:9364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6729 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  205.390953][   T29] audit: type=1326 audit(1732158977.070:9365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6729 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  205.422479][ T3395]  loop1: p3 < > p4 < >
[  205.426805][ T3395] loop1: partition table partially beyond EOD, truncated
[  205.431919][   T29] audit: type=1326 audit(1732158977.120:9366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6729 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  205.457541][   T29] audit: type=1326 audit(1732158977.120:9367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6729 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  205.465552][ T3395] loop1: p3 start 4284289 is beyond EOD, 
[  205.481141][   T29] audit: type=1326 audit(1732158977.120:9368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6729 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  205.486958][ T3395] truncated
[  205.513676][   T29] audit: type=1326 audit(1732158977.120:9369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6729 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  205.537270][   T29] audit: type=1326 audit(1732158977.120:9370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6729 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f891fdbe819 code=0x7ffc0000
[  205.564888][ T6726]  loop1: p3 < > p4 < >
[  205.569224][ T6726] loop1: partition table partially beyond EOD, truncated
[  205.576895][ T6726] loop1: p3 start 4284289 is beyond EOD, truncated
[  205.763375][ T6743] loop1: detected capacity change from 0 to 4096
[  205.772862][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  206.060616][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  206.164690][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  206.254917][ T6754] loop3: detected capacity change from 0 to 4096
[  206.307569][ T6758] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  206.388744][ T6759] loop4: detected capacity change from 0 to 512
[  206.532105][ T6759] ext4 filesystem being mounted at /234/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  206.564988][ T6759] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1054'.
[  206.580696][ T6766] loop3: detected capacity change from 0 to 512
[  206.598978][ T6766] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  206.645180][ T6766] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  206.677532][ T6766] EXT4-fs (loop3): 1 truncate cleaned up
[  206.942641][ T6777] loop2: detected capacity change from 0 to 1024
[  206.972660][ T6777] EXT4-fs: Ignoring removed orlov option
[  207.034153][ T6777] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  207.093836][ T6780] loop1: detected capacity change from 0 to 512
[  207.103944][ T6777] EXT4-fs error (device loop2): ext4_check_all_de:656: inode #12: block 7: comm syz.2.1061: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  207.212051][ T6777] EXT4-fs (loop2): Remounting filesystem read-only
[  207.261917][ T6780] ext4 filesystem being mounted at /215/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.367149][ T6795] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1064'.
[  207.406702][ T6780] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1060'.
[  207.461162][ T6799] loop2: detected capacity change from 0 to 1024
[  207.480024][ T6799] ext4: Unknown parameter 'subj_type'
[  207.553980][ T6803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23824 sclass=netlink_route_socket pid=6803 comm=syz.0.1068
[  207.554823][ T6801] loop4: detected capacity change from 0 to 512
[  207.591865][ T6801] ext4 filesystem being mounted at /239/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.656019][ T6807] sd 0:0:1:0: device reset
[  207.668668][ T6801] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1069'.
[  207.725866][ T6810] loop1: detected capacity change from 0 to 4096
[  207.780905][ T6803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.796163][ T6803] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.970610][ T6815] syzkaller0: entered promiscuous mode
[  207.976294][ T6815] syzkaller0: entered allmulticast mode
[  208.217243][ T6827] pim6reg1: entered promiscuous mode
[  208.222761][ T6827] pim6reg1: entered allmulticast mode
[  208.746492][ T6840] loop0: detected capacity change from 0 to 1024
[  208.770312][ T6840] EXT4-fs: Ignoring removed orlov option
[  208.783392][ T6840] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  208.826597][ T6840] EXT4-fs error (device loop0): ext4_check_all_de:656: inode #12: block 7: comm syz.0.1082: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  208.851589][ T6846] loop3: detected capacity change from 0 to 2048
[  208.879799][ T6840] EXT4-fs (loop0): Remounting filesystem read-only
[  208.958969][ T6846]  loop3: p3 < > p4 < >
[  208.963242][ T6846] loop3: partition table partially beyond EOD, truncated
[  208.974421][ T6846] loop3: p3 start 4284289 is beyond EOD, truncated
[  209.008089][ T3017]  loop3: p3 < > p4 < >
[  209.012401][ T3017] loop3: partition table partially beyond EOD, truncated
[  209.023131][ T3017] loop3: p3 start 4284289 is beyond EOD, truncated
[  209.057846][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  209.225018][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  209.332243][ T6865] loop2: detected capacity change from 0 to 512
[  209.368343][ T6862] loop0: detected capacity change from 0 to 512
[  209.403690][ T6865] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  209.424912][ T6862] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  209.461412][ T6862] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  209.504115][ T6871] FAULT_INJECTION: forcing a failure.
[  209.504115][ T6871] name failslab, interval 1, probability 0, space 0, times 0
[  209.504201][ T6871] CPU: 0 UID: 0 PID: 6871 Comm: syz.4.1093 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  209.504312][ T6871] Tainted: [W]=WARN
[  209.504336][ T6871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  209.504421][ T6871] Call Trace:
[  209.504441][ T6871]  <TASK>
[  209.504476][ T6871]  dump_stack_lvl+0xf2/0x150
[  209.504576][ T6871]  dump_stack+0x15/0x20
[  209.504665][ T6871]  should_fail_ex+0x223/0x230
[  209.504776][ T6871]  ? kobject_uevent_env+0x1a4/0x550
[  209.504862][ T6871]  should_failslab+0x8f/0xb0
[  209.504971][ T6871]  __kmalloc_cache_noprof+0x4b/0x2a0
[  209.505059][ T6871]  ? __pfx_dev_uevent_name+0x10/0x10
[  209.505208][ T6871]  kobject_uevent_env+0x1a4/0x550
[  209.505294][ T6871]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  209.505410][ T6871]  ? device_pm_check_callbacks+0x632/0x650
[  209.505585][ T6871]  kobject_uevent+0x1c/0x30
[  209.505677][ T6871]  device_del+0x6fa/0x780
[  209.505806][ T6871]  device_destroy+0x67/0xa0
[  209.505910][ T6871]  vcs_remove_sysfs+0x21/0x60
[  209.505992][ T6871]  vc_deallocate+0x100/0x210
[  209.506072][ T6871]  vt_disallocate_all+0x16d/0x200
[  209.506210][ T6871]  vt_ioctl+0x1546/0x1810
[  209.506280][ T6871]  ? tty_jobctrl_ioctl+0x2ab/0x810
[  209.506536][ T6871]  tty_ioctl+0x815/0xbe0
[  209.506642][ T6871]  ? __pfx_tty_ioctl+0x10/0x10
[  209.506726][ T6871]  __se_sys_ioctl+0xc9/0x140
[  209.506811][ T6871]  __x64_sys_ioctl+0x43/0x50
[  209.506933][ T6871]  x64_sys_call+0x1690/0x2dc0
[  209.507040][ T6871]  do_syscall_64+0xc9/0x1c0
[  209.507133][ T6871]  ? clear_bhb_loop+0x55/0xb0
[  209.507218][ T6871]  ? clear_bhb_loop+0x55/0xb0
[  209.507308][ T6871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.507413][ T6871] RIP: 0033:0x7fa37522e819
[  209.507481][ T6871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.507552][ T6871] RSP: 002b:00007fa3738a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  209.507630][ T6871] RAX: ffffffffffffffda RBX: 00007fa3753e5fa0 RCX: 00007fa37522e819
[  209.507681][ T6871] RDX: 0000000000000000 RSI: 0000000000005608 RDI: 0000000000000006
[  209.507730][ T6871] RBP: 00007fa3738a7090 R08: 0000000000000000 R09: 0000000000000000
[  209.507780][ T6871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.507903][ T6871] R13: 0000000000000000 R14: 00007fa3753e5fa0 R15: 00007fffdd32f968
[  209.507971][ T6871]  </TASK>
[  209.508135][ T6862] EXT4-fs (loop0): 1 truncate cleaned up
[  209.518056][ T6865] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  209.519852][ T6865] EXT4-fs (loop2): 1 truncate cleaned up
[  209.828238][ T6880] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1096'.
[  209.833400][ T6880] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1096'.
[  210.042848][ T6883] loop2: detected capacity change from 0 to 2048
[  210.111043][ T6883]  loop2: p3 < > p4 < >
[  210.111072][ T6883] loop2: partition table partially beyond EOD, truncated
[  210.111233][ T6883] loop2: p3 start 4284289 is beyond EOD, truncated
[  210.132359][ T3017]  loop2: p3 < > p4 < >
[  210.132387][ T3017] loop2: partition table partially beyond EOD, truncated
[  210.132570][ T3017] loop2: p3 start 4284289 is beyond EOD, truncated
[  210.169967][   T29] kauditd_printk_skb: 661 callbacks suppressed
[  210.170009][   T29] audit: type=1400 audit(1732158981.890:10032): avc:  denied  { ioctl } for  pid=6859 comm="syz.1.1086" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  210.185351][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  210.360010][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  210.365479][ T6890] loop3: detected capacity change from 0 to 128
[  210.414706][   T29] audit: type=1400 audit(1732158982.140:10033): avc:  denied  { create } for  pid=6894 comm="syz.0.1102" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=socket permissive=1
[  210.454330][   T29] audit: type=1400 audit(1732158982.140:10034): avc:  denied  { module_request } for  pid=6894 comm="syz.0.1102" kmod="net-pf-28" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  210.476271][   T29] audit: type=1400 audit(1732158982.170:10035): avc:  denied  { create } for  pid=6891 comm="syz.2.1101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  210.495967][   T29] audit: type=1400 audit(1732158982.170:10036): avc:  denied  { setopt } for  pid=6891 comm="syz.2.1101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  210.628470][   T29] audit: type=1400 audit(1732158982.340:10037): avc:  denied  { mount } for  pid=6889 comm="syz.3.1100" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  210.650788][   T29] audit: type=1400 audit(1732158982.340:10038): avc:  denied  { remount } for  pid=6889 comm="syz.3.1100" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  210.729967][ T6896] loop0: detected capacity change from 0 to 1024
[  210.745849][ T6896] EXT4-fs: Invalid want_extra_isize 867
[  210.830507][   T29] audit: type=1400 audit(1732158982.500:10039): avc:  denied  { create } for  pid=6894 comm="syz.0.1102" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tcp_socket permissive=1
[  210.850934][   T29] audit: type=1326 audit(1732158982.540:10040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6889 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  210.863500][ T6903] loop2: detected capacity change from 0 to 1024
[  210.874561][   T29] audit: type=1326 audit(1732158982.540:10041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6889 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  210.884481][ T6903] EXT4-fs: Invalid want_extra_isize 867
[  211.289697][ T6921] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1111'.
[  211.352032][ T6924] loop2: detected capacity change from 0 to 512
[  211.472488][ T6927] loop3: detected capacity change from 0 to 4096
[  211.530425][ T6924] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  211.641083][ T6939] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1116'.
[  211.699118][ T6924] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1112'.
[  211.860412][ T6946] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1118'.
[  212.053330][ T6957] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1123'.
[  212.106783][ T6956] loop4: detected capacity change from 0 to 2048
[  212.210461][ T6956]  loop4: p3 < > p4 < >
[  212.214765][ T6956] loop4: partition table partially beyond EOD, truncated
[  212.260372][ T6956] loop4: p3 start 4284289 is beyond EOD, truncated
[  212.280543][ T6961] loop0: detected capacity change from 0 to 512
[  212.344196][ T3017]  loop4: p3 < > p4 < >
[  212.348581][ T3017] loop4: partition table partially beyond EOD, truncated
[  212.374851][ T3017] loop4: p3 start 4284289 is beyond EOD, truncated
[  212.420780][ T6961] ext4 filesystem being mounted at /213/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  212.447613][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  212.516066][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  212.546741][ T6969] loop3: detected capacity change from 0 to 4096
[  212.582725][ T6979] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1131'.
[  212.632822][ T6983] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1124'.
[  212.716615][ T6979] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1131'.
[  212.934613][ T6991] loop2: detected capacity change from 0 to 1024
[  212.941741][ T6991] EXT4-fs: Invalid want_extra_isize 867
[  212.960059][ T7000] loop1: detected capacity change from 0 to 1024
[  212.967096][ T7000] EXT4-fs: Invalid want_extra_isize 867
[  213.048078][ T7003] loop0: detected capacity change from 0 to 128
[  213.413641][ T7009] loop0: detected capacity change from 0 to 2048
[  213.482294][ T7009]  loop0: p3 < > p4 < >
[  213.486599][ T7009] loop0: partition table partially beyond EOD, truncated
[  213.516170][ T7009] loop0: p3 start 4284289 is beyond EOD, truncated
[  213.608566][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  213.886356][ T7021] loop0: detected capacity change from 0 to 4096
[  213.928745][ T7021] EXT4-fs mount: 36 callbacks suppressed
[  213.928798][ T7021] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.284938][ T7019] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  214.579185][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.975364][ T7048] loop3: detected capacity change from 0 to 512
[  215.008256][ T7048] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  215.028320][ T7039] loop4: detected capacity change from 0 to 1024
[  215.035502][ T7039] EXT4-fs: Invalid want_extra_isize 867
[  215.055030][ T7043] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.1154' sets config #5001287
[  215.131559][ T7048] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  215.153030][ T7048] EXT4-fs (loop3): 1 truncate cleaned up
[  215.160815][ T7048] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.187327][   T29] kauditd_printk_skb: 417 callbacks suppressed
[  215.187368][   T29] audit: type=1326 audit(1732158986.910:10459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.228637][   T29] audit: type=1326 audit(1732158986.920:10460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.252455][   T29] audit: type=1326 audit(1732158986.920:10461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.276284][   T29] audit: type=1326 audit(1732158986.930:10462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.300048][   T29] audit: type=1326 audit(1732158986.930:10463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.323807][   T29] audit: type=1326 audit(1732158986.940:10464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.347496][   T29] audit: type=1326 audit(1732158986.940:10465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.371160][   T29] audit: type=1326 audit(1732158986.950:10466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.394802][   T29] audit: type=1326 audit(1732158986.950:10467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.418554][   T29] audit: type=1326 audit(1732158986.960:10468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7047 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91d371e819 code=0x7ffc0000
[  215.476459][ T7052] loop2: detected capacity change from 0 to 128
[  215.618536][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.855833][ T7066] __nla_validate_parse: 2 callbacks suppressed
[  215.855873][ T7066] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1161'.
[  216.575239][ T7072] loop2: detected capacity change from 0 to 4096
[  216.652405][ T7072] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.857824][ T7081] loop1: detected capacity change from 0 to 512
[  216.909229][ T7086] FAULT_INJECTION: forcing a failure.
[  216.909229][ T7086] name failslab, interval 1, probability 0, space 0, times 0
[  216.922093][ T7086] CPU: 0 UID: 0 PID: 7086 Comm: syz.0.1165 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  216.934105][ T7086] Tainted: [W]=WARN
[  216.938045][ T7086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  216.948220][ T7086] Call Trace:
[  216.951582][ T7086]  <TASK>
[  216.954600][ T7086]  dump_stack_lvl+0xf2/0x150
[  216.959355][ T7086]  dump_stack+0x15/0x20
[  216.963683][ T7086]  should_fail_ex+0x223/0x230
[  216.968496][ T7086]  ? skb_clone+0x154/0x1f0
[  216.973055][ T7086]  should_failslab+0x8f/0xb0
[  216.977886][ T7086]  kmem_cache_alloc_noprof+0x4c/0x290
[  216.983458][ T7086]  skb_clone+0x154/0x1f0
[  216.987849][ T7086]  __netlink_deliver_tap+0x2bd/0x4c0
[  216.993440][ T7086]  netlink_unicast+0x64a/0x670
[  216.998411][ T7086]  netlink_sendmsg+0x5cc/0x6e0
[  217.003369][ T7086]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.008808][ T7086]  __sock_sendmsg+0x140/0x180
[  217.013662][ T7086]  ____sys_sendmsg+0x312/0x410
[  217.018645][ T7086]  __sys_sendmsg+0x19d/0x230
[  217.023546][ T7086]  __x64_sys_sendmsg+0x46/0x50
[  217.028459][ T7086]  x64_sys_call+0x2734/0x2dc0
[  217.033299][ T7086]  do_syscall_64+0xc9/0x1c0
[  217.037988][ T7086]  ? clear_bhb_loop+0x55/0xb0
[  217.042928][ T7086]  ? clear_bhb_loop+0x55/0xb0
[  217.047754][ T7086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.053805][ T7086] RIP: 0033:0x7f96998ce819
[  217.058329][ T7086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.078494][ T7086] RSP: 002b:00007f9697f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.087052][ T7086] RAX: ffffffffffffffda RBX: 00007f9699a85fa0 RCX: 00007f96998ce819
[  217.095181][ T7086] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006
[  217.103272][ T7086] RBP: 00007f9697f47090 R08: 0000000000000000 R09: 0000000000000000
[  217.111415][ T7086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.119513][ T7086] R13: 0000000000000000 R14: 00007f9699a85fa0 R15: 00007ffc1da8ee58
[  217.127623][ T7086]  </TASK>
[  217.173556][ T7081] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.217058][ T7081] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  217.398120][ T7095] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1164'.
[  217.495849][ T7099] loop0: detected capacity change from 0 to 128
[  217.629594][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.701403][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.802912][ T7109] loop0: detected capacity change from 0 to 256
[  217.825323][ T7109] FAT-fs (loop0): Directory bread(block 64) failed
[  217.834186][ T7109] FAT-fs (loop0): Directory bread(block 65) failed
[  217.842746][ T7109] FAT-fs (loop0): Directory bread(block 66) failed
[  217.852733][ T7109] FAT-fs (loop0): Directory bread(block 67) failed
[  217.860499][ T7109] FAT-fs (loop0): Directory bread(block 68) failed
[  217.867218][ T7109] FAT-fs (loop0): Directory bread(block 69) failed
[  217.876304][ T7109] FAT-fs (loop0): Directory bread(block 70) failed
[  217.883834][ T7109] FAT-fs (loop0): Directory bread(block 71) failed
[  217.893011][ T7109] FAT-fs (loop0): Directory bread(block 72) failed
[  217.900200][ T7109] FAT-fs (loop0): Directory bread(block 73) failed
[  217.984200][ T7112] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1173'.
[  218.040293][ T7104] syz.0.1171: attempt to access beyond end of device
[  218.040293][ T7104] loop0: rw=0, sector=1768, nr_sectors = 4 limit=256
[  218.055460][ T7104] syz.0.1171: attempt to access beyond end of device
[  218.055460][ T7104] loop0: rw=0, sector=1768, nr_sectors = 4 limit=256
[  218.292633][ T7118] loop3: detected capacity change from 0 to 512
[  218.306572][ T7115] loop0: detected capacity change from 0 to 4096
[  218.317284][ T7118] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  218.342053][ T7115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.387077][ T7118] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  218.408197][ T7118] EXT4-fs (loop3): 1 truncate cleaned up
[  218.430492][ T7118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.539779][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.652033][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.841502][ T7132] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1178'.
[  218.866406][ T7131] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  219.318131][ T7137] netlink: 'syz.3.1180': attribute type 8 has an invalid length.
[  219.897603][ T7147] loop1: detected capacity change from 0 to 2048
[  219.934668][ T7152] loop2: detected capacity change from 0 to 128
[  219.998960][ T7147]  loop1: p3 < > p4 < >
[  220.003258][ T7147] loop1: partition table partially beyond EOD, truncated
[  220.015019][ T7147] loop1: p3 start 4284289 is beyond EOD, truncated
[  220.169329][    C0] ------------[ cut here ]------------
[  220.174926][    C0] WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x444/0x450
[  220.184411][    C0] Modules linked in:
[  220.188446][    C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  220.200366][    C0] Tainted: [W]=WARN
[  220.204263][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  220.214454][    C0] RIP: 0010:inet_sock_destruct+0x444/0x450
[  220.220433][    C0] Code: 0f 0b 90 e9 ab fe ff ff e8 29 2e c2 fc 90 0f 0b 90 e9 c5 fe ff ff e8 1b 2e c2 fc 90 0f 0b 90 e9 df fe ff ff e8 0d 2e c2 fc 90 <0f> 0b 90 e9 35 ff ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90
[  220.240232][    C0] RSP: 0018:ffffc9000008fcd0 EFLAGS: 00010246
[  220.246425][    C0] RAX: ffffffff846e1883 RBX: 00000000000003ff RCX: ffff8881001c9080
[  220.254549][    C0] RDX: 0000000000000100 RSI: 00000000000003ff RDI: 0000000000000000
[  220.262687][    C0] RBP: ffff888116e0a900 R08: ffffffff846e17b4 R09: 0000000000000000
[  220.270793][    C0] R10: 0001ffffffffffff R11: 0001888116e0aa60 R12: ffff888116e0abe8
[  220.278909][    C0] R13: ffff888116e0abe8 R14: ffff888116e0a928 R15: ffff888116e0a912
[  220.287002][    C0] FS:  0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  220.296080][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  220.302814][    C0] CR2: 00007f891ff462d8 CR3: 0000000104102000 CR4: 00000000003506f0
[  220.309414][ T7157] loop3: detected capacity change from 0 to 4096
[  220.310892][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  220.325362][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  220.333486][    C0] Call Trace:
[  220.336846][    C0]  <TASK>
[  220.339879][    C0]  ? __warn+0x141/0x350
[  220.344144][    C0]  ? report_bug+0x315/0x420
[  220.348812][    C0]  ? inet_sock_destruct+0x444/0x450
[  220.354189][    C0]  ? handle_bug+0x60/0x90
[  220.358694][    C0]  ? exc_invalid_op+0x1a/0x50
[  220.363533][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[  220.368720][    C0]  ? inet_sock_destruct+0x374/0x450
[  220.374055][    C0]  ? inet_sock_destruct+0x443/0x450
[  220.379447][    C0]  ? inet_sock_destruct+0x444/0x450
[  220.384810][    C0]  ? __pfx___sk_destruct+0x10/0x10
[  220.390071][    C0]  inet6_sock_destruct+0x1d/0x30
[  220.395144][    C0]  ? __pfx_inet6_sock_destruct+0x10/0x10
[  220.400961][    C0]  __sk_destruct+0x3d/0x440
[  220.405599][    C0]  ? __pfx___sk_destruct+0x10/0x10
[  220.410904][    C0]  rcu_core+0x57b/0xbc0
[  220.415209][    C0]  rcu_core_si+0xd/0x20
[  220.419547][    C0]  handle_softirqs+0xbf/0x280
[  220.424365][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  220.429643][    C0]  run_ksoftirqd+0x1c/0x30
[  220.434209][    C0]  smpboot_thread_fn+0x31c/0x4c0
[  220.439309][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  220.444943][    C0]  kthread+0x1d1/0x210
[  220.449173][    C0]  ? __pfx_kthread+0x10/0x10
[  220.453908][    C0]  ret_from_fork+0x4b/0x60
[  220.458484][    C0]  ? __pfx_kthread+0x10/0x10
[  220.463223][    C0]  ret_from_fork_asm+0x1a/0x30
[  220.468174][    C0]  </TASK>
[  220.471279][    C0] ---[ end trace 0000000000000000 ]---
[  220.565030][ T7170] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1192'.
[  220.578186][   T29] kauditd_printk_skb: 185 callbacks suppressed
[  220.578225][   T29] audit: type=1400 audit(1732158992.300:10654): avc:  denied  { write } for  pid=2999 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  220.606350][   T29] audit: type=1400 audit(1732158992.300:10655): avc:  denied  { remove_name } for  pid=2999 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  220.629342][   T29] audit: type=1400 audit(1732158992.300:10656): avc:  denied  { rename } for  pid=2999 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  220.651908][   T29] audit: type=1400 audit(1732158992.300:10657): avc:  denied  { add_name } for  pid=2999 comm="syslogd" name="messages.0" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  220.674726][   T29] audit: type=1400 audit(1732158992.300:10658): avc:  denied  { unlink } for  pid=2999 comm="syslogd" name="messages.0" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  220.697442][   T29] audit: type=1400 audit(1732158992.300:10659): avc:  denied  { create } for  pid=2999 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  220.712269][ T7157] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.725505][   T29] audit: type=1400 audit(1732158992.450:10660): avc:  denied  { ioctl } for  pid=7171 comm="syz.2.1193" path="socket:[15955]" dev="sockfs" ino=15955 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  220.787871][   T29] audit: type=1326 audit(1732158992.480:10661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.1.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  220.811598][   T29] audit: type=1326 audit(1732158992.480:10662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.1.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  220.835414][   T29] audit: type=1326 audit(1732158992.480:10663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7163 comm="syz.1.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f5133eee819 code=0x7ffc0000
[  220.863294][ T7173] loop2: detected capacity change from 0 to 512
[  220.913097][ T7173] EXT4-fs: Ignoring removed oldalloc option
[  220.922267][ T7173] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  220.941631][ T7173] EXT4-fs (loop2): 1 truncate cleaned up
[  220.988768][ T7173] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.091133][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.148181][ T7173] vlan2: entered promiscuous mode
[  221.153413][ T7173] macvtap0: entered promiscuous mode
[  221.159355][ T7173] vlan2: entered allmulticast mode
[  221.164742][ T7173] macvtap0: entered allmulticast mode
[  221.170303][ T7173] veth0_macvtap: entered allmulticast mode
[  221.236681][ T7188] loop3: detected capacity change from 0 to 512
[  221.307172][ T7185] loop0: detected capacity change from 0 to 128
[  221.328326][ T7188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.348321][ T7188] ext4 filesystem being mounted at /225/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  221.460612][ T7195] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1198'.
[  221.568702][ T7198] loop0: detected capacity change from 0 to 512
[  221.604617][ T7198] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.610977][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.622933][ T7198] ext4 filesystem being mounted at /231/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  221.693494][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.837721][ T7208] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1201'.
[  221.898465][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.942180][ T7209] loop2: detected capacity change from 0 to 1024
[  221.982029][ T7209] EXT4-fs: Invalid want_extra_isize 867
[  222.225438][ T7217] loop0: detected capacity change from 0 to 4096
[  222.242024][ T7220] loop1: detected capacity change from 0 to 512
[  222.261466][ T7217] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.279576][ T7220] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  222.314962][ T7220] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  222.352570][ T7220] EXT4-fs (loop1): 1 truncate cleaned up
[  222.438566][ T7220] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.557219][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.590315][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.723816][ T7230] loop3: detected capacity change from 0 to 128
[  222.920786][ T7237] loop0: detected capacity change from 0 to 1024
[  222.927902][ T7237] EXT4-fs: Ignoring removed orlov option
[  222.968003][ T7237] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  223.037635][ T7241] loop3: detected capacity change from 0 to 512
[  223.060303][ T7241] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  223.078202][ T7243] loop1: detected capacity change from 0 to 2048
[  223.091152][ T7241] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  223.106815][ T7241] EXT4-fs (loop3): 1 truncate cleaned up
[  223.114657][ T7241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.129434][ T7237] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.130610][ T7243]  loop1: p3 < > p4 < >
[  223.145966][ T7243] loop1: partition table partially beyond EOD, truncated
[  223.176561][ T7237] EXT4-fs error (device loop0): ext4_check_all_de:656: inode #12: block 7: comm syz.0.1212: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  223.192832][ T7243] loop1: p3 start 4284289 is beyond EOD, truncated
[  223.220781][ T7237] EXT4-fs (loop0): Remounting filesystem read-only
[  223.296099][ T3017]  loop1: p3 < > p4 < >
[  223.300429][ T3017] loop1: partition table partially beyond EOD, truncated
[  223.318026][ T3017] loop1: p3 start 4284289 is beyond EOD, truncated
[  223.344231][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.387326][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  223.413275][ T3917] udevd[3917]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  223.497604][ T7254] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1221'.
[  223.698858][ T7258] loop1: detected capacity change from 0 to 4096
[  223.737052][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.769803][ T7258] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.968372][ T7264] loop0: detected capacity change from 0 to 512
[  223.995177][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.995436][ T7267] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1225'.
[  224.077313][ T7268] loop2: detected capacity change from 0 to 512
[  224.113936][ T7264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.135900][ T7264] ext4 filesystem being mounted at /238/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  224.176382][ T7268] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.198040][ T7268] ext4 filesystem being mounted at /243/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  224.225490][ T7279] loop1: detected capacity change from 0 to 1024
[  224.235060][ T7279] EXT4-fs: Ignoring removed orlov option
[  224.241983][ T7279] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  224.258768][ T7279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.272080][ T7281] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1226'.
[  224.336140][ T7282] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1224'.
[  224.364746][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.463683][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.485173][ T7288] loop1: detected capacity change from 0 to 512
[  224.534062][ T7284] loop4: detected capacity change from 0 to 2048
[  224.587110][ T3321] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.588573][ T7284]  loop4: p3 < > p4 < >
[  224.600653][ T7284] loop4: partition table partially beyond EOD, truncated
[  224.614154][ T7291] loop2: detected capacity change from 0 to 512
[  224.618917][ T7284] loop4: p3 start 4284289 is beyond EOD, truncated
[  224.621489][ T7288] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.678052][ T7291] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  224.681017][ T7288] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  224.728500][ T7300] loop3: detected capacity change from 0 to 1024
[  224.735577][ T7300] EXT4-fs: Invalid want_extra_isize 867
[  224.762653][ T7302] FAULT_INJECTION: forcing a failure.
[  224.762653][ T7302] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.776003][ T7302] CPU: 0 UID: 0 PID: 7302 Comm: syz.0.1236 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  224.787982][ T7302] Tainted: [W]=WARN
[  224.791922][ T7302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  224.802142][ T7302] Call Trace:
[  224.805517][ T7302]  <TASK>
[  224.808536][ T7302]  dump_stack_lvl+0xf2/0x150
[  224.813288][ T7302]  dump_stack+0x15/0x20
[  224.817780][ T7302]  should_fail_ex+0x223/0x230
[  224.822618][ T7302]  should_fail+0xb/0x10
[  224.826953][ T7302]  should_fail_usercopy+0x1a/0x20
[  224.832127][ T7302]  _copy_from_user+0x1e/0xb0
[  224.836975][ T7302]  copy_msghdr_from_user+0x54/0x2a0
[  224.842365][ T7302]  ? __fget_files+0x17c/0x1c0
[  224.847319][ T7302]  __sys_sendmsg+0x13e/0x230
[  224.852184][ T7302]  __x64_sys_sendmsg+0x46/0x50
[  224.857137][ T7302]  x64_sys_call+0x2734/0x2dc0
[  224.862015][ T7302]  do_syscall_64+0xc9/0x1c0
[  224.866673][ T7302]  ? clear_bhb_loop+0x55/0xb0
[  224.871528][ T7302]  ? clear_bhb_loop+0x55/0xb0
[  224.876386][ T7302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.882508][ T7302] RIP: 0033:0x7f96998ce819
[  224.887185][ T7302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.906943][ T7302] RSP: 002b:00007f9697f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.915572][ T7302] RAX: ffffffffffffffda RBX: 00007f9699a85fa0 RCX: 00007f96998ce819
[  224.923670][ T7302] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  224.931818][ T7302] RBP: 00007f9697f47090 R08: 0000000000000000 R09: 0000000000000000
[  224.939941][ T7302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.948057][ T7302] R13: 0000000000000000 R14: 00007f9699a85fa0 R15: 00007ffc1da8ee58
[  224.956226][ T7302]  </TASK>
[  224.993290][ T7291] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  225.018191][ T7291] EXT4-fs (loop2): 1 truncate cleaned up
[  225.053701][ T7291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.107259][ T7307] loop0: detected capacity change from 0 to 128
[  225.127567][ T7309] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1232'.
[  225.144800][ T3395] ==================================================================
[  225.153072][ T3395] BUG: KCSAN: data-race in fill_mg_cmtime / shmem_mknod
[  225.160227][ T3395] 
[  225.162651][ T3395] write to 0xffff8881032169a4 of 4 bytes by task 3917 on cpu 1:
[  225.167235][ T7305] loop4: detected capacity change from 0 to 4096
[  225.170363][ T3395]  shmem_mknod+0x136/0x180
[  225.170470][ T3395]  shmem_create+0x34/0x40
[  225.185825][ T3395]  path_openat+0xe92/0x1fa0
[  225.190476][ T3395]  do_filp_open+0x107/0x230
[  225.195123][ T3395]  do_sys_openat2+0xab/0x120
[  225.199910][ T3395]  __x64_sys_openat+0xf3/0x120
[  225.204863][ T3395]  x64_sys_call+0x2b30/0x2dc0
[  225.209711][ T3395]  do_syscall_64+0xc9/0x1c0
[  225.214373][ T3395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.220429][ T3395] 
[  225.222856][ T3395] read to 0xffff8881032169a4 of 4 bytes by task 3395 on cpu 0:
[  225.230543][ T3395]  fill_mg_cmtime+0x58/0x280
[  225.235316][ T3395]  generic_fillattr+0x241/0x330
[  225.240354][ T3395]  shmem_getattr+0x17b/0x200
[  225.245108][ T3395]  vfs_statx_path+0x171/0x2d0
[  225.249914][ T3395]  vfs_statx+0xe1/0x170
[  225.254231][ T3395]  __se_sys_newfstatat+0xdc/0x300
[  225.259477][ T3395]  __x64_sys_newfstatat+0x55/0x70
[  225.264694][ T3395]  x64_sys_call+0x236d/0x2dc0
[  225.269535][ T3395]  do_syscall_64+0xc9/0x1c0
[  225.274208][ T3395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.280247][ T3395] 
[  225.282681][ T3395] value changed: 0x3473c6d0 -> 0x349f3e86
[  225.288522][ T3395] 
[  225.290926][ T3395] Reported by Kernel Concurrency Sanitizer on:
[  225.297194][ T3395] CPU: 0 UID: 0 PID: 3395 Comm: udevd Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  225.308746][ T3395] Tainted: [W]=WARN
[  225.312643][ T3395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  225.322819][ T3395] ==================================================================
[  225.368071][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.379270][ T7305] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.434102][ T3324] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.540244][ T3320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.