last executing test programs:

4.497822633s ago: executing program 0 (id=2060):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000500), &(0x7f0000000540)={'U+', 0xd87}, 0x16, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000080)=0x196, 0x4)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x140)
fcntl$setlease(r3, 0x400, 0x0)
fcntl$lock(r3, 0x26, &(0x7f00000000c0)={0x2, 0x2, 0x1, 0x7})

4.459421903s ago: executing program 0 (id=2063):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x2000000000000000}, 0x18)
rename(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0)

4.417120924s ago: executing program 0 (id=2067):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x3)
setsockopt$inet6_dccp_buf(r0, 0x21, 0xc, &(0x7f0000000240)="1e5b67999c3453d92b713e392cfca73dba098edae6998d64c90e1ec4b6472cd532c13cc0a3d93a5c3409d1ee21349f09427a690f3d6dd6fb6824ddb13cd79906658d949693dd3b2da3472c00e566da34cf0b411400fd8b7a5b5974a7cde2f0a486c11cd48c3ddd4bdf57f331c3ed3c9b7f1edded580410d92cabc4933a83ad7581a262c3bee2a08e5300368894bbe0f6a3365b73cef738c2c340e1306105d37649e21cf0d5c35e3c2eeecd415cd788359f398092cbc3ca1ad10179640e464ede111a804e81b91ec8eb9d0a712ae73a8edb0557fb66198beb3b", 0xd9)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
r4 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280))
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
close(r4)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x4, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x1, 0x1e, 0x0, 0x0, 0x6, 0x0, {0x0, 0x0, 0xfffffffc}}}}]}, 0x78}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f00000003c0), <r8=>0x0, 0x8c, 0x0, 0x0, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x3c, 0x8, 0x0, 0x0}}, 0x10)
r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000400), 0x242, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1e, 0x2d, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@btf_id={0x18, 0xa, 0x3, 0x0, 0x5}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xa}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r9}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @exit, @jmp={0x5, 0x1, 0xb, 0x5, 0xb, 0x4, 0x8}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x654c}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x7fffffff, 0xba, &(0x7f0000000280)=""/186, 0x40f00, 0x12, '\x00', r3, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0x3, 0x3fa80}, 0x10, r8, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000700)=[{0x7, 0x3, 0xe, 0x6}, {0x3, 0x4, 0x9, 0xb}], 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

4.333248396s ago: executing program 0 (id=2071):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x0)

4.287855736s ago: executing program 0 (id=2074):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff000000"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000080)={@loopback, @multicast1, 0x0, "2634784b05261d387c9201200000000000000080000000000600", 0x0, 0xffffffff, 0x5, 0xf6}, 0x3c)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000280)={@private, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23bd0f4eb500"}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000200)={@dev, @multicast1, 0x0, "05888ee9654ce5db9229e6a1f0a3c9505e2ebbbc3d341ad6ad352965b867e20b", 0x7}, 0x3c)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f0000000240)=0xa, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x7, 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00'}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1700000000efffff080000000080600000040100", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x15, &(0x7f0000000a00)=@raw=[@map_fd={0x18, 0xb, 0x1, 0x0, r4}, @map_fd={0x18, 0x6, 0x1, 0x0, r4}, @map_fd={0x18, 0x0, 0x1, 0x0, r3}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x7}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @ringbuf_query, @exit, @jmp={0x5, 0x0, 0x4, 0x3, 0xa, 0xfffffffffffffff0, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x7e0a}], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000b00)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x1408e, &(0x7f0000000780)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@resgid}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x1, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r6 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f00000001c0)=0x10)
statx(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x6000, &(0x7f0000000240))
recvmmsg(r5, &(0x7f0000001640), 0x0, 0x162, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYBLOB="01002d"], 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0x810)
sendmsg$nl_generic(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x4000084)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

3.512692667s ago: executing program 2 (id=2092):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x8}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)

3.503623468s ago: executing program 2 (id=2094):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFT_MSG_NEWSETELEM={0x140, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x114, 0x3, 0x0, 0x1, [{0x110, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_USERDATA={0x103, 0x6, 0x1, 0x0, "2f11e7ef8e766bc851286d7b851917a8c4428e9e9e091293cae490c16826a3c85a205f678852b43a06c61d63ba42373a00bb7c1ad7f1758c6b2ce8b1f597542c5b20d1abf3d9cba06aa296695acaa0facffbd68f6cafc22503df4d5c27c256f0b4f6c49fa2d43becd9c27d04488658cebd38947517a7ab12195f2e5a26fccf5baa41dc0bb3b777019eabb057c0db7069c109a9f969da3d7fa87b35f7cad005636d9e278b22a111b90dda70832b9773e6c964339bb3c4185e0ceb9a1cf08e553c244fba9bf1f098ed541e3501b56b576e78f951702b8be38082aacc094274456d93eff9f781adecbc6401bb5575b1d0d0dbf948cc15c194fb002ddc28f42b06"}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x1b4}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

3.487121408s ago: executing program 2 (id=2095):
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x7}}, './file0\x00'})
getpeername$qrtr(r0, &(0x7f0000000080), 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000005c0)={r2, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe10859891d875397bab22d0000b420a9c81f40f45f819e01177d3d458dac00000000000000000000003b00", "90be8b1c5512406c34000000000000000000000000000000009d9400", [0x4, 0x40000000000000]}})
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000480)={r1, 0x400, {0x2a00, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x2, 0xffffffff, 0x18, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea80000000000000000000000deff0000000000000000000000000000000800", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x1000cf]}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000001600)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r5=>0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x60, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}, @NFTA_SET_USERDATA={0x5, 0xd, 0x1, 0x0, 'w'}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x10001}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x9c}}, 0x20050800)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r5, @ANYBLOB="800202000a000200577f0000aabb000020000e"], 0x48}, 0x1, 0x0, 0x0, 0x30000050}, 0x20000800)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0, r7}, 0x18)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r8)
sendmsg$NLBL_MGMT_C_ADDDEF(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)

3.455387299s ago: executing program 2 (id=2098):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="180000010000000000000000faffff039500000000000000586a4311ad0ebb963a51b41d7218dc8bb921b1060dfc8b86eb5c39e7f5db6bded71ff72956d266a4f1969128ab20ca0fc105343a82c926bcba36fd76162d49e9cc1392ec0503f4b925623019b0131752a8ab380073496920e5972aa6f66f664a7cd1ac41101e85c11be42cb77f341870162d2a775ca027d4"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000540)='kfree\x00', r3}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000c00000004000000010000840203000000000000030000000000000302000000000000010500000020000000000000000000000b02000000"], 0x0, 0x58, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
ioctl$BTRFS_IOC_SNAP_CREATE(r2, 0x50009401, &(0x7f0000001200)={{r3}, "3586588611fe80e32eaae7ca11b9590eeba627959d05c09e92ea7131782446da87ed0a4b3b515b041d277550c8c3374ddb3e0c5e7616de1049eebdc03ff5d66c3c49d013710ee053d09580aff17b45a720317295cd7add80194b027d2b1f160ffb2261959f8fb4ad065595fc7ca0de78de06fba8405abf0a23f3d7436197a375ee558218b344eb9bbb371db24389ea9b206e73b0ee4093a46db6d18a988e7e82a07faad0872f4abbdc859afebb893fcb83d466c364811688ea08728faf64ccca6b5906ec2cc9429085134850b10d3d2c9a6286841d12fc34e45453e9dd45bee32554c7fecb14a99e39cc921972d285139e2553eeef23c61d3d93bc77fa23379e4bed9481fbac229b6bf3963ec5493c60fc67102091f01a4424dc18eece820faf7680c56bc8ed35ff4fe15e4cb8a4fdb0ee59e10c8030d90721ced3982a8070a8083b6bfc1f42a6f937c4c5b55867ce653f9a6cf2273bd0e14839abff2571f17ab84b61ee221783e7ab0e1400b1abfc9bf9f5b8c8c0b1cb2bb06d4b67d27d882ca0b6942e8e43f725685e6ccbf78f4e408ce5826f209a2be4f42a748f2237e3abcfb725e7ffa28adcea1a2429b9ef6c71027c28e9338fca97c2e6e25b85b4c2b358e7aa942d5108926d66e739bb7fb52e8bd921df46df6570712518c1e80e74fa5bd4f7a992533594c2136e8ea7611c206ec83e7a64b66b14ffdf0246f8c50a26a2f7be65e2c59cefc3811358eac8d1f95fd71810b6ab7b6e333ca20a2999780981b61d82e98052562466934d20f721c02b51e61850f183969ea5d57bd245d025ef86a6bd34dd2927bf6c6d42ca12ae8d9369d93ff7699be83e5d4ca39d91de04ec98217ef1a81fff8b2f04bcb97e7fdc21e0e0fff4e2b516d21c3f8d24f78583880341f3191cb6e85325bd132a09ca636bad140b446d534114251facc0cdfb8a895cf9f47e01eefb7a74d9660b68de03dd414cf361dc23a428ec984f49cfff68936311c778e83dd1ed58e35ffc642da1ba5490ebefec5b2b8644aa48d05ff4a4830df2d423327a21a88ed75c4bd3aa9469cf84e6e925f8a24b939d061d26e4bca01898c6a9ae71479999ddbdd038918efb08bb22e6f84d87f83610c2bdb7923c5365c345d9f83b01817b8c541866c6126c083a3b95e5b537aa78507093dedb4615f34fb22cfa8fbd6330be484e58586e4a427496e1fbfa67bb7be3686601b0f97a28ead4eb1a0407dcd59c11ecdaf1db6bfdb9b26f0bec44dca31ed23fc82ef55de74ba9ec29e204f73069f83121a873dc6910c124f323d8b726bee7949bb2d39fd6a9334deb678a05d9db78148f333b25f64f21304fe237352574ffd7fce3974f3e306f0ae5c4ceb33cec4afa456af85e4c2cd2784414ed3e38bfb5dc8490cd574f831f2ee612c48af30fa1d81ea0808a057d136f4e166e4b1c1dfa932f7f794b8eb684897402e2bd6fbd56f68a97e638c801cc567446342d7cf5637193ebea75a69ce873ef8bbaeedf70cc4173e51e16744409243f69ac26993d75638c6022e764b1cd8fca7a774a1906f7d2afff490f546db468980e8f9c6577b60e597ffa6608a8565b7debbee9cfd4ce3037fb0fd09238a180678938437ee0c6aa64e372918980a333c16111aa6ff13eca60895a4743ff9b9a6fc080a9cdac3b3e024797fa8327449f4d1ae344256988fa4228463c7815a19de9d3a5e8527c7909f29320d3467440c94f4e6d6639e22d7e57d804772f3d2451bffb96ebf2ca114180c9f3fb9f4045ee2f2d6813fb4ce9bfa7e8fc7a6c5ac78c822726e9aa9fd06ed3a929dd83fafc145d4a90e32583296272335cbb98811861ad192ace56bf0626f5f22b4a4a8f7ab59346338c10dbf2c79e34a63f06918cd5cf1a12ff9828412b3617682c0949683b9e60113bfef689480d21c9f16c4b9bf3876dc60ae81f231eb76b9f62a71a1763d9dfa8297a2248ef9fe87b03212a8f4fa805e3f5f9919185c3744e7593d7119abc680ab3d0d2f82c7077507bccc51589e9f80c8afae0841da6a79e4e97f62c952a2d23b16715fb94977091da6e19084099b5d65f288dd089aa3ba26e264d01bca2f0af7a85636853fbcdff1d8df9e34bb5932a11850c21f6ad4d35ebc3d92a4e34c3f3c754ebfb32e9f4a65d0c6164391207e48ed2e3e085727a87d224a0a8b3f30d2d00c522b360a20ecf202ca42a4bf69480b557255b254509829aeb078bfe257bcc67bba0ba4c91ed5177761c08bfc981846c4bc6b876586c8cf5c225c072e893a4050f390060ccb7a16eaa1cb8b7520dac2e59f889b8c8876d57a8f0d40ff5692b36c73e15aeb59da4686474708caa0d0c241fdd94dbda8a5d21a00a9e7edb63f3c365c6d3046ae18bc3ba9cfc5103688fa4f14635858d935eb52c9954e00360432590f2b2341cf0b6f2bb4b5ec4a4bac989281e23541392d69a83c575862c589ea533f6bd0785ba0b35a7c8cd6845da342e5a4b0ecd376e5e899e302da5adc73e9a02c4d6827f079479eb5f739a0eb56dc074902afd7a81ee29845000b254f54b09f85add23adb9b700e8c63d918699f57f7d3e2ca6f3c2e216946d6d7a9a64fbb99885a3b3fd4a81b2d810594afabc67bf31cce23a1584e9f0b7bc0b37ec319580b835865f5f54e7f84f8ab143990f7d4fa5e0a8d409f5942568a6301501e2f1d2b2825bfbeb244205d9c15281291f3882f5ce650ba0e1e8eff8df2904d2dd9a1dff11a5330f81c963b32ce06e99ed638beba7f2091cd30d940c22d89ab115a38e9a7a8f43a65784cb00c78cdb4eca6b2b45b410699fbc525e0dd3af38a44ce343ac710ec33c8f95f8c512151d8b0f4e9837c57c807cd32f9f0db96289d14f8e050053777f4488e92a4eb4b9169eba51397a87e17c291e562b6f18f49dc73266d5d66f24c16e0b5b5c438d919a672a547496c8e4885f5028de4de982df8236137be2e5922874f3e06f0f78b8230ec57580c6b97b50003335448b025f8e0eed84bcaa2cffcb2ebbe1f5511cf51d3ed1c0676499baf8dae7270b98f83da550c70f437159404ae3d815c1c993f227aa819849f70ea7a1056dbf2e0d64bf78fdf586f322af1af6f9f1585e0b019ef386574ae5e4b788fda09c768b89749fc8013ef372c5ec07bec0bd41b7b0c4d92aa85e43fd87243257ca13af2dbcd5d781457a0033695b62c6074425b7d27d605946b1710221414ce84d9ab136036391f0817fd3b35e0bcae7610797ea3b090a66f260f47f4b36d80512a33d16c4a395bd77e1dfe22c2dbbfe6de0111277cedc995790bc8ff4fac4385345a5de22b813bdf205d0886b54d069436b86cfa61b51c7b9b7646ec6f1b3c997d27c7ea03d1d66eb4d5f78459d3bfa5894ad21a3ff9d6d437baef84cd52a794d1de4664652ce49138adab9c241bd68b291e70fd2d589c33e46468c819e00340dc5eeaa2e370d8d8ca53b30ce9bc1a5eb8620973f66aeb93565b4b7c005ea307ae3e2101b17388b241bd7021a6a17e7528794c6153ab838d87f8d99536dc010b355e2aa5ee1dadb0d9931f67fe2201d7b0d1988ee0e5700a17dfcf601ce6603a7f0331e96fb823237e0ce7114c6745c6a16fe6562e3d22bdee40abf5b5015e6ba6f9ba30d14a4bc7c96ef8ef9da797f5c976f3edd507fe387e20c25973d975bbbbf3e1ee5260681e63bd4690002bd00c8e93d6af137d59fcd419e074ee7d44c3d720a938809a5221748bc65c23e70f85181fdcb335953bb203c86da00271a6519aebf1d39989d64a0a950846771969985a87a27f3d8ec367468ff7181a7ca1cb8da6f34f854b50cfa52c1297214c77428ed35fe22e75b1c52022602ea49ecc1d921caab9a9ef4bca7b9215fe4bfd019eb5cd8342d1135775ce5833b9cd563f2ce79932dbf52e00800e7c2fff293b8a3e9c917ac3d5009845da5e229042684258b3b3c26ecae8755f527711fa61cc560f5004f3f1f35ef088981c6b3299cc415f8e1a187da02acd469d157cfab620fd5a4fc274b68e63e4d1abf9376b32c3144920cc42b14b4d2c45e88157681fa039ea0e077119c45804d32573ef5aa4ceb0b9b791f40ce8327571ea0f5fc1218cf3653d45d469d927097830bc7089b9a43829c8f97c26ec816ca9d001fb307bc2587452ac037ec1632f4f55c38457e2baaeade2a879cdf0696df3b44f16ac552110d873ea916504a1c6fc35fc1871a25dd5e47a46cd53b404d4769b27b6b9f2644455586426eab370c383855b26e340f391d36d0c21f86fb5b4802379e467d593d1583b688650349161e4f4674449df2c8c569d87445e44add952a98d6b0c4c5cb6fabacd27c8d9b67bcbaaadf3224904d4043d7116a5758c113246184e01d4084169c8ca7b7c2923b8453f66aaa3d6c73c32b87a6852d42c24be74cb61259d34aad52ab94b3396bb574425b7e1745e8fdab8fd4ff0e0d1e78b72d01c852bc1fa855219ade8224a0ae063b2960504d27ff89a5ee786a5a424fec2e729ac1e21519a0190bce7413edac9dada925b6f09e18e1478349a65df2971830c9c639473c2c72d31b9579d3b5a66320da4c3f529a9e4e8091d2321ff56d33b780c483c58a1e2fdf4470a02f8ffc6e84ef8c7b92b98b5df315a47b06489cade189da1ae0cba8bec6b0f8b5f87331cfb101a920ed4775f5f0f3ea81bab85510711170e7586467f0b39fd6962d40663097509ac0fab087a59076586d1a82580f76dc0ac3f1f5a9389c1c0c3e7b8ccf1ef9a79c20b68132538f30b96609a39b3b6c16f65d3ef5105c8c4234e3d636c71ff1c975ba39ddf8d5e88fd28161c0c1ab9bb37b24340a48f3acde141e43fc270239f3b4f1ef8034a136c322b984d07418d793f90bb25cfda386cd3ae051998f69acc1e94ded145aacacde36e229e5b20a25c320a7b0f43db8c2be95e5ecde40c9706ebf70863247c8ecf35c64fdfb0cc40415d65f5821d0f223ddd770c48f8cf13f7e88601e090dbabf7607df68455a996ea3a39337b840d188b44c9091383d91091ace58468bb586e94e4cd8bc8e526d13a36c6f72fe55fc3499093acbd627196f32998a0d36c3ae95207512d77a87cfe212bc3ae73ef5dd2bd3e403a527ba9064284b3fd22b13e0095f3c923ad6d5d25698ed1979f397b6091796bcb020c2ea82e15b935006bb7a350088192eb3ccf1b7c77a3980054ca481bb0b601cc97d7c557be59fb5814a8bcbbe496b7605104b63bdd4d2327496d12dde7be54bbf54c80f423d3678261f292a2c52682313e576b662d4422037c2ac584191704edf5af465a4db658fae9fcc8dc1cca20465956eca38c17b8f2f876963cb768004ac0148ed6466248757ab76e09c4832b2137bba64da406b7638aa26c58eeb1acc14e30743945a93324f998755d25baa8329516d5bd054159572fd89a27ec8208e62f1734860e2be09114dd58e07cc282f390adf9934b55f152b66a2f305c0a4a1d3e90cbf6f8e4ff3739ce9f3cf4eeb4b42d49c193e422c0a7be9da90011534056ca687d4ffb8db61efe987aaf4995075053133fcf2c8b4f8b7f76e190b97b55995e46341528875ea07aadd1ad92926e374d9f359603ed7955fbae7a8d7fdc5f7462309f2ffdd8a5365c82501e7458588e6fbc1df05a07c2c8883ac6c5e10299eea32d6402b1c0d1f190daa3b2bc2f330108af5a8e1c90f70d7a24caba1df109e2b67ce617f2ab1fbc3d0be2d8584fb5179c4d9dbe770188184fa31431b7d99cb427d277c4d272d7fd0e45604fb7115007f1f09ca633b0b876f085b46eab84788c3f3c1dc1b40"})
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x48a, &(0x7f0000000640)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@journal_dev={'journal_dev', 0x3d, 0x6}}, {@noload}, {@data_ordered}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@nodelalloc}]}, 0x3, 0x45d, &(0x7f0000000d80)="$eJzs3MtvG0UYAPDP6zh9kwDl0dJCoCAqHkmTPuiBSxFIHEBCgkMRp5CkVanboCZItIogcAhHVIk74ojEX8CFckHACYkr3BFShHKhcEBGa++6bmInTuLEUP9+0rYznnFmvt0dezzrdQA9ayj9pxCxNyJ+iYiBWvb2CkO1/24uzU38tTQ3UYhK5fU/CtV6fy7NTeRV8+ftqWUqlVXaXXgrYrxcnrqS5UdmL707MnP12rMXLo2fnzo/dXns9OkTxw/3nxo72ZE496V9PfjB9KEDL795/dWJs9ff/uGrtL97s/LGODplqLZ3m3qi04112b6GdKGvix1hXYoRkR6uUnX8D0QxdtXLBuKlj7vaOWBLVSpJZUfr4vkKcAdLJ+pAL8rf6NPPv/m2TVOP/4TFM1Ffx7iZbbWSvkiyOqXsM9JWGIqIs/N/f55usUXrEAAAjW6ciYhnms3/kri/od5d2bWhwYi4OyLuiYh7I2J/RNwXUa37QEQ8uM72l18hWTn/qQxsKLA2pfO/57NrW7fP//LZXwwWs9y+avylwrkL5alj2T45GqUdaX50lTa+ffHnT1uVNc7/0i1tP58LZv34vW/ZAt3k+Oz4ZmJutPhRxMG+ZvEX6nPedH58ICIObrCNC099eahV2drxr6IDk/LKFxFP1o7/fCyLP1doeX1y9LlTYydHdkZ56thIflas9ONPC6+1an9T8XfA4o1K7G56/tfjHyzsjJi5eu1i9XrtzK3ntrv7F379pOVnmo2e//2FN6rp/uyx98dnZ6+MRvQXXln5+Nit5+b5vH56/h890hB/PfCk+hqX74mHIiI9iQ9HxMMR8UjW90cj4rGIOLJK/N+/8Pg7649/lVX5Dkrjn1zr+Efj8V9/onjxu6/XH38uPf4nqqmj2SPtvP6128HN7DsAAAD4v0iq34EvJMP1dJIMD9e+w78/difl6ZnZp89Nv3d5svZd+cEoJflK10DDeuhotjac58eW5Y9n68afFXdV88MT0+XJbgcPPW5Pi/Gf+q3Y7d4BW879WtC7jH/oXcY/9C7jH3qX8Q+9q9n4/7AL/QC23xrv/7u2qx/A9jP/h95l/EPv2uD4/6fT/QC2Vct745NN3fIvsVaiGBFb8Je/6d/cbzW0n4ik6/vwDkuUomlRX9s/ZrHBxI6mRd1+ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwMAAP//rKTgcQ==")
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r7, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000014000100000000000000000002f800ff", @ANYRES32=r7, @ANYBLOB="34bc0000008fd708"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
r9 = getpgid(0x0)
r10 = syz_pidfd_open(r9, 0x0)
r11 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0xac63094eb3328933, 0x0)
r12 = pidfd_getfd(r10, r11, 0x0)
readlinkat(r12, &(0x7f0000000100)='\x00', &(0x7f0000000140)=""/189, 0xbd)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

3.425161819s ago: executing program 0 (id=2100):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1428437b3c8026bdfeb6db4ee9bcb25b1811d40a203bf40b3a7db04ed6dd2", 0x2b}], 0x1}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x8000, 0x0)
ioctl$TIOCSLCKTRMIOS(r2, 0x5457, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="11000000040000000400000005"], 0x50)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='fdinfo/3\x00')
readv(r3, &(0x7f0000001440)=[{&(0x7f0000000040)=""/20, 0x14}], 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000090a010400000000000000000700f0ff08000a40000000000900020073797a31000000000900010073797a3000000000080005400000000c08000340000000080800064000000000140000001000010019200000000000000084000a"], 0x74}}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002dc0)={0x11, 0x5, &(0x7f00000010c0)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x5c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext={0xfe}, 0x8000, 0x0, 0x100, 0x0, 0x0, 0x0, 0x5f39, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = syz_open_procfs(0x0, &(0x7f0000000240)='cmdline\x00')
read$eventfd(r7, &(0x7f0000000180), 0x8)
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=@newtaction={0x14, 0x1c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
timer_create(0x3, 0x0, &(0x7f0000001400))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r9=>0x0})
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r8, &(0x7f0000006880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000ffdbdf250f00000008000300", @ANYRES32=r9, @ANYBLOB="05002f"], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0)

3.275072561s ago: executing program 2 (id=2101):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x1869, &(0x7f0000000800)={0x0, 0xead4, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x74}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB=')'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x12, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x101, 0x1})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

3.204968052s ago: executing program 2 (id=2103):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)={0x31, 0x8, 0x9, 0x0, 0x401, 0x5})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="b000000004bf48d2383fef9bc69626a8a378fd04f0acfa8b4c2d2679be45b813d9e58776862da1b8bb03a7be9741656c2f62f78e112227b97f8abf378e570a8836335fb9025f5d91179483dc7bcf2da218597cb30d6d7ba0d96dbda429cf276aa51b43c70728970f1e02045b71b2ece5b8df4a7a891b4558051ccd2c0addd21bd48a11ad83f957fd57dc74b0cd4c14fd65708afab77d4fa6a5b572db22546a8dc2cd98d41fad0017dfd6ebe3c4bfc3ec2c580f86c8b352b1b27125ea932a228bae14ffe67cd9810726dccc40acda9e23f29feeaee0e0e730d385a9649a76ba1005029bb7e5477a42e9d4282eff0300000000000055d7f348a61e3995a6df", @ANYRES16, @ANYBLOB="040025bd7000fedbdf251200000008000300", @ANYRES32=r2, @ANYBLOB="0c009900070000005c00000005001301010000000a0006000802110000000000060012006a0600000800a4000100000012001300859b9886c692606019e08ca4031b00004f00ac003dafb644be1d378ec74e1ebb743108a6a2a7bd915d6b192740e82841ed6d2a550da9cf2ecf00b65c6ab85b213cccee322fdddcfbdfa3abb38c5976ad88c5d091af2457a08c66a8dbcf69b500"], 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048001)
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f00000008c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200001}, 0xc, &(0x7f0000000880)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000129877f6afb737825bd70005757df25640000000800010037", @ANYRES32=r2, @ANYBLOB="0c0099000800000033000000"], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x20008090)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r3=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='attr\x00')
getdents64(r4, &(0x7f0000002f40)=""/4098, 0x1002)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
getpeername(0xffffffffffffffff, &(0x7f0000000dc0)=@qipcrtr, &(0x7f00000004c0)=0x80)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001040)=@newqdisc={0x5c, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}, @TCA_RATE={0x6, 0x5, {0xf, 0x1}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffe60, 0x10, 0x0, 0xffffff4e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000001, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r8}, 0x10)
clock_settime(0x0, &(0x7f00000009c0))

2.69369523s ago: executing program 4 (id=2112):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffffbff}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x68, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10}}}, @TCA_STAB={0x20, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x68}}, 0x0)

2.66311253s ago: executing program 4 (id=2114):
r0 = gettid()
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f0000000100)=r2, 0x4)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
waitid(0x0, r3, 0x0, 0x8, 0xfffffffffffffffd)
waitid(0x1, r3, 0x0, 0x4, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_getoverrun(0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = io_uring_setup(0x2825, &(0x7f0000000300)={0x0, 0xd987, 0x0, 0x2, 0x800f8})
io_uring_register$IORING_REGISTER_RING_FDS(r6, 0x14, 0x0, 0x0)
r7 = socket$l2tp(0x2, 0x2, 0x73)
r8 = syz_io_uring_setup(0x16c2, &(0x7f0000000480)={0x0, 0xbd12, 0x10100, 0x1, 0x327}, &(0x7f0000000300), &(0x7f0000000040))
io_uring_enter(r8, 0x7, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f0000000040)=[r7, r6, r8, r6, r6, r6], 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)

2.321055975s ago: executing program 3 (id=2125):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x2000000000000000}, 0x18)
eventfd2(0x0, 0x0)

2.283606126s ago: executing program 3 (id=2126):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x1ff00000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

2.237429576s ago: executing program 3 (id=2127):
r0 = gettid()
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, 0x0, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r2=>0x0)
ptrace(0x10, 0x0)
waitid(0x0, 0x0, 0x0, 0x8, 0xfffffffffffffffd)
waitid(0x1, 0x0, 0x0, 0x4, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000018010000202064050000000000202020"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
timer_getoverrun(r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = io_uring_setup(0x2825, &(0x7f0000000300)={0x0, 0xd987, 0x0, 0x2, 0x800f8})
io_uring_register$IORING_REGISTER_RING_FDS(r5, 0x14, 0x0, 0x0)
r6 = syz_io_uring_setup(0x16c2, &(0x7f0000000480)={0x0, 0xbd12, 0x10100, 0x1, 0x327}, &(0x7f0000000300), &(0x7f0000000040))
io_uring_enter(r6, 0x7, 0x0, 0x0, 0x0, 0x0)

1.774477093s ago: executing program 4 (id=2128):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x28, 0x0, 0x2, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x2}, @CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x6, 0x84085, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x7}, 0x1320, 0x0, 0x103, 0x5, 0x0, 0x840501, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
unshare(0x22020400)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x80047441, 0xf0ff1f00000000)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x300, &(0x7f0000000140)={&(0x7f0000000180)={0x14, r4, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x301000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r5, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002e0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000bc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8, 0x0, 0x10000}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x3, 0x4c5, &(0x7f0000001cc0)="$eJzs3U1rW1caAOD3ynbiJM7YmZlFJjCZMJPBCTOR7HiSmFlkPFDaVaBpunddWzbGsmUsOYlNKA79AYXSL9pVV90Uui6Fkp9QCoF2X0ppCW2SLrpoqyL5qkld+YtYVmI9Dxzfcz+k9z0W90hH56IbQNs6EREjEdEREacjojfdnklLrKyW6nH37t4Yr5YkKpUr3yaRpNvqz5Wky0Ppw7oj4rlnIl5Mfh+3tLQ8M1Yo5BfS9Vx5dj5XWlo+Mz07NpWfys+NDA2eH74wfG54YMfaevGpr9545b2nL37872tfjH5z6qVqWj3pvofbsRUrWzxuteldtf9FXWdELGwn2GOsI21PV6sTAQBgS6qf8f8YEX+PiPtvtzobAAAAoBkq/+uJH5OICgAAALBnZWrXwCaZbHotQE9kMtns6jW8f46DmUKxVP7XZHFxbmL1Wtm+6MpMThfyA+m1wn3RlVTXB2v1B+tn16wPRcSRiHit90BtPTteLEy0+ssPAAAAaBOH1oz/v+9dHf8DAAAAe0xfqxMAAAAAms74HwAAAPa+dcf/SefuJgIAAAA0w7OXLlVLpX7/64mrS4szxatnJvKlmezs4nh2vLgwn50qFqdqv9k3u9nzFYrF+f/E3OL1XDlfKudKS8ujs8XFufJo7b7eo3n3iQYAAIDdd+Rvtz5PImLlvwdqpWpfum8LY/WR5mYHNFNme4cnzcoD2H0drU4AaBkX+EL7Mh8PbDKwf33N+ja/NgAAAB4H/X95pPl/84HwBDOQh/Zl/h/al/l/aF/m/6HN7d/8kO71dnyyw7kAAABN01MrSSabzgX2RCaTzUYcrt0WoCuZnC7kByLiDxHxWW/X/ur6YKuTBgAAAAAAAAAAAAAAAAAAAAAAAIAnTKWSRAUAAADY0yIyXyfpjfz7e0/2rP1+YF/yQ29tGRHX3rny5vWxcnlhsLr9u1+3l99Kt5+tbwEAAABaqT5Or4/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAn3bt7Y7xedjPunf9HRF+j+J3RXVt2f9gbEQfvJ9H50OOSiOjYgfgrNyPiaKP4STWt6EuzWBs/ExEHWhz/0A7Eh3Z2q9r/jFTPv641518mTtSWjc+/zrQ8qjsn1uv/MvX+r9bPNer/Dm/81N31yrHbH+TWjX8z4lhn4/6nHj95xP73heeXl9fbV3k3on+T959qrFx5dj5XWlo+Mz07NpWfys8NDQ2eH74wfG54IDc5XcinfxvGePWvH/28UfsPNoy/2v9u1P6TW2z/T7ev3/3TBvFP/aPx6390g/jV//0/0/eB6v7+en1ltf6w4+9/enyj9k+s0/7NXv9TW2z/6csvf7nFQwGAXVBaWp4ZKxTyCyoqKnuvcjk90bf98BZ3TAAAwI578KG/1ZkAAAAAAAAAAAAAAAAAAABA+2r6j5Dt/+0vC3S3rqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABv6JQAA///dfdKW")
timer_create(0x2, 0x0, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
setitimer(0x1, &(0x7f0000001840)={{0x0, 0x2710}, {0x77359400}}, 0x0)
mlockall(0x7)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000300), &(0x7f0000000280)='system_u:object_r:hwdata_t:s0\x00', 0x1e, 0x1)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700082c00fe800000000000000000000000000000ff02000000000000000000000000000181008078"], 0x0)

1.536979517s ago: executing program 1 (id=2129):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x3)
setsockopt$inet6_dccp_buf(r0, 0x21, 0xc, &(0x7f0000000240), 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
r4 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280))
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
close(r4)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x4, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x1, 0x1e, 0x0, 0x0, 0x6, 0x0, {0x0, 0x0, 0xfffffffc}}}}]}, 0x78}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f00000003c0), <r8=>0x0, 0x8c, 0x0, 0x0, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x3c, 0x8, 0x0, 0x0}}, 0x10)
r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000400), 0x242, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1e, 0x2d, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@btf_id={0x18, 0xa, 0x3, 0x0, 0x5}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xa}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r9}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @exit, @jmp={0x5, 0x1, 0xb, 0x5, 0xb, 0x4, 0x8}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x654c}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x7fffffff, 0xba, &(0x7f0000000280)=""/186, 0x40f00, 0x12, '\x00', r3, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0x3, 0x3fa80}, 0x10, r8, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000700)=[{0x7, 0x3, 0xe, 0x6}, {0x3, 0x4, 0x9, 0xb}], 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.432120258s ago: executing program 1 (id=2130):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, 0xffffffffffffffff, 0x0)
fallocate(r0, 0x8, 0x4000, 0x4000)

1.33038473s ago: executing program 3 (id=2131):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="180000010000000000000000faffff039500000000000000586a4311ad0ebb963a51b41d7218dc8bb921b1060dfc8b86eb5c39e7f5db6bded71ff72956d266a4f1969128ab20ca0fc105343a82c926bcba36fd76162d49e9cc1392ec0503f4b925623019b0131752a8ab380073496920e5972aa6f66f664a7cd1ac41101e85c11be42cb77f341870162d2a775ca027d4"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000540)='kfree\x00', r3}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000c00000004000000010000840203000000000000030000000000000302000000000000010500000020000000000000000000000b02000000"], 0x0, 0x58, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
ioctl$BTRFS_IOC_SNAP_CREATE(r2, 0x50009401, &(0x7f0000001200)={{r3}, "3586588611fe80e32eaae7ca11b9590eeba627959d05c09e92ea7131782446da87ed0a4b3b515b041d277550c8c3374ddb3e0c5e7616de1049eebdc03ff5d66c3c49d013710ee053d09580aff17b45a720317295cd7add80194b027d2b1f160ffb2261959f8fb4ad065595fc7ca0de78de06fba8405abf0a23f3d7436197a375ee558218b344eb9bbb371db24389ea9b206e73b0ee4093a46db6d18a988e7e82a07faad0872f4abbdc859afebb893fcb83d466c364811688ea08728faf64ccca6b5906ec2cc9429085134850b10d3d2c9a6286841d12fc34e45453e9dd45bee32554c7fecb14a99e39cc921972d285139e2553eeef23c61d3d93bc77fa23379e4bed9481fbac229b6bf3963ec5493c60fc67102091f01a4424dc18eece820faf7680c56bc8ed35ff4fe15e4cb8a4fdb0ee59e10c8030d90721ced3982a8070a8083b6bfc1f42a6f937c4c5b55867ce653f9a6cf2273bd0e14839abff2571f17ab84b61ee221783e7ab0e1400b1abfc9bf9f5b8c8c0b1cb2bb06d4b67d27d882ca0b6942e8e43f725685e6ccbf78f4e408ce5826f209a2be4f42a748f2237e3abcfb725e7ffa28adcea1a2429b9ef6c71027c28e9338fca97c2e6e25b85b4c2b358e7aa942d5108926d66e739bb7fb52e8bd921df46df6570712518c1e80e74fa5bd4f7a992533594c2136e8ea7611c206ec83e7a64b66b14ffdf0246f8c50a26a2f7be65e2c59cefc3811358eac8d1f95fd71810b6ab7b6e333ca20a2999780981b61d82e98052562466934d20f721c02b51e61850f183969ea5d57bd245d025ef86a6bd34dd2927bf6c6d42ca12ae8d9369d93ff7699be83e5d4ca39d91de04ec98217ef1a81fff8b2f04bcb97e7fdc21e0e0fff4e2b516d21c3f8d24f78583880341f3191cb6e85325bd132a09ca636bad140b446d534114251facc0cdfb8a895cf9f47e01eefb7a74d9660b68de03dd414cf361dc23a428ec984f49cfff68936311c778e83dd1ed58e35ffc642da1ba5490ebefec5b2b8644aa48d05ff4a4830df2d423327a21a88ed75c4bd3aa9469cf84e6e925f8a24b939d061d26e4bca01898c6a9ae71479999ddbdd038918efb08bb22e6f84d87f83610c2bdb7923c5365c345d9f83b01817b8c541866c6126c083a3b95e5b537aa78507093dedb4615f34fb22cfa8fbd6330be484e58586e4a427496e1fbfa67bb7be3686601b0f97a28ead4eb1a0407dcd59c11ecdaf1db6bfdb9b26f0bec44dca31ed23fc82ef55de74ba9ec29e204f73069f83121a873dc6910c124f323d8b726bee7949bb2d39fd6a9334deb678a05d9db78148f333b25f64f21304fe237352574ffd7fce3974f3e306f0ae5c4ceb33cec4afa456af85e4c2cd2784414ed3e38bfb5dc8490cd574f831f2ee612c48af30fa1d81ea0808a057d136f4e166e4b1c1dfa932f7f794b8eb684897402e2bd6fbd56f68a97e638c801cc567446342d7cf5637193ebea75a69ce873ef8bbaeedf70cc4173e51e16744409243f69ac26993d75638c6022e764b1cd8fca7a774a1906f7d2afff490f546db468980e8f9c6577b60e597ffa6608a8565b7debbee9cfd4ce3037fb0fd09238a180678938437ee0c6aa64e372918980a333c16111aa6ff13eca60895a4743ff9b9a6fc080a9cdac3b3e024797fa8327449f4d1ae344256988fa4228463c7815a19de9d3a5e8527c7909f29320d3467440c94f4e6d6639e22d7e57d804772f3d2451bffb96ebf2ca114180c9f3fb9f4045ee2f2d6813fb4ce9bfa7e8fc7a6c5ac78c822726e9aa9fd06ed3a929dd83fafc145d4a90e32583296272335cbb98811861ad192ace56bf0626f5f22b4a4a8f7ab59346338c10dbf2c79e34a63f06918cd5cf1a12ff9828412b3617682c0949683b9e60113bfef689480d21c9f16c4b9bf3876dc60ae81f231eb76b9f62a71a1763d9dfa8297a2248ef9fe87b03212a8f4fa805e3f5f9919185c3744e7593d7119abc680ab3d0d2f82c7077507bccc51589e9f80c8afae0841da6a79e4e97f62c952a2d23b16715fb94977091da6e19084099b5d65f288dd089aa3ba26e264d01bca2f0af7a85636853fbcdff1d8df9e34bb5932a11850c21f6ad4d35ebc3d92a4e34c3f3c754ebfb32e9f4a65d0c6164391207e48ed2e3e085727a87d224a0a8b3f30d2d00c522b360a20ecf202ca42a4bf69480b557255b254509829aeb078bfe257bcc67bba0ba4c91ed5177761c08bfc981846c4bc6b876586c8cf5c225c072e893a4050f390060ccb7a16eaa1cb8b7520dac2e59f889b8c8876d57a8f0d40ff5692b36c73e15aeb59da4686474708caa0d0c241fdd94dbda8a5d21a00a9e7edb63f3c365c6d3046ae18bc3ba9cfc5103688fa4f14635858d935eb52c9954e00360432590f2b2341cf0b6f2bb4b5ec4a4bac989281e23541392d69a83c575862c589ea533f6bd0785ba0b35a7c8cd6845da342e5a4b0ecd376e5e899e302da5adc73e9a02c4d6827f079479eb5f739a0eb56dc074902afd7a81ee29845000b254f54b09f85add23adb9b700e8c63d918699f57f7d3e2ca6f3c2e216946d6d7a9a64fbb99885a3b3fd4a81b2d810594afabc67bf31cce23a1584e9f0b7bc0b37ec319580b835865f5f54e7f84f8ab143990f7d4fa5e0a8d409f5942568a6301501e2f1d2b2825bfbeb244205d9c15281291f3882f5ce650ba0e1e8eff8df2904d2dd9a1dff11a5330f81c963b32ce06e99ed638beba7f2091cd30d940c22d89ab115a38e9a7a8f43a65784cb00c78cdb4eca6b2b45b410699fbc525e0dd3af38a44ce343ac710ec33c8f95f8c512151d8b0f4e9837c57c807cd32f9f0db96289d14f8e050053777f4488e92a4eb4b9169eba51397a87e17c291e562b6f18f49dc73266d5d66f24c16e0b5b5c438d919a672a547496c8e4885f5028de4de982df8236137be2e5922874f3e06f0f78b8230ec57580c6b97b50003335448b025f8e0eed84bcaa2cffcb2ebbe1f5511cf51d3ed1c0676499baf8dae7270b98f83da550c70f437159404ae3d815c1c993f227aa819849f70ea7a1056dbf2e0d64bf78fdf586f322af1af6f9f1585e0b019ef386574ae5e4b788fda09c768b89749fc8013ef372c5ec07bec0bd41b7b0c4d92aa85e43fd87243257ca13af2dbcd5d781457a0033695b62c6074425b7d27d605946b1710221414ce84d9ab136036391f0817fd3b35e0bcae7610797ea3b090a66f260f47f4b36d80512a33d16c4a395bd77e1dfe22c2dbbfe6de0111277cedc995790bc8ff4fac4385345a5de22b813bdf205d0886b54d069436b86cfa61b51c7b9b7646ec6f1b3c997d27c7ea03d1d66eb4d5f78459d3bfa5894ad21a3ff9d6d437baef84cd52a794d1de4664652ce49138adab9c241bd68b291e70fd2d589c33e46468c819e00340dc5eeaa2e370d8d8ca53b30ce9bc1a5eb8620973f66aeb93565b4b7c005ea307ae3e2101b17388b241bd7021a6a17e7528794c6153ab838d87f8d99536dc010b355e2aa5ee1dadb0d9931f67fe2201d7b0d1988ee0e5700a17dfcf601ce6603a7f0331e96fb823237e0ce7114c6745c6a16fe6562e3d22bdee40abf5b5015e6ba6f9ba30d14a4bc7c96ef8ef9da797f5c976f3edd507fe387e20c25973d975bbbbf3e1ee5260681e63bd4690002bd00c8e93d6af137d59fcd419e074ee7d44c3d720a938809a5221748bc65c23e70f85181fdcb335953bb203c86da00271a6519aebf1d39989d64a0a950846771969985a87a27f3d8ec367468ff7181a7ca1cb8da6f34f854b50cfa52c1297214c77428ed35fe22e75b1c52022602ea49ecc1d921caab9a9ef4bca7b9215fe4bfd019eb5cd8342d1135775ce5833b9cd563f2ce79932dbf52e00800e7c2fff293b8a3e9c917ac3d5009845da5e229042684258b3b3c26ecae8755f527711fa61cc560f5004f3f1f35ef088981c6b3299cc415f8e1a187da02acd469d157cfab620fd5a4fc274b68e63e4d1abf9376b32c3144920cc42b14b4d2c45e88157681fa039ea0e077119c45804d32573ef5aa4ceb0b9b791f40ce8327571ea0f5fc1218cf3653d45d469d927097830bc7089b9a43829c8f97c26ec816ca9d001fb307bc2587452ac037ec1632f4f55c38457e2baaeade2a879cdf0696df3b44f16ac552110d873ea916504a1c6fc35fc1871a25dd5e47a46cd53b404d4769b27b6b9f2644455586426eab370c383855b26e340f391d36d0c21f86fb5b4802379e467d593d1583b688650349161e4f4674449df2c8c569d87445e44add952a98d6b0c4c5cb6fabacd27c8d9b67bcbaaadf3224904d4043d7116a5758c113246184e01d4084169c8ca7b7c2923b8453f66aaa3d6c73c32b87a6852d42c24be74cb61259d34aad52ab94b3396bb574425b7e1745e8fdab8fd4ff0e0d1e78b72d01c852bc1fa855219ade8224a0ae063b2960504d27ff89a5ee786a5a424fec2e729ac1e21519a0190bce7413edac9dada925b6f09e18e1478349a65df2971830c9c639473c2c72d31b9579d3b5a66320da4c3f529a9e4e8091d2321ff56d33b780c483c58a1e2fdf4470a02f8ffc6e84ef8c7b92b98b5df315a47b06489cade189da1ae0cba8bec6b0f8b5f87331cfb101a920ed4775f5f0f3ea81bab85510711170e7586467f0b39fd6962d40663097509ac0fab087a59076586d1a82580f76dc0ac3f1f5a9389c1c0c3e7b8ccf1ef9a79c20b68132538f30b96609a39b3b6c16f65d3ef5105c8c4234e3d636c71ff1c975ba39ddf8d5e88fd28161c0c1ab9bb37b24340a48f3acde141e43fc270239f3b4f1ef8034a136c322b984d07418d793f90bb25cfda386cd3ae051998f69acc1e94ded145aacacde36e229e5b20a25c320a7b0f43db8c2be95e5ecde40c9706ebf70863247c8ecf35c64fdfb0cc40415d65f5821d0f223ddd770c48f8cf13f7e88601e090dbabf7607df68455a996ea3a39337b840d188b44c9091383d91091ace58468bb586e94e4cd8bc8e526d13a36c6f72fe55fc3499093acbd627196f32998a0d36c3ae95207512d77a87cfe212bc3ae73ef5dd2bd3e403a527ba9064284b3fd22b13e0095f3c923ad6d5d25698ed1979f397b6091796bcb020c2ea82e15b935006bb7a350088192eb3ccf1b7c77a3980054ca481bb0b601cc97d7c557be59fb5814a8bcbbe496b7605104b63bdd4d2327496d12dde7be54bbf54c80f423d3678261f292a2c52682313e576b662d4422037c2ac584191704edf5af465a4db658fae9fcc8dc1cca20465956eca38c17b8f2f876963cb768004ac0148ed6466248757ab76e09c4832b2137bba64da406b7638aa26c58eeb1acc14e30743945a93324f998755d25baa8329516d5bd054159572fd89a27ec8208e62f1734860e2be09114dd58e07cc282f390adf9934b55f152b66a2f305c0a4a1d3e90cbf6f8e4ff3739ce9f3cf4eeb4b42d49c193e422c0a7be9da90011534056ca687d4ffb8db61efe987aaf4995075053133fcf2c8b4f8b7f76e190b97b55995e46341528875ea07aadd1ad92926e374d9f359603ed7955fbae7a8d7fdc5f7462309f2ffdd8a5365c82501e7458588e6fbc1df05a07c2c8883ac6c5e10299eea32d6402b1c0d1f190daa3b2bc2f330108af5a8e1c90f70d7a24caba1df109e2b67ce617f2ab1fbc3d0be2d8584fb5179c4d9dbe770188184fa31431b7d99cb427d277c4d272d7fd0e45604fb7115007f1f09ca633b0b876f085b46eab84788c3f3c1dc1b40"})
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x48a, &(0x7f0000000640)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@journal_dev={'journal_dev', 0x3d, 0x6}}, {@noload}, {@data_ordered}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@nodelalloc}]}, 0x3, 0x45d, &(0x7f0000000d80)="$eJzs3MtvG0UYAPDP6zh9kwDl0dJCoCAqHkmTPuiBSxFIHEBCgkMRp5CkVanboCZItIogcAhHVIk74ojEX8CFckHACYkr3BFShHKhcEBGa++6bmInTuLEUP9+0rYznnFmvt0dezzrdQA9ayj9pxCxNyJ+iYiBWvb2CkO1/24uzU38tTQ3UYhK5fU/CtV6fy7NTeRV8+ftqWUqlVXaXXgrYrxcnrqS5UdmL707MnP12rMXLo2fnzo/dXns9OkTxw/3nxo72ZE496V9PfjB9KEDL795/dWJs9ff/uGrtL97s/LGODplqLZ3m3qi04112b6GdKGvix1hXYoRkR6uUnX8D0QxdtXLBuKlj7vaOWBLVSpJZUfr4vkKcAdLJ+pAL8rf6NPPv/m2TVOP/4TFM1Ffx7iZbbWSvkiyOqXsM9JWGIqIs/N/f55usUXrEAAAjW6ciYhnms3/kri/od5d2bWhwYi4OyLuiYh7I2J/RNwXUa37QEQ8uM72l18hWTn/qQxsKLA2pfO/57NrW7fP//LZXwwWs9y+avylwrkL5alj2T45GqUdaX50lTa+ffHnT1uVNc7/0i1tP58LZv34vW/ZAt3k+Oz4ZmJutPhRxMG+ZvEX6nPedH58ICIObrCNC099eahV2drxr6IDk/LKFxFP1o7/fCyLP1doeX1y9LlTYydHdkZ56thIflas9ONPC6+1an9T8XfA4o1K7G56/tfjHyzsjJi5eu1i9XrtzK3ntrv7F379pOVnmo2e//2FN6rp/uyx98dnZ6+MRvQXXln5+Nit5+b5vH56/h890hB/PfCk+hqX74mHIiI9iQ9HxMMR8UjW90cj4rGIOLJK/N+/8Pg7649/lVX5Dkrjn1zr+Efj8V9/onjxu6/XH38uPf4nqqmj2SPtvP6128HN7DsAAAD4v0iq34EvJMP1dJIMD9e+w78/difl6ZnZp89Nv3d5svZd+cEoJflK10DDeuhotjac58eW5Y9n68afFXdV88MT0+XJbgcPPW5Pi/Gf+q3Y7d4BW879WtC7jH/oXcY/9C7jH3qX8Q+9q9n4/7AL/QC23xrv/7u2qx/A9jP/h95l/EPv2uD4/6fT/QC2Vct745NN3fIvsVaiGBFb8Je/6d/cbzW0n4ik6/vwDkuUomlRX9s/ZrHBxI6mRd1+ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwMAAP//rKTgcQ==")
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r7, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000014000100000000000000000002f800ff", @ANYRES32=r7, @ANYBLOB="34bc0000008fd708"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
r9 = getpgid(0x0)
syz_pidfd_open(r9, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0xac63094eb3328933, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000100)='\x00', &(0x7f0000000140)=""/189, 0xbd)

1.328999959s ago: executing program 4 (id=2132):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="7472050000000000000066646e6f3d617e610551ab3213cd093899572000"/42, @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c756e616d653dd0aedec1aa20ffd81d1bf89329217cb058a396eda2ab40a26d93dd083c0074dcab6cab21ae16c4cdf97bdc355f3b41d27b654301345cb3c4cec37953322d01beaa7257964fd30fe2d72f171da72e389f382dea3c8d91906aead5d5aeccc097ef1092ea987c2b00000000000000002c00"])

1.237699481s ago: executing program 1 (id=2133):
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg2\x00', <r0=>0x0})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x99d, 0x5, 0x0, r1, 0x0, '\x00', r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = creat(&(0x7f0000000200)='./file0\x00', 0x20)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
close(r3)
r4 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r4, 0x6a, 0x3, 0x0, &(0x7f0000000180)=0x3c)
r5 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000006f5e863489b68a2a593001", @ANYRESOCT=r5, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r3, 0x89f8, &(0x7f00000005c0)={'erspan0\x00', &(0x7f0000000380)={'syztnl1\x00', 0x0, 0x8, 0x700, 0x6, 0x2, {{0x1c, 0x4, 0x3, 0x34, 0x70, 0x64, 0x0, 0x2, 0x29, 0x0, @loopback, @multicast2, {[@ssrr={0x89, 0x1f, 0x14, [@private=0xa0100ff, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010100, @multicast1, @multicast2, @dev={0xac, 0x14, 0x14, 0x17}]}, @ssrr={0x89, 0x17, 0xcf, [@empty, @broadcast, @loopback, @loopback, @broadcast]}, @ra={0x94, 0x4}, @ssrr={0x89, 0x17, 0x2e, [@broadcast, @private=0xa010100, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast]}, @rr={0x7, 0xb, 0x64, [@rand_addr=0x64010100, @multicast1]}]}}}}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x400, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r6, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000280)=""/230, 0xe6, <r7=>0x0, &(0x7f00000004c0)=""/222, 0xde}}, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000380)={0x0, r2}, 0x8)
r8 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000003c0), 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYRES16=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, r8, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r9}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r10}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

1.217943472s ago: executing program 4 (id=2134):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x3)
setsockopt$inet6_dccp_buf(r0, 0x21, 0xc, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
r4 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280))
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
close(r4)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x4, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x1, 0x1e, 0x0, 0x0, 0x6, 0x0, {0x0, 0x0, 0xfffffffc}}}}]}, 0x78}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), &(0x7f00000003c0), <r8=>0x0, 0x8c, 0x0, 0x0, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0x3c, 0x8, 0x0, 0x0}}, 0x10)
r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000400), 0x242, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1e, 0x2d, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@btf_id={0x18, 0xa, 0x3, 0x0, 0x5}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xa}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r9}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @exit, @jmp={0x5, 0x1, 0xb, 0x5, 0xb, 0x4, 0x8}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x654c}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x7fffffff, 0xba, &(0x7f0000000280)=""/186, 0x40f00, 0x12, '\x00', r3, @fallback=0x32, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0x3, 0x3fa80}, 0x10, r8, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000700)=[{0x7, 0x3, 0xe, 0x6}, {0x3, 0x4, 0x9, 0xb}], 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.151212612s ago: executing program 4 (id=2135):
mknod$loop(0x0, 0x6000, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0xfffffdfd)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYRES16=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
write(r4, &(0x7f0000004200)='\x00', 0x1)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd2b, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff000000"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r6, 0x0, 0xcc, &(0x7f0000000080)={@loopback, @multicast1, 0x0, "2634784b05261d387c9201200000000000000080000000000600", 0x0, 0xffffffff, 0x5, 0xf6}, 0x3c)
setsockopt$MRT_ADD_MFC(r6, 0x0, 0xcc, &(0x7f0000000280)={@private, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23bd0f4eb500"}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f0000000200)={@dev, @multicast1, 0x0, "05888ee9654ce5db9229e6a1f0a3c9505e2ebbbc3d341ad6ad352965b867e20b", 0x7}, 0x3c)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd4, &(0x7f0000000240)=0xa, 0x4)

1.078978563s ago: executing program 3 (id=2136):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa0, 0xa0, 0xa, [@union={0x5, 0x3, 0x0, 0x5, 0x0, 0x0, [{0xd, 0x5, 0x400}, {0xb, 0x5, 0x5}, {0xe, 0x4, 0xb55e}]}, @func_proto={0x0, 0x9, 0x0, 0xd, 0x0, [{0x8}, {0x10, 0x3}, {0x7, 0x1}, {0x10, 0x3}, {0x3, 0x2}, {0x8, 0x1}, {0xf, 0x4}, {0x3, 0x5}, {0x2, 0x3}]}, @decl_tag={0x9, 0x0, 0x0, 0x11, 0x4, 0x6}, @restrict={0x10, 0x0, 0x0, 0xb, 0x3}]}, {0x0, [0x30, 0x61, 0x30, 0x0, 0x2e, 0x5f, 0x5f, 0x30]}}, &(0x7f0000000040)=""/7, 0xc2, 0x7, 0x1, 0x8, 0x0, @void, @value}, 0x28)
getsockname$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000480)=0x14)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="640000000206056fd300000000000000000000001400078008001140000000000500150003000000050001000600000005"], 0x64}}, 0x0)
sendmsg$NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x2c, r3, 0x400, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x7}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x4}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x40}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff})
splice(r8, 0x0, r7, 0x0, 0x1, 0x0)
r9 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xa5d4}, 0x4c58, 0x5, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil)
shmat(r10, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
shmctl$SHM_INFO(r10, 0xe, &(0x7f0000002680)=""/4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r9, 0x0)
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000640), 0x1202020, &(0x7f0000000680)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@mmap}], [{@seclabel}]}})
fcntl$setpipe(r7, 0x408, 0x7)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x6df, 0x401, 0x3, 0x6885, 0x1, 0xa534, '\x00', r1, r0, 0x1, 0x1, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xa, 0xa, &(0x7f0000000240)=@raw=[@printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @map_idx={0x18, 0x9}], 0x0, 0x10001, 0x0, 0x0, 0x41000, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r11}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

388.567964ms ago: executing program 1 (id=2137):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)=@newtfilter={0x24, 0x28, 0xd27, 0x1000001, 0x0, {0x0, 0x0, 0x0, 0x0, {0xd, 0x9}, {0x6}, {0xffff, 0xa}}}, 0x24}}, 0x24005104)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x3, 0x80005, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa041, 0x0, 0x20000, 0xfffffffffffffffd, 0x5, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x8, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r5, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r5, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffffbff}, 0x18)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d80)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
r10 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r10, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x68, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10}}}, @TCA_STAB={0x20, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x68}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x2}, {0x1ff, 0x3, 0x0, 0xf}]})

171.927307ms ago: executing program 3 (id=2138):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x6056e, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x9}, 0x14cd8, 0x0, 0x0, 0x1, 0xc, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_pidfd_open(0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xb53}, [@call={0x85, 0x0, 0x0, 0x36}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r1, 0x0, 0xe, 0x0, &(0x7f0000000500)="f0feff2dbe47a1415d24d8fdc27a", 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x2}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000005000000050000000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000cec3ce25c268cbaa117b3c41150000000000007322d371fb645986000000000000"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)=ANY=[@ANYRES64=0x0, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000000f5ff000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r4}, 0x18)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r5}, 0x10)
r6 = socket$kcm(0x2, 0x1, 0x106)
sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0x3, 0x0}, 0x30004001)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050800)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r10, &(0x7f0000001700)="e79d90f22564a53e660eeecc88905b7dbb9257691c332c5ba77ae183ccb0ec28592e791176f874c6500c628122bfc38c7c431ffe03f1949b17dd78300fc530420affbddd0d90de2441861af51d01e8b657751c8613504df8b1f49c6a1ec4a8702c6f15c9782ddff4853bff789739b78c191e7122d625a2b59c89bd0b80f62cce50ba2dc6bcc3540d4ea91c6a20466213f9ee78efea09dfd1bc40c382b66127e42494f21aafa54e1c7304bfa4d8657031f4ee888dacc047d7992e094b595f24dd29d092ab83ec50479c18591a77caeb0fee5c0b67362ce980f868d977af7f5dd7", 0xe0, 0x4040004, &(0x7f0000001800)={0x2, 0x4e22, @local}, 0x10)
pipe(&(0x7f0000000440))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000014c0)={0xff}, 0x8)

1.93814ms ago: executing program 1 (id=2139):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000380)='%-010d \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r2}, 0x10)
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100))

0s ago: executing program 1 (id=2140):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x400}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001bc0)=@newtfilter={0x30, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfffd}, {}, {0x7, 0x4}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x10)

kernel console output (not intermixed with test programs):

  96.784630][ T6279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.784698][ T6279] R13: 0000000000000000 R14: 00007feef8cc5fa0 R15: 00007fff29d26058
[   96.784721][ T6279]  </TASK>
[   96.993008][   T37] tipc: Resetting bearer <eth:syzkaller0>
[   97.013715][ T6263] tipc: Resetting bearer <eth:syzkaller0>
[   97.027303][ T6263] tipc: Disabling bearer <eth:syzkaller0>
[   97.086053][ T6293] netlink: 'syz.4.1026': attribute type 39 has an invalid length.
[   97.114272][ T6295] netlink: 'syz.3.1029': attribute type 39 has an invalid length.
[   97.173091][ T6308] netlink: 'syz.1.1033': attribute type 1 has an invalid length.
[   97.247790][ T6315] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1033'.
[   97.280654][ T6308] bond1: entered promiscuous mode
[   97.295090][ T6306] loop3: detected capacity change from 0 to 512
[   97.301703][ T6308] 8021q: adding VLAN 0 to HW filter on device bond1
[   97.310677][ T6306] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   97.322168][ T6315] batadv1: entered promiscuous mode
[   97.327528][ T6315] batadv1: entered allmulticast mode
[   97.334271][ T6315] 8021q: adding VLAN 0 to HW filter on device batadv1
[   97.341621][ T6325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.342880][ T6315] bond1: (slave batadv1): making interface the new active one
[   97.356089][ T6306] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.358439][ T6315] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   97.370266][ T6325] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.386474][ T6306] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.404557][ T6325] loop4: detected capacity change from 0 to 256
[   97.465064][ T6331] netlink: 'syz.1.1040': attribute type 27 has an invalid length.
[   97.483055][ T6306] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[   97.524852][ T6306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.610038][ T6331] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.618812][ T6331] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.627431][ T6331] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.636050][ T6331] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.645750][ T6331] gtp0: left promiscuous mode
[   97.650493][ T6331] gtp0: left allmulticast mode
[   97.656157][ T6331] bond1: left promiscuous mode
[   97.661840][ T6331] batadv1: left promiscuous mode
[   97.666992][ T6331] batadv1: left allmulticast mode
[   97.672448][ T6320] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   97.694576][ T6334] pim6reg: entered allmulticast mode
[   97.809118][ T6357] loop3: detected capacity change from 0 to 128
[   97.886479][ T6367] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1053'.
[   97.916856][ T6370] netlink: 'syz.1.1056': attribute type 1 has an invalid length.
[   97.970018][ T6370] bond2: entered promiscuous mode
[   97.985621][ T6370] 8021q: adding VLAN 0 to HW filter on device bond2
[   97.995746][ T5567] tipc: Resetting bearer <eth:syzkaller0>
[   98.015132][ T6319] tipc: Resetting bearer <eth:syzkaller0>
[   98.041530][ T6319] tipc: Disabling bearer <eth:syzkaller0>
[   98.043628][ T6387] loop3: detected capacity change from 0 to 128
[   98.052063][ T6388] netlink: 'syz.1.1064': attribute type 1 has an invalid length.
[   98.077927][ T6390] netlink: 'syz.4.1065': attribute type 1 has an invalid length.
[   98.087569][ T6390] loop4: detected capacity change from 0 to 128
[   98.124151][ T6390] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   98.137317][ T6390] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.149822][ T6390] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   98.166099][ T6398] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1064'.
[   98.206028][ T6388] bond3: entered promiscuous mode
[   98.211320][ T6388] 8021q: adding VLAN 0 to HW filter on device bond3
[   98.229730][ T6398] batadv2: entered promiscuous mode
[   98.235099][ T6398] batadv2: entered allmulticast mode
[   98.313141][ T6398] 8021q: adding VLAN 0 to HW filter on device batadv2
[   98.352764][ T6412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.375470][ T6398] bond3: (slave batadv2): making interface the new active one
[   98.410963][ T6412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.442863][ T6398] bond3: (slave batadv2): Enslaving as an active interface with an up link
[   98.620478][ T6412] loop3: detected capacity change from 0 to 256
[   98.760825][ T6429] netlink: 'syz.0.1082': attribute type 27 has an invalid length.
[   98.772725][ T6429] gtp0: left promiscuous mode
[   98.777476][ T6429] gtp0: left allmulticast mode
[   98.806125][ T6437] hub 9-0:1.0: USB hub found
[   98.811584][ T6437] hub 9-0:1.0: 8 ports detected
[   98.823716][ T6436] loop4: detected capacity change from 0 to 128
[   99.008826][ T6454] netlink: 'syz.2.1093': attribute type 1 has an invalid length.
[   99.081338][ T6461] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1093'.
[   99.311565][ T6454] bond1: entered promiscuous mode
[   99.319308][ T6454] 8021q: adding VLAN 0 to HW filter on device bond1
[   99.330908][ T6464] pim6reg: entered allmulticast mode
[   99.375075][ T6461] batadv1: entered promiscuous mode
[   99.380363][ T6461] batadv1: entered allmulticast mode
[   99.408718][ T6461] 8021q: adding VLAN 0 to HW filter on device batadv1
[   99.417317][ T6461] bond1: (slave batadv1): making interface the new active one
[   99.427932][ T6461] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   99.493485][ T6475] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1099'.
[   99.509349][ T6475] random: crng reseeded on system resumption
[   99.617187][ T6496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.634309][ T6496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.701465][   T29] kauditd_printk_skb: 187 callbacks suppressed
[   99.701529][   T29] audit: type=1326 audit(1747239729.338:6783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[   99.731401][   T29] audit: type=1326 audit(1747239729.348:6784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[   99.754972][   T29] audit: type=1326 audit(1747239729.348:6785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[   99.778501][   T29] audit: type=1326 audit(1747239729.348:6786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[   99.802246][   T29] audit: type=1326 audit(1747239729.348:6787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f60446fe9a3 code=0x7ffc0000
[   99.825516][   T29] audit: type=1326 audit(1747239729.348:6788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f60446fd41f code=0x7ffc0000
[   99.849016][   T29] audit: type=1326 audit(1747239729.348:6789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f60446fe9f7 code=0x7ffc0000
[   99.872473][   T29] audit: type=1326 audit(1747239729.348:6790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f60446fd2d0 code=0x7ffc0000
[   99.895956][   T29] audit: type=1326 audit(1747239729.348:6791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f60446fd5ca code=0x7ffc0000
[   99.919230][   T29] audit: type=1326 audit(1747239729.348:6792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  100.016808][ T6515] FAULT_INJECTION: forcing a failure.
[  100.016808][ T6515] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.029936][ T6515] CPU: 1 UID: 0 PID: 6515 Comm: syz.1.1116 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  100.029966][ T6515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  100.030019][ T6515] Call Trace:
[  100.030028][ T6515]  <TASK>
[  100.030037][ T6515]  __dump_stack+0x1d/0x30
[  100.030058][ T6515]  dump_stack_lvl+0xe8/0x140
[  100.030158][ T6515]  dump_stack+0x15/0x1b
[  100.030192][ T6515]  should_fail_ex+0x265/0x280
[  100.030223][ T6515]  should_fail+0xb/0x20
[  100.030274][ T6515]  should_fail_usercopy+0x1a/0x20
[  100.030363][ T6515]  _copy_to_user+0x20/0xa0
[  100.030386][ T6515]  simple_read_from_buffer+0xb5/0x130
[  100.030409][ T6515]  proc_fail_nth_read+0x100/0x140
[  100.030504][ T6515]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.030526][ T6515]  vfs_read+0x19d/0x6f0
[  100.030548][ T6515]  ? __rcu_read_unlock+0x4f/0x70
[  100.030568][ T6515]  ? __fget_files+0x184/0x1c0
[  100.030623][ T6515]  ksys_read+0xda/0x1a0
[  100.030649][ T6515]  __x64_sys_read+0x40/0x50
[  100.030671][ T6515]  x64_sys_call+0x2d77/0x2fb0
[  100.030690][ T6515]  do_syscall_64+0xd0/0x1a0
[  100.030782][ T6515]  ? clear_bhb_loop+0x40/0x90
[  100.030801][ T6515]  ? clear_bhb_loop+0x40/0x90
[  100.030897][ T6515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.030915][ T6515] RIP: 0033:0x7feef8a9d37c
[  100.030928][ T6515] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  100.030946][ T6515] RSP: 002b:00007feef7107030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.031005][ T6515] RAX: ffffffffffffffda RBX: 00007feef8cc5fa0 RCX: 00007feef8a9d37c
[  100.031016][ T6515] RDX: 000000000000000f RSI: 00007feef71070a0 RDI: 0000000000000004
[  100.031027][ T6515] RBP: 00007feef7107090 R08: 0000000000000000 R09: 0000000000000000
[  100.031037][ T6515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.031047][ T6515] R13: 0000000000000000 R14: 00007feef8cc5fa0 R15: 00007fff29d26058
[  100.031070][ T6515]  </TASK>
[  100.330997][ T6534] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1124'.
[  100.345140][ T6534] random: crng reseeded on system resumption
[  100.496926][ T6547] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  100.507648][ T6547] rdma_op ffff88811f90c580 conn xmit_rdma 0000000000000000
[  100.589543][ T6551] FAULT_INJECTION: forcing a failure.
[  100.589543][ T6551] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.602678][ T6551] CPU: 1 UID: 0 PID: 6551 Comm: syz.3.1131 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  100.602709][ T6551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  100.602724][ T6551] Call Trace:
[  100.602730][ T6551]  <TASK>
[  100.602737][ T6551]  __dump_stack+0x1d/0x30
[  100.602761][ T6551]  dump_stack_lvl+0xe8/0x140
[  100.602852][ T6551]  dump_stack+0x15/0x1b
[  100.602870][ T6551]  should_fail_ex+0x265/0x280
[  100.602904][ T6551]  should_fail+0xb/0x20
[  100.602978][ T6551]  should_fail_usercopy+0x1a/0x20
[  100.603014][ T6551]  _copy_to_user+0x20/0xa0
[  100.603072][ T6551]  simple_read_from_buffer+0xb5/0x130
[  100.603096][ T6551]  proc_fail_nth_read+0x100/0x140
[  100.603138][ T6551]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.603161][ T6551]  vfs_read+0x19d/0x6f0
[  100.603183][ T6551]  ? __rcu_read_unlock+0x4f/0x70
[  100.603203][ T6551]  ? __fget_files+0x184/0x1c0
[  100.603353][ T6551]  ksys_read+0xda/0x1a0
[  100.603377][ T6551]  __x64_sys_read+0x40/0x50
[  100.603400][ T6551]  x64_sys_call+0x2d77/0x2fb0
[  100.603419][ T6551]  do_syscall_64+0xd0/0x1a0
[  100.603450][ T6551]  ? clear_bhb_loop+0x40/0x90
[  100.603469][ T6551]  ? clear_bhb_loop+0x40/0x90
[  100.603488][ T6551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.603563][ T6551] RIP: 0033:0x7f27f5c6d37c
[  100.603577][ T6551] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  100.603663][ T6551] RSP: 002b:00007f27f42d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.603680][ T6551] RAX: ffffffffffffffda RBX: 00007f27f5e95fa0 RCX: 00007f27f5c6d37c
[  100.603691][ T6551] RDX: 000000000000000f RSI: 00007f27f42d70a0 RDI: 0000000000000007
[  100.603702][ T6551] RBP: 00007f27f42d7090 R08: 0000000000000000 R09: 0000000000000000
[  100.603712][ T6551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.603723][ T6551] R13: 0000000000000000 R14: 00007f27f5e95fa0 R15: 00007ffcd1104988
[  100.603792][ T6551]  </TASK>
[  100.913172][ T6557] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=6557 comm=syz.1.1134
[  100.932827][ T6564] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1138'.
[  100.951226][ T6569] loop4: detected capacity change from 0 to 512
[  100.962662][ T6557] sd 0:0:1:0: device reset
[  100.963351][ T6569] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  100.983641][ T6569] EXT4-fs (loop4): invalid journal inode
[  100.989428][ T6569] EXT4-fs (loop4): can't get journal size
[  101.008477][ T6578] netlink: 'syz.0.1141': attribute type 27 has an invalid length.
[  101.017530][ T6569] EXT4-fs (loop4): 1 truncate cleaned up
[  101.028126][ T6580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.037264][ T6580] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.074802][ T6569] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.094823][ T6580] loop3: detected capacity change from 0 to 256
[  101.190436][ T6569] bond2: entered promiscuous mode
[  101.201265][ T6569] 8021q: adding VLAN 0 to HW filter on device bond2
[  101.227655][ T6569] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.271847][ T6592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1147'.
[  101.299234][ T6592] loop4: detected capacity change from 0 to 1024
[  101.306440][ T6592] EXT4-fs: Ignoring removed bh option
[  101.324097][ T6592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  101.459045][ T6601] bond2: left promiscuous mode
[  101.464443][ T6601] bond3: left promiscuous mode
[  101.470056][ T6601] batadv2: left promiscuous mode
[  101.475089][ T6601] batadv2: left allmulticast mode
[  101.581481][ T6609] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1153'.
[  102.043064][ T6643] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1164'.
[  102.104233][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  102.121888][ T6650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  102.130591][ T6650] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  102.185074][ T6654] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1170'.
[  102.236159][ T6662] loop2: detected capacity change from 0 to 512
[  102.243297][ T6662] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  102.252222][ T6666] validate_nla: 4 callbacks suppressed
[  102.252227][ T6662] EXT4-fs (loop2): invalid journal inode
[  102.252238][ T6666] netlink: 'syz.3.1176': attribute type 39 has an invalid length.
[  102.271537][ T6662] EXT4-fs (loop2): can't get journal size
[  102.278385][ T6662] EXT4-fs (loop2): 1 truncate cleaned up
[  102.286929][ T6662] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.304794][ T6662] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1174'.
[  102.317496][ T6662] batadv2: entered promiscuous mode
[  102.322801][ T6662] batadv2: entered allmulticast mode
[  102.403156][ T6662] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.437003][ T6675] FAULT_INJECTION: forcing a failure.
[  102.437003][ T6675] name failslab, interval 1, probability 0, space 0, times 0
[  102.449847][ T6675] CPU: 1 UID: 0 PID: 6675 Comm: syz.2.1179 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  102.449883][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  102.449900][ T6675] Call Trace:
[  102.449908][ T6675]  <TASK>
[  102.449940][ T6675]  __dump_stack+0x1d/0x30
[  102.449976][ T6675]  dump_stack_lvl+0xe8/0x140
[  102.450012][ T6675]  dump_stack+0x15/0x1b
[  102.450033][ T6675]  should_fail_ex+0x265/0x280
[  102.450081][ T6675]  should_failslab+0x8c/0xb0
[  102.450226][ T6675]  kmem_cache_alloc_node_noprof+0x57/0x320
[  102.450253][ T6675]  ? __alloc_skb+0x101/0x320
[  102.450289][ T6675]  __alloc_skb+0x101/0x320
[  102.450329][ T6675]  netlink_alloc_large_skb+0xba/0xf0
[  102.450386][ T6675]  netlink_sendmsg+0x3cf/0x6b0
[  102.450446][ T6675]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.450548][ T6675]  __sock_sendmsg+0x142/0x180
[  102.450582][ T6675]  ____sys_sendmsg+0x31e/0x4e0
[  102.450612][ T6675]  ___sys_sendmsg+0x17b/0x1d0
[  102.450679][ T6675]  __x64_sys_sendmsg+0xd4/0x160
[  102.450711][ T6675]  x64_sys_call+0x2999/0x2fb0
[  102.450735][ T6675]  do_syscall_64+0xd0/0x1a0
[  102.450827][ T6675]  ? clear_bhb_loop+0x40/0x90
[  102.450852][ T6675]  ? clear_bhb_loop+0x40/0x90
[  102.450872][ T6675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.450903][ T6675] RIP: 0033:0x7f878632e969
[  102.450921][ T6675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.450943][ T6675] RSP: 002b:00007f8784997038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.450961][ T6675] RAX: ffffffffffffffda RBX: 00007f8786555fa0 RCX: 00007f878632e969
[  102.450972][ T6675] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  102.450984][ T6675] RBP: 00007f8784997090 R08: 0000000000000000 R09: 0000000000000000
[  102.451015][ T6675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.451031][ T6675] R13: 0000000000000000 R14: 00007f8786555fa0 R15: 00007ffeea9aacd8
[  102.451055][ T6675]  </TASK>
[  102.762368][ T6689] netlink: 'syz.2.1186': attribute type 27 has an invalid length.
[  102.777603][ T6689] bond1: left promiscuous mode
[  102.783868][ T6689] batadv1: left promiscuous mode
[  102.788888][ T6689] batadv1: left allmulticast mode
[  102.796744][ T6691] netlink: 'syz.0.1187': attribute type 39 has an invalid length.
[  103.112430][ T6727] netlink: 'syz.4.1203': attribute type 27 has an invalid length.
[  103.352940][ T6727] bond1: left promiscuous mode
[  103.358998][ T6735] netlink: 'syz.1.1202': attribute type 39 has an invalid length.
[  103.379665][ T6727] batadv1: left promiscuous mode
[  103.384745][ T6727] batadv1: left allmulticast mode
[  103.431995][ T6727] bond2: left promiscuous mode
[  103.566536][ T6750] loop3: detected capacity change from 0 to 128
[  103.579525][ T6750] EXT4-fs: Ignoring removed oldalloc option
[  103.620876][ T6750] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  103.640859][ T6761] pim6reg: entered allmulticast mode
[  103.647094][ T6761] pim6reg: left allmulticast mode
[  103.648852][ T6750] ext4 filesystem being mounted at /224/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.666434][ T6750] EXT4-fs error (device loop3): ext4_validate_block_bitmap:423: comm syz.3.1209: bg 0: bad block bitmap checksum
[  103.702966][ T3315] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  103.771602][ T6767] FAULT_INJECTION: forcing a failure.
[  103.771602][ T6767] name failslab, interval 1, probability 0, space 0, times 0
[  103.784342][ T6767] CPU: 1 UID: 0 PID: 6767 Comm: syz.3.1215 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  103.784374][ T6767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  103.784400][ T6767] Call Trace:
[  103.784406][ T6767]  <TASK>
[  103.784414][ T6767]  __dump_stack+0x1d/0x30
[  103.784439][ T6767]  dump_stack_lvl+0xe8/0x140
[  103.784481][ T6767]  dump_stack+0x15/0x1b
[  103.784573][ T6767]  should_fail_ex+0x265/0x280
[  103.784606][ T6767]  should_failslab+0x8c/0xb0
[  103.784637][ T6767]  kmem_cache_alloc_node_noprof+0x57/0x320
[  103.784741][ T6767]  ? __alloc_skb+0x101/0x320
[  103.784781][ T6767]  __alloc_skb+0x101/0x320
[  103.784910][ T6767]  netlink_alloc_large_skb+0xba/0xf0
[  103.784991][ T6767]  netlink_sendmsg+0x3cf/0x6b0
[  103.785061][ T6767]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.785087][ T6767]  __sock_sendmsg+0x142/0x180
[  103.785165][ T6767]  ____sys_sendmsg+0x31e/0x4e0
[  103.785195][ T6767]  ___sys_sendmsg+0x17b/0x1d0
[  103.785242][ T6767]  __x64_sys_sendmsg+0xd4/0x160
[  103.785269][ T6767]  x64_sys_call+0x2999/0x2fb0
[  103.785289][ T6767]  do_syscall_64+0xd0/0x1a0
[  103.785317][ T6767]  ? clear_bhb_loop+0x40/0x90
[  103.785344][ T6767]  ? clear_bhb_loop+0x40/0x90
[  103.785380][ T6767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.785404][ T6767] RIP: 0033:0x7f27f5c6e969
[  103.785422][ T6767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.785440][ T6767] RSP: 002b:00007f27f42d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.785490][ T6767] RAX: ffffffffffffffda RBX: 00007f27f5e95fa0 RCX: 00007f27f5c6e969
[  103.785504][ T6767] RDX: 0000000000000004 RSI: 00002000000002c0 RDI: 0000000000000003
[  103.785518][ T6767] RBP: 00007f27f42d7090 R08: 0000000000000000 R09: 0000000000000000
[  103.785532][ T6767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.785546][ T6767] R13: 0000000000000000 R14: 00007f27f5e95fa0 R15: 00007ffcd1104988
[  103.785568][ T6767]  </TASK>
[  103.790174][ T6768] loop2: detected capacity change from 0 to 128
[  104.229776][ T6799] loop4: detected capacity change from 0 to 512
[  104.236879][ T6799] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  104.456307][ T6805] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1233'.
[  104.469626][ T6805] random: crng reseeded on system resumption
[  104.608343][ T6799] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.621416][ T6799] ext4 filesystem being mounted at /224/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.746713][ T6799] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  104.804339][ T6799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.846732][ T6814] loop2: detected capacity change from 0 to 4096
[  104.865764][ T6814] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.895370][ T6814] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1236'.
[  105.010333][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.043218][ T6840] bond1: (slave batadv1): Releasing active interface
[  105.060256][ T6840] loop2: detected capacity change from 0 to 1024
[  105.067106][ T6840] EXT4-fs: Ignoring removed bh option
[  105.100247][ T6840] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  105.152418][   T29] kauditd_printk_skb: 139 callbacks suppressed
[  105.152464][   T29] audit: type=1326 audit(1747239734.798:6932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.182197][   T29] audit: type=1326 audit(1747239734.808:6933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.205991][   T29] audit: type=1326 audit(1747239734.808:6934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.229832][   T29] audit: type=1326 audit(1747239734.808:6935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.253275][   T29] audit: type=1326 audit(1747239734.808:6936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.276864][   T29] audit: type=1326 audit(1747239734.808:6937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.300195][   T29] audit: type=1326 audit(1747239734.808:6938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6854 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f27f5ca1225 code=0x7ffc0000
[  105.323798][   T29] audit: type=1326 audit(1747239734.808:6939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.347339][   T29] audit: type=1326 audit(1747239734.808:6940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.428252][   T29] audit: type=1326 audit(1747239734.838:6941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6845 comm="syz.3.1250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  105.739503][ T6877] netlink: 'syz.0.1258': attribute type 1 has an invalid length.
[  105.747721][ T6877] __nla_validate_parse: 2 callbacks suppressed
[  105.747738][ T6877] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1258'.
[  105.778188][ T6877] batadv2: entered promiscuous mode
[  105.783679][ T6877] batadv2: entered allmulticast mode
[  105.894448][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  105.971245][ T6900] loop3: detected capacity change from 0 to 256
[  106.090909][ T6916] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1272'.
[  106.100697][ T6916] bond2: (slave batadv1): Releasing active interface
[  106.843883][ T6926] loop3: detected capacity change from 0 to 128
[  106.916756][ T6932] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1278'.
[  107.159917][ T6947] netlink: 'syz.0.1284': attribute type 1 has an invalid length.
[  107.168657][ T6947] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1284'.
[  107.185359][ T6947] batadv2: entered promiscuous mode
[  107.190644][ T6947] batadv2: entered allmulticast mode
[  107.557502][ T6972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1292'.
[  107.577138][ T6972] bond1: (slave batadv1): Releasing active interface
[  107.585184][ T6972] bond3: (slave batadv2): Releasing active interface
[  107.769556][ T6991] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1299'.
[  107.783140][ T6991] random: crng reseeded on system resumption
[  107.940214][ T6994] loop3: detected capacity change from 0 to 512
[  107.954486][ T6994] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.967173][ T6994] ext4 filesystem being mounted at /241/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  107.978197][ T6994] FAULT_INJECTION: forcing a failure.
[  107.978197][ T6994] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.991317][ T6994] CPU: 1 UID: 0 PID: 6994 Comm: syz.3.1300 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  107.991344][ T6994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  107.991356][ T6994] Call Trace:
[  107.991364][ T6994]  <TASK>
[  107.991372][ T6994]  __dump_stack+0x1d/0x30
[  107.991431][ T6994]  dump_stack_lvl+0xe8/0x140
[  107.991448][ T6994]  dump_stack+0x15/0x1b
[  107.991475][ T6994]  should_fail_ex+0x265/0x280
[  107.991505][ T6994]  should_fail+0xb/0x20
[  107.991532][ T6994]  should_fail_usercopy+0x1a/0x20
[  107.991549][ T6994]  strncpy_from_user+0x25/0x230
[  107.991625][ T6994]  ? kmem_cache_alloc_noprof+0x186/0x310
[  107.991642][ T6994]  ? getname_flags+0x80/0x3b0
[  107.991672][ T6994]  getname_flags+0xae/0x3b0
[  107.991757][ T6994]  __se_sys_quotactl+0x16a/0x670
[  107.991774][ T6994]  ? fput+0x8f/0xc0
[  107.991791][ T6994]  __x64_sys_quotactl+0x55/0x70
[  107.991808][ T6994]  x64_sys_call+0x2886/0x2fb0
[  107.991826][ T6994]  do_syscall_64+0xd0/0x1a0
[  107.991878][ T6994]  ? clear_bhb_loop+0x40/0x90
[  107.991896][ T6994]  ? clear_bhb_loop+0x40/0x90
[  107.991915][ T6994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.991933][ T6994] RIP: 0033:0x7f27f5c6e969
[  107.991951][ T6994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.991966][ T6994] RSP: 002b:00007f27f42d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  107.991987][ T6994] RAX: ffffffffffffffda RBX: 00007f27f5e95fa0 RCX: 00007f27f5c6e969
[  107.992002][ T6994] RDX: 0000000000000000 RSI: 0000200000000340 RDI: ffffffff80000800
[  107.992062][ T6994] RBP: 00007f27f42d7090 R08: 0000000000000000 R09: 0000000000000000
[  107.992074][ T6994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.992156][ T6994] R13: 0000000000000000 R14: 00007f27f5e95fa0 R15: 00007ffcd1104988
[  107.992204][ T6994]  </TASK>
[  108.189387][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.273397][ T7002] loop4: detected capacity change from 0 to 2048
[  108.333300][ T7002] Alternate GPT is invalid, using primary GPT.
[  108.339659][ T7002]  loop4: p1 p2 p3
[  108.497835][ T7028] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1316'.
[  108.498536][ T7026] loop2: detected capacity change from 0 to 2048
[  108.518508][ T7028] random: crng reseeded on system resumption
[  108.533093][ T7030] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1317'.
[  108.583456][ T7026] Alternate GPT is invalid, using primary GPT.
[  108.589759][ T7026]  loop2: p1 p2 p3
[  108.653421][ T7040] FAULT_INJECTION: forcing a failure.
[  108.653421][ T7040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.666726][ T7040] CPU: 1 UID: 0 PID: 7040 Comm: syz.2.1321 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  108.666760][ T7040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  108.666772][ T7040] Call Trace:
[  108.666777][ T7040]  <TASK>
[  108.666784][ T7040]  __dump_stack+0x1d/0x30
[  108.666809][ T7040]  dump_stack_lvl+0xe8/0x140
[  108.666827][ T7040]  dump_stack+0x15/0x1b
[  108.666842][ T7040]  should_fail_ex+0x265/0x280
[  108.666949][ T7040]  should_fail+0xb/0x20
[  108.666978][ T7040]  should_fail_usercopy+0x1a/0x20
[  108.667004][ T7040]  _copy_to_user+0x20/0xa0
[  108.667096][ T7040]  simple_read_from_buffer+0xb5/0x130
[  108.667191][ T7040]  proc_fail_nth_read+0x100/0x140
[  108.667227][ T7040]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  108.667318][ T7040]  vfs_read+0x19d/0x6f0
[  108.667349][ T7040]  ? __rcu_read_unlock+0x4f/0x70
[  108.667385][ T7040]  ? __fget_files+0x184/0x1c0
[  108.667442][ T7040]  ksys_read+0xda/0x1a0
[  108.667479][ T7040]  __x64_sys_read+0x40/0x50
[  108.667555][ T7040]  x64_sys_call+0x2d77/0x2fb0
[  108.667580][ T7040]  do_syscall_64+0xd0/0x1a0
[  108.667608][ T7040]  ? clear_bhb_loop+0x40/0x90
[  108.667635][ T7040]  ? clear_bhb_loop+0x40/0x90
[  108.667731][ T7040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.667759][ T7040] RIP: 0033:0x7f878632d37c
[  108.667838][ T7040] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  108.667859][ T7040] RSP: 002b:00007f8784997030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  108.667880][ T7040] RAX: ffffffffffffffda RBX: 00007f8786555fa0 RCX: 00007f878632d37c
[  108.667935][ T7040] RDX: 000000000000000f RSI: 00007f87849970a0 RDI: 0000000000000004
[  108.667956][ T7040] RBP: 00007f8784997090 R08: 0000000000000000 R09: 0000000000000000
[  108.667970][ T7040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.667986][ T7040] R13: 0000000000000000 R14: 00007f8786555fa0 R15: 00007ffeea9aacd8
[  108.668089][ T7040]  </TASK>
[  108.958714][ T7052] pim6reg: entered allmulticast mode
[  108.964781][ T7052] pim6reg: left allmulticast mode
[  109.078105][ T7061] loop3: detected capacity change from 0 to 2048
[  109.096093][ T7063] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1330'.
[  109.106545][ T7061] Alternate GPT is invalid, using primary GPT.
[  109.113109][ T7061]  loop3: p1 p2 p3
[  109.119082][ T7063] random: crng reseeded on system resumption
[  109.260135][ T7084] netlink: 'syz.1.1340': attribute type 27 has an invalid length.
[  109.299860][ T7088] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1343'.
[  109.457445][ T7111] random: crng reseeded on system resumption
[  109.570164][ T7130] loop2: detected capacity change from 0 to 1024
[  109.577027][ T7130] EXT4-fs: Ignoring removed bh option
[  109.594552][ T7130] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  109.649751][ T7139] netlink: 'syz.0.1362': attribute type 39 has an invalid length.
[  109.652190][ T7137] tipc: Started in network mode
[  109.662723][ T7137] tipc: Node identity 9a6203f5e8e8, cluster identity 4711
[  109.670068][ T7137] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  109.911681][ T7136] tipc: Resetting bearer <eth:syzkaller0>
[  109.926207][ T7136] tipc: Disabling bearer <eth:syzkaller0>
[  110.178919][ T7168] netlink: 'syz.3.1374': attribute type 27 has an invalid length.
[  110.187187][ T7168] lo: left promiscuous mode
[  110.191785][ T7168] lo: left allmulticast mode
[  110.197268][ T7168] bond1: left promiscuous mode
[  110.421493][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  110.471254][   T29] kauditd_printk_skb: 530 callbacks suppressed
[  110.471272][   T29] audit: type=1326 audit(1747239740.118:7472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.529498][   T29] audit: type=1326 audit(1747239740.148:7473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.553291][   T29] audit: type=1326 audit(1747239740.148:7474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.577947][   T29] audit: type=1326 audit(1747239740.168:7475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.601394][   T29] audit: type=1326 audit(1747239740.168:7476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.624876][   T29] audit: type=1326 audit(1747239740.168:7477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.648483][   T29] audit: type=1326 audit(1747239740.168:7478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.671998][   T29] audit: type=1326 audit(1747239740.168:7479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.696642][   T29] audit: type=1326 audit(1747239740.168:7480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.720935][   T29] audit: type=1326 audit(1747239740.168:7481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7174 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  110.767715][ T7179] __nla_validate_parse: 5 callbacks suppressed
[  110.767737][ T7179] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1379'.
[  110.946350][ T7198] loop4: detected capacity change from 0 to 512
[  110.975373][ T7198] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  111.012646][ T7198] EXT4-fs (loop4): invalid journal inode
[  111.024761][ T7198] EXT4-fs (loop4): can't get journal size
[  111.043628][ T7198] EXT4-fs (loop4): 1 truncate cleaned up
[  111.058907][ T7198] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.094299][ T7198] netlink: 'syz.4.1388': attribute type 1 has an invalid length.
[  111.102448][ T7198] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1388'.
[  111.121549][ T7198] batadv2: entered promiscuous mode
[  111.126919][ T7198] batadv2: entered allmulticast mode
[  111.139626][ T7207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1392'.
[  111.253639][ T7198] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.417248][ T7219] netlink: 'syz.3.1398': attribute type 27 has an invalid length.
[  111.921522][ T7232] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1403'.
[  112.391653][ T7244] pim6reg: entered allmulticast mode
[  112.434681][ T7247] pim6reg: left allmulticast mode
[  112.530051][ T7256] netlink: 'syz.3.1411': attribute type 27 has an invalid length.
[  112.567177][ T7258] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1412'.
[  112.826102][ T7269] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1417'.
[  112.845422][ T7269] random: crng reseeded on system resumption
[  113.205404][ T7282] pim6reg: entered allmulticast mode
[  113.276297][ T7282] pim6reg: left allmulticast mode
[  113.526229][ T7288] netlink: 'syz.4.1424': attribute type 27 has an invalid length.
[  113.709989][ T7299] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  113.731546][ T7299] xt_hashlimit: max too large, truncated to 1048576
[  113.842099][ T7318] netlink: 'syz.0.1438': attribute type 27 has an invalid length.
[  113.859587][ T7313] pim6reg: entered allmulticast mode
[  113.865158][ T7320] pim6reg: left allmulticast mode
[  113.877768][ T7319] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  114.111430][ T7340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1447'.
[  114.134898][ T7309] tipc: Resetting bearer <eth:syzkaller0>
[  114.156745][ T7345] loop3: detected capacity change from 0 to 256
[  114.162099][ T7309] tipc: Disabling bearer <eth:syzkaller0>
[  114.176679][ T7346] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1447'.
[  114.360520][ T7370] loop4: detected capacity change from 0 to 1024
[  114.381114][ T7370] EXT4-fs: Ignoring removed i_version option
[  114.391875][ T7372] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1457'.
[  114.404774][ T7370] EXT4-fs: Ignoring removed mblk_io_submit option
[  114.417992][ T7370] EXT4-fs: Ignoring removed nobh option
[  114.423677][ T7370] EXT4-fs: Ignoring removed bh option
[  114.452603][ T7374] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1457'.
[  114.468773][ T7370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.566033][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.597935][ T7383] netlink: 'syz.4.1461': attribute type 39 has an invalid length.
[  114.636412][ T7392] hub 9-0:1.0: USB hub found
[  114.641242][ T7392] hub 9-0:1.0: 8 ports detected
[  114.727000][ T7405] vlan2: entered allmulticast mode
[  114.732215][ T7405] bridge_slave_0: entered allmulticast mode
[  115.181999][ T7417] loop2: detected capacity change from 0 to 512
[  115.206881][ T7417] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  115.249696][ T7417] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.276944][ T7417] ext4 filesystem being mounted at /307/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.300366][ T7417] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  115.363899][ T7417] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.453227][ T7439] pim6reg: entered allmulticast mode
[  115.482553][   T29] kauditd_printk_skb: 232 callbacks suppressed
[  115.482572][   T29] audit: type=1326 audit(1747239745.128:7714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.4.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f9b212b1225 code=0x7ffc0000
[  115.512383][   T29] audit: type=1326 audit(1747239745.128:7715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.4.1464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f9b2127e969 code=0x7ffc0000
[  115.542767][ T7446] pim6reg: left allmulticast mode
[  115.654060][ T7459] netlink: 'syz.4.1490': attribute type 27 has an invalid length.
[  115.671148][ T7458] loop2: detected capacity change from 0 to 512
[  115.707271][ T7458] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  115.707921][ T7453] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.796488][ T7458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.817110][   T12] tipc: Resetting bearer <eth:syzkaller0>
[  115.853807][ T7458] ext4 filesystem being mounted at /310/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.894939][ T7458] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  115.969168][ T7452] tipc: Resetting bearer <eth:syzkaller0>
[  115.986340][ T7452] tipc: Disabling bearer <eth:syzkaller0>
[  116.026149][ T7458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.074546][   T29] audit: type=1326 audit(1747239745.728:7716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.2.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  116.152848][ T7492] netlink: 'syz.4.1504': attribute type 27 has an invalid length.
[  116.168459][   T29] audit: type=1326 audit(1747239745.758:7717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.2.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  116.192010][   T29] audit: type=1326 audit(1747239745.758:7718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.2.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  116.215445][   T29] audit: type=1326 audit(1747239745.758:7719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.2.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  116.238807][   T29] audit: type=1326 audit(1747239745.758:7720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.2.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  116.262405][   T29] audit: type=1326 audit(1747239745.758:7721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.2.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  116.285923][   T29] audit: type=1326 audit(1747239745.758:7722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.2.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  116.309690][   T29] audit: type=1326 audit(1747239745.758:7723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.2.1503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f878632e969 code=0x7ffc0000
[  116.773665][ T7515] loop2: detected capacity change from 0 to 512
[  116.783497][ T7515] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  116.785543][ T7513] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  116.863389][ T5567] tipc: Resetting bearer <eth:syzkaller0>
[  116.879291][ T7515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.892114][ T7515] ext4 filesystem being mounted at /314/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.911412][ T7520] netlink: 'syz.0.1514': attribute type 1 has an invalid length.
[  116.920676][ T7515] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  116.956298][ T7520] bond3: entered promiscuous mode
[  116.965715][ T7520] 8021q: adding VLAN 0 to HW filter on device bond3
[  116.980553][ T7520] __nla_validate_parse: 3 callbacks suppressed
[  116.980574][ T7520] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1514'.
[  116.999535][ T7515] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.028590][ T7520] batadv2: entered promiscuous mode
[  117.034001][ T7520] batadv2: entered allmulticast mode
[  117.050312][ T7520] 8021q: adding VLAN 0 to HW filter on device batadv2
[  117.062440][ T7520] bond3: (slave batadv2): making interface the new active one
[  117.071233][ T7520] bond3: (slave batadv2): Enslaving as an active interface with an up link
[  117.082838][ T7511] tipc: Resetting bearer <eth:syzkaller0>
[  117.091130][ T7528] netlink: 'syz.1.1517': attribute type 27 has an invalid length.
[  117.107405][ T7511] tipc: Disabling bearer <eth:syzkaller0>
[  117.179959][ T7540] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1522'.
[  117.317832][ T7548] loop3: detected capacity change from 0 to 512
[  117.326662][ T7548] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  117.349961][ T7547] FAULT_INJECTION: forcing a failure.
[  117.349961][ T7547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.363189][ T7547] CPU: 0 UID: 0 PID: 7547 Comm: syz.1.1521 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  117.363226][ T7547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  117.363240][ T7547] Call Trace:
[  117.363247][ T7547]  <TASK>
[  117.363254][ T7547]  __dump_stack+0x1d/0x30
[  117.363276][ T7547]  dump_stack_lvl+0xe8/0x140
[  117.363297][ T7547]  dump_stack+0x15/0x1b
[  117.363368][ T7547]  should_fail_ex+0x265/0x280
[  117.363405][ T7547]  should_fail+0xb/0x20
[  117.363444][ T7547]  should_fail_usercopy+0x1a/0x20
[  117.363547][ T7547]  _copy_to_user+0x20/0xa0
[  117.363577][ T7547]  simple_read_from_buffer+0xb5/0x130
[  117.363627][ T7547]  proc_fail_nth_read+0x100/0x140
[  117.363675][ T7547]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  117.363782][ T7547]  vfs_read+0x19d/0x6f0
[  117.363807][ T7547]  ? __rcu_read_unlock+0x4f/0x70
[  117.363850][ T7547]  ? __fget_files+0x184/0x1c0
[  117.363949][ T7547]  ksys_read+0xda/0x1a0
[  117.363982][ T7547]  __x64_sys_read+0x40/0x50
[  117.364067][ T7547]  x64_sys_call+0x2d77/0x2fb0
[  117.364165][ T7547]  do_syscall_64+0xd0/0x1a0
[  117.364188][ T7547]  ? clear_bhb_loop+0x40/0x90
[  117.364275][ T7547]  ? clear_bhb_loop+0x40/0x90
[  117.364298][ T7547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.364320][ T7547] RIP: 0033:0x7feef8a9d37c
[  117.364335][ T7547] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  117.364411][ T7547] RSP: 002b:00007feef70e6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  117.364436][ T7547] RAX: ffffffffffffffda RBX: 00007feef8cc6080 RCX: 00007feef8a9d37c
[  117.364453][ T7547] RDX: 000000000000000f RSI: 00007feef70e60a0 RDI: 0000000000000005
[  117.364467][ T7547] RBP: 00007feef70e6090 R08: 0000000000000000 R09: 0000000000000000
[  117.364478][ T7547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.364490][ T7547] R13: 0000000000000001 R14: 00007feef8cc6080 R15: 00007fff29d26058
[  117.364523][ T7547]  </TASK>
[  117.643036][ T7559] netlink: 'syz.4.1528': attribute type 27 has an invalid length.
[  117.693740][ T7548] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.710461][ T7548] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.756892][ T7568] FAULT_INJECTION: forcing a failure.
[  117.756892][ T7568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.767667][ T7548] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  117.770068][ T7568] CPU: 0 UID: 0 PID: 7568 Comm: syz.4.1532 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  117.770108][ T7568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  117.770142][ T7568] Call Trace:
[  117.770151][ T7568]  <TASK>
[  117.770171][ T7568]  __dump_stack+0x1d/0x30
[  117.770200][ T7568]  dump_stack_lvl+0xe8/0x140
[  117.770371][ T7568]  dump_stack+0x15/0x1b
[  117.770394][ T7568]  should_fail_ex+0x265/0x280
[  117.770439][ T7568]  should_fail+0xb/0x20
[  117.770489][ T7568]  should_fail_usercopy+0x1a/0x20
[  117.770516][ T7568]  _copy_from_user+0x1c/0xb0
[  117.770547][ T7568]  io_openat2_prep+0xc0/0x310
[  117.770746][ T7568]  io_submit_sqes+0x5ce/0x1000
[  117.770798][ T7568]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  117.770862][ T7568]  ? __rcu_read_unlock+0x4f/0x70
[  117.770893][ T7568]  ? get_pid_task+0x96/0xd0
[  117.770922][ T7568]  ? proc_fail_nth_write+0x12d/0x160
[  117.771035][ T7568]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  117.771119][ T7568]  ? vfs_write+0x75e/0x8d0
[  117.771154][ T7568]  ? __rcu_read_unlock+0x4f/0x70
[  117.771254][ T7568]  ? __fget_files+0x184/0x1c0
[  117.771374][ T7568]  ? fput+0x8f/0xc0
[  117.771400][ T7568]  __x64_sys_io_uring_enter+0x78/0x90
[  117.771502][ T7568]  x64_sys_call+0x28c8/0x2fb0
[  117.771532][ T7568]  do_syscall_64+0xd0/0x1a0
[  117.771575][ T7568]  ? clear_bhb_loop+0x40/0x90
[  117.771606][ T7568]  ? clear_bhb_loop+0x40/0x90
[  117.771635][ T7568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.771695][ T7568] RIP: 0033:0x7f9b2127e969
[  117.771715][ T7568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.771740][ T7568] RSP: 002b:00007f9b1f8e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  117.771764][ T7568] RAX: ffffffffffffffda RBX: 00007f9b214a5fa0 RCX: 00007f9b2127e969
[  117.771781][ T7568] RDX: 0000000000000000 RSI: 00000000000047f6 RDI: 0000000000000003
[  117.771799][ T7568] RBP: 00007f9b1f8e7090 R08: 0000000000000000 R09: 0000000000000000
[  117.771836][ T7568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.771852][ T7568] R13: 0000000000000000 R14: 00007f9b214a5fa0 R15: 00007ffedcf55f78
[  117.771877][ T7568]  </TASK>
[  117.775069][ T7565] ALSA: seq fatal error: cannot create timer (-19)
[  118.064602][ T7548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.125766][ T7575] tipc: Started in network mode
[  118.130720][ T7575] tipc: Node identity 7e872d2d3666, cluster identity 4711
[  118.138228][ T7575] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  118.173005][ T7590] netlink: 'syz.2.1542': attribute type 27 has an invalid length.
[  118.241201][ T7587] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  118.252186][ T7600] loop2: detected capacity change from 0 to 128
[  118.255002][ T7587] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  118.354778][ T7607] FAULT_INJECTION: forcing a failure.
[  118.354778][ T7607] name failslab, interval 1, probability 0, space 0, times 0
[  118.367619][ T7607] CPU: 1 UID: 0 PID: 7607 Comm: syz.3.1550 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  118.367655][ T7607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  118.367673][ T7607] Call Trace:
[  118.367746][ T7607]  <TASK>
[  118.367753][ T7607]  __dump_stack+0x1d/0x30
[  118.367779][ T7607]  dump_stack_lvl+0xe8/0x140
[  118.367803][ T7607]  dump_stack+0x15/0x1b
[  118.367824][ T7607]  should_fail_ex+0x265/0x280
[  118.367896][ T7607]  should_failslab+0x8c/0xb0
[  118.367934][ T7607]  kmem_cache_alloc_node_noprof+0x57/0x320
[  118.368035][ T7607]  ? __alloc_skb+0x101/0x320
[  118.368087][ T7607]  __alloc_skb+0x101/0x320
[  118.368143][ T7607]  netlink_alloc_large_skb+0xba/0xf0
[  118.368180][ T7607]  netlink_sendmsg+0x3cf/0x6b0
[  118.368207][ T7607]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.368231][ T7607]  __sock_sendmsg+0x142/0x180
[  118.368335][ T7607]  ____sys_sendmsg+0x345/0x4e0
[  118.368364][ T7607]  ___sys_sendmsg+0x17b/0x1d0
[  118.368444][ T7607]  __sys_sendmmsg+0x178/0x300
[  118.368484][ T7607]  __x64_sys_sendmmsg+0x57/0x70
[  118.368512][ T7607]  x64_sys_call+0x2f2f/0x2fb0
[  118.368533][ T7607]  do_syscall_64+0xd0/0x1a0
[  118.368631][ T7607]  ? clear_bhb_loop+0x40/0x90
[  118.368723][ T7607]  ? clear_bhb_loop+0x40/0x90
[  118.368747][ T7607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.368834][ T7607] RIP: 0033:0x7f27f5c6e969
[  118.368851][ T7607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.368870][ T7607] RSP: 002b:00007f27f42d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  118.368888][ T7607] RAX: ffffffffffffffda RBX: 00007f27f5e95fa0 RCX: 00007f27f5c6e969
[  118.368901][ T7607] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000003
[  118.368917][ T7607] RBP: 00007f27f42d7090 R08: 0000000000000000 R09: 0000000000000000
[  118.368980][ T7607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.368996][ T7607] R13: 0000000000000000 R14: 00007f27f5e95fa0 R15: 00007ffcd1104988
[  118.369017][ T7607]  </TASK>
[  118.606403][ T7573] tipc: Resetting bearer <eth:syzkaller0>
[  118.621504][ T7573] tipc: Disabling bearer <eth:syzkaller0>
[  118.632448][ T7615] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1552'.
[  118.674604][ T7615] random: crng reseeded on system resumption
[  118.955050][ T7621] netlink: 'syz.4.1554': attribute type 27 has an invalid length.
[  119.131385][ T7624] loop3: detected capacity change from 0 to 512
[  119.236050][ T7631] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1556'.
[  119.256266][ T7624] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  119.265330][ T7624] EXT4-fs (loop3): invalid journal inode
[  119.271192][ T7624] EXT4-fs (loop3): can't get journal size
[  119.297548][ T7624] EXT4-fs (loop3): 1 truncate cleaned up
[  119.310656][ T7624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.366324][ T7624] netlink: 'syz.3.1555': attribute type 1 has an invalid length.
[  119.413646][ T7624] bond2: entered promiscuous mode
[  119.419051][ T7624] 8021q: adding VLAN 0 to HW filter on device bond2
[  119.419248][ T7650] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1555'.
[  119.435051][ T7641] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  119.453166][ T7650] batadv1: entered promiscuous mode
[  119.458454][ T7650] batadv1: entered allmulticast mode
[  119.464892][ T7650] 8021q: adding VLAN 0 to HW filter on device batadv1
[  119.475553][ T7650] bond2: (slave batadv1): making interface the new active one
[  119.483892][ T7650] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  119.512688][ T7624] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.548302][ T7656] netlink: 'syz.3.1567': attribute type 27 has an invalid length.
[  119.560533][ T7656] bond2: left promiscuous mode
[  119.566057][ T7656] batadv1: left promiscuous mode
[  119.571084][ T7656] batadv1: left allmulticast mode
[  119.605744][ T7659] loop2: detected capacity change from 0 to 128
[  119.624440][ T7662] macsec1: entered allmulticast mode
[  119.629967][ T7662] veth1_macvtap: entered allmulticast mode
[  119.735060][ T7640] tipc: Resetting bearer <eth:syzkaller0>
[  119.757011][ T7640] tipc: Disabling bearer <eth:syzkaller0>
[  119.901613][ T7679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.910512][ T7679] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  119.980204][ T7687] netlink: 'syz.0.1579': attribute type 4 has an invalid length.
[  120.282303][ T7697] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  120.426982][   T37] tipc: Resetting bearer <eth:syzkaller0>
[  120.499458][ T7710] netlink: 'syz.1.1587': attribute type 1 has an invalid length.
[  120.538444][ T7696] tipc: Resetting bearer <eth:syzkaller0>
[  120.556944][ T7696] tipc: Disabling bearer <eth:syzkaller0>
[  120.571410][ T7710] bond4: entered promiscuous mode
[  120.576791][ T7710] 8021q: adding VLAN 0 to HW filter on device bond4
[  120.584960][ T7715] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1587'.
[  120.654788][ T7715] batadv3: entered promiscuous mode
[  120.660151][ T7715] batadv3: entered allmulticast mode
[  120.679848][ T7715] 8021q: adding VLAN 0 to HW filter on device batadv3
[  120.688776][ T7715] bond4: (slave batadv3): making interface the new active one
[  120.698920][ T7731] FAULT_INJECTION: forcing a failure.
[  120.698920][ T7731] name failslab, interval 1, probability 0, space 0, times 0
[  120.700196][ T7715] bond4: (slave batadv3): Enslaving as an active interface with an up link
[  120.711802][ T7731] CPU: 0 UID: 0 PID: 7731 Comm: syz.0.1593 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  120.711919][ T7731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  120.711937][ T7731] Call Trace:
[  120.711947][ T7731]  <TASK>
[  120.711958][ T7731]  __dump_stack+0x1d/0x30
[  120.712003][ T7731]  dump_stack_lvl+0xe8/0x140
[  120.712030][ T7731]  dump_stack+0x15/0x1b
[  120.712052][ T7731]  should_fail_ex+0x265/0x280
[  120.712110][ T7731]  should_failslab+0x8c/0xb0
[  120.712151][ T7731]  kmem_cache_alloc_node_noprof+0x57/0x320
[  120.712181][ T7731]  ? __alloc_skb+0x101/0x320
[  120.712312][ T7731]  __alloc_skb+0x101/0x320
[  120.712382][ T7731]  netlink_alloc_large_skb+0xba/0xf0
[  120.712505][ T7731]  netlink_sendmsg+0x3cf/0x6b0
[  120.712535][ T7731]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.712564][ T7731]  __sock_sendmsg+0x142/0x180
[  120.712592][ T7731]  ____sys_sendmsg+0x31e/0x4e0
[  120.712646][ T7731]  ___sys_sendmsg+0x17b/0x1d0
[  120.712693][ T7731]  __x64_sys_sendmsg+0xd4/0x160
[  120.712795][ T7731]  x64_sys_call+0x2999/0x2fb0
[  120.712826][ T7731]  do_syscall_64+0xd0/0x1a0
[  120.712876][ T7731]  ? clear_bhb_loop+0x40/0x90
[  120.712906][ T7731]  ? clear_bhb_loop+0x40/0x90
[  120.713015][ T7731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.713044][ T7731] RIP: 0033:0x7f60446fe969
[  120.713073][ T7731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.713142][ T7731] RSP: 002b:00007f6042d67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  120.713173][ T7731] RAX: ffffffffffffffda RBX: 00007f6044925fa0 RCX: 00007f60446fe969
[  120.713191][ T7731] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  120.713208][ T7731] RBP: 00007f6042d67090 R08: 0000000000000000 R09: 0000000000000000
[  120.713269][ T7731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.713287][ T7731] R13: 0000000000000000 R14: 00007f6044925fa0 R15: 00007ffeb1f05d68
[  120.713315][ T7731]  </TASK>
[  120.756599][ T7735] FAULT_INJECTION: forcing a failure.
[  120.756599][ T7735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.935105][ T7735] CPU: 0 UID: 0 PID: 7735 Comm: syz.2.1596 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  120.935206][ T7735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  120.935217][ T7735] Call Trace:
[  120.935240][ T7735]  <TASK>
[  120.935302][ T7735]  __dump_stack+0x1d/0x30
[  120.935323][ T7735]  dump_stack_lvl+0xe8/0x140
[  120.935340][ T7735]  dump_stack+0x15/0x1b
[  120.935391][ T7735]  should_fail_ex+0x265/0x280
[  120.935432][ T7735]  should_fail+0xb/0x20
[  120.935459][ T7735]  should_fail_usercopy+0x1a/0x20
[  120.935477][ T7735]  _copy_to_user+0x20/0xa0
[  120.935500][ T7735]  simple_read_from_buffer+0xb5/0x130
[  120.935524][ T7735]  proc_fail_nth_read+0x100/0x140
[  120.935548][ T7735]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  120.935613][ T7735]  vfs_read+0x19d/0x6f0
[  120.935635][ T7735]  ? __rcu_read_unlock+0x4f/0x70
[  120.935655][ T7735]  ? __fget_files+0x184/0x1c0
[  120.935698][ T7735]  ksys_read+0xda/0x1a0
[  120.935722][ T7735]  __x64_sys_read+0x40/0x50
[  120.935745][ T7735]  x64_sys_call+0x2d77/0x2fb0
[  120.935801][ T7735]  do_syscall_64+0xd0/0x1a0
[  120.935823][ T7735]  ? clear_bhb_loop+0x40/0x90
[  120.935842][ T7735]  ? clear_bhb_loop+0x40/0x90
[  120.935861][ T7735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.935939][ T7735] RIP: 0033:0x7f878632d37c
[  120.935952][ T7735] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  120.935968][ T7735] RSP: 002b:00007f8784997030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  120.935985][ T7735] RAX: ffffffffffffffda RBX: 00007f8786555fa0 RCX: 00007f878632d37c
[  120.935996][ T7735] RDX: 000000000000000f RSI: 00007f87849970a0 RDI: 0000000000000004
[  120.936040][ T7735] RBP: 00007f8784997090 R08: 0000000000000000 R09: 0000000000000000
[  120.936050][ T7735] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  120.936131][ T7735] R13: 0000000000000000 R14: 00007f8786555fa0 R15: 00007ffeea9aacd8
[  120.936149][ T7735]  </TASK>
[  121.144961][ T7733] vlan2: entered allmulticast mode
[  121.150129][ T7733] bridge_slave_0: entered allmulticast mode
[  121.178312][ T7738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  121.208956][ T7738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  121.222395][   T29] kauditd_printk_skb: 396 callbacks suppressed
[  121.222413][   T29] audit: type=1326 audit(1747239750.868:8120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.291010][   T29] audit: type=1326 audit(1747239750.908:8121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.314618][   T29] audit: type=1326 audit(1747239750.908:8122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.328692][ T7749] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  121.338145][   T29] audit: type=1326 audit(1747239750.908:8123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.338184][   T29] audit: type=1326 audit(1747239750.908:8124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.392042][   T29] audit: type=1326 audit(1747239750.908:8125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.415531][   T29] audit: type=1326 audit(1747239750.908:8126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.439150][   T29] audit: type=1326 audit(1747239750.908:8127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.462694][   T29] audit: type=1326 audit(1747239750.908:8128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.486354][   T29] audit: type=1326 audit(1747239750.908:8129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7743 comm="syz.3.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  121.507842][ T7759] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1607'.
[  121.514258][ T7761] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1605'.
[  121.529220][   T37] tipc: Resetting bearer <eth:syzkaller0>
[  121.589787][ T7748] tipc: Resetting bearer <eth:syzkaller0>
[  121.604293][ T7748] tipc: Disabling bearer <eth:syzkaller0>
[  121.611311][ T7764] SELinux: syz.0.1608 (7764) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  121.648689][ T7766] netlink: 'syz.0.1609': attribute type 1 has an invalid length.
[  121.673048][ T7766] bond4: entered promiscuous mode
[  121.678500][ T7766] 8021q: adding VLAN 0 to HW filter on device bond4
[  121.702985][ T7766] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1609'.
[  121.705850][ T7771] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1611'.
[  121.718745][ T7766] batadv3: entered promiscuous mode
[  121.726154][ T7766] batadv3: entered allmulticast mode
[  121.741007][ T7766] 8021q: adding VLAN 0 to HW filter on device batadv3
[  121.751197][ T7766] bond4: (slave batadv3): making interface the new active one
[  121.763398][ T7766] bond4: (slave batadv3): Enslaving as an active interface with an up link
[  122.136567][ T7795] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1620'.
[  122.160471][ T7795] random: crng reseeded on system resumption
[  122.161303][ T7797] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  122.335206][ T7807] ALSA: seq fatal error: cannot create timer (-19)
[  122.346040][ T7807] loop2: detected capacity change from 0 to 1024
[  122.352810][ T7807] EXT4-fs: Ignoring removed nobh option
[  122.358638][ T7807] EXT4-fs: Ignoring removed bh option
[  122.374626][ T7807] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.409738][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.419626][ T7796] tipc: Resetting bearer <eth:syzkaller0>
[  122.435297][ T7796] tipc: Disabling bearer <eth:syzkaller0>
[  122.505093][ T7820] loop2: detected capacity change from 0 to 512
[  122.511962][ T7820] EXT4-fs: Ignoring removed bh option
[  122.520862][ T7820] EXT4-fs: Ignoring removed oldalloc option
[  122.528404][ T7820] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1628: Parent and EA inode have the same ino 15
[  122.544158][ T7820] EXT4-fs (loop2): Remounting filesystem read-only
[  122.550922][ T7820] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  122.563986][ T7820] EXT4-fs warning (device loop2): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  122.574360][ T7820] EXT4-fs (loop2): 1 orphan inode deleted
[  122.580853][ T7820] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.589617][ T7824] pim6reg: entered allmulticast mode
[  122.607482][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.608209][ T7824] pim6reg: left allmulticast mode
[  122.640721][ T7828] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1632'.
[  122.653511][ T7828] random: crng reseeded on system resumption
[  122.786618][ T7843] netlink: 'syz.4.1639': attribute type 1 has an invalid length.
[  122.817858][ T7843] bond3: entered promiscuous mode
[  122.823852][ T7843] 8021q: adding VLAN 0 to HW filter on device bond3
[  122.837111][ T7857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1644'.
[  122.839083][ T7843] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1639'.
[  122.858310][ T7843] batadv2: entered promiscuous mode
[  122.863817][ T7843] batadv2: entered allmulticast mode
[  122.870787][ T7843] 8021q: adding VLAN 0 to HW filter on device batadv2
[  122.880961][ T7843] bond3: (slave batadv2): making interface the new active one
[  122.889674][ T7843] bond3: (slave batadv2): Enslaving as an active interface with an up link
[  122.931057][ T7865] loop4: detected capacity change from 0 to 256
[  122.946964][ T7867] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1647'.
[  123.005990][ T7870] loop3: detected capacity change from 0 to 256
[  123.729707][ T7898] netlink: 'syz.2.1657': attribute type 1 has an invalid length.
[  123.743515][ T7898] bond2: entered promiscuous mode
[  123.748855][ T7898] 8021q: adding VLAN 0 to HW filter on device bond2
[  123.759181][ T7898] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1657'.
[  123.772051][ T7898] batadv2: entered promiscuous mode
[  123.777388][ T7898] batadv2: entered allmulticast mode
[  123.784094][ T7898] 8021q: adding VLAN 0 to HW filter on device batadv2
[  123.792745][ T7898] bond2: (slave batadv2): making interface the new active one
[  123.801274][ T7898] bond2: (slave batadv2): Enslaving as an active interface with an up link
[  123.832309][ T7904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.840895][ T7904] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.913165][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1663'.
[  123.922833][ T7913] bond2: (slave batadv1): Releasing active interface
[  123.935147][ T7913] loop3: detected capacity change from 0 to 1024
[  123.941945][ T7913] EXT4-fs: Ignoring removed bh option
[  123.954136][ T7913] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  124.666634][ T7934] vlan2: entered allmulticast mode
[  124.759109][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  124.810566][ T7947] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.819257][ T7947] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  125.349499][ T7967] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1683'.
[  125.361787][ T7967] bond3: (slave batadv2): Releasing active interface
[  125.382025][ T7967] loop4: detected capacity change from 0 to 1024
[  125.389438][ T7967] EXT4-fs: Ignoring removed bh option
[  125.425313][ T7967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  125.441015][ T7975] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1686'.
[  125.450130][ T7975] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1686'.
[  125.497043][ T7982] vlan2: entered allmulticast mode
[  125.502267][ T7982] bridge_slave_0: entered allmulticast mode
[  125.585659][ T7985] netlink: 'syz.0.1689': attribute type 16 has an invalid length.
[  125.593735][ T7985] netlink: 'syz.0.1689': attribute type 17 has an invalid length.
[  125.601568][ T7985] netlink: 'syz.0.1689': attribute type 5 has an invalid length.
[  125.718049][ T7993] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  125.726877][ T7993] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.194562][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  126.308395][ T8007] loop4: detected capacity change from 0 to 512
[  126.337768][ T8007] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  126.389405][ T8007] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.420200][ T8007] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  126.445496][   T29] kauditd_printk_skb: 309 callbacks suppressed
[  126.445515][   T29] audit: type=1326 audit(126.466:8439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.474698][   T29] audit: type=1326 audit(126.466:8440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.497627][   T29] audit: type=1326 audit(126.466:8441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.520646][   T29] audit: type=1326 audit(126.466:8442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.543551][   T29] audit: type=1326 audit(126.466:8443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.566538][   T29] audit: type=1326 audit(126.466:8444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.589450][   T29] audit: type=1326 audit(126.466:8445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.612496][   T29] audit: type=1326 audit(126.466:8446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.635460][   T29] audit: type=1326 audit(126.466:8447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.658466][   T29] audit: type=1326 audit(126.466:8448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8016 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  126.689128][ T8007] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.739466][ T8026] netlink: 'syz.1.1707': attribute type 1 has an invalid length.
[  126.766987][ T8026] bond5: entered promiscuous mode
[  126.772385][ T8026] 8021q: adding VLAN 0 to HW filter on device bond5
[  126.781531][ T8029] bond3: (slave batadv2): Releasing active interface
[  126.792072][ T8029] bond4: (slave batadv3): Releasing active interface
[  126.799075][ T8031] loop2: detected capacity change from 0 to 1024
[  126.809683][ T8031] EXT4-fs: Ignoring removed oldalloc option
[  126.816109][ T8031] ext4: Unknown parameter 'euid<00000000000000000000'
[  126.825334][ T8026] batadv4: entered promiscuous mode
[  126.830603][ T8026] batadv4: entered allmulticast mode
[  126.836929][ T8031] loop2: detected capacity change from 0 to 2048
[  126.845556][ T8026] 8021q: adding VLAN 0 to HW filter on device batadv4
[  126.854473][ T8026] bond5: (slave batadv4): making interface the new active one
[  126.862680][ T8026] bond5: (slave batadv4): Enslaving as an active interface with an up link
[  126.866203][ T8031] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.900153][ T8035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.908946][ T8035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.153239][ T8037] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  127.171216][ T8037] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  127.183701][ T8037] EXT4-fs (loop2): This should not happen!! Data will be lost
[  127.183701][ T8037] 
[  127.193466][ T8037] EXT4-fs (loop2): Total free blocks count 0
[  127.199480][ T8037] EXT4-fs (loop2): Free/Dirty block details
[  127.205529][ T8037] EXT4-fs (loop2): free_blocks=2415919104
[  127.211278][ T8037] EXT4-fs (loop2): dirty_blocks=8224
[  127.216628][ T8037] EXT4-fs (loop2): Block reservation details
[  127.222744][ T8037] EXT4-fs (loop2): i_reserved_data_blocks=514
[  127.232225][ T8040] loop3: detected capacity change from 0 to 128
[  127.375784][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.524994][ T8057] pim6reg: entered allmulticast mode
[  127.531004][ T8057] pim6reg: left allmulticast mode
[  127.577397][ T8060] pim6reg: entered allmulticast mode
[  127.584999][ T8060] pim6reg: left allmulticast mode
[  127.651061][ T8067] __nla_validate_parse: 5 callbacks suppressed
[  127.651082][ T8067] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1723'.
[  127.714857][ T8074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  127.723451][ T8074] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.173853][ T8083] loop3: detected capacity change from 0 to 512
[  128.181147][ T8083] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  128.194693][ T8083] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.217962][ T8083] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  128.276573][ T8083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.277587][ T8089] ALSA: seq fatal error: cannot create timer (-19)
[  128.305578][ T8092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1732'.
[  128.321363][ T8092] loop3: detected capacity change from 0 to 1024
[  128.330127][ T8092] EXT4-fs: Ignoring removed bh option
[  128.365603][ T8092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  128.405406][ T8103] vlan0: entered allmulticast mode
[  128.410791][ T8103] bridge_slave_0: entered allmulticast mode
[  128.500186][ T8111] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1739'.
[  128.511600][ T8111] random: crng reseeded on system resumption
[  128.581001][ T8113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.590213][ T8113] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.658190][ T8120] ALSA: seq fatal error: cannot create timer (-19)
[  128.670059][ T8120] loop2: detected capacity change from 0 to 1024
[  128.679639][ T8120] EXT4-fs: Ignoring removed nobh option
[  128.685354][ T8120] EXT4-fs: Ignoring removed bh option
[  128.694638][ T8120] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.726590][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.769861][ T8134] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1748'.
[  128.791475][ T8134] loop2: detected capacity change from 0 to 1764
[  128.798436][ T8134] iso9660: Unknown parameter 'ov|rriderockperm'
[  129.143108][ T8147] pim6reg: entered allmulticast mode
[  129.149261][ T8147] pim6reg: left allmulticast mode
[  129.155190][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  129.197583][ T8151] netlink: 'syz.3.1754': attribute type 27 has an invalid length.
[  129.206989][ T8151] veth1_macvtap: left allmulticast mode
[  129.213492][ T8151] macsec1: left allmulticast mode
[  129.230081][ T8153] ALSA: seq fatal error: cannot create timer (-19)
[  129.273373][ T8160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1758'.
[  129.286443][ T8160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1758'.
[  129.339207][ T8173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1763'.
[  129.349999][ T8173] bond4: (slave batadv3): Releasing active interface
[  129.359965][ T8173] bond5: (slave batadv4): Releasing active interface
[  129.380968][ T8175] loop4: detected capacity change from 0 to 512
[  129.387925][ T8175] EXT4-fs: Ignoring removed oldalloc option
[  129.395801][ T8175] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1762: Parent and EA inode have the same ino 15
[  129.408751][ T8175] EXT4-fs (loop4): Remounting filesystem read-only
[  129.415475][ T8175] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  129.425701][ T8175] EXT4-fs (loop4): 1 orphan inode deleted
[  129.431847][ T8175] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.447037][ T8175] EXT4-fs (loop4): shut down requested (2)
[  129.454786][ T8175] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  129.497051][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.573545][ T8185] pim6reg: entered allmulticast mode
[  129.579543][ T8185] pim6reg: left allmulticast mode
[  129.663968][ T8189] ALSA: seq fatal error: cannot create timer (-19)
[  129.676287][ T8189] loop4: detected capacity change from 0 to 1024
[  129.691659][ T8189] EXT4-fs: Ignoring removed nobh option
[  129.697865][ T8189] EXT4-fs: Ignoring removed bh option
[  129.715861][ T8197] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1772'.
[  129.725644][ T8197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1772'.
[  129.730152][ T8200] netlink: 'syz.0.1773': attribute type 1 has an invalid length.
[  129.744679][ T8189] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.763948][ T8200] bond5: entered promiscuous mode
[  129.769323][ T8200] 8021q: adding VLAN 0 to HW filter on device bond5
[  129.778280][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.779662][ T8200] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1773'.
[  129.799737][ T8200] batadv4: entered promiscuous mode
[  129.805106][ T8200] batadv4: entered allmulticast mode
[  129.811795][ T8200] 8021q: adding VLAN 0 to HW filter on device batadv4
[  129.820336][ T8200] bond5: (slave batadv4): making interface the new active one
[  129.822974][ T8204] netlink: 'syz.2.1775': attribute type 27 has an invalid length.
[  129.829327][ T8200] bond5: (slave batadv4): Enslaving as an active interface with an up link
[  129.845141][ T8204] bond2: left promiscuous mode
[  129.851011][ T8204] batadv2: left promiscuous mode
[  129.856052][ T8204] batadv2: left allmulticast mode
[  129.931556][ T8213] FAULT_INJECTION: forcing a failure.
[  129.931556][ T8213] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.944885][ T8213] CPU: 1 UID: 0 PID: 8213 Comm: syz.0.1779 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  129.944952][ T8213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  129.944966][ T8213] Call Trace:
[  129.944973][ T8213]  <TASK>
[  129.944980][ T8213]  __dump_stack+0x1d/0x30
[  129.945035][ T8213]  dump_stack_lvl+0xe8/0x140
[  129.945060][ T8213]  dump_stack+0x15/0x1b
[  129.945081][ T8213]  should_fail_ex+0x265/0x280
[  129.945182][ T8213]  should_fail+0xb/0x20
[  129.945211][ T8213]  should_fail_usercopy+0x1a/0x20
[  129.945246][ T8213]  _copy_from_user+0x1c/0xb0
[  129.945315][ T8213]  sctp_setsockopt+0x154/0xe30
[  129.945347][ T8213]  sock_common_setsockopt+0x66/0x80
[  129.945383][ T8213]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  129.945460][ T8213]  __sys_setsockopt+0x181/0x200
[  129.945486][ T8213]  __x64_sys_setsockopt+0x64/0x80
[  129.945511][ T8213]  x64_sys_call+0x2bd5/0x2fb0
[  129.945535][ T8213]  do_syscall_64+0xd0/0x1a0
[  129.945617][ T8213]  ? clear_bhb_loop+0x40/0x90
[  129.945645][ T8213]  ? clear_bhb_loop+0x40/0x90
[  129.945711][ T8213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.945738][ T8213] RIP: 0033:0x7f60446fe969
[  129.945752][ T8213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.945769][ T8213] RSP: 002b:00007f6042d67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  129.945786][ T8213] RAX: ffffffffffffffda RBX: 00007f6044925fa0 RCX: 00007f60446fe969
[  129.945798][ T8213] RDX: 0000000000000023 RSI: 0000000000000084 RDI: 0000000000000003
[  129.945809][ T8213] RBP: 00007f6042d67090 R08: 0000000000000008 R09: 0000000000000000
[  129.945824][ T8213] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  129.945919][ T8213] R13: 0000000000000000 R14: 00007f6044925fa0 R15: 00007ffeb1f05d68
[  129.945942][ T8213]  </TASK>
[  130.220292][ T8223] x_tables: duplicate underflow at hook 1
[  130.315765][ T8232] netlink: 'syz.0.1787': attribute type 1 has an invalid length.
[  130.506274][ T8232] bond6: entered promiscuous mode
[  130.516376][ T8232] 8021q: adding VLAN 0 to HW filter on device bond6
[  130.533413][ T8239] batadv5: entered promiscuous mode
[  130.538751][ T8239] batadv5: entered allmulticast mode
[  130.545454][ T8239] 8021q: adding VLAN 0 to HW filter on device batadv5
[  130.554153][ T8239] bond6: (slave batadv5): making interface the new active one
[  130.564559][ T8239] bond6: (slave batadv5): Enslaving as an active interface with an up link
[  130.699117][ T8249] loop4: detected capacity change from 0 to 1024
[  130.710467][ T8249] EXT4-fs: Ignoring removed bh option
[  130.749600][ T8249] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  131.307711][ T8312] netlink: 'syz.0.1820': attribute type 27 has an invalid length.
[  131.323365][ T8312] bond3: left promiscuous mode
[  131.328664][ T8312] batadv2: left promiscuous mode
[  131.333664][ T8312] batadv2: left allmulticast mode
[  131.339280][ T8312] bond4: left promiscuous mode
[  131.350236][ T8312] batadv3: left promiscuous mode
[  131.355329][ T8312] batadv3: left allmulticast mode
[  131.360869][ T8312] bond5: left promiscuous mode
[  131.366882][ T8312] batadv4: left promiscuous mode
[  131.371882][ T8312] batadv4: left allmulticast mode
[  131.377852][ T8312] bond6: left promiscuous mode
[  131.382962][ T8314] netlink: 'syz.1.1821': attribute type 1 has an invalid length.
[  131.391828][ T8312] batadv5: left promiscuous mode
[  131.397017][ T8312] batadv5: left allmulticast mode
[  131.410560][ T8314] bond6: entered promiscuous mode
[  131.426349][ T8314] 8021q: adding VLAN 0 to HW filter on device bond6
[  131.465989][ T8314] batadv5: entered promiscuous mode
[  131.471254][ T8314] batadv5: entered allmulticast mode
[  131.495872][ T8314] 8021q: adding VLAN 0 to HW filter on device batadv5
[  131.514394][ T8314] bond6: (slave batadv5): making interface the new active one
[  131.527384][ T8314] bond6: (slave batadv5): Enslaving as an active interface with an up link
[  131.547288][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  131.577379][   T29] kauditd_printk_skb: 264 callbacks suppressed
[  131.577397][   T29] audit: type=1326 audit(131.606:8713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.632883][ T8328] netlink: 'syz.2.1827': attribute type 27 has an invalid length.
[  131.650060][   T29] audit: type=1326 audit(131.636:8714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.673097][   T29] audit: type=1326 audit(131.636:8715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.696110][   T29] audit: type=1326 audit(131.636:8716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.719137][   T29] audit: type=1326 audit(131.636:8717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.742114][   T29] audit: type=1326 audit(131.636:8718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.765155][   T29] audit: type=1326 audit(131.636:8719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.788293][   T29] audit: type=1326 audit(131.636:8720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.811417][   T29] audit: type=1326 audit(131.636:8721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.834489][   T29] audit: type=1326 audit(131.636:8722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8324 comm="syz.0.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f60446fe969 code=0x7ffc0000
[  131.838094][ T8337] vlan2: entered allmulticast mode
[  131.988532][ T8353] loop4: detected capacity change from 0 to 512
[  132.002915][ T8353] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  132.025902][ T8359] vlan2: entered allmulticast mode
[  132.038512][ T8353] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.057352][ T8366] random: crng reseeded on system resumption
[  132.069992][ T8353] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  132.184054][ T8353] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.213462][ T8373] vlan2: entered allmulticast mode
[  132.785958][ T8408] __nla_validate_parse: 11 callbacks suppressed
[  132.785982][ T8408] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1860'.
[  133.029818][ T8418] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1865'.
[  133.050121][ T8421] loop2: detected capacity change from 0 to 512
[  133.058209][ T8421] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  133.068988][ T8421] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[  133.077353][ T8421] EXT4-fs (loop2): orphan cleanup on readonly fs
[  133.084269][ T8421] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 361: padding at end of block bitmap is not set
[  133.098618][ T8421] EXT4-fs (loop2): Remounting filesystem read-only
[  133.102116][ T8423] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  133.106069][ T8421] EXT4-fs (loop2): 1 truncate cleaned up
[  133.138185][ T8421] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  133.150799][ T8421] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  133.199739][ T8429] vlan0: entered allmulticast mode
[  133.261456][ T8432] loop4: detected capacity change from 0 to 512
[  133.268720][ T8432] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  133.295290][ T8432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.319930][ T8437] pim6reg: entered allmulticast mode
[  133.321142][ T8432] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  133.326303][ T8437] pim6reg: left allmulticast mode
[  133.365233][ T8432] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.375023][ T8422] tipc: Resetting bearer <eth:syzkaller0>
[  133.390848][ T8422] tipc: Disabling bearer <eth:syzkaller0>
[  133.503580][ T8453] x_tables: duplicate underflow at hook 1
[  133.545015][ T8451] loop2: detected capacity change from 0 to 1024
[  133.561959][ T8451] EXT4-fs: Ignoring removed nobh option
[  133.567710][ T8451] EXT4-fs: Ignoring removed bh option
[  133.597775][ T8451] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.964548][ T8477] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1888'.
[  134.029786][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.132369][ T8483] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.141529][ T8483] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.253663][ T8490] FAULT_INJECTION: forcing a failure.
[  134.253663][ T8490] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.266865][ T8490] CPU: 0 UID: 0 PID: 8490 Comm: syz.2.1893 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  134.266934][ T8490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  134.266950][ T8490] Call Trace:
[  134.266958][ T8490]  <TASK>
[  134.266967][ T8490]  __dump_stack+0x1d/0x30
[  134.267000][ T8490]  dump_stack_lvl+0xe8/0x140
[  134.267024][ T8490]  dump_stack+0x15/0x1b
[  134.267046][ T8490]  should_fail_ex+0x265/0x280
[  134.267164][ T8490]  should_fail+0xb/0x20
[  134.267190][ T8490]  should_fail_usercopy+0x1a/0x20
[  134.267208][ T8490]  _copy_from_user+0x1c/0xb0
[  134.267230][ T8490]  ucma_write+0xd9/0x250
[  134.267373][ T8490]  ? __pfx_ucma_write+0x10/0x10
[  134.267394][ T8490]  vfs_write+0x266/0x8d0
[  134.267418][ T8490]  ? __rcu_read_unlock+0x4f/0x70
[  134.267458][ T8490]  ? __fget_files+0x184/0x1c0
[  134.267490][ T8490]  ksys_write+0xda/0x1a0
[  134.267515][ T8490]  __x64_sys_write+0x40/0x50
[  134.267538][ T8490]  x64_sys_call+0x2cdd/0x2fb0
[  134.267585][ T8490]  do_syscall_64+0xd0/0x1a0
[  134.267606][ T8490]  ? clear_bhb_loop+0x40/0x90
[  134.267625][ T8490]  ? clear_bhb_loop+0x40/0x90
[  134.267718][ T8490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.267745][ T8490] RIP: 0033:0x7f878632e969
[  134.267758][ T8490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.267774][ T8490] RSP: 002b:00007f8784997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  134.267804][ T8490] RAX: ffffffffffffffda RBX: 00007f8786555fa0 RCX: 00007f878632e969
[  134.267814][ T8490] RDX: 0000000000000020 RSI: 0000200000000200 RDI: 0000000000000006
[  134.267825][ T8490] RBP: 00007f8784997090 R08: 0000000000000000 R09: 0000000000000000
[  134.267836][ T8490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.267846][ T8490] R13: 0000000000000000 R14: 00007f8786555fa0 R15: 00007ffeea9aacd8
[  134.267867][ T8490]  </TASK>
[  134.830196][ T8504] netlink: 'syz.1.1899': attribute type 1 has an invalid length.
[  134.850046][ T8504] bond7: entered promiscuous mode
[  134.855559][ T8504] 8021q: adding VLAN 0 to HW filter on device bond7
[  134.872984][ T8504] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1899'.
[  134.890190][ T8504] batadv6: entered promiscuous mode
[  134.895640][ T8504] batadv6: entered allmulticast mode
[  134.907360][ T8504] 8021q: adding VLAN 0 to HW filter on device batadv6
[  134.916045][ T8504] bond7: (slave batadv6): making interface the new active one
[  134.924231][ T8504] bond7: (slave batadv6): Enslaving as an active interface with an up link
[  135.081884][ T8522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.272090][ T8522] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.470862][ T8532] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8532 comm=syz.2.1910
[  135.540048][ T8541] netlink: 'syz.2.1915': attribute type 1 has an invalid length.
[  135.550968][ T8538] loop4: detected capacity change from 0 to 512
[  135.562772][ T8538] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  135.570074][ T8541] bond3: entered promiscuous mode
[  135.580475][ T8541] 8021q: adding VLAN 0 to HW filter on device bond3
[  135.589626][ T8538] EXT4-fs (loop4): orphan cleanup on readonly fs
[  135.598619][ T8538] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1913: Block bitmap for bg 0 marked uninitialized
[  135.600768][ T8541] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1915'.
[  135.625742][ T8541] batadv3: entered promiscuous mode
[  135.631025][ T8541] batadv3: entered allmulticast mode
[  135.636621][ T8538] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  135.646578][ T8538] EXT4-fs (loop4): 1 orphan inode deleted
[  135.652783][ T8541] 8021q: adding VLAN 0 to HW filter on device batadv3
[  135.655800][ T8538] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  135.661379][ T8541] bond3: (slave batadv3): making interface the new active one
[  135.679977][ T8541] bond3: (slave batadv3): Enslaving as an active interface with an up link
[  135.703540][ T8538] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1913'.
[  135.794105][ T8553] netlink: 'syz.2.1919': attribute type 39 has an invalid length.
[  135.914459][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.966480][ T8567] loop3: detected capacity change from 0 to 512
[  135.990113][ T8566] ALSA: seq fatal error: cannot create timer (-19)
[  136.010231][ T8572] loop4: detected capacity change from 0 to 256
[  136.016737][ T8567] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  136.038548][ T8567] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.177610][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.196031][ T8593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.214661][ T8593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.251371][ T8599] vlan2: entered allmulticast mode
[  136.256658][ T8599] bridge_slave_0: entered allmulticast mode
[  136.328536][ T8607] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  136.368058][ T8618] x_tables: duplicate underflow at hook 1
[  136.601698][ T8604] tipc: Resetting bearer <eth:syzkaller0>
[  136.619787][ T8604] tipc: Disabling bearer <eth:syzkaller0>
[  136.742411][ T8637] netlink: 'syz.3.1952': attribute type 1 has an invalid length.
[  136.769451][ T8637] bond3: entered promiscuous mode
[  136.775001][ T8637] 8021q: adding VLAN 0 to HW filter on device bond3
[  136.786574][ T8640] netlink: 'syz.1.1953': attribute type 39 has an invalid length.
[  136.797901][ T8637] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1952'.
[  136.811598][ T8637] batadv2: entered promiscuous mode
[  136.816987][ T8637] batadv2: entered allmulticast mode
[  136.823614][ T8637] 8021q: adding VLAN 0 to HW filter on device batadv2
[  136.835263][ T8637] bond3: (slave batadv2): making interface the new active one
[  136.843598][ T8637] bond3: (slave batadv2): Enslaving as an active interface with an up link
[  136.942305][ T8657] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1961'.
[  137.009622][ T8661] loop2: detected capacity change from 0 to 512
[  137.049048][ T8661] EXT4-fs (loop2): orphan cleanup on readonly fs
[  137.065987][ T8661] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1963: bg 0: block 248: padding at end of block bitmap is not set
[  137.081089][ T8661] __quota_error: 157 callbacks suppressed
[  137.081103][ T8661] Quota error (device loop2): write_blk: dquota write failed
[  137.094343][ T8661] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  137.104646][ T8661] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1963: Failed to acquire dquot type 1
[  137.139780][ T8661] EXT4-fs (loop2): 1 truncate cleaned up
[  137.146927][ T8661] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.177546][ T8676] FAULT_INJECTION: forcing a failure.
[  137.177546][ T8676] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.190825][ T8676] CPU: 0 UID: 0 PID: 8676 Comm: syz.3.1964 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  137.190882][ T8676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  137.190895][ T8676] Call Trace:
[  137.190901][ T8676]  <TASK>
[  137.190911][ T8676]  __dump_stack+0x1d/0x30
[  137.190938][ T8676]  dump_stack_lvl+0xe8/0x140
[  137.191027][ T8676]  dump_stack+0x15/0x1b
[  137.191043][ T8676]  should_fail_ex+0x265/0x280
[  137.191086][ T8676]  should_fail+0xb/0x20
[  137.191119][ T8676]  should_fail_usercopy+0x1a/0x20
[  137.191138][ T8676]  _copy_to_user+0x20/0xa0
[  137.191281][ T8676]  copy_siginfo_to_user+0x22/0xb0
[  137.191308][ T8676]  x64_setup_rt_frame+0x2b5/0x580
[  137.191355][ T8676]  arch_do_signal_or_restart+0x26e/0x480
[  137.191406][ T8676]  syscall_exit_to_user_mode+0x68/0xb0
[  137.191435][ T8676]  do_syscall_64+0xdd/0x1a0
[  137.191544][ T8676]  ? clear_bhb_loop+0x40/0x90
[  137.191590][ T8676]  ? clear_bhb_loop+0x40/0x90
[  137.191613][ T8676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.191640][ T8676] RIP: 0033:0x7f27f5c6e967
[  137.191657][ T8676] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  137.191674][ T8676] RSP: 002b:00007f27f4295038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  137.191767][ T8676] RAX: 0000000000000000 RBX: 00007f27f5e96160 RCX: 00007f27f5c6e969
[  137.191779][ T8676] RDX: 0000000000000ff9 RSI: 00002000000013c0 RDI: 0000000000000008
[  137.191790][ T8676] RBP: 00007f27f4295090 R08: 0000000000000000 R09: 0000000000000000
[  137.191801][ T8676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.191813][ T8676] R13: 0000000000000000 R14: 00007f27f5e96160 R15: 00007ffcd1104988
[  137.191837][ T8676]  </TASK>
[  137.407923][ T8661] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  137.456868][ T8661] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  137.465635][ T8678] Quota error (device loop2): do_check_range: Getting block 1536 out of range 0-5
[  137.546851][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.610355][ T8693] loop2: detected capacity change from 0 to 512
[  137.620414][ T8693] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  137.635109][ T8693] EXT4-fs (loop2): orphan cleanup on readonly fs
[  137.641966][ T8693] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.1973: Block bitmap for bg 0 marked uninitialized
[  137.692143][ T8693] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  137.702323][ T8693] EXT4-fs (loop2): 1 orphan inode deleted
[  137.847442][ T8693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  137.871735][ T8693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1973'.
[  137.888755][ T8693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1973'.
[  138.014741][   T29] audit: type=1326 audit(137.996:8880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8697 comm="syz.4.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b2127e969 code=0x7ffc0000
[  138.037621][   T29] audit: type=1326 audit(137.996:8881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8697 comm="syz.4.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b2127e969 code=0x7ffc0000
[  138.060892][   T29] audit: type=1326 audit(138.016:8882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8697 comm="syz.4.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b2127e969 code=0x7ffc0000
[  138.083921][   T29] audit: type=1326 audit(138.016:8883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8697 comm="syz.4.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b2127e969 code=0x7ffc0000
[  138.107187][   T29] audit: type=1326 audit(138.016:8884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8697 comm="syz.4.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b2127e969 code=0x7ffc0000
[  138.130431][   T29] audit: type=1326 audit(138.016:8885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8697 comm="syz.4.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b2127e969 code=0x7ffc0000
[  138.153257][   T29] audit: type=1326 audit(138.016:8886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8697 comm="syz.4.1976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b2127e969 code=0x7ffc0000
[  138.190509][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.193588][ T8708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1977'.
[  138.251715][ T8713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1977'.
[  138.308053][ T8717] random: crng reseeded on system resumption
[  138.550177][ T8741] loop3: detected capacity change from 0 to 128
[  138.673416][ T8745] SELinux: syz.2.1993 (8745) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  138.873106][ T8752] pim6reg: entered allmulticast mode
[  139.139841][ T8756] pim6reg: left allmulticast mode
[  139.352090][ T8763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1998'.
[  139.388461][ T8765] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1999'.
[  139.494348][ T8763] bond2: (slave batadv2): Releasing active interface
[  139.530467][ T8766] loop2: detected capacity change from 0 to 1024
[  139.548242][ T8763] bond3: (slave batadv3): Releasing active interface
[  139.560939][ T8766] EXT4-fs: Ignoring removed bh option
[  139.599955][ T8766] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  139.643417][ T8775] vlan2: entered allmulticast mode
[  139.810224][ T8781] loop4: detected capacity change from 0 to 512
[  139.832508][ T8781] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  139.857361][ T8789] netlink: 'syz.3.2007': attribute type 1 has an invalid length.
[  139.879858][ T8781] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.888457][ T8789] bond4: entered promiscuous mode
[  139.899552][ T8789] 8021q: adding VLAN 0 to HW filter on device bond4
[  139.916576][ T8789] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2007'.
[  139.929270][ T8789] batadv3: entered promiscuous mode
[  139.934666][ T8789] batadv3: entered allmulticast mode
[  139.941213][ T8789] 8021q: adding VLAN 0 to HW filter on device batadv3
[  139.949797][ T8789] bond4: (slave batadv3): making interface the new active one
[  139.970298][ T8789] bond4: (slave batadv3): Enslaving as an active interface with an up link
[  140.007151][ T8781] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  140.053554][ T8781] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.091751][ T8803] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2011'.
[  140.104327][ T8804] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2012'.
[  140.148943][ T8806] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2013'.
[  140.175905][ T8814] loop4: detected capacity change from 0 to 128
[  140.219823][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  140.304974][ T8825] pim6reg: entered allmulticast mode
[  140.328357][ T8825] pim6reg: left allmulticast mode
[  140.366018][ T8832] SELinux: syz.0.2022 (8832) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  140.418079][ T8838] loop2: detected capacity change from 0 to 512
[  140.428555][ T8838] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  140.444435][ T8838] EXT4-fs (loop2): orphan cleanup on readonly fs
[  140.451208][ T8838] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.2028: Block bitmap for bg 0 marked uninitialized
[  140.469860][ T8838] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  140.479699][ T8838] EXT4-fs (loop2): 1 orphan inode deleted
[  140.491281][ T8838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  140.541602][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.735238][ T8860] vlan2: entered allmulticast mode
[  140.768466][ T8864] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  140.983270][ T8879] random: crng reseeded on system resumption
[  141.106412][ T8884] netlink: 'syz.3.2047': attribute type 1 has an invalid length.
[  141.130310][ T8884] bond5: entered promiscuous mode
[  141.140798][ T8884] 8021q: adding VLAN 0 to HW filter on device bond5
[  141.153604][ T8884] batadv4: entered promiscuous mode
[  141.158879][ T8884] batadv4: entered allmulticast mode
[  141.166394][ T8884] 8021q: adding VLAN 0 to HW filter on device batadv4
[  141.174955][ T8884] bond5: (slave batadv4): making interface the new active one
[  141.184596][ T8884] bond5: (slave batadv4): Enslaving as an active interface with an up link
[  141.194881][ T8889] 0ªX¹¦À: renamed from caif0
[  141.213005][ T8889] 0ªX¹¦À: entered allmulticast mode
[  141.218280][ T8889] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  141.237903][ T8891] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  141.276831][ T8893] netlink: 'syz.3.2051': attribute type 39 has an invalid length.
[  141.301859][ T8896] loop3: detected capacity change from 0 to 256
[  141.344696][ T8898] loop2: detected capacity change from 0 to 512
[  141.351615][ T8898] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  141.362349][ T8898] EXT4-fs (loop2): orphan cleanup on readonly fs
[  141.369158][ T8898] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.2053: Block bitmap for bg 0 marked uninitialized
[  141.386218][ T8898] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  141.398899][ T8898] EXT4-fs (loop2): 1 orphan inode deleted
[  141.407038][ T8903] random: crng reseeded on system resumption
[  141.408156][ T8898] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  141.471050][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.524798][ T8909] loop2: detected capacity change from 0 to 512
[  141.532132][ T8909] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  141.542573][ T8909] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[  141.555476][ T8909] EXT4-fs (loop2): orphan cleanup on readonly fs
[  141.572365][ T8909] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 361: padding at end of block bitmap is not set
[  141.586588][ T8909] EXT4-fs (loop2): Remounting filesystem read-only
[  141.597952][ T8909] EXT4-fs (loop2): 1 truncate cleaned up
[  141.610504][ T8909] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  141.623709][ T8909] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  141.689463][ T8920] netlink: 'syz.2.2062': attribute type 39 has an invalid length.
[  141.714398][ T8924] pim6reg: entered allmulticast mode
[  141.720426][ T8924] pim6reg: left allmulticast mode
[  141.761966][ T8931] random: crng reseeded on system resumption
[  141.881562][ T8943] FAULT_INJECTION: forcing a failure.
[  141.881562][ T8943] name failslab, interval 1, probability 0, space 0, times 0
[  141.894311][ T8943] CPU: 1 UID: 0 PID: 8943 Comm: syz.4.2073 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  141.894385][ T8943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  141.894401][ T8943] Call Trace:
[  141.894409][ T8943]  <TASK>
[  141.894418][ T8943]  __dump_stack+0x1d/0x30
[  141.894442][ T8943]  dump_stack_lvl+0xe8/0x140
[  141.894513][ T8943]  dump_stack+0x15/0x1b
[  141.894529][ T8943]  should_fail_ex+0x265/0x280
[  141.894634][ T8943]  should_failslab+0x8c/0xb0
[  141.894678][ T8943]  kmem_cache_alloc_noprof+0x50/0x310
[  141.894697][ T8943]  ? getname_flags+0x80/0x3b0
[  141.894729][ T8943]  getname_flags+0x80/0x3b0
[  141.894817][ T8943]  user_path_create+0x27/0x130
[  141.894846][ T8943]  bpf_obj_pin_user+0xe0/0x230
[  141.894949][ T8943]  bpf_obj_pin+0xac/0xd0
[  141.895033][ T8943]  __sys_bpf+0x6a7/0x790
[  141.895073][ T8943]  __x64_sys_bpf+0x41/0x50
[  141.895108][ T8943]  x64_sys_call+0x2478/0x2fb0
[  141.895128][ T8943]  do_syscall_64+0xd0/0x1a0
[  141.895212][ T8943]  ? clear_bhb_loop+0x40/0x90
[  141.895239][ T8943]  ? clear_bhb_loop+0x40/0x90
[  141.895264][ T8943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.895284][ T8943] RIP: 0033:0x7f9b2127e969
[  141.895307][ T8943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.895328][ T8943] RSP: 002b:00007f9b1f8e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  141.895347][ T8943] RAX: ffffffffffffffda RBX: 00007f9b214a5fa0 RCX: 00007f9b2127e969
[  141.895415][ T8943] RDX: 0000000000000018 RSI: 0000200000000580 RDI: 0000000000000006
[  141.895430][ T8943] RBP: 00007f9b1f8e7090 R08: 0000000000000000 R09: 0000000000000000
[  141.895445][ T8943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.895459][ T8943] R13: 0000000000000000 R14: 00007f9b214a5fa0 R15: 00007ffedcf55f78
[  141.895547][ T8943]  </TASK>
[  141.900935][ T8947] netlink: 'syz.1.2075': attribute type 39 has an invalid length.
[  142.215525][   T29] kauditd_printk_skb: 184 callbacks suppressed
[  142.215540][   T29] audit: type=1326 audit(142.240:9071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.253340][   T29] audit: type=1326 audit(142.240:9072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.276289][   T29] audit: type=1326 audit(142.240:9073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.299249][   T29] audit: type=1326 audit(142.240:9074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.322154][   T29] audit: type=1326 audit(142.240:9075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.345150][   T29] audit: type=1326 audit(142.240:9076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.367918][   T29] audit: type=1326 audit(142.240:9077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8970 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f27f5ca1225 code=0x7ffc0000
[  142.390861][   T29] audit: type=1326 audit(142.240:9078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.413772][   T29] audit: type=1326 audit(142.240:9079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.436637][   T29] audit: type=1326 audit(142.240:9080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8958 comm="syz.3.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f27f5c6e969 code=0x7ffc0000
[  142.490311][ T8987] random: crng reseeded on system resumption
[  142.712876][ T9007] loop2: detected capacity change from 0 to 512
[  142.729933][ T9009] loop4: detected capacity change from 0 to 512
[  142.736724][ T9007] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  142.747189][ T9009] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  142.757530][ T9007] EXT4-fs (loop2): orphan cleanup on readonly fs
[  142.764368][ T9007] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.2098: Block bitmap for bg 0 marked uninitialized
[  142.777875][ T9007] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  142.787207][ T9007] EXT4-fs (loop2): 1 orphan inode deleted
[  142.787209][ T9009] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[  142.787369][ T9009] EXT4-fs (loop4): orphan cleanup on readonly fs
[  142.793527][ T9007] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  142.821220][ T9009] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 361: padding at end of block bitmap is not set
[  142.842519][ T9009] EXT4-fs (loop4): Remounting filesystem read-only
[  142.852952][ T9009] EXT4-fs (loop4): 1 truncate cleaned up
[  142.859171][ T9009] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  142.881713][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.882162][ T9009] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  142.928071][ T9013] random: crng reseeded on system resumption
[  143.191749][ T9030] netlink: 'syz.3.2109': attribute type 1 has an invalid length.
[  143.232959][ T9030] bond6: entered promiscuous mode
[  143.257698][ T9030] 8021q: adding VLAN 0 to HW filter on device bond6
[  143.280097][ T9036] __nla_validate_parse: 20 callbacks suppressed
[  143.280115][ T9036] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2109'.
[  143.327032][ T9035] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2111'.
[  143.351692][ T9036] batadv5: entered promiscuous mode
[  143.357103][ T9036] batadv5: entered allmulticast mode
[  143.388227][ T9036] 8021q: adding VLAN 0 to HW filter on device batadv5
[  143.412900][ T9036] bond6: (slave batadv5): making interface the new active one
[  143.432038][ T9036] bond6: (slave batadv5): Enslaving as an active interface with an up link
[  143.679155][ T9061] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2121'.
[  144.488018][ T9079] loop4: detected capacity change from 0 to 512
[  144.508037][ T9079] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  144.555469][ T9079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.645538][ T9079] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  144.751458][ T9017] netlink: 'syz.2.2103': attribute type 16 has an invalid length.
[  144.759476][ T9017] netlink: 'syz.2.2103': attribute type 17 has an invalid length.
[  144.767329][ T9017] netlink: 'syz.2.2103': attribute type 5 has an invalid length.
[  144.783906][ T9079] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.860943][ T9088] loop3: detected capacity change from 0 to 512
[  144.884409][ T9088] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  144.917240][ T9088] EXT4-fs (loop3): orphan cleanup on readonly fs
[  144.925082][ T9088] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.2131: Block bitmap for bg 0 marked uninitialized
[  144.959950][ T9088] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  144.975861][ T9088] EXT4-fs (loop3): 1 orphan inode deleted
[  144.982162][ T9088] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  145.042270][ T9088] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2131'.
[  145.055531][ T9088] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2131'.
[  145.078261][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.091708][ T9098] loop4: detected capacity change from 0 to 2048
[  145.121981][ T9100] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2136'.
[  145.203294][ T9098] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.844741][ T9108] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2137'.
[  145.873264][ T9108] random: crng reseeded on system resumption
[  146.159257][  T272] ==================================================================
[  146.167399][  T272] BUG: KCSAN: data-race in copy_page_from_iter_atomic / copy_page_from_iter_atomic
[  146.176755][  T272] 
[  146.179091][  T272] write to 0xffff88811d5905cf of 2 bytes by task 9105 on cpu 1:
[  146.186741][  T272]  copy_page_from_iter_atomic+0x77f/0xff0
[  146.192494][  T272]  generic_perform_write+0x2c2/0x490
[  146.197831][  T272]  ext4_buffered_write_iter+0x1ee/0x3c0
[  146.203413][  T272]  ext4_file_write_iter+0x383/0xf00
[  146.208649][  T272]  iter_file_splice_write+0x5ef/0x970
[  146.214127][  T272]  direct_splice_actor+0x156/0x2a0
[  146.219266][  T272]  splice_direct_to_actor+0x312/0x680
[  146.224670][  T272]  do_splice_direct+0xda/0x150
[  146.229567][  T272]  do_sendfile+0x380/0x640
[  146.234021][  T272]  __x64_sys_sendfile64+0x105/0x150
[  146.239276][  T272]  x64_sys_call+0xb39/0x2fb0
[  146.243901][  T272]  do_syscall_64+0xd0/0x1a0
[  146.248444][  T272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.254375][  T272] 
[  146.256721][  T272] read to 0xffff88811d590000 of 2048 bytes by task 272 on cpu 0:
[  146.264464][  T272]  copy_page_from_iter_atomic+0x77f/0xff0
[  146.270232][  T272]  generic_perform_write+0x2c2/0x490
[  146.275642][  T272]  shmem_file_write_iter+0xc5/0xf0
[  146.280802][  T272]  lo_rw_aio+0x5fa/0x7c0
[  146.285090][  T272]  loop_process_work+0x52d/0xa60
[  146.290069][  T272]  loop_workfn+0x31/0x40
[  146.294341][  T272]  process_scheduled_works+0x4ce/0x9d0
[  146.299843][  T272]  worker_thread+0x582/0x770
[  146.304475][  T272]  kthread+0x489/0x510
[  146.308562][  T272]  ret_from_fork+0x4b/0x60
[  146.312988][  T272]  ret_from_fork_asm+0x1a/0x30
[  146.317887][  T272] 
[  146.320210][  T272] Reported by Kernel Concurrency Sanitizer on:
[  146.326365][  T272] CPU: 0 UID: 0 PID: 272 Comm: kworker/u8:5 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  146.338874][  T272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  146.348949][  T272] Workqueue: loop4 loop_workfn
[  146.353757][  T272] ==================================================================
[  146.434187][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.