last executing test programs:

2m44.964176656s ago: executing program 1 (id=868):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000261000/0xc00000)=nil, 0xc00000, 0x3000003, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

2m42.750019822s ago: executing program 1 (id=877):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='rss_stat\x00', r5}, 0x10)
mmap(&(0x7f0000261000/0xc00000)=nil, 0xc00000, 0x3000003, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
fallocate(r6, 0x8, 0x4000, 0x4000)

2m42.419275825s ago: executing program 1 (id=883):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x14, &(0x7f00000054c0)=[{0x0, 0x1, 0x0, &(0x7f0000000280), &(0x7f0000000300)=[0xfffffffffffffc01, 0x5800, 0x6, 0x6, 0x0, 0x8000000000000000, 0x7]}, {0x0, 0x1, 0x0, &(0x7f0000003a40), &(0x7f00000016c0)=[0x80, 0x3ff, 0x8, 0x0, 0x9]}, {0x5, 0x1, 0x0, &(0x7f00000019c0)=[{&(0x7f0000001700)=""/63, 0x3f}, {&(0x7f0000001740)=""/233, 0xe9}, {&(0x7f0000001840)=""/118, 0x76}, {&(0x7f00000018c0)=""/53, 0x35}, {&(0x7f0000001900)=""/190, 0xbe}], &(0x7f0000001a40)=[0x7, 0x8, 0x6877, 0x7, 0x2, 0xffff, 0xde, 0x4, 0x10, 0x0]}, {0x6, 0x0, 0x0, &(0x7f0000001e00)=[{&(0x7f0000001ac0)=""/218, 0xda}, {&(0x7f0000001bc0)=""/77, 0x4d}, {&(0x7f0000001c40)=""/11, 0xb}, {&(0x7f0000001c80)=""/10, 0xa}, {&(0x7f0000001cc0)=""/13, 0xd}, {&(0x7f0000001d00)=""/194, 0xc2}], &(0x7f0000001e80)=[0x9, 0x8]}, {0x1, 0x1, 0x0, &(0x7f0000003a80)=[{&(0x7f0000003a40)}], &(0x7f0000003ac0)}, {0x5, 0x1, 0x0, &(0x7f0000005600)=[{&(0x7f0000003b00)=""/122, 0x7a}, {&(0x7f0000003b80)=""/111, 0x6f}, {&(0x7f0000003c00)=""/150, 0x96}, {&(0x7f0000003cc0)=""/4096, 0x1000}, {&(0x7f0000004cc0)=""/29, 0x1d}], &(0x7f0000004d80)=[0x7ff, 0x4]}, {0x7, 0x1, 0x0, &(0x7f0000005200)=[{&(0x7f0000004dc0)=""/24, 0x18}, {&(0x7f0000004e00)=""/65, 0x41}, {&(0x7f0000004e80)=""/174, 0xae}, {&(0x7f0000004f40)=""/221, 0xdd}, {&(0x7f0000005040)=""/169, 0xa9}, {&(0x7f0000005100)=""/122, 0x7a}, {&(0x7f0000005180)=""/82, 0x52}], &(0x7f0000005280)=[0x10001, 0x4, 0x8]}, {0x1, 0x1, 0x0, &(0x7f0000005440)=[{&(0x7f00000053c0)=""/120, 0x78}], &(0x7f0000005480)}], 0x8)
gettid()
capset(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='kfree\x00'}, 0x10)
r1 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000580)={'syztnl1\x00', <r2=>0x0, 0x29, 0x0, 0x3, 0x0, 0x46, @local, @mcast1, 0x10, 0x0, 0x6, 0x3}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
r3 = openat$vcsu(0xffffff9c, &(0x7f0000000080), 0x88080, 0x0)
mprotect(&(0x7f00006a3000/0x1000)=nil, 0x1000, 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x22, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7ff}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@jmp={0x5, 0x1, 0x4, 0xb, 0x6, 0x18, 0xffffffffffffffff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x21, '\x00', r2, 0x0, r3, 0x8, &(0x7f0000000780)={0x5, 0x4}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0xf, 0xfffffff0, 0x7f}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000800)=[r0, r0, r3], &(0x7f0000000840)=[{0x2, 0x3, 0xd, 0x8e56c2b9eda585f5}, {0x5, 0x3, 0xc, 0xc}, {0x4, 0x5, 0xc, 0x8}, {0x1, 0x3, 0xa, 0x3}, {0x0, 0x5, 0x6, 0xb}, {0x0, 0x3, 0x0, 0xc}], 0x10, 0x5612, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
read$eventfd(r3, &(0x7f00000003c0), 0x8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f00000002c0)={[{@dioread_nolock}, {}, {@resgid}, {@oldalloc}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x42)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
add_key$user(&(0x7f0000000000), &(0x7f0000003ac0)={'syz', 0x0}, &(0x7f0000000100)="21c86a39abe3efa6f287a73afb32ba6b8957c9867abc9605327b4433acc780474162cbafbf583136e916afcecfbe1e8361b921defa92727e461ba4c2cd5de39a2708d8db6236043eee5b3d37b82c85ab61d7", 0x52, 0xfffffffffffffff9)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)

2m41.989037268s ago: executing program 1 (id=888):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x1320, 0xffffffff, 0x3, 0x5, 0x0, 0x1, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, 0x0, 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

2m41.71831929s ago: executing program 1 (id=896):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000010c0)={0x5, &(0x7f0000001080)=[{0x3, 0x95, 0x6, 0x2}, {0x1, 0x0, 0x70, 0x3eab}, {0x3b, 0x7, 0x9, 0x9}, {0xc, 0x3, 0x3, 0x8}, {0x8, 0xe, 0x5, 0x8}]}, 0x10)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
syz_read_part_table(0x1062, &(0x7f0000000000)="$eJzsz7FNxDAcxeFnHCdGFKxAQwU7ZAo2oUY0DMEKbMBgp5Q5JbkdcsX3FS6sn570D6f6GpNMz0nmx6S0LK+X2tqUNRmS1rPk4Ui//9+SvLTM6UktWZ+S9J+S389tZI/K0Q5JqekZU9vY96/37VnbltwGSz7+TjkaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO7MNQAA//9zCAv3")
open(&(0x7f0000000300)='.\x00', 0x0, 0x0) (async)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000010c0)={0x5, &(0x7f0000001080)=[{0x3, 0x95, 0x6, 0x2}, {0x1, 0x0, 0x70, 0x3eab}, {0x3b, 0x7, 0x9, 0x9}, {0xc, 0x3, 0x3, 0x8}, {0x8, 0xe, 0x5, 0x8}]}, 0x10) (async)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) (async)
syz_read_part_table(0x1062, &(0x7f0000000000)="$eJzsz7FNxDAcxeFnHCdGFKxAQwU7ZAo2oUY0DMEKbMBgp5Q5JbkdcsX3FS6sn570D6f6GpNMz0nmx6S0LK+X2tqUNRmS1rPk4Ui//9+SvLTM6UktWZ+S9J+S389tZI/K0Q5JqekZU9vY96/37VnbltwGSz7+TjkaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO7MNQAA//9zCAv3") (async)

2m41.266198953s ago: executing program 1 (id=906):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000840)='./file0\x00', 0x801, &(0x7f0000000080), 0x44, 0x518, &(0x7f0000000200)="$eJzs3c9vG1kdAPDvOHa3adNNFjjASiwLuyitoHayYXcjDssiITitBCz3EhIniuLEUezsNlFFU/EHICEESJzgwgWJPwAJVeLCESFVgjMIEAhBCwcO0EG2J2l+jBO3uHEafz7SZN57M+Pve45mPG/maSaAofVyRLwdEQ/TNL0WEeNZeSGbYqcztdZ7cP/WfGtKIk3f/XsSSVa2+1lJNr+cbXYxIr76pYhvJEfjNra2V+ZqtepGlq80V9crja3t68urc0vVperazMz0G7Nvzr4+O9WXdl6JiLe+8OfvffsnX3zrF59+/w83/nr1m61qjWXL97fjMRWPW9hpeqn9XezfYOMJg51FxXYLM6N5a4wcKbnzlOsEAEC+1jn+ByLiExFxLcZj5PjTWQAAAOAZlH5uLP6TRKT5LnQpBwAAAJ4hhfYY2KRQzsYCjEWhUC53xvB+KC4VavVG81OL9c21hc5Y2YkoFRaXa9WpbKzwRJSSVn66nX6Uf+1QfiYiXoiI746PtvPl+XptYdAXPwAAAGBIXD7U///XeKf/DwAAAJwzE4OuAAAAAPDU6f8DAADA+af/DwAAAOfal995pzWlu++/Xnhva3Ol/t71hWpjpby6OV+er2+sl5fq9aX2M/tWT/q8Wr2+/plY27xZaVYbzUpja/vGan1zrXlj+cArsAEAAIBT9MLH7v4uiYidz462p5YLvW3a42rAWVXcSyXZPGe3/v3znfmfTqlSwKkYGXQFgIEpDroCwMCUBl0BYOCSg9kj3YKug3d+nc0/3v86AQAA/TX5ke73/wvHbrlz/GLgzLMTw/By/x+GV/v+f68jeZ0swLlScgYAQ2/f/f/0ds7yE+//nyhNH79WAABAP421p6RQzi7vjUWhUC5HXGm/FqCULC7XqlMR8XxE/Ha89FwrP93eMjk8ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6CJNk0gBAACAcy2i8Jfkl51n+U+Ovzp2+PrAheTf45G9IvT9H777/ZtzzebGdKv8H3vlzR9k5a8N4goGAAAADIXHeoH/bj99tx8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP304P6t+d3pNOP+7fMRMZEXvxgX2/OLUYqIS/9MorhvuyQiRvoQf7T158N58ZNWtfZC5sUf7UP8nTvHxo+J7FvIi3+5D/FhmN1tHX/eztv/CvFye56//xUjDuSfVPfjX+wd/0a67P9Xeozx4r2fVbrGvxPxYjH/+LMbP+kS/5Ue43/9a9vb3ZalP4qYzP39SQ7EqjRX1yuNre3ry6tzS9Wl6trMzPQbs2/Ovj47VVlcrlWzv/FcTozvfPTnD49r/6Uu8SdOaP+rPbb/v/du3v9gJ1nKi3/1lZz4v/pxtsbR+IXst++TWbq1fHI3vdNJ7/fST3/z0nHtX+jS/pP+/1d7bP+1r3zrjz2uCgCcgsbW9spcrVbdOLeJVi/9DFRD4gwmbvf1A9M0TVv71P/xOUmcha+lnRj0kQkAAOi3Ryf9g64JAAAAAAAAAAAAAAAAAAAADK/TeJzY4Zg7e6mkH4/QBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoi/8FAAD//z742t0=")

2m26.231592735s ago: executing program 32 (id=906):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000840)='./file0\x00', 0x801, &(0x7f0000000080), 0x44, 0x518, &(0x7f0000000200)="$eJzs3c9vG1kdAPDvOHa3adNNFjjASiwLuyitoHayYXcjDssiITitBCz3EhIniuLEUezsNlFFU/EHICEESJzgwgWJPwAJVeLCESFVgjMIEAhBCwcO0EG2J2l+jBO3uHEafz7SZN57M+Pve45mPG/maSaAofVyRLwdEQ/TNL0WEeNZeSGbYqcztdZ7cP/WfGtKIk3f/XsSSVa2+1lJNr+cbXYxIr76pYhvJEfjNra2V+ZqtepGlq80V9crja3t68urc0vVperazMz0G7Nvzr4+O9WXdl6JiLe+8OfvffsnX3zrF59+/w83/nr1m61qjWXL97fjMRWPW9hpeqn9XezfYOMJg51FxXYLM6N5a4wcKbnzlOsEAEC+1jn+ByLiExFxLcZj5PjTWQAAAOAZlH5uLP6TRKT5LnQpBwAAAJ4hhfYY2KRQzsYCjEWhUC53xvB+KC4VavVG81OL9c21hc5Y2YkoFRaXa9WpbKzwRJSSVn66nX6Uf+1QfiYiXoiI746PtvPl+XptYdAXPwAAAGBIXD7U///XeKf/DwAAAJwzE4OuAAAAAPDU6f8DAADA+af/DwAAAOfal995pzWlu++/Xnhva3Ol/t71hWpjpby6OV+er2+sl5fq9aX2M/tWT/q8Wr2+/plY27xZaVYbzUpja/vGan1zrXlj+cArsAEAAIBT9MLH7v4uiYidz462p5YLvW3a42rAWVXcSyXZPGe3/v3znfmfTqlSwKkYGXQFgIEpDroCwMCUBl0BYOCSg9kj3YKug3d+nc0/3v86AQAA/TX5ke73/wvHbrlz/GLgzLMTw/By/x+GV/v+f68jeZ0swLlScgYAQ2/f/f/0ds7yE+//nyhNH79WAABAP421p6RQzi7vjUWhUC5HXGm/FqCULC7XqlMR8XxE/Ha89FwrP93eMjk8ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6CJNk0gBAACAcy2i8Jfkl51n+U+Ovzp2+PrAheTf45G9IvT9H777/ZtzzebGdKv8H3vlzR9k5a8N4goGAAAADIXHeoH/bj99tx8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP304P6t+d3pNOP+7fMRMZEXvxgX2/OLUYqIS/9MorhvuyQiRvoQf7T158N58ZNWtfZC5sUf7UP8nTvHxo+J7FvIi3+5D/FhmN1tHX/eztv/CvFye56//xUjDuSfVPfjX+wd/0a67P9Xeozx4r2fVbrGvxPxYjH/+LMbP+kS/5Ue43/9a9vb3ZalP4qYzP39SQ7EqjRX1yuNre3ry6tzS9Wl6trMzPQbs2/Ovj47VVlcrlWzv/FcTozvfPTnD49r/6Uu8SdOaP+rPbb/v/du3v9gJ1nKi3/1lZz4v/pxtsbR+IXst++TWbq1fHI3vdNJ7/fST3/z0nHtX+jS/pP+/1d7bP+1r3zrjz2uCgCcgsbW9spcrVbdOLeJVi/9DFRD4gwmbvf1A9M0TVv71P/xOUmcha+lnRj0kQkAAOi3Ryf9g64JAAAAAAAAAAAAAAAAAAAADK/TeJzY4Zg7e6mkH4/QBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoi/8FAAD//z742t0=")

3.289083595s ago: executing program 4 (id=3802):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='%-\x10*\x00\xdbQ\x8d\xc2,\x9d', &(0x7f0000000380)='$\x00', 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)

3.135499236s ago: executing program 4 (id=3803):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRESHEX=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
request_key(0x0, 0x0, &(0x7f00000000c0)='veth\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90124fc60100c034002560100053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

2.809549079s ago: executing program 4 (id=3812):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x101001)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8})
ioctl$SG_IO(r0, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x6, 0x6b, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000040)="2e3513000000", 0x0, 0x0, 0x0, 0x0, 0x0})
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000f25d6d2fb1018cf2eead1e6500000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070200e2f7ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x15, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b04, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
truncate(&(0x7f00000001c0)='./file2\x00', 0xaeb3)

2.533724481s ago: executing program 4 (id=3817):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800"/13, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b"], &(0x7f0000000180)='GPL\x00', 0x3ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = fsopen(&(0x7f0000000580)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000000), &(0x7f0000000300)=r1}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r0, &(0x7f0000002b80), 0xffffffffffffffff}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3, 0x1, 0xf533, 0x2}, 0x20})

2.443323942s ago: executing program 4 (id=3818):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='setgroups\x00')
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000a00)=@newtaction={0x88c, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0x80, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x6, 0x10000005, 0x0, 0x5, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x5, 0xb5, 0x4, 0x4, 0x0, 0x4, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0xfffffffd, 0x5, 0x8, 0xe, 0x2, 0xfffffff8, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x6, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0xfffffffb, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x224, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x3, 0xffff, 0xfffffffe, 0x4, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x3, 0x4f, 0xffffffff, 0x8, 0x1, 0x119203c5, 0xd0, 0x7, 0x4, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6d, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x5, 0xc, 0xe, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0xfff, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x4b1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x80001, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x2, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x7, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x6, 0x31e1, 0x4, 0x4, 0xb, 0x5, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x1, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x1, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x7, 0x9, 0x0, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0xfffffffa]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x3a40da20, 0x9, 0x6, 0x4, 0x8000, 0x7fffffff, 0x2, 0x1, 0x7fff, 0x86, 0x10000, 0x12, 0x40, 0x2, 0x99d, 0x6, 0xffffff92, 0xe9c, 0x3ff, 0xfffffffe, 0x10001, 0xa, 0xfffff000, 0x7f, 0x4, 0x0, 0x81, 0x6f0, 0x18e, 0x8, 0x4, 0x3, 0x4, 0x2, 0xffffffff, 0x0, 0x80000004, 0x9, 0x9, 0xfffc, 0x2, 0xd, 0x3, 0x5, 0x1, 0x4, 0x8, 0x7, 0x0, 0xd92e, 0x7fffffff, 0x908b, 0x90, 0xc0, 0x5b, 0x1, 0xe6, 0x43, 0x5, 0x1000, 0x3, 0x10, 0x0, 0x6, 0x6, 0x6, 0x100, 0xf3, 0x1, 0xa8d, 0x0, 0xa, 0x7, 0x0, 0x8, 0x8, 0x10000, 0x3, 0x3, 0x0, 0xa, 0x5, 0x1, 0xee7e, 0x800, 0xd1, 0x7fff, 0x2, 0x4, 0x5, 0x4, 0xffffff89, 0x7, 0xfffffff3, 0x2, 0xffffffff, 0x9, 0x7, 0x2, 0x101, 0x7fffffff, 0xfffff001, 0x64, 0x4, 0xffffffff, 0x1, 0x9, 0x9, 0x0, 0xb3e, 0x8, 0xf3, 0x401, 0x401, 0x9, 0x8, 0x2, 0x6, 0x0, 0x0, 0x9, 0xffffffff, 0x25c, 0x7, 0x5, 0x0, 0x9, 0xfffffff9, 0x3, 0xe2, 0x8, 0x1, 0x8, 0x9, 0x0, 0x9, 0x2, 0x1, 0x9, 0x80, 0x5, 0x1, 0x5, 0x2, 0x1, 0x472a8800, 0xc, 0xfffffff0, 0xfffffff8, 0x9, 0x8, 0xfffffffc, 0x9, 0x5, 0x9, 0x5, 0x6, 0x6, 0x7, 0x87f, 0x59, 0x4fedcacd, 0x1, 0x4, 0x10001, 0x2, 0x1, 0x5, 0xfff, 0x3, 0x0, 0x1, 0x7, 0x401, 0x7f, 0x4, 0x40007, 0x2120, 0xfffffffa, 0x80, 0x3, 0xdbff, 0x52b6, 0xfffffffa, 0x1, 0x70, 0x0, 0xe1, 0x401, 0xa, 0x101, 0x3ff, 0x101, 0xfffffffc, 0x7ffe, 0x80000000, 0x81, 0xfffffff7, 0x3, 0x1, 0x7514, 0x7, 0x3, 0x1, 0x4, 0x2, 0x3, 0x4, 0x10000, 0x3ff, 0x0, 0x100, 0x7ef2, 0x0, 0x1, 0xe, 0xd, 0x4, 0x6, 0x8, 0x4, 0x10001, 0x6, 0x400, 0x436, 0x3, 0x202, 0x0, 0x0, 0x0, 0xbc, 0xa8, 0x0, 0x6, 0x7, 0x1, 0x81, 0x3, 0x2, 0x3, 0x4, 0x4, 0x2445c87b, 0x6, 0xd, 0x9, 0x2, 0x10, 0x4, 0x7, 0x57, 0x5, 0xd, 0x1000, 0x3]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x400, 0x8, 0x3, 0x7b2, 0x400, {0x1, 0x2, 0x8, 0x624, 0x0, 0xfffffff8}, {0x9, 0x2, 0x7, 0x7ff, 0xff01, 0x4}, 0x9, 0x4, 0x923}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa, {0x2}}}}]}]}, 0x88c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='mm_page_free\x00', r4}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
stat(&(0x7f0000000040)='./file0\x00', 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x5)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_usbip_server_init(0x1)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x5, 0x0, 0x1, {0x0, 0xea60}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "3fae8a9ad451a727"}}, 0x48}}, 0x0)
sendmsg$can_bcm(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x5, 0x609f, 0x0, {0x0, 0xea60}, {0x0, 0x2710}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "3acf1ec7ae70bb24"}}, 0x48}, 0x1, 0x0, 0x0, 0x4044010}, 0x0)
r8 = open$dir(&(0x7f0000000080)='./file0\x00', 0x4d0000, 0x12)
renameat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', r8, &(0x7f00000001c0)='./file0\x00', 0x1)

1.523119238s ago: executing program 4 (id=3835):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
close(0x3)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='+}[@\x00\xe5\xa5>6\xd4\x0e3&\x8dv\xb7\xa8\x1fe\x84]\xac\x92\xccut\xae\xa8\xe5\x1b\xdb\xd1\x8fca\xc1\xbe\x104\xd7M\x93\xd2+\xde\xb1@\xf9\x056\xe8\xfa\xff#\xe8%\x14P\xad;\xbd\x17\xcc\x97Ka\xcfK6\x7fn\x18\xe5\x880\v\xbc*\x05\x1d\x97\x83\x06Y\x9bI\x84\xe6\xcd \xca\xceN\xbc1\xd4P|k\xf9\x97\xc0\x9e\x12\x88\x15&\x1d\x88\x96\xf6=\xa5\xd5L_r\xca\x1dr')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000300)='kmem_cache_free\x00', r3, 0x0, 0x1}, 0x18)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r4, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r5, &(0x7f0000002300)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x4)
sendmsg$tipc(r5, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
accept4(r4, 0x0, 0x0, 0x400000000000000)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r2, &(0x7f00000000c0)={0x1d, r6, 0x0, {}, 0xfe}, 0x18)
connect$can_j1939(r2, &(0x7f0000000080)={0x1d, r6, 0x0, {0x0, 0xf0}, 0xfe}, 0x18)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
syz_usb_connect(0x3, 0x24, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000021c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="0100000000aa30054c562b86c000"], 0x14}, 0x1, 0x40030000000000}, 0x0)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x26d, &(0x7f00000002c0)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEsRb0x5LL6GXlkJPaZtDeim0oYeGHtrDlt3ZLdtkQ9r92+58PrDMTN57896E+b4MQ2Y2gMyajIjZiMhHxFREFCMiaa3wZvqZbGxulLYXI6rVz24n9XrpdqrZbiIiKhHxQUShWba29dXe3Z1P3vlttfj2v1tflgZ1fK3293Y/Pfh7/tdTc++vXbx8cz6J2Sg3ylqPo5eSNj8rJBEv9aOzp0RSGPYIeBwLP/9/pZb7lyPirXr+i5FrRPb3lefOFeO9v45r+8etS68OcqxA71WrxdrfwEoVyJxcRJQjyU1HRLqey01Pp9fwV/PjuR+WV36a+n55dem7Yc9UQK+UI9n9+MzY6YlD+b+RT/MPjK5yxO7nC5vXausH+WGPBuib1rvtr6WLWv6nvll/N+QfMkf+IbvkH7JL/mEEdJjdHuS/3b+2Ac+AbvL/fJ/GBAyG638YYcXmSqVtsfxDdsk/jKh/Tr41J/+QXa35BwCypTo27CeQgWEZ9vwDAAAAAAAAAAAAAAAAAAActVHaXmx+BtXn+T8j9j+KiEK7/vP17yNuvm18/E5Sq/ZQkjbrytdvdLmDLv3Xs6evSx21euF6r/rvzIXX+7PfXx7dPPaXs74UUalVnikUjp5/SeP869yLJ5QXv+2ygyd0+K2AH34x2P4Pu7853P7ndiLO1uafmXbzTy5eqS/bzz/l1lcsd+jHe13uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIF5EAAA//9d9m3o")
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0x4fed0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xe3aa6ea)

1.416054569s ago: executing program 0 (id=3836):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x2003, 0xc, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054)

1.25714724s ago: executing program 0 (id=3839):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r2, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xda, 0x0, 0x0, 0x10, &(0x7f0000000300), &(0x7f0000000580), 0x8, 0x100005, 0x8, 0x5a8512a441835442, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r5)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
memfd_secret(0x80000)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x14, &(0x7f00000003c0), 0x2)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180))
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x3, 0x5, 0x8, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001200)='/proc/vmallocinfo\x00', 0x0, 0x0)
read$hiddev(r7, &(0x7f00000000c0)=""/4092, 0xffc)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$HIDIOCGDEVINFO(r7, 0x801c4803, &(0x7f0000002040)=""/3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r8}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')

1.067054812s ago: executing program 2 (id=3842):
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xb)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d214"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

1.050104252s ago: executing program 2 (id=3843):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000340)={[{@grpjquota}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nodelalloc}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="7a0a20ff00000000711041000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{}, &(0x7f0000000440), &(0x7f0000000480)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="14c14ff7574212123b8fb4648e32000000130a01"], 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000004000000000018120000", @ANYRES32=r3, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r1, 0x1, 0xc, &(0x7f0000000000)=0x1, 0x4)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')

1.029181912s ago: executing program 0 (id=3845):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x44004)
lsm_list_modules(0x0, &(0x7f0000000f40), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x53, 0xd, 0x9})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H\x00\x00\x00'], 0x48}}, 0x0)

1.019187802s ago: executing program 2 (id=3847):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64, @ANYBLOB="0000000000000000b7080000000000007b8af8ffaf4bc041c6040000008b4ea100000000bfa200000000000007f8ffffffb703000008000000b704000000000000850000005d00000095000000ed8a18b9e583d8688b970571490b6b5fd4e37b31cea329e0b64a353a330484d28ebf6d1dbc5efadf599968a1881ee96fb8992d3819d9613b7690"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000090a010400000000000000000000000008000a40000000000900010073797a30000000000900020073797a32000000000800054000000033080003400000001408000c4000000000080008"], 0x7c}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0x0, 0xe, 0x7, 0x5, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0xb}, 0x0, 0xc8, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x80)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000009f910000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x100)
ioctl$USBDEVFS_BULK(0xffffffffffffffff, 0x5523, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x1200000, &(0x7f0000000940)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@noquota}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x57e, &(0x7f0000001b40)="$eJzs3c9rHOUbAPBnNkl/f79NoRT1IIEerNRumsQfFYTWo2ixoPe6JNNQsumW7KY0sdD2YC9epAgiFsQ/wLvH4j8gePVc0EKREvTgJTKb2XabzSabZHW37ucD077vzGSfeXfmffd5d3bZAAbWWPZPIeLFiPgiiTjctG048o1ja/utPL4xnS1JrK5+9HsSSb6usX+S/38wr7wQET9+FnGy0Bq3urQ8VyqX04W8Pl6bvzpeXVo+dXm+NJvOplcmp6bOvDE1+fZbb3atra9e+PPrD++/d+bz4ytfff/wyN0kzsWhfFtzO3bhVnNlLMby52Qkzq3bcaILwfpJ0usDYEeG8n4+EtkYcDiG8l4P/PfdjIhVYEAl+j8MqEYe0Jjbd2ke/Nx49O7aBKi1/cNr743Evvrc6MBK8szMKJvvjnYhfhbjh9/u3c2W2OJ9iJtdiAfQcOt2RJweHm4d/5J8/Nu50/U3jze3Psagvf5AL93P8p/XNsp/Ck/yn2jJf36uZ467HR+io/5feNiFMG1l+d87G+a/T4au0aG89r96zjeSXLpcTk9HxP8j4kSM7M3qm93PObPyYLXdtub8L1uy+I1cMD+Oh8N7n/2bmVKttJs2N3t0O+Klp/lvEi3j/756rrs+/82ejwsdxjiW3nu53bat29+s+xnw6ncRr2x4/p/e0Uo2vz85Xr8exhtXRas/7hz7qV387bW/+7Lzf2Dz9o8mzfdrq9uP8e2+v9J223Z6/e9JPq6X9+TrrpdqtYWJiD3JB63rJ5/+baPe2D9r/4njm49/G13/+yPikw7bf+fonba79sP5n9nW+d9+4cH7n37TLn5n5//1eulEvqaT8a/TA9zNcwcAAAAAAAD9phARhyIpFJ+UC4Vice07vEfjQKFcqdZOXqosXpmJ+ndlR2Ok0LjTfbjp8xAT+edhG/XJdfWpiDgSEV8O7a/Xi9OV8kyvGw8AAAAAAAAAAAAAAAAAAAB94mCb7/9nfh3q9dEB/zg/+Q2Da8v+341fegL6ktd/GFz6Pwwu/R8GV4f9/5ctf80deO54/YfBpf/D4NL/YXBt3P/N9gEAAAAAAAAAAAAAAAAAAAAAAAAAAGCHLpw/ny2rK49vTGf1mWtLi3OVa6dm0upccX5xujhdWbhanK1UZstpcboyv9XjlSuVqxOTsXh9vJZWa+PVpeWL85XFK7WLl+dLs+nFdORfaRUAAAAAAAAAAAAAAAAAAAA8X6pLy3OlcjldUGhbOBt9cRg7LiRbneWz+cWwoxDDm+2zfzePrNDLQg8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY5+8AAAD//5d3NP0=")
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102030400fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c000000150a"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$NFT_MSG_GETOBJ_RESET(r9, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x15, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x0)
getsockopt$sock_int(r9, 0x1, 0x6, &(0x7f0000000940), &(0x7f0000000980)=0x4)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b000000000000000000000005c0150000000000", @ANYRES32=r2, @ANYBLOB='\x00'/20, @ANYRES32=r1, @ANYRES32, @ANYBLOB="04000000050000000300"/28], 0x50)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1e0000ab060000000100", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=r1, @ANYRES32, @ANYBLOB="0100000001000000000000000e00"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x32, &(0x7f00000010c0)=ANY=[@ANYBLOB="1800000001000000000000000400000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000006d00000018220000", @ANYRES32=r2, @ANYBLOB="0000000004000000108202000104000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020732500000000002020207b1af8ff00000000bfa10000933f1a54b200000000074ba400000000000002000008000000b7030000770000008500000006000000b7080000000000007b8af8ff00000000b700000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff18e6000034eb71e40062b09f0000002000000000000000e3ecd0fa1443820474a66f5f3c307612d61b326fe2a75aea1566ee80bc1f6d1514d97ed290814d9306000000163cdbf5afc9651f1e24cbfb3d544427194c7c802c615918ca838a29b5be84678bfa7b693e95bb80ce90344d6e30f5f50c4420b7171da7b19ff200af382e893954ef68cae4d27abbffa8017f8622035fae955161c43d3ad320439b321e1155d10a7ce1af291493f0db65ae10f00688f16a0e2c7106e646948872da163254ca242585c84efaa8ded770ab8e3772c916f9c38828707b69cbeebcc7fb3ea5c8cc12590299cf173ac10bd73baa1b4e336612faf2686f8e43e5463158be6a2be64228f2950a7214ae7258aa0cdf75b8ee38ea10684aee0e51cd0c7f1ae1cfdd6a2f850d1135919b837aa3886325e0de214c5ef4a16efadc2f84bc8546ca8b58702a5150b459d2a40ae404ba1fefd37f1dec1c06f7154f5aab536068eaf19f2e287e8a22e1e6c4028213d02270bd3bac1e05466c93fac0aff402f833e294220f0288e089e8814fa2dc6dce3a41ce7973b4ce3aa8f578d1fcd56e005582181538b2529061688efe28aa58570e67c69b35", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a50000000419040000000000181b0000", @ANYRES32=r11, @ANYBLOB="000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000340)='GPL\x00', 0x8, 0x10, &(0x7f0000000540)=""/16, 0x41000, 0x41, '\x00', r1, @sched_cls=0x2f, 0xffffffffffffffff, 0x8, &(0x7f0000000780)={0x4, 0x2}, 0x8, 0x10, &(0x7f00000007c0)={0x4, 0x10, 0x0, 0x7}, 0x10, 0xffffffffffffffff, r3, 0x1, &(0x7f0000000800)=[r2, r9, r2], &(0x7f0000000840)=[{0x3, 0x4, 0xa, 0x9}], 0x10, 0x100, @void, @value}, 0x94)
sendmsg$can_bcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x38}, 0x2}, 0x0)

969.067452ms ago: executing program 0 (id=3848):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffff31)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000000203850000a26939d60000000000000f0800010001"], 0x1c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0x9}}}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0xd065, 0x40, 0x7ff, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)

967.523363ms ago: executing program 5 (id=3849):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x2003, 0xc, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054)

926.207052ms ago: executing program 5 (id=3850):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)={0x20, r5, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40012}, 0x0)

889.642343ms ago: executing program 5 (id=3851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
close(r2)

871.623163ms ago: executing program 5 (id=3852):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r0 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
close(r0)

858.301163ms ago: executing program 0 (id=3853):
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000000)=0x3, 0x4)
pipe2$watch_queue(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x4, [@volatile={0x8, 0x0, 0x0, 0x9, 0x2}, @union={0x5, 0x2, 0x0, 0x5, 0x1, 0x4, [{0x4, 0x3, 0x1}, {0x6, 0x3, 0x81f}]}, @func={0x1, 0x0, 0x0, 0xc, 0x1}, @ptr={0x10, 0x0, 0x0, 0x2, 0x4}]}, {0x0, [0x0, 0x0]}}, &(0x7f00000000c0)=""/164, 0x64, 0xa4, 0x0, 0x8, 0x10000, @value=r0}, 0x28)
mkdirat(r0, &(0x7f0000000200)='./file0\x00', 0x1f)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000280)={0x2, &(0x7f0000000240)=[{0x6, 0x1, 0x6, 0xe4a}, {0x9, 0x4, 0x5, 0x10000}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000380)={'syztnl2\x00', &(0x7f0000000300)={'ip6tnl0\x00', <r2=>0x0, 0x29, 0x7, 0x6, 0x10000, 0x40, @private1={0xfc, 0x1, '\x00', 0x1}, @private0, 0x8000, 0x8000, 0x2, 0x644acc63}})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'\x00', <r3=>0x0})
getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000400)={@initdev, <r4=>0x0}, &(0x7f0000000440)=0x14)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000580)={&(0x7f0000000480)={0xdc, 0x0, 0xa30, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xaf}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x54, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x11}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xc0}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x9}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x54, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x27}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x41}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000680)={0x9, &(0x7f0000000600)=[{0x0, 0x4, 0xf4, 0x81}, {0x8, 0x0, 0x40, 0x3}, {0x9, 0xb, 0x9, 0x4d37821f}, {0x7, 0x3, 0x41, 0x875b}, {0x0, 0x7, 0x8, 0x9bb}, {0x1, 0x80, 0xb, 0xfffffffd}, {0x4a, 0x0, 0x6, 0x8}, {0x8, 0x4, 0x6, 0x5}, {0x1, 0x20, 0x0, 0x3}]})
sendmsg$nl_route_sched(r0, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)=@newtclass={0x34, 0x28, 0x20, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x10, 0x8}, {0x9, 0xa}, {0x4, 0x1}}, [@tclass_kind_options=@c_cbs={0x8}, @TCA_RATE={0x6, 0x5, {0x8, 0x7f}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040080}, 0x800)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000007c0), 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockname$packet(r0, &(0x7f0000000800)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000840)=0x14)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)={0x1b, 0x0, 0x0, 0x10000, 0x0, r0, 0x180, '\x00', r5, r0, 0x4, 0x3, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000900)='!$(*\'\x05{*[\'\\-%k]\x00', &(0x7f0000000940)='cbs\x00', 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000980)={0xe8}, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000a00)={0x5, &(0x7f00000009c0)=[{0xc9, 0x5, 0x5, 0x3}, {0x8, 0x9, 0x6, 0x1}, {0x0, 0xfa, 0x6, 0x1000}, {0x5, 0x77, 0x6, 0x42}, {0x9, 0xb, 0xac, 0x9}]}, 0x10)
pipe2$watch_queue(&(0x7f0000000a40)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
recvfrom$phonet(r6, &(0x7f0000000a80)=""/4096, 0x1000, 0x41, &(0x7f0000001a80)={0x23, 0x2, 0x2, 0x20}, 0x10)
accept$packet(r0, &(0x7f0000001ac0), &(0x7f0000001b00)=0x14)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000001b80)={0x8, &(0x7f0000001b40)=[{0x3, 0x8, 0xa4, 0x5}, {0x2, 0x5, 0x8, 0x3}, {0x2, 0x33, 0xf, 0x81}, {0x7fff, 0x2, 0x4, 0x3}, {0x2, 0x57, 0x2, 0x1}, {0xff, 0x7, 0xfa, 0x4}, {0x6, 0x2, 0x4, 0x3}, {0xd, 0x7f, 0x2, 0x71}]})
r7 = accept$packet(r0, 0x0, &(0x7f0000001bc0))
getsockname$packet(r7, &(0x7f0000001c00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001c40)=0x14)
inotify_init1(0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000001cc0)={0x6, &(0x7f0000001c80)=[{0x1, 0x3, 0x6, 0xfffffc01}, {0x2, 0x9, 0x2, 0x57235bc8}, {0x3, 0xfb, 0x0, 0x3}, {0x8, 0x5, 0x1, 0x2}, {0xd, 0x8, 0x3, 0x9}, {0x0, 0xc7, 0x4, 0x6}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0)

848.530214ms ago: executing program 5 (id=3854):
r0 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000020073797a30000000000800410073697700140033006c"], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpgrp(0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x8000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r2, 0x0)
syz_clone(0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x5)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/reserved_size', 0x80802, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='ext4_mballoc_prealloc\x00', r1, 0x0, 0x10001}, 0x18)
write$UHID_CREATE2(r6, &(0x7f0000000500)=ANY=[@ANYBLOB='\v\x00\x00\x00sy'], 0x1c7)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x2010, r1, 0x3d685000)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0xefff, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="58000000100003040000000000000000000000c8", @ANYRES32=0x0, @ANYBLOB="42420000000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00'}, 0x10)
utime(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0xfffffffffffffff9, 0x4})

762.230084ms ago: executing program 5 (id=3856):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x3, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
readv(r5, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/244, 0xf4}], 0x1)

653.500115ms ago: executing program 3 (id=3857):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000340)={[{@grpjquota}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nodelalloc}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="7a0a20ff00000000711041000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{}, &(0x7f0000000440), &(0x7f0000000480)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="14c14ff7574212123b8fb4648e32000000130a01"], 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000004000000000018120000", @ANYRES32=r3, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r1, 0x1, 0xc, &(0x7f0000000000)=0x1, 0x4)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')

601.263005ms ago: executing program 3 (id=3858):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
sendmsg$tipc(r2, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140))
setxattr$trusted_overlay_upper(0x0, &(0x7f0000000080), 0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})
r3 = perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xcf, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x3)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xb)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

519.911026ms ago: executing program 3 (id=3859):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x44004)
lsm_list_modules(0x0, &(0x7f0000000f40), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x53, 0xd, 0x9})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H\x00\x00\x00'], 0x48}}, 0x0)

491.113306ms ago: executing program 3 (id=3860):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r5, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRESHEX=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90124fc60100c034002560100053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

263.015757ms ago: executing program 3 (id=3861):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, 0x0, 0x0)

191.501658ms ago: executing program 3 (id=3862):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRESHEX=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90124fc60100c034002560100053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

160.817039ms ago: executing program 2 (id=3863):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x9)
setitimer(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000005000000000400000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000400)={0x0, 0x1, 0x6, @multicast}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000d40)='./file1\x00', 0x3200010, &(0x7f0000000200)=ANY=[], 0x1, 0x7c7, &(0x7f0000001540)="$eJzs3UtsHGcdAPD/uHYerhSqgkoUpekkKVIigru7aV2sHsp2PXamtXfN7holB9RWjVNFcR9qVUFzoOTSAgIhThxLrxUXbiAOSByAExI9cOGAVKknVCSQEAghGc3sbvzI+pHGTvr4/VbZb3bmm+/7z+xk/jvrnZkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACJpTFcq1STm8ubi+XRzjel2a36L6YP2frOu2KLfiKT4FwcOxOHeqMNfWJ18X/F0Io72Xh2NA0VxIK7efd89j31+dGQw/xYBfVTHd1gvifhuEdSVZ5eXl17Zg0Buox/8+qZn+c9K8TybNfNOK5+vz2Zp3mmlU5OTlYfOzXTSmXwu61zodLP5tNHO6t1WOz3VOJ1Wp6bOptnEhdZic3a6PpcNRj76lVqlMpk+ObGQ1dudVvOhJyc6jXP53FzenC3r1CrfiqLOo8WG+FTeTbtZfT5NL11eXjq7XahFpeq6MfvXbThHH7zng9fe/+flpWKD3KyRpL9h1qrVWq06+cjUI49WKqO1Sm39iMoGcb1GjEQUNfZko+UTZPd23nCLRvr5P+Yij2YsxvlII42R8nn1MRYHYjra0Yr54vWfxzZMvyH/f+mhv/9xq37X5v9Blj+8OvlIlPn/WO/VsU3yf7FT3hjHXj3uuh7b2rGvxutxNa7Es7Ecy7EUr9y2eHb4OLgh6pHdbX82smhGHvsjIo/5qJdj0sijE61IYyomYzIq8XSci5noRBozkcdcZNGJC9GJbmTlFtWIdmRRj260oh1pnIpGnI40qjEVU3E20shiIi5EKxajGbMxHfWylUtxuVzvZzfEdd93nvnV83/64O1i+Hql6hYLkhQf5opK/9iiUj+ZPxAfIf8Pasj/nzYHBv/Ddmg3dtuwK1bK/D96p8MAAAAA9lBSfvueRMRY3F8OzeRfv9NBAQAAALuq/F3z0aIYK4buj2Qmn8sqQ2q+d9tjAwAAAHZHUp5jl0TEeDzQGxqcLjXsSwAAAADgE6j8+/+xohiPeKMc4fgfAAAAPmW+t9k19t/f179Gb2dhfzK4+O3C+QeTF+rFUP2F/rh+8Y3rLXZnjiSH+o2UxeTo1buTiBhtZEeTwdUv/7e/V35YPh9ZvQDhZtf6T9rtseTa5gFct/K5iBsDKF/FD+N4r9Lxi73y4mBKr5fxmXwum2i05h6rJv0vR7qvvXj52xFF799vzh9K4tLl5aWJ515avljGcq1o5doL/cvDJxtX79CV0etxpb8G4v7hSzxWnojR73e8129l7fKP9GYf2brPZG2fb8aJXp0T471yfP3yHyj6rE48Vo16/dBINzvffW1lzdL3o6je4pK/GSd7dU6eOtkrhkRRWxfFizdGUVsbxc7WxY6jePv4G+f/9btWkp3dLoqztxgFwJ1yqbzqz2oWOlhmof+u9BT5f0PePThIuDezl7u0+iljcEH6NbluNHae3aM7M0g2Q/bop3p1TvU+T4weGZJXKkP26C9ffvn3/T36w+/+9GffPPaHX3z07PZunO7V6Rdx7283ybHFMv9oQ1Z9p5jjnU36LV7Wkhjr3TthdfLS80sv1mpnJysPVyqP1GKs/KjQL+QeAIbY9h47O7gLz8PDj6pjkPHuvf6Tgol4Ll6K5bgYZ8qzDSLigeGtjq/5GcKZbY5ax9fc4eXM1seWh1dPb6htrLv/ZBJ374sh7a5LlV/8SVn8e8/eEgDYcye2ycNb5P+xQf4/s81x9/pcfrp349zB0XFsnsuH+eperxAA+AzI2h8m4923knY7X3i6OjVVrXfPZWm71XgqbefTs1maN7tZuzH4prnVbTUGR8PTWSftLC4stNrddKbVThdanfx8eef3tH/r9042X29280ZnYS6rd7K00Wp2641uOp13GunC4hNzeedc1i5n7ixkjXwmb9S7eauZdlqL7UY2kaadLFtTMZ/Omt18Ji8Gm+lCO5+vt69FxNzifJZOZ51GO1/otnoNDvrKmzOt9nzZ7MSNi/+327muAeDj4tXXr155dnl56ZX1AyvJxjHDB/7y+tUrgz/Rb1o5YuUOLyUAsNbaLA0AAAAAAAAAAAAAAHw83Xi6XjF2u9P+1g2MxU1U3jCwf/OzBj+TA1/+ee9t2Y0Gb6Wdg+ve0339jWVPFvmuiNi7tfrM449f2azOE28cPvfX/Tvpffj/lGGnur51KGLfL3/cG/O127XZvNdfhzF6U7OvJFvUuWO7JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY1P8DAAD//9kVRuc=")
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)=ANY=[], 0x6000)

92.717969ms ago: executing program 2 (id=3864):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
setxattr$trusted_overlay_upper(0x0, &(0x7f0000000080), 0x0, 0x0, 0x0)

31.327789ms ago: executing program 2 (id=3865):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x14, &(0x7f00000054c0)=[{0x0, 0x1, 0x0, &(0x7f0000000280), &(0x7f0000000300)=[0xfffffffffffffc01, 0x5800, 0x6, 0x6, 0x0, 0x8000000000000000, 0x7]}, {0x0, 0x1, 0x0, &(0x7f0000003a40), &(0x7f00000016c0)=[0x80, 0x3ff, 0x8, 0x0, 0x9]}, {0x5, 0x1, 0x0, &(0x7f00000019c0)=[{&(0x7f0000001700)=""/63, 0x3f}, {&(0x7f0000001740)=""/233, 0xe9}, {&(0x7f0000001840)=""/118, 0x76}, {&(0x7f00000018c0)=""/53, 0x35}, {&(0x7f0000001900)=""/190, 0xbe}], &(0x7f0000001a40)=[0x7, 0x8, 0x6877, 0x7, 0x2, 0xffff, 0xde, 0x4, 0x10, 0x0]}, {0x6, 0x0, 0x0, &(0x7f0000001e00)=[{&(0x7f0000001ac0)=""/218, 0xda}, {&(0x7f0000001bc0)=""/77, 0x4d}, {&(0x7f0000001c40)=""/11, 0xb}, {&(0x7f0000001c80)=""/10, 0xa}, {&(0x7f0000001cc0)=""/13, 0xd}, {&(0x7f0000001d00)=""/194, 0xc2}], 0x0}, {0x5, 0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f00000029c0)=""/4096, 0x1000}, {&(0x7f0000001ec0)=""/211, 0xd3}, {&(0x7f0000000380)=""/28, 0x1c}, {&(0x7f0000000400)=""/248, 0xf8}, {&(0x7f0000000500)=""/79, 0x4f}], &(0x7f00000021c0)=[0x8, 0x8, 0x3, 0x0, 0x2, 0x7, 0x86]}, {0x1, 0x1, 0x0, &(0x7f0000003a80)=[{&(0x7f0000003a40)}], &(0x7f0000003ac0)}, {0x5, 0x1, 0x0, &(0x7f0000005600)=[{&(0x7f0000003b00)=""/122, 0x7a}, {&(0x7f0000003b80)=""/111, 0x6f}, {&(0x7f0000003c00)=""/150, 0x96}, {&(0x7f0000003cc0)=""/4096, 0x1000}, {&(0x7f0000004cc0)=""/29, 0x1d}], &(0x7f0000004d80)=[0x7ff, 0x4]}, {0x7, 0x1, 0x0, &(0x7f0000005200)=[{&(0x7f0000004dc0)=""/24, 0x18}, {&(0x7f0000004e00)=""/65, 0x41}, {&(0x7f0000004e80)=""/174, 0xae}, {&(0x7f0000004f40)=""/221, 0xdd}, {&(0x7f0000005040)=""/169, 0xa9}, {&(0x7f0000005100)=""/122, 0x7a}, {&(0x7f0000005180)=""/82, 0x52}], &(0x7f0000005280)=[0x10001, 0x4, 0x8]}, {0x1, 0x1, 0x0, &(0x7f0000005440)=[{&(0x7f00000053c0)=""/120, 0x78}], &(0x7f0000005480)}], 0x9)
gettid()
capset(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='kfree\x00'}, 0x10)
r1 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000580)={'syztnl1\x00', <r2=>0x0, 0x29, 0x0, 0x3, 0x0, 0x46, @local, @mcast1, 0x10, 0x0, 0x6, 0x3}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
r3 = openat$vcsu(0xffffff9c, &(0x7f0000000080), 0x88080, 0x0)
mprotect(&(0x7f00006a3000/0x1000)=nil, 0x1000, 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x22, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7ff}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@jmp={0x5, 0x1, 0x4, 0xb, 0x6, 0x18, 0xffffffffffffffff}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x21, '\x00', r2, 0x0, r3, 0x8, &(0x7f0000000780)={0x5, 0x4}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0xf, 0xfffffff0, 0x7f}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000800)=[r0, r0, r3], &(0x7f0000000840)=[{0x2, 0x3, 0xd, 0x8e56c2b9eda585f5}, {0x5, 0x3, 0xc, 0xc}, {0x4, 0x5, 0xc, 0x8}, {0x1, 0x3, 0xa, 0x3}, {0x0, 0x5, 0x6, 0xb}, {0x0, 0x3, 0x0, 0xc}], 0x10, 0x5612, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
read$eventfd(r3, &(0x7f00000003c0), 0x8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f00000002c0)={[{@dioread_nolock}, {}, {@resgid}, {@oldalloc}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x42)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
add_key$user(&(0x7f0000000000), &(0x7f0000003ac0)={'syz', 0x0}, &(0x7f0000000100)="21c86a39abe3efa6f287a73afb32ba6b8957c9867abc9605327b4433acc780474162cbafbf583136e916afcecfbe1e8361b921defa92727e461ba4c2cd5de39a2708d8db6236043eee5b3d37b82c85ab61d7", 0x52, 0xfffffffffffffff9)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)

0s ago: executing program 0 (id=3866):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB="34050029", @ANYRES16=r2, @ANYBLOB="010000000000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x48c0}, 0x0)
r3 = syz_clone(0x280, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000cc0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$unix(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000007c0)='\'', 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000280)=""/230, 0xe6}], 0x1}, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0b0d2bbd7000fcdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d34000008008b00", @ANYRES32=r3, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x801}, 0x44000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB="34050029", @ANYRES16=r2, @ANYBLOB="010000000000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x48c0}, 0x0) (async)
syz_clone(0x280, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000cc0)) (async)
sendmsg$unix(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000007c0)='\'', 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) (async)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000280)=""/230, 0xe6}], 0x1}, 0x0) (async)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0b0d2bbd7000fcdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d34000008008b00", @ANYRES32=r3, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x801}, 0x44000) (async)

kernel console output (not intermixed with test programs):

[T13278] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3099'.
[  239.212003][T13278] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  239.223758][T13278] xt_socket: unknown flags 0xc
[  239.237933][T13288] loop4: detected capacity change from 0 to 256
[  239.281216][T13286] loop5: detected capacity change from 0 to 1024
[  239.319792][T13293] 9pnet_fd: Insufficient options for proto=fd
[  239.388010][T13298] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3106'.
[  239.406564][T13298] vlan2: entered allmulticast mode
[  239.438402][   T30] audit: type=1326 audit(1742321599.647:7062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13301 comm="syz.0.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  239.462164][   T30] audit: type=1326 audit(1742321599.647:7063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13301 comm="syz.0.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  239.485863][   T30] audit: type=1326 audit(1742321599.647:7064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13301 comm="syz.0.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  239.509399][   T30] audit: type=1326 audit(1742321599.647:7065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13301 comm="syz.0.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  239.533090][   T30] audit: type=1326 audit(1742321599.647:7066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13301 comm="syz.0.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  239.592376][T13307] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3109'.
[  239.608726][T13307] 8021q: adding VLAN 0 to HW filter on device team4
[  239.623066][   T30] audit: type=1326 audit(1742321599.647:7067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13301 comm="syz.0.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  239.646679][   T30] audit: type=1326 audit(1742321599.777:7068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13301 comm="syz.0.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  239.670229][   T30] audit: type=1326 audit(1742321599.777:7069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13301 comm="syz.0.3107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  239.730020][T13311] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3111'.
[  239.751510][T13311] xt_hashlimit: size too large, truncated to 1048576
[  239.913625][T13318] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3111'.
[  239.925516][T13318] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  239.952774][T13311] xt_socket: unknown flags 0xc
[  239.984445][T13334] loop2: detected capacity change from 0 to 512
[  240.006809][T13330] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3117'.
[  240.021615][T13334] EXT4-fs: Ignoring removed mblk_io_submit option
[  240.047626][T13334] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  240.095696][T13334] EXT4-fs (loop2): 1 truncate cleaned up
[  240.111970][T13334] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  240.116835][T13341] futex_wake_op: syz.4.3123 tries to shift op by -1; fix this program
[  240.146967][T13347] loop3: detected capacity change from 0 to 1024
[  240.181316][T13347] EXT4-fs: Ignoring removed nomblk_io_submit option
[  240.225531][T13354] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  240.235544][T13347] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3121'.
[  240.281193][T13364] loop2: detected capacity change from 0 to 256
[  240.580214][T13383] loop4: detected capacity change from 0 to 1024
[  240.595179][T13381] loop2: detected capacity change from 0 to 2048
[  240.638774][T13381] EXT4-fs: Ignoring removed oldalloc option
[  240.685436][T13381] ext4 filesystem being mounted at /594/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  240.844389][T13394] vlan0: entered allmulticast mode
[  241.120137][T13398] loop5: detected capacity change from 0 to 512
[  241.333250][T13398] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  241.353888][T13398] System zones: 0-2, 18-18, 34-34
[  241.373746][T13398] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3141: bg 0: block 248: padding at end of block bitmap is not set
[  241.400173][T13398] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3141: Failed to acquire dquot type 1
[  241.424034][T13398] EXT4-fs (loop5): 1 truncate cleaned up
[  241.430218][T13398] ext4 filesystem being mounted at /427/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.514715][T13398] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  241.576313][T13407] mmap: syz.4.3143 (13407) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  241.592637][T12539] IPVS: starting estimator thread 0...
[  241.593917][T13404] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  241.685571][   T51] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set
[  241.702562][T13410] IPVS: using max 2304 ests per chain, 115200 per kthread
[  241.756280][   T51] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  241.768997][   T51] EXT4-fs (loop2): This should not happen!! Data will be lost
[  241.768997][   T51] 
[  241.814248][T13419] 8021q: adding VLAN 0 to HW filter on device team4
[  241.821898][T13421] xt_hashlimit: size too large, truncated to 1048576
[  241.956739][   T51] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 92 with error 28
[  241.969363][   T51] EXT4-fs (loop2): This should not happen!! Data will be lost
[  241.969363][   T51] 
[  241.979044][   T51] EXT4-fs (loop2): Total free blocks count 0
[  241.985059][   T51] EXT4-fs (loop2): Free/Dirty block details
[  241.990958][   T51] EXT4-fs (loop2): free_blocks=0
[  241.996006][   T51] EXT4-fs (loop2): dirty_blocks=96
[  242.001228][   T51] EXT4-fs (loop2): Block reservation details
[  242.007231][   T51] EXT4-fs (loop2): i_reserved_data_blocks=6
[  242.022814][T13425] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  242.026293][T13425] xt_socket: unknown flags 0xc
[  242.131525][T13428] bridge_slave_0: left allmulticast mode
[  242.137292][T13428] bridge_slave_0: left promiscuous mode
[  242.143034][T13428] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.167994][T13428] bridge_slave_1: left allmulticast mode
[  242.173907][T13428] bridge_slave_1: left promiscuous mode
[  242.179632][T13428] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.204218][T13428] bond0: (slave bond_slave_0): Releasing backup interface
[  242.226981][T13428] bond0: (slave bond_slave_1): Releasing backup interface
[  242.255065][T13428] team0: Port device team_slave_0 removed
[  242.274263][T13428] team0: Port device team_slave_1 removed
[  242.283427][T13428] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.291058][T13428] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.300382][T13428] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.307915][T13428] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.331140][T13430] bond0: option arp_interval: invalid value (18446744072034198015)
[  242.339334][T13430] bond0: option arp_interval: allowed values 0 - 2147483647
[  242.358234][T13440] FAULT_INJECTION: forcing a failure.
[  242.358234][T13440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.371402][T13440] CPU: 1 UID: 0 PID: 13440 Comm: syz.2.3154 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  242.371432][T13440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  242.371447][T13440] Call Trace:
[  242.371455][T13440]  <TASK>
[  242.371463][T13440]  dump_stack_lvl+0xf2/0x150
[  242.371495][T13440]  dump_stack+0x15/0x1a
[  242.371520][T13440]  should_fail_ex+0x24a/0x260
[  242.371595][T13440]  should_fail+0xb/0x10
[  242.371625][T13440]  should_fail_usercopy+0x1a/0x20
[  242.371667][T13440]  _copy_from_iter+0xd5/0xd00
[  242.371706][T13440]  ? kmalloc_reserve+0x16e/0x190
[  242.371801][T13440]  ? __build_skb_around+0x196/0x1f0
[  242.371823][T13440]  ? __alloc_skb+0x21f/0x310
[  242.371842][T13440]  ? __virt_addr_valid+0x1ed/0x250
[  242.371922][T13440]  ? __check_object_size+0x364/0x520
[  242.371969][T13440]  netlink_sendmsg+0x460/0x6e0
[  242.371996][T13440]  ? __pfx_netlink_sendmsg+0x10/0x10
[  242.372019][T13440]  __sock_sendmsg+0x140/0x180
[  242.372056][T13440]  ____sys_sendmsg+0x326/0x4b0
[  242.372137][T13440]  __sys_sendmsg+0x19d/0x230
[  242.372241][T13440]  __x64_sys_sendmsg+0x46/0x50
[  242.372267][T13440]  x64_sys_call+0x2734/0x2dc0
[  242.372348][T13440]  do_syscall_64+0xc9/0x1c0
[  242.372380][T13440]  ? clear_bhb_loop+0x55/0xb0
[  242.372534][T13440]  ? clear_bhb_loop+0x55/0xb0
[  242.372566][T13440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.372596][T13440] RIP: 0033:0x7fba4297d169
[  242.372616][T13440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.372636][T13440] RSP: 002b:00007fba40fe1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  242.372693][T13440] RAX: ffffffffffffffda RBX: 00007fba42b95fa0 RCX: 00007fba4297d169
[  242.372708][T13440] RDX: 0000000000004800 RSI: 0000400000006040 RDI: 0000000000000009
[  242.372723][T13440] RBP: 00007fba40fe1090 R08: 0000000000000000 R09: 0000000000000000
[  242.372737][T13440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  242.372751][T13440] R13: 0000000000000000 R14: 00007fba42b95fa0 R15: 00007fff7d637068
[  242.372772][T13440]  </TASK>
[  242.753511][T13456] loop4: detected capacity change from 0 to 1024
[  243.143262][T13471] xt_CT: You must specify a L4 protocol and not use inversions on it
[  243.246397][T13483] loop5: detected capacity change from 0 to 1024
[  243.603936][T13475] chnl_net:caif_netlink_parms(): no params data found
[  243.644371][T13506] loop3: detected capacity change from 0 to 1024
[  243.661514][T13506] EXT4-fs: Ignoring removed mblk_io_submit option
[  243.668118][T13506] EXT4-fs: Ignoring removed nobh option
[  243.673823][T13506] EXT4-fs: Ignoring removed bh option
[  243.739904][   T30] kauditd_printk_skb: 201 callbacks suppressed
[  243.739940][   T30] audit: type=1400 audit(1742321603.947:7269): avc:  denied  { quotaon } for  pid=13505 comm="syz.3.3172" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  243.797343][T13475] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.804488][T13475] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.827779][   T30] audit: type=1326 audit(1742321604.037:7270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  243.833386][T13475] bridge_slave_0: entered allmulticast mode
[  243.870478][   T30] audit: type=1326 audit(1742321604.077:7271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  243.894149][   T30] audit: type=1326 audit(1742321604.077:7272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  243.917707][   T30] audit: type=1326 audit(1742321604.077:7273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  243.919311][T13475] bridge_slave_0: entered promiscuous mode
[  243.941221][   T30] audit: type=1326 audit(1742321604.077:7274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  243.941255][   T30] audit: type=1326 audit(1742321604.077:7275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  243.994146][   T30] audit: type=1326 audit(1742321604.077:7276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  244.005517][T13475] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.017636][   T30] audit: type=1326 audit(1742321604.077:7277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  244.017670][   T30] audit: type=1326 audit(1742321604.077:7278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13521 comm="syz.4.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd75cd169 code=0x7ffc0000
[  244.024729][T13475] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.059717][T13475] bridge_slave_1: entered allmulticast mode
[  244.104567][T13475] bridge_slave_1: entered promiscuous mode
[  244.135298][T13506] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 16: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  244.185503][T13475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.204091][T13475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.233175][T13475] team0: Port device team_slave_0 added
[  244.239842][T13525] __nla_validate_parse: 14 callbacks suppressed
[  244.239856][T13525] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3176'.
[  244.240336][T13475] team0: Port device team_slave_1 added
[  244.298572][T13525] 8021q: adding VLAN 0 to HW filter on device team1
[  244.317172][T13475] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.324229][T13475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.350189][T13475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.364490][T13475] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.371528][T13475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.397900][T13475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.453651][T13527] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  244.468757][T13475] hsr_slave_0: entered promiscuous mode
[  244.478825][T13529] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3177'.
[  244.493496][T13475] hsr_slave_1: entered promiscuous mode
[  244.499512][T13533] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3180'.
[  244.520328][T13535] xt_CT: You must specify a L4 protocol and not use inversions on it
[  244.532536][T13533] vlan2: entered allmulticast mode
[  244.598904][T13475] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  244.608801][T13475] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.651690][T13541] xt_socket: unknown flags 0xc
[  244.664293][T13475] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  244.674130][T13475] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.704332][T13543] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3184'.
[  244.771803][T13552] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  244.784521][T13475] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  244.794511][T13475] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.795047][T13554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3189'.
[  244.821401][T13555] loop4: detected capacity change from 0 to 1024
[  244.833002][T13555] EXT4-fs: Ignoring removed nomblk_io_submit option
[  244.846287][T13554] 8021q: adding VLAN 0 to HW filter on device team5
[  244.867424][T13557] futex_wake_op: syz.0.3190 tries to shift op by -1; fix this program
[  244.885406][T13475] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  244.895425][T13475] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.916677][T13555] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3187'.
[  244.998653][T13564] futex_wake_op: syz.3.3191 tries to shift op by -1; fix this program
[  245.081914][T13475] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  245.124355][T13475] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  245.137908][T13475] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  245.159874][T13475] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  245.204965][T13475] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.217871][T13475] 8021q: adding VLAN 0 to HW filter on device team0
[  245.236113][ T1885] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.243234][ T1885] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.250731][T13575] loop5: detected capacity change from 0 to 512
[  245.258891][T13575] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  245.264022][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.274462][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.288450][T13575] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.3195: invalid block
[  245.305157][T13575] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3195: invalid indirect mapped block 4294967295 (level 1)
[  245.319940][T13575] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3195: invalid indirect mapped block 4294967295 (level 1)
[  245.337615][T13575] EXT4-fs (loop5): 2 truncates cleaned up
[  245.364190][T13581] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  245.379116][T13475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.407602][T13586] xt_socket: unknown flags 0xc
[  245.458828][T13475] veth0_vlan: entered promiscuous mode
[  245.468682][T13475] veth1_vlan: entered promiscuous mode
[  245.490426][T13475] veth0_macvtap: entered promiscuous mode
[  245.498229][T13475] veth1_macvtap: entered promiscuous mode
[  245.514896][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.525403][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.535420][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.545887][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.555828][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.566291][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.576202][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.586735][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.596601][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.607174][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.623526][T13475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.632159][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.642756][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.652708][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.663167][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.673049][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.683591][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.693564][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.704141][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.714039][T13475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.724520][T13475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.737026][T13475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.756041][T13475] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.764911][T13475] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.773728][T13475] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.782524][T13475] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.802366][T13600] netlink: 80 bytes leftover after parsing attributes in process `syz.4.3202'.
[  245.806681][T13602] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3201'.
[  245.837747][T13602] 8021q: adding VLAN 0 to HW filter on device team5
[  245.859202][T13600] xt_hashlimit: size too large, truncated to 1048576
[  245.890300][T13613] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3204'.
[  245.902800][T13613] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3204'.
[  245.943571][T13611] loop2: detected capacity change from 0 to 2048
[  245.958302][T13611] EXT4-fs: Ignoring removed oldalloc option
[  246.006785][T13616] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  246.023886][T13611] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  246.060587][T13616] xt_socket: unknown flags 0xc
[  246.136278][T13633] vlan0: entered allmulticast mode
[  246.265538][T13640] loop4: detected capacity change from 0 to 1024
[  246.266201][ T1885] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 345: padding at end of block bitmap is not set
[  246.272596][T13640] EXT4-fs: Ignoring removed nomblk_io_submit option
[  246.291383][ T1885] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 1020 with error 117
[  246.305900][ T1885] EXT4-fs (loop2): This should not happen!! Data will be lost
[  246.305900][ T1885] 
[  246.373598][T13642] loop5: detected capacity change from 0 to 512
[  246.381595][T13646] xt_hashlimit: size too large, truncated to 1048576
[  246.407047][T13642] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  246.415632][T13642] System zones: 0-2, 18-18, 34-34
[  246.423864][T13642] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3210: bg 0: block 248: padding at end of block bitmap is not set
[  246.440428][T13642] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3210: Failed to acquire dquot type 1
[  246.454569][T13642] EXT4-fs (loop5): 1 truncate cleaned up
[  246.461633][T13642] ext4 filesystem being mounted at /441/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.477389][T13642] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  246.491913][T13649] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  246.530974][T13649] xt_socket: unknown flags 0xc
[  246.634270][T13665] loop5: detected capacity change from 0 to 256
[  246.646668][T13661] 8021q: adding VLAN 0 to HW filter on device team1
[  246.749390][T13676] loop2: detected capacity change from 0 to 1024
[  246.799695][T13681] loop3: detected capacity change from 0 to 512
[  246.828371][T13681] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  246.844865][T13681] System zones: 0-2, 18-18, 34-34
[  246.851951][T13681] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3223: bg 0: block 248: padding at end of block bitmap is not set
[  246.867688][T13681] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3223: Failed to acquire dquot type 1
[  246.880204][T13681] EXT4-fs (loop3): 1 truncate cleaned up
[  246.886998][T13681] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.911195][T13681] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  246.951078][T13688] xt_hashlimit: size too large, truncated to 1048576
[  247.131662][T13691] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  247.172151][T13691] xt_socket: unknown flags 0xc
[  247.291837][T13703] netlink: 'syz.4.3228': attribute type 10 has an invalid length.
[  247.379930][T13707] loop5: detected capacity change from 0 to 1024
[  247.486161][T13716] loop3: detected capacity change from 0 to 512
[  247.607378][T13716] EXT4-fs (loop3): too many log groups per flexible block group
[  247.615144][T13716] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  247.695482][T13716] EXT4-fs (loop3): mount failed
[  247.730062][T13731] xt_hashlimit: size too large, truncated to 1048576
[  247.832126][T13727] loop4: detected capacity change from 0 to 2048
[  247.839015][T13727] EXT4-fs: Ignoring removed oldalloc option
[  247.857314][T13733] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  247.895757][T13727] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  247.944164][T13733] xt_socket: unknown flags 0xc
[  248.054199][T13742] 8021q: adding VLAN 0 to HW filter on device team6
[  248.174995][T13750] FAULT_INJECTION: forcing a failure.
[  248.174995][T13750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.188215][T13750] CPU: 0 UID: 0 PID: 13750 Comm: syz.5.3243 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  248.188315][T13750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  248.188327][T13750] Call Trace:
[  248.188334][T13750]  <TASK>
[  248.188342][T13750]  dump_stack_lvl+0xf2/0x150
[  248.188371][T13750]  dump_stack+0x15/0x1a
[  248.188396][T13750]  should_fail_ex+0x24a/0x260
[  248.188466][T13750]  should_fail+0xb/0x10
[  248.188550][T13750]  should_fail_usercopy+0x1a/0x20
[  248.188615][T13750]  _copy_from_iter+0xd5/0xd00
[  248.188649][T13750]  ? kmalloc_reserve+0x16e/0x190
[  248.188772][T13750]  ? __build_skb_around+0x196/0x1f0
[  248.188824][T13750]  ? __alloc_skb+0x21f/0x310
[  248.188861][T13750]  ? __virt_addr_valid+0x1ed/0x250
[  248.188886][T13750]  ? __check_object_size+0x364/0x520
[  248.188917][T13750]  netlink_sendmsg+0x460/0x6e0
[  248.188944][T13750]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.188965][T13750]  __sock_sendmsg+0x140/0x180
[  248.189045][T13750]  ____sys_sendmsg+0x326/0x4b0
[  248.189074][T13750]  __sys_sendmsg+0x19d/0x230
[  248.189113][T13750]  __x64_sys_sendmsg+0x46/0x50
[  248.189194][T13750]  x64_sys_call+0x2734/0x2dc0
[  248.189277][T13750]  do_syscall_64+0xc9/0x1c0
[  248.189309][T13750]  ? clear_bhb_loop+0x55/0xb0
[  248.189407][T13750]  ? clear_bhb_loop+0x55/0xb0
[  248.189438][T13750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.189480][T13750] RIP: 0033:0x7fd45d1ad169
[  248.189497][T13750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.189519][T13750] RSP: 002b:00007fd45b817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  248.189540][T13750] RAX: ffffffffffffffda RBX: 00007fd45d3c5fa0 RCX: 00007fd45d1ad169
[  248.189555][T13750] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000000000000003
[  248.189568][T13750] RBP: 00007fd45b817090 R08: 0000000000000000 R09: 0000000000000000
[  248.189582][T13750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.189593][T13750] R13: 0000000000000000 R14: 00007fd45d3c5fa0 R15: 00007ffc5b969fc8
[  248.189609][T13750]  </TASK>
[  248.438345][T13746] loop3: detected capacity change from 0 to 1024
[  248.566800][T13762] xt_CT: You must specify a L4 protocol and not use inversions on it
[  248.637887][T13770] 8021q: adding VLAN 0 to HW filter on device team2
[  248.741378][T13783] loop2: detected capacity change from 0 to 1024
[  248.759631][T13785] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  248.797546][T13788] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  248.798507][T13778] x_tables: unsorted underflow at hook 3
[  248.854343][   T51] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set
[  248.877180][T13794] xt_hashlimit: size too large, truncated to 1048576
[  248.915654][   T51] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  248.928576][   T51] EXT4-fs (loop4): This should not happen!! Data will be lost
[  248.928576][   T51] 
[  248.963705][T13475] EXT4-fs unmount: 78 callbacks suppressed
[  248.963720][T13475] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.992814][T13799] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  249.003632][T13799] xt_socket: unknown flags 0xc
[  249.061323][T13807] loop2: detected capacity change from 0 to 256
[  249.079460][T13809] xt_socket: unknown flags 0xc
[  249.083191][T13805] 8021q: adding VLAN 0 to HW filter on device team3
[  249.095879][   T29] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 1286 with error 28
[  249.108766][   T29] EXT4-fs (loop4): This should not happen!! Data will be lost
[  249.108766][   T29] 
[  249.118541][   T29] EXT4-fs (loop4): Total free blocks count 0
[  249.124620][   T29] EXT4-fs (loop4): Free/Dirty block details
[  249.130584][   T29] EXT4-fs (loop4): free_blocks=0
[  249.135561][   T29] EXT4-fs (loop4): dirty_blocks=1296
[  249.140879][   T29] EXT4-fs (loop4): Block reservation details
[  249.146961][   T29] EXT4-fs (loop4): i_reserved_data_blocks=81
[  249.171344][   T30] kauditd_printk_skb: 248 callbacks suppressed
[  249.171360][   T30] audit: type=1326 audit(1742321609.377:7521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.201251][   T30] audit: type=1326 audit(1742321609.377:7522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.229890][   T30] audit: type=1326 audit(1742321609.377:7523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.253533][   T30] audit: type=1326 audit(1742321609.377:7524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.277220][   T30] audit: type=1326 audit(1742321609.377:7525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.300790][   T30] audit: type=1326 audit(1742321609.437:7526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.324328][   T30] audit: type=1326 audit(1742321609.437:7527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.348073][   T30] audit: type=1326 audit(1742321609.437:7528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.372096][   T30] audit: type=1326 audit(1742321609.467:7529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.397194][   T30] audit: type=1326 audit(1742321609.487:7530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13810 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd45d1ad169 code=0x7ffc0000
[  249.434468][T13819] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  249.460140][T13821] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  249.483641][T13823] netlink: 'syz.4.3275': attribute type 10 has an invalid length.
[  249.548237][T13830] futex_wake_op: syz.4.3277 tries to shift op by -1; fix this program
[  249.585095][T13835] futex_wake_op: syz.0.3279 tries to shift op by -1; fix this program
[  249.645776][T13840] __nla_validate_parse: 23 callbacks suppressed
[  249.645794][T13840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3282'.
[  249.657375][T13838] loop2: detected capacity change from 0 to 1024
[  249.672057][T13842] xt_socket: unknown flags 0xc
[  249.688582][T13838] EXT4-fs: Ignoring removed mblk_io_submit option
[  249.696605][T13838] EXT4-fs: Ignoring removed nobh option
[  249.698817][T13840] 8021q: adding VLAN 0 to HW filter on device team5
[  249.702266][T13838] EXT4-fs: Ignoring removed bh option
[  249.747576][T13848] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  249.762448][T13852] loop3: detected capacity change from 0 to 256
[  249.773443][T13838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.795318][T13857] netlink: 'syz.0.3288': attribute type 10 has an invalid length.
[  249.808412][T13857] hsr_slave_0: left promiscuous mode
[  249.814513][T13857] hsr_slave_1: left promiscuous mode
[  249.925793][T13868] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  249.925847][T13867] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3293'.
[  249.962883][T13870] xt_socket: unknown flags 0xc
[  249.976434][T13864] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 16: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  249.979816][T13872] xt_CT: You must specify a L4 protocol and not use inversions on it
[  250.047467][T13878] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3297'.
[  250.076532][T13880] loop4: detected capacity change from 0 to 512
[  250.114860][T13475] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.129076][T13880] EXT4-fs (loop4): too many log groups per flexible block group
[  250.136880][T13880] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  250.146028][T13880] EXT4-fs (loop4): mount failed
[  250.157790][T13878] 8021q: adding VLAN 0 to HW filter on device team6
[  250.288149][ T3374] IPVS: starting estimator thread 0...
[  250.298514][T13891] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  250.345231][T13899] loop5: detected capacity change from 0 to 512
[  250.386019][T13899] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  250.392009][T13905] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13905 comm=syz.2.3306
[  250.403160][T13899] System zones: 0-2, 18-18, 34-34
[  250.407714][T13895] IPVS: using max 2304 ests per chain, 115200 per kthread
[  250.433403][T13899] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3304: bg 0: block 248: padding at end of block bitmap is not set
[  250.448441][T13899] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3304: Failed to acquire dquot type 1
[  250.462759][T13908] xt_socket: unknown flags 0xc
[  250.475428][T13910] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  250.494288][T13899] EXT4-fs (loop5): 1 truncate cleaned up
[  250.506640][T13899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.549974][T13899] ext4 filesystem being mounted at /462/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.586144][T13899] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  250.601921][T13917] loop2: detected capacity change from 0 to 512
[  250.657990][T13919] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3311'.
[  250.667486][T13899] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3304'.
[  250.673338][T13919] 8021q: adding VLAN 0 to HW filter on device team4
[  250.694228][T13917] EXT4-fs (loop2): too many log groups per flexible block group
[  250.701963][T13917] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  250.715982][T13917] EXT4-fs (loop2): mount failed
[  250.736011][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.803247][T13938] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  250.849542][T13942] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  250.861303][T13944] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3318'.
[  250.918924][T13951] loop4: detected capacity change from 0 to 1024
[  250.946636][T13953] netlink: 'syz.0.3323': attribute type 10 has an invalid length.
[  250.959662][T13951] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.973229][T13955] loop3: detected capacity change from 0 to 512
[  250.990398][T13955] EXT4-fs (loop3): too many log groups per flexible block group
[  250.998281][T13955] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  251.005730][T13955] EXT4-fs (loop3): mount failed
[  251.016685][T12019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.027900][T13963] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3326'.
[  251.038021][T13965] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3324'.
[  251.072293][T13969] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3327'.
[  251.085494][T13963] xt_hashlimit: size too large, truncated to 1048576
[  251.091480][T13966] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3328'.
[  251.135599][T13975] xt_CT: You must specify a L4 protocol and not use inversions on it
[  251.177555][T13976] xt_CT: You must specify a L4 protocol and not use inversions on it
[  251.224050][T13977] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  251.267583][T13982] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  251.278965][T13977] xt_socket: unknown flags 0xc
[  251.311218][T13987] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  251.393037][T13992] netlink: 'syz.3.3336': attribute type 10 has an invalid length.
[  251.393174][T13992] hsr_slave_0: left promiscuous mode
[  251.393649][T13992] hsr_slave_1: left promiscuous mode
[  251.509187][T14008] xt_hashlimit: size too large, truncated to 1048576
[  251.650024][T14013] xt_CT: You must specify a L4 protocol and not use inversions on it
[  251.691455][T14008] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  251.703617][T14008] xt_socket: unknown flags 0xc
[  251.718860][T14017] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  251.744037][T14020] xt_socket: unknown flags 0xc
[  251.781012][T14023] loop5: detected capacity change from 0 to 512
[  251.854893][T14023] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  251.864302][T14029] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  251.871981][T14029] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  251.882178][T14023] System zones: 0-2, 18-18, 34-34
[  251.911496][T14023] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3349: bg 0: block 248: padding at end of block bitmap is not set
[  251.958420][T14035] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  251.974555][T14023] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3349: Failed to acquire dquot type 1
[  252.000232][T14023] EXT4-fs (loop5): 1 truncate cleaned up
[  252.021826][T14023] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.062518][T14038] vlan0: entered allmulticast mode
[  252.062749][T14023] ext4 filesystem being mounted at /466/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.106045][T14023] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  252.135225][T14043] netlink: 'syz.4.3356': attribute type 16 has an invalid length.
[  252.149581][T14044] loop3: detected capacity change from 0 to 1024
[  252.165545][T14044] EXT4-fs: Ignoring removed mblk_io_submit option
[  252.173358][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.188147][T14044] EXT4-fs: Ignoring removed nobh option
[  252.193867][T14044] EXT4-fs: Ignoring removed bh option
[  252.237941][T14044] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.244277][T14050] xt_CT: You must specify a L4 protocol and not use inversions on it
[  252.287813][T14060] xt_socket: unknown flags 0xc
[  252.288301][T14048] tmpfs: Cannot enable swap on remount if it was disabled on first mount
[  252.302917][T14048] Cannot find add_set index 0 as target
[  252.319806][T14062] xt_hashlimit: size too large, truncated to 1048576
[  252.411106][T14044] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 16: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  252.450169][T14063] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  252.497238][T14063] xt_socket: unknown flags 0xc
[  252.504452][T12379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.517441][T14075] loop4: detected capacity change from 0 to 512
[  252.553516][T14077] loop3: detected capacity change from 0 to 2048
[  252.553775][T14075] EXT4-fs (loop4): too many log groups per flexible block group
[  252.560334][T14077] EXT4-fs: Ignoring removed bh option
[  252.567659][T14075] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  252.582841][T14075] EXT4-fs (loop4): mount failed
[  252.607222][T14077] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.647198][T14085] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  252.719637][T14087] netlink: 'syz.4.3370': attribute type 16 has an invalid length.
[  252.806429][T14097] xt_socket: unknown flags 0xc
[  252.835990][T14093] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #12: comm syz.3.3366: corrupted in-inode xattr: e_name out of bounds
[  252.926458][T14095] xt_CT: You must specify a L4 protocol and not use inversions on it
[  253.037806][T14111] xt_hashlimit: size too large, truncated to 1048576
[  253.063230][T14113] 8021q: adding VLAN 0 to HW filter on device team5
[  253.098524][T14117] netlink: 'syz.0.3381': attribute type 10 has an invalid length.
[  253.162324][T14123] futex_wake_op: syz.0.3383 tries to shift op by -1; fix this program
[  253.213580][T14119] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  253.226013][T14119] xt_socket: unknown flags 0xc
[  253.257080][T14129] loop5: detected capacity change from 0 to 1024
[  253.281759][T14088] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  253.317982][T14129] EXT4-fs: Ignoring removed nomblk_io_submit option
[  253.325302][T14088] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  253.337677][T14088] EXT4-fs (loop3): This should not happen!! Data will be lost
[  253.337677][T14088] 
[  253.347392][T14088] EXT4-fs (loop3): Total free blocks count 0
[  253.353682][T14088] EXT4-fs (loop3): Free/Dirty block details
[  253.359833][T14088] EXT4-fs (loop3): free_blocks=2415919104
[  253.361343][T14137] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  253.365588][T14088] EXT4-fs (loop3): dirty_blocks=8224
[  253.377860][T14088] EXT4-fs (loop3): Block reservation details
[  253.384011][T14088] EXT4-fs (loop3): i_reserved_data_blocks=514
[  253.392595][T14133] xt_hashlimit: size too large, truncated to 1048576
[  253.488981][T14129] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.524033][T14152] netlink: 'syz.2.3393': attribute type 10 has an invalid length.
[  253.531994][T14152] hsr_slave_0: left promiscuous mode
[  253.539905][T14152] hsr_slave_1: left promiscuous mode
[  253.547317][   T37] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[  253.586593][T14133] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  253.658853][T14156] futex_wake_op: syz.3.3394 tries to shift op by -1; fix this program
[  253.659315][T14158] siw: device registration error -23
[  253.711850][T14163] loop4: detected capacity change from 0 to 512
[  253.746051][T14163] EXT4-fs (loop4): too many log groups per flexible block group
[  253.753913][T14163] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  253.763034][T14163] EXT4-fs (loop4): mount failed
[  253.787402][T14171] 8021q: adding VLAN 0 to HW filter on device team7
[  253.808641][T14173] futex_wake_op: syz.2.3402 tries to shift op by -1; fix this program
[  253.870931][T14182] loop3: detected capacity change from 0 to 512
[  253.880427][T14182] EXT4-fs: Ignoring removed mblk_io_submit option
[  253.895735][T14182] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  253.906444][T14186] loop4: detected capacity change from 0 to 1024
[  253.914476][T14186] EXT4-fs: Ignoring removed mblk_io_submit option
[  253.924051][T14186] EXT4-fs: Ignoring removed nobh option
[  253.929701][T14186] EXT4-fs: Ignoring removed bh option
[  253.940868][T14182] EXT4-fs (loop3): 1 truncate cleaned up
[  253.948187][T14186] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.961872][T14182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.982959][T14182] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  254.002894][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.004885][T12379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.056588][T14196] futex_wake_op: syz.5.3412 tries to shift op by -1; fix this program
[  254.103683][T14201] 8021q: adding VLAN 0 to HW filter on device team2
[  254.133216][T14192] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 16: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  254.140536][T14205] 8021q: adding VLAN 0 to HW filter on device team3
[  254.225901][T14211] loop5: detected capacity change from 0 to 512
[  254.243828][T14211] EXT4-fs (loop5): too many log groups per flexible block group
[  254.251553][T14211] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  254.260389][T14211] EXT4-fs (loop5): mount failed
[  254.363721][T14228] vlan0: entered allmulticast mode
[  254.385088][T14230] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  254.470970][T14241] 8021q: adding VLAN 0 to HW filter on device team4
[  254.517360][T14254] loop3: detected capacity change from 0 to 512
[  254.557049][T14254] EXT4-fs (loop3): too many log groups per flexible block group
[  254.564948][T14254] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  254.573403][T14254] EXT4-fs (loop3): mount failed
[  254.636540][T14268] xt_CT: You must specify a L4 protocol and not use inversions on it
[  254.654146][T14271] loop3: detected capacity change from 0 to 2048
[  254.661460][T14271] EXT4-fs: Ignoring removed oldalloc option
[  254.686021][T14271] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.698359][T14278] __nla_validate_parse: 29 callbacks suppressed
[  254.698376][T14278] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3442'.
[  254.698494][T14271] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  254.725021][T14278] vlan0: entered allmulticast mode
[  254.746972][T12019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.835281][T14289] x_tables: unsorted underflow at hook 3
[  254.841571][   T37] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 345: padding at end of block bitmap is not set
[  254.860615][   T37] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 570 with error 117
[  254.873269][   T37] EXT4-fs (loop3): This should not happen!! Data will be lost
[  254.873269][   T37] 
[  254.913703][T12379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.938512][T14293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3446'.
[  254.957392][T14293] 8021q: adding VLAN 0 to HW filter on device team8
[  255.137949][T14306] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3453'.
[  255.149096][T14306] xt_CT: You must specify a L4 protocol and not use inversions on it
[  255.198276][   T30] kauditd_printk_skb: 254 callbacks suppressed
[  255.198292][   T30] audit: type=1326 audit(2000000005.690:7781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.201968][T14316] futex_wake_op: syz.3.3456 tries to shift op by -1; fix this program
[  255.204896][   T30] audit: type=1326 audit(2000000005.690:7782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.260311][   T30] audit: type=1326 audit(2000000005.690:7783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.284020][   T30] audit: type=1326 audit(2000000005.690:7784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.307579][   T30] audit: type=1326 audit(2000000005.690:7785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.331402][   T30] audit: type=1326 audit(2000000005.690:7786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.355552][   T30] audit: type=1326 audit(2000000005.690:7787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.379251][   T30] audit: type=1326 audit(2000000005.690:7788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.402902][   T30] audit: type=1326 audit(2000000005.690:7789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.426525][   T30] audit: type=1326 audit(2000000005.690:7790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.3.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b38b6d169 code=0x7ffc0000
[  255.506790][T14326] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  255.532392][T14320] loop5: detected capacity change from 0 to 2048
[  255.542094][T14320] EXT4-fs: Ignoring removed oldalloc option
[  255.552428][T14330] FAULT_INJECTION: forcing a failure.
[  255.552428][T14330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.565721][T14330] CPU: 0 UID: 0 PID: 14330 Comm: syz.3.3460 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  255.565752][T14330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  255.565766][T14330] Call Trace:
[  255.565775][T14330]  <TASK>
[  255.565784][T14330]  dump_stack_lvl+0xf2/0x150
[  255.565885][T14330]  dump_stack+0x15/0x1a
[  255.565930][T14330]  should_fail_ex+0x24a/0x260
[  255.566110][T14330]  should_fail+0xb/0x10
[  255.566189][T14330]  should_fail_usercopy+0x1a/0x20
[  255.566229][T14330]  _copy_from_iter+0xd5/0xd00
[  255.566325][T14330]  ? kmalloc_reserve+0x16e/0x190
[  255.566352][T14330]  ? __build_skb_around+0x196/0x1f0
[  255.566379][T14330]  ? __alloc_skb+0x21f/0x310
[  255.566400][T14330]  ? __virt_addr_valid+0x1ed/0x250
[  255.566472][T14330]  ? __check_object_size+0x364/0x520
[  255.566532][T14330]  netlink_sendmsg+0x460/0x6e0
[  255.566555][T14330]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.566577][T14330]  __sock_sendmsg+0x140/0x180
[  255.566624][T14330]  ____sys_sendmsg+0x326/0x4b0
[  255.566697][T14330]  __sys_sendmsg+0x19d/0x230
[  255.566746][T14330]  __x64_sys_sendmsg+0x46/0x50
[  255.566829][T14330]  x64_sys_call+0x2734/0x2dc0
[  255.566856][T14330]  do_syscall_64+0xc9/0x1c0
[  255.566888][T14330]  ? clear_bhb_loop+0x55/0xb0
[  255.566921][T14330]  ? clear_bhb_loop+0x55/0xb0
[  255.566956][T14330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.567073][T14330] RIP: 0033:0x7f1b38b6d169
[  255.567106][T14330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.567126][T14330] RSP: 002b:00007f1b371d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.567144][T14330] RAX: ffffffffffffffda RBX: 00007f1b38d85fa0 RCX: 00007f1b38b6d169
[  255.567156][T14330] RDX: 0000000000000004 RSI: 0000400000000280 RDI: 0000000000000003
[  255.567168][T14330] RBP: 00007f1b371d1090 R08: 0000000000000000 R09: 0000000000000000
[  255.567182][T14330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.567196][T14330] R13: 0000000000000000 R14: 00007f1b38d85fa0 R15: 00007fff0dc6d568
[  255.567260][T14330]  </TASK>
[  255.584579][T14320] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.793933][T14320] ext4 filesystem being mounted at /478/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  255.923209][   T85] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 345: padding at end of block bitmap is not set
[  255.926462][T14349] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3465'.
[  255.945340][   T85] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 581 with error 117
[  255.949350][T14349] xt_CT: You must specify a L4 protocol and not use inversions on it
[  255.959188][   T85] EXT4-fs (loop5): This should not happen!! Data will be lost
[  255.959188][   T85] 
[  256.040910][T14355] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  256.049391][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.097477][T14359] loop3: detected capacity change from 0 to 512
[  256.129463][T14359] EXT4-fs: Ignoring removed mblk_io_submit option
[  256.143686][T14359] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  256.215736][T14359] EXT4-fs (loop3): 1 truncate cleaned up
[  256.217584][T14366] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3467'.
[  256.237842][T14359] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.260618][T14359] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  256.261035][T14369] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  256.289616][T14366] vlan0: entered allmulticast mode
[  256.300163][T12379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.393547][T14378] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  256.560943][T14394] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3484'.
[  256.576001][T14394] xt_hashlimit: size too large, truncated to 1048576
[  256.591262][T14396] netlink: 80 bytes leftover after parsing attributes in process `syz.5.3485'.
[  256.604211][T14396] xt_hashlimit: size too large, truncated to 1048576
[  256.669417][T14400] loop4: detected capacity change from 0 to 256
[  256.738093][T14403] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3485'.
[  256.747800][T14403] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  256.758631][T14401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3484'.
[  256.785756][T14403] socket_mt_v2_check: 2 callbacks suppressed
[  256.785774][T14403] xt_socket: unknown flags 0xc
[  256.787063][T14401] xt_socket: unknown flags 0xc
[  256.904728][T14410] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3487'.
[  256.920412][T14410] 8021q: adding VLAN 0 to HW filter on device team6
[  256.960288][T14415] 8021q: adding VLAN 0 to HW filter on device team7
[  257.239578][T14429] loop3: detected capacity change from 0 to 4096
[  257.246884][T14429] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  257.338405][T14434] siw: device registration error -23
[  257.368484][T14436] xt_hashlimit: size too large, truncated to 1048576
[  257.444548][T14444] 8021q: adding VLAN 0 to HW filter on device team6
[  257.471813][T14439] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  257.525350][T14451] xt_socket: unknown flags 0xc
[  257.681336][T14463] loop5: detected capacity change from 0 to 512
[  257.688950][T14463] EXT4-fs: Ignoring removed mblk_io_submit option
[  257.697298][T14463] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  257.723371][T14463] EXT4-fs (loop5): 1 truncate cleaned up
[  257.729797][T14463] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.748899][T14463] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  257.758701][T14468] loop3: detected capacity change from 0 to 256
[  257.777729][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.856189][T14472] loop5: detected capacity change from 0 to 512
[  257.875073][T14472] EXT4-fs: Ignoring removed mblk_io_submit option
[  257.882030][T14472] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  257.894741][T14474] FAULT_INJECTION: forcing a failure.
[  257.894741][T14474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.896075][T14472] EXT4-fs (loop5): 1 truncate cleaned up
[  257.907912][T14474] CPU: 1 UID: 0 PID: 14474 Comm: syz.0.3510 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  257.907945][T14474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  257.908001][T14474] Call Trace:
[  257.908009][T14474]  <TASK>
[  257.908020][T14474]  dump_stack_lvl+0xf2/0x150
[  257.908059][T14474]  dump_stack+0x15/0x1a
[  257.908087][T14474]  should_fail_ex+0x24a/0x260
[  257.908157][T14474]  should_fail+0xb/0x10
[  257.908192][T14474]  should_fail_usercopy+0x1a/0x20
[  257.908277][T14474]  _copy_from_user+0x1c/0xa0
[  257.908345][T14474]  io_submit_one+0x54/0x1230
[  257.908392][T14474]  ? __rcu_read_unlock+0x4e/0x70
[  257.908455][T14474]  __se_sys_io_submit+0xf5/0x280
[  257.908498][T14474]  __x64_sys_io_submit+0x43/0x50
[  257.908535][T14474]  x64_sys_call+0x2c20/0x2dc0
[  257.908570][T14474]  do_syscall_64+0xc9/0x1c0
[  257.908664][T14474]  ? clear_bhb_loop+0x55/0xb0
[  257.908726][T14474]  ? clear_bhb_loop+0x55/0xb0
[  257.908760][T14474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.908795][T14474] RIP: 0033:0x7f15e8add169
[  257.908815][T14474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.908839][T14474] RSP: 002b:00007f15e7147038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  257.908881][T14474] RAX: ffffffffffffffda RBX: 00007f15e8cf5fa0 RCX: 00007f15e8add169
[  257.908897][T14474] RDX: 00004000000000c0 RSI: 0000000000000001 RDI: 00007f15e9833000
[  257.908913][T14474] RBP: 00007f15e7147090 R08: 0000000000000000 R09: 0000000000000000
[  257.908928][T14474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.908944][T14474] R13: 0000000000000000 R14: 00007f15e8cf5fa0 R15: 00007ffcfee07968
[  257.909024][T14474]  </TASK>
[  258.089195][T14472] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.117799][T14472] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  258.127260][T14477] netlink: 'syz.3.3511': attribute type 3 has an invalid length.
[  258.140259][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.191785][T14479] xt_CT: You must specify a L4 protocol and not use inversions on it
[  258.346867][T14498] netlink: zone id is out of range
[  258.352100][T14498] netlink: zone id is out of range
[  258.357657][T14498] netlink: zone id is out of range
[  258.458884][T14505] tipc: Failed to remove unknown binding: 66,1,1/0:3365483179/3365483181
[  258.468377][T14505] tipc: Failed to remove unknown binding: 66,1,1/0:3365483179/3365483181
[  258.476910][T14505] tipc: Failed to remove unknown binding: 66,1,1/0:3365483179/3365483181
[  258.487657][T14506] loop5: detected capacity change from 0 to 128
[  258.531122][T14506] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  258.555422][T14508] loop3: detected capacity change from 0 to 8192
[  258.562082][T14508] vfat: Unknown parameter '01777777777777777777777'
[  258.589742][T14506] ext4 filesystem being mounted at /495/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.611611][T14508] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.686130][T14508] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.712131][T14523] vlan0: entered allmulticast mode
[  258.741985][T14526] xt_hashlimit: size too large, truncated to 1048576
[  258.751520][T14508] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.875665][T14508] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.891957][T14532] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  258.929380][T14526] xt_socket: unknown flags 0xc
[  258.972251][T14508] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.988385][T14508] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.003909][T14508] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.017399][T14508] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.156817][T14545] 8021q: adding VLAN 0 to HW filter on device team5
[  259.237858][T14555] net_ratelimit: 17 callbacks suppressed
[  259.237934][T14555] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  259.308756][T14561] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  259.384702][T14564] xt_hashlimit: size too large, truncated to 1048576
[  259.491066][T14573] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  259.560561][T14570] xt_socket: unknown flags 0xc
[  259.681423][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811974fc00: rx timeout, send abort
[  259.698412][T14587] vlan0: entered allmulticast mode
[  259.703977][T14589] FAULT_INJECTION: forcing a failure.
[  259.703977][T14589] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.717164][T14589] CPU: 0 UID: 0 PID: 14589 Comm: syz.4.3548 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  259.717199][T14589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  259.717243][T14589] Call Trace:
[  259.717253][T14589]  <TASK>
[  259.717263][T14589]  dump_stack_lvl+0xf2/0x150
[  259.717358][T14589]  dump_stack+0x15/0x1a
[  259.717387][T14589]  should_fail_ex+0x24a/0x260
[  259.717428][T14589]  should_fail+0xb/0x10
[  259.717463][T14589]  should_fail_usercopy+0x1a/0x20
[  259.717560][T14589]  _copy_from_iter+0xd5/0xd00
[  259.717599][T14589]  ? kmalloc_reserve+0x16e/0x190
[  259.717634][T14589]  ? __build_skb_around+0x196/0x1f0
[  259.717662][T14589]  ? __alloc_skb+0x21f/0x310
[  259.717686][T14589]  ? __virt_addr_valid+0x1ed/0x250
[  259.717738][T14589]  ? __check_object_size+0x364/0x520
[  259.717770][T14589]  netlink_sendmsg+0x460/0x6e0
[  259.717799][T14589]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.717823][T14589]  __sock_sendmsg+0x140/0x180
[  259.717864][T14589]  ____sys_sendmsg+0x326/0x4b0
[  259.717916][T14589]  __sys_sendmsg+0x19d/0x230
[  259.717966][T14589]  __x64_sys_sendmsg+0x46/0x50
[  259.718053][T14589]  x64_sys_call+0x2734/0x2dc0
[  259.718086][T14589]  do_syscall_64+0xc9/0x1c0
[  259.718139][T14589]  ? clear_bhb_loop+0x55/0xb0
[  259.718216][T14589]  ? clear_bhb_loop+0x55/0xb0
[  259.718276][T14589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.718309][T14589] RIP: 0033:0x7f3fd75cd169
[  259.718328][T14589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.718365][T14589] RSP: 002b:00007f3fd5c37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.718443][T14589] RAX: ffffffffffffffda RBX: 00007f3fd77e5fa0 RCX: 00007f3fd75cd169
[  259.718456][T14589] RDX: 0000000000000000 RSI: 0000400000000040 RDI: 0000000000000003
[  259.718470][T14589] RBP: 00007f3fd5c37090 R08: 0000000000000000 R09: 0000000000000000
[  259.718484][T14589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.718497][T14589] R13: 0000000000000000 R14: 00007f3fd77e5fa0 R15: 00007ffc9cf29c88
[  259.718518][T14589]  </TASK>
[  259.971421][T14592] __nla_validate_parse: 16 callbacks suppressed
[  259.971438][T14592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3552'.
[  259.993065][T14592] 8021q: adding VLAN 0 to HW filter on device team7
[  260.003436][T14594] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3553'.
[  260.044099][T14594] vlan0: entered allmulticast mode
[  260.070812][T14601] loop4: detected capacity change from 0 to 512
[  260.090781][T14603] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  260.107765][T14601] EXT4-fs (loop4): too many log groups per flexible block group
[  260.115553][T14601] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  260.132592][T14601] EXT4-fs (loop4): mount failed
[  260.144548][T14611] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3557'.
[  260.175252][T14611] xt_hashlimit: size too large, truncated to 1048576
[  260.189726][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811974fc00: abort rx timeout. Force session deactivation
[  260.301751][T14619] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3557'.
[  260.318227][T14619] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  260.403442][T14619] xt_socket: unknown flags 0xc
[  260.467186][T14632] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  260.556964][T14635] FAULT_INJECTION: forcing a failure.
[  260.556964][T14635] name failslab, interval 1, probability 0, space 0, times 0
[  260.569708][T14635] CPU: 1 UID: 0 PID: 14635 Comm: syz.2.3563 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  260.569738][T14635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  260.569751][T14635] Call Trace:
[  260.569758][T14635]  <TASK>
[  260.569766][T14635]  dump_stack_lvl+0xf2/0x150
[  260.569871][T14635]  dump_stack+0x15/0x1a
[  260.569900][T14635]  should_fail_ex+0x24a/0x260
[  260.569939][T14635]  should_failslab+0x8f/0xb0
[  260.569974][T14635]  kmem_cache_alloc_noprof+0x52/0x320
[  260.569996][T14635]  ? security_file_alloc+0x32/0x100
[  260.570033][T14635]  security_file_alloc+0x32/0x100
[  260.570060][T14635]  init_file+0x5d/0x1b0
[  260.570096][T14635]  alloc_empty_file+0xea/0x200
[  260.570121][T14635]  path_openat+0x6a/0x1fc0
[  260.570149][T14635]  ? _parse_integer_limit+0x167/0x180
[  260.570230][T14635]  ? _parse_integer+0x27/0x30
[  260.570254][T14635]  ? kstrtoull+0x110/0x140
[  260.570278][T14635]  ? kstrtouint+0x77/0xc0
[  260.570360][T14635]  ? kstrtouint_from_user+0xb0/0xe0
[  260.570389][T14635]  do_filp_open+0x107/0x230
[  260.570428][T14635]  do_sys_openat2+0xab/0x120
[  260.570454][T14635]  __x64_sys_openat+0xf3/0x120
[  260.570495][T14635]  x64_sys_call+0x2b30/0x2dc0
[  260.570522][T14635]  do_syscall_64+0xc9/0x1c0
[  260.570627][T14635]  ? clear_bhb_loop+0x55/0xb0
[  260.570655][T14635]  ? clear_bhb_loop+0x55/0xb0
[  260.570682][T14635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.570710][T14635] RIP: 0033:0x7fd0c2d7d169
[  260.570729][T14635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.570826][T14635] RSP: 002b:00007fd0c13c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  260.570848][T14635] RAX: ffffffffffffffda RBX: 00007fd0c2f96080 RCX: 00007fd0c2d7d169
[  260.570870][T14635] RDX: 0000000000004100 RSI: 0000400000000140 RDI: ffffffffffffff9c
[  260.570885][T14635] RBP: 00007fd0c13c0090 R08: 0000000000000000 R09: 0000000000000000
[  260.570899][T14635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.570913][T14635] R13: 0000000000000001 R14: 00007fd0c2f96080 R15: 00007fff1a88ea78
[  260.570933][T14635]  </TASK>
[  260.653601][T14630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.793162][T14630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.802446][   T30] kauditd_printk_skb: 83 callbacks suppressed
[  260.808635][   T30] audit: type=1400 audit(2000000011.290:7874): avc:  denied  { mount } for  pid=14629 comm="syz.4.3562" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  260.831463][   T30] audit: type=1400 audit(2000000011.300:7875): avc:  denied  { remount } for  pid=14629 comm="syz.4.3562" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  260.854686][ T7102] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  260.875309][T14637] netlink: 80 bytes leftover after parsing attributes in process `syz.5.3564'.
[  260.886509][T14637] xt_hashlimit: size too large, truncated to 1048576
[  260.931496][   T30] audit: type=1326 audit(2000000011.420:7876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14638 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  260.958827][   T30] audit: type=1326 audit(2000000011.450:7877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14638 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  260.982517][   T30] audit: type=1326 audit(2000000011.450:7878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14638 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  261.006183][   T30] audit: type=1326 audit(2000000011.450:7879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14638 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  261.029745][   T30] audit: type=1326 audit(2000000011.450:7880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14638 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  261.053375][   T30] audit: type=1326 audit(2000000011.450:7881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14638 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  261.077108][   T30] audit: type=1326 audit(2000000011.450:7882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14638 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  261.100738][   T30] audit: type=1326 audit(2000000011.450:7883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14638 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  261.141880][T14637] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3564'.
[  261.151035][T14637] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  261.155373][T14644] FAULT_INJECTION: forcing a failure.
[  261.155373][T14644] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.173697][T14644] CPU: 0 UID: 0 PID: 14644 Comm: syz.3.3566 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  261.173740][T14644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  261.173755][T14644] Call Trace:
[  261.173763][T14644]  <TASK>
[  261.173772][T14644]  dump_stack_lvl+0xf2/0x150
[  261.173842][T14644]  dump_stack+0x15/0x1a
[  261.173890][T14644]  should_fail_ex+0x24a/0x260
[  261.173923][T14644]  should_fail+0xb/0x10
[  261.174036][T14644]  should_fail_usercopy+0x1a/0x20
[  261.174097][T14644]  _copy_from_iter+0xd5/0xd00
[  261.174131][T14644]  ? kmalloc_reserve+0x16e/0x190
[  261.174171][T14644]  ? __build_skb_around+0x196/0x1f0
[  261.174231][T14644]  ? __alloc_skb+0x21f/0x310
[  261.174255][T14644]  ? __virt_addr_valid+0x1ed/0x250
[  261.174284][T14644]  ? __check_object_size+0x364/0x520
[  261.174313][T14644]  netlink_sendmsg+0x460/0x6e0
[  261.174335][T14644]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.174408][T14644]  __sock_sendmsg+0x140/0x180
[  261.174445][T14644]  ____sys_sendmsg+0x326/0x4b0
[  261.174481][T14644]  __sys_sendmsg+0x19d/0x230
[  261.174526][T14644]  __x64_sys_sendmsg+0x46/0x50
[  261.174629][T14644]  x64_sys_call+0x2734/0x2dc0
[  261.174661][T14644]  do_syscall_64+0xc9/0x1c0
[  261.174692][T14644]  ? clear_bhb_loop+0x55/0xb0
[  261.174721][T14644]  ? clear_bhb_loop+0x55/0xb0
[  261.174805][T14644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.174837][T14644] RIP: 0033:0x7f1b38b6d169
[  261.174852][T14644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.174870][T14644] RSP: 002b:00007f1b371d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.174889][T14644] RAX: ffffffffffffffda RBX: 00007f1b38d85fa0 RCX: 00007f1b38b6d169
[  261.174902][T14644] RDX: 0000000000004000 RSI: 0000400000000200 RDI: 0000000000000003
[  261.174917][T14644] RBP: 00007f1b371d1090 R08: 0000000000000000 R09: 0000000000000000
[  261.174989][T14644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.175000][T14644] R13: 0000000000000000 R14: 00007f1b38d85fa0 R15: 00007fff0dc6d568
[  261.175022][T14644]  </TASK>
[  261.178057][T14637] xt_socket: unknown flags 0xc
[  261.398841][T14651] loop3: detected capacity change from 0 to 1024
[  261.408145][T14651] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.417903][T14651] EXT4-fs: Ignoring removed nobh option
[  261.423562][T14651] EXT4-fs: Ignoring removed bh option
[  261.446238][T14651] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.482204][T14658] 8021q: adding VLAN 0 to HW filter on device batadv1
[  261.490357][T14658] team0: Port device batadv1 added
[  261.516907][T14651] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 16: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  261.530132][T14662] netlink: 80 bytes leftover after parsing attributes in process `syz.5.3572'.
[  261.544567][T14662] xt_hashlimit: size too large, truncated to 1048576
[  261.604255][T12379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.627639][T14668] xt_policy: too many policy elements
[  261.645881][T14669] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3576'.
[  261.672847][T14665] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3572'.
[  261.698809][T14669] 8021q: adding VLAN 0 to HW filter on device team8
[  261.725498][T14677] xt_socket: unknown flags 0xc
[  261.734214][T14665] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  261.743942][T14676] 8021q: VLANs not supported on gre0
[  261.807484][T14687] x_tables: unsorted underflow at hook 3
[  261.839851][T14689] futex_wake_op: syz.0.3580 tries to shift op by -1; fix this program
[  261.843285][T14682] loop4: detected capacity change from 0 to 2048
[  261.867297][T14682] EXT4-fs: Ignoring removed oldalloc option
[  261.881117][T14694] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3581'.
[  261.926127][T14694] vlan0: entered allmulticast mode
[  261.947551][T14682] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.960340][T14682] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  261.969484][T14702] 8021q: adding VLAN 0 to HW filter on device team6
[  262.041851][T14708] FAULT_INJECTION: forcing a failure.
[  262.041851][T14708] name failslab, interval 1, probability 0, space 0, times 0
[  262.054677][T14708] CPU: 0 UID: 0 PID: 14708 Comm: syz.2.3585 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  262.054706][T14708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  262.054720][T14708] Call Trace:
[  262.054816][T14708]  <TASK>
[  262.054826][T14708]  dump_stack_lvl+0xf2/0x150
[  262.054856][T14708]  dump_stack+0x15/0x1a
[  262.054879][T14708]  should_fail_ex+0x24a/0x260
[  262.054969][T14708]  should_failslab+0x8f/0xb0
[  262.055006][T14708]  kmem_cache_alloc_node_noprof+0x59/0x320
[  262.055087][T14708]  ? __alloc_skb+0x10b/0x310
[  262.055110][T14708]  __alloc_skb+0x10b/0x310
[  262.055133][T14708]  ? audit_log_start+0x34c/0x6b0
[  262.055167][T14708]  audit_log_start+0x368/0x6b0
[  262.055209][T14708]  audit_seccomp+0x4b/0x130
[  262.055265][T14708]  __seccomp_filter+0x6fa/0x1180
[  262.055295][T14708]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  262.055333][T14708]  ? vfs_write+0x644/0x920
[  262.055402][T14708]  __secure_computing+0x9f/0x1c0
[  262.055477][T14708]  syscall_trace_enter+0xd1/0x1f0
[  262.055507][T14708]  do_syscall_64+0xaa/0x1c0
[  262.055570][T14708]  ? clear_bhb_loop+0x55/0xb0
[  262.055600][T14708]  ? clear_bhb_loop+0x55/0xb0
[  262.055628][T14708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.055681][T14708] RIP: 0033:0x7fd0c2d7d169
[  262.055696][T14708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.055828][T14708] RSP: 002b:00007fd0c13e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000010b
[  262.055851][T14708] RAX: ffffffffffffffda RBX: 00007fd0c2f95fa0 RCX: 00007fd0c2d7d169
[  262.055867][T14708] RDX: 0000400000002780 RSI: 0000400000000040 RDI: 0000000000000006
[  262.055883][T14708] RBP: 00007fd0c13e1090 R08: 0000000000000000 R09: 0000000000000000
[  262.055898][T14708] R10: 0000000000001010 R11: 0000000000000246 R12: 0000000000000001
[  262.055913][T14708] R13: 0000000000000000 R14: 00007fd0c2f95fa0 R15: 00007fff1a88ea78
[  262.055936][T14708]  </TASK>
[  262.288685][   T85] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 345: padding at end of block bitmap is not set
[  262.331068][T14715] 8021q: adding VLAN 0 to HW filter on device team9
[  262.332548][   T85] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 672 with error 117
[  262.348375][T14717] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  262.350313][   T85] EXT4-fs (loop4): This should not happen!! Data will be lost
[  262.350313][   T85] 
[  262.414821][T12019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.464424][T14725] xt_CT: You must specify a L4 protocol and not use inversions on it
[  262.484131][T14731] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  262.506436][T14733] xt_CT: You must specify a L4 protocol and not use inversions on it
[  262.588076][T14739] loop4: detected capacity change from 0 to 512
[  262.597535][T14739] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.624573][T14739] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  262.640363][T14743] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  262.651076][T14739] EXT4-fs (loop4): 1 truncate cleaned up
[  262.657665][T14739] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.676141][T14739] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  262.705798][T12019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.777350][T14749] loop3: detected capacity change from 0 to 2048
[  262.785340][T14749] EXT4-fs: Ignoring removed bh option
[  262.838531][T14749] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.866428][T14764] loop5: detected capacity change from 0 to 512
[  262.941436][T14764] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.982589][T14764] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  263.026144][T14764] EXT4-fs (loop5): 1 truncate cleaned up
[  263.034792][T14764] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.053801][T14773] loop4: detected capacity change from 0 to 1024
[  263.055455][T14764] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  263.101754][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.127610][T14773] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.166936][T14782] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  263.215138][T12019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.255729][T14784] xt_socket: unknown flags 0xc
[  263.274356][T14786] siw: device registration error -23
[  263.348312][T14796] 8021q: adding VLAN 0 to HW filter on device team7
[  263.411713][T14801] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  263.436090][T14801] SELinux: failed to load policy
[  263.460653][T14771] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  263.473730][T14805] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  263.515667][T14807] FAULT_INJECTION: forcing a failure.
[  263.515667][T14807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.528810][T14807] CPU: 1 UID: 0 PID: 14807 Comm: syz.0.3627 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  263.528837][T14807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  263.528858][T14807] Call Trace:
[  263.528866][T14807]  <TASK>
[  263.528873][T14807]  dump_stack_lvl+0xf2/0x150
[  263.528901][T14807]  dump_stack+0x15/0x1a
[  263.528922][T14807]  should_fail_ex+0x24a/0x260
[  263.529036][T14807]  should_fail+0xb/0x10
[  263.529070][T14807]  should_fail_usercopy+0x1a/0x20
[  263.529118][T14807]  _copy_to_user+0x20/0xa0
[  263.529140][T14807]  simple_read_from_buffer+0xa0/0x110
[  263.529171][T14807]  proc_fail_nth_read+0xf9/0x140
[  263.529202][T14807]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  263.529281][T14807]  vfs_read+0x19b/0x6f0
[  263.529312][T14807]  ? __rcu_read_unlock+0x4e/0x70
[  263.529385][T14807]  ? __fget_files+0x17c/0x1c0
[  263.529428][T14807]  ksys_read+0xe8/0x1b0
[  263.529462][T14807]  __x64_sys_read+0x42/0x50
[  263.529493][T14807]  x64_sys_call+0x2874/0x2dc0
[  263.529583][T14807]  do_syscall_64+0xc9/0x1c0
[  263.529622][T14807]  ? clear_bhb_loop+0x55/0xb0
[  263.529649][T14807]  ? clear_bhb_loop+0x55/0xb0
[  263.529676][T14807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.529746][T14807] RIP: 0033:0x7f15e8adbb7c
[  263.529766][T14807] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  263.529788][T14807] RSP: 002b:00007f15e7147030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  263.529810][T14807] RAX: ffffffffffffffda RBX: 00007f15e8cf5fa0 RCX: 00007f15e8adbb7c
[  263.529826][T14807] RDX: 000000000000000f RSI: 00007f15e71470a0 RDI: 0000000000000004
[  263.529841][T14807] RBP: 00007f15e7147090 R08: 0000000000000000 R09: 0000000000000000
[  263.529926][T14807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.529941][T14807] R13: 0000000000000000 R14: 00007f15e8cf5fa0 R15: 00007ffcfee07968
[  263.529963][T14807]  </TASK>
[  263.750271][T14771] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  263.762646][T14771] EXT4-fs (loop3): This should not happen!! Data will be lost
[  263.762646][T14771] 
[  263.772411][T14771] EXT4-fs (loop3): Total free blocks count 0
[  263.778465][T14771] EXT4-fs (loop3): Free/Dirty block details
[  263.784473][T14771] EXT4-fs (loop3): free_blocks=2415919104
[  263.790219][T14771] EXT4-fs (loop3): dirty_blocks=8224
[  263.795570][T14771] EXT4-fs (loop3): Block reservation details
[  263.801667][T14771] EXT4-fs (loop3): i_reserved_data_blocks=514
[  263.810526][T14809] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  263.859976][   T51] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[  263.888832][T14813] xt_socket: unknown flags 0xc
[  263.991441][T14822] 8021q: adding VLAN 0 to HW filter on device team7
[  263.992613][T14819] siw: device registration error -23
[  264.017692][T14823] 8021q: adding VLAN 0 to HW filter on device team10
[  264.023830][T14825] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  264.036898][T14825] SELinux: failed to load policy
[  264.081906][T14833] FAULT_INJECTION: forcing a failure.
[  264.081906][T14833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.095370][T14833] CPU: 1 UID: 0 PID: 14833 Comm: syz.3.3640 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  264.095459][T14833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.095474][T14833] Call Trace:
[  264.095481][T14833]  <TASK>
[  264.095491][T14833]  dump_stack_lvl+0xf2/0x150
[  264.095521][T14833]  dump_stack+0x15/0x1a
[  264.095612][T14833]  should_fail_ex+0x24a/0x260
[  264.095757][T14833]  should_fail+0xb/0x10
[  264.095788][T14833]  should_fail_usercopy+0x1a/0x20
[  264.095821][T14833]  _copy_from_iter+0xd5/0xd00
[  264.095856][T14833]  ? kmalloc_reserve+0x16e/0x190
[  264.095917][T14833]  ? __build_skb_around+0x196/0x1f0
[  264.095939][T14833]  ? __alloc_skb+0x21f/0x310
[  264.095963][T14833]  ? __virt_addr_valid+0x1ed/0x250
[  264.095993][T14833]  ? __check_object_size+0x364/0x520
[  264.096097][T14833]  netlink_sendmsg+0x460/0x6e0
[  264.096123][T14833]  ? __pfx_netlink_sendmsg+0x10/0x10
[  264.096146][T14833]  __sock_sendmsg+0x140/0x180
[  264.096185][T14833]  ____sys_sendmsg+0x326/0x4b0
[  264.096284][T14833]  __sys_sendmsg+0x19d/0x230
[  264.096325][T14833]  __x64_sys_sendmsg+0x46/0x50
[  264.096372][T14833]  x64_sys_call+0x2734/0x2dc0
[  264.096397][T14833]  do_syscall_64+0xc9/0x1c0
[  264.096430][T14833]  ? clear_bhb_loop+0x55/0xb0
[  264.096501][T14833]  ? clear_bhb_loop+0x55/0xb0
[  264.096548][T14833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.096579][T14833] RIP: 0033:0x7f1b38b6d169
[  264.096596][T14833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.096641][T14833] RSP: 002b:00007f1b371d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.096688][T14833] RAX: ffffffffffffffda RBX: 00007f1b38d85fa0 RCX: 00007f1b38b6d169
[  264.096704][T14833] RDX: 0000000000000000 RSI: 0000400000000dc0 RDI: 0000000000000003
[  264.096719][T14833] RBP: 00007f1b371d1090 R08: 0000000000000000 R09: 0000000000000000
[  264.096734][T14833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.096812][T14833] R13: 0000000000000000 R14: 00007f1b38d85fa0 R15: 00007fff0dc6d568
[  264.096836][T14833]  </TASK>
[  264.109804][T14837] FAULT_INJECTION: forcing a failure.
[  264.109804][T14837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.238103][T14846] xt_socket: unknown flags 0xc
[  264.240734][T14837] CPU: 0 UID: 0 PID: 14837 Comm: syz.0.3642 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  264.240763][T14837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.240775][T14837] Call Trace:
[  264.240781][T14837]  <TASK>
[  264.240789][T14837]  dump_stack_lvl+0xf2/0x150
[  264.240851][T14837]  dump_stack+0x15/0x1a
[  264.240880][T14837]  should_fail_ex+0x24a/0x260
[  264.240926][T14837]  should_fail+0xb/0x10
[  264.240960][T14837]  should_fail_usercopy+0x1a/0x20
[  264.241016][T14837]  _copy_from_iter+0xd5/0xd00
[  264.241056][T14837]  ? kmalloc_reserve+0x16e/0x190
[  264.241091][T14837]  ? __build_skb_around+0x196/0x1f0
[  264.241118][T14837]  ? __alloc_skb+0x21f/0x310
[  264.241144][T14837]  ? __virt_addr_valid+0x1ed/0x250
[  264.241175][T14837]  ? __check_object_size+0x364/0x520
[  264.241269][T14837]  netlink_sendmsg+0x460/0x6e0
[  264.241297][T14837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  264.241320][T14837]  __sock_sendmsg+0x140/0x180
[  264.241361][T14837]  ____sys_sendmsg+0x326/0x4b0
[  264.241465][T14837]  __sys_sendmsg+0x19d/0x230
[  264.241585][T14837]  __x64_sys_sendmsg+0x46/0x50
[  264.241616][T14837]  x64_sys_call+0x2734/0x2dc0
[  264.241719][T14837]  do_syscall_64+0xc9/0x1c0
[  264.241786][T14837]  ? clear_bhb_loop+0x55/0xb0
[  264.241868][T14837]  ? clear_bhb_loop+0x55/0xb0
[  264.241909][T14837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.241950][T14837] RIP: 0033:0x7f15e8add169
[  264.241969][T14837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.241992][T14837] RSP: 002b:00007f15e7147038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.242015][T14837] RAX: ffffffffffffffda RBX: 00007f15e8cf5fa0 RCX: 00007f15e8add169
[  264.242030][T14837] RDX: 0000000000000000 RSI: 0000400000000dc0 RDI: 0000000000000003
[  264.242046][T14837] RBP: 00007f15e7147090 R08: 0000000000000000 R09: 0000000000000000
[  264.242060][T14837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.242088][T14837] R13: 0000000000000000 R14: 00007f15e8cf5fa0 R15: 00007ffcfee07968
[  264.242111][T14837]  </TASK>
[  264.577585][T14854] 8021q: adding VLAN 0 to HW filter on device team8
[  264.599708][T14856] 8021q: adding VLAN 0 to HW filter on device team8
[  264.616517][T14859] siw: device registration error -23
[  264.643245][T14860] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  264.737052][T14876] netlink: 'syz.0.3657': attribute type 10 has an invalid length.
[  264.837008][T14882] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.880863][T14885] 8021q: adding VLAN 0 to HW filter on device batadv0
[  264.888888][T14885] team0: Port device batadv0 added
[  264.901528][T14889] 8021q: adding VLAN 0 to HW filter on device team11
[  264.920038][T14882] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.934681][T14893] siw: device registration error -23
[  264.950939][T14902] loop4: detected capacity change from 0 to 1024
[  264.994921][T14904] loop3: detected capacity change from 0 to 1024
[  265.026935][T14902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.027621][T14904] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.056115][T12379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.069792][T14882] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.073831][T14913] netlink: 'syz.0.3671': attribute type 10 has an invalid length.
[  265.173657][T14882] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.224592][T14919] x_tables: unsorted underflow at hook 3
[  265.274711][T14882] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.326042][T14882] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.346420][T14882] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  265.431256][T14882] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  265.521774][T14924] loop3: detected capacity change from 0 to 1024
[  265.550394][T14924] EXT4-fs: Ignoring removed mblk_io_submit option
[  265.574754][T14924] EXT4-fs: Ignoring removed nobh option
[  265.580473][T14924] EXT4-fs: Ignoring removed bh option
[  265.599027][T14926] xt_socket: unknown flags 0xc
[  265.616945][T14924] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.647049][T14930] loop5: detected capacity change from 0 to 512
[  265.665895][T14930] EXT4-fs (loop5): too many log groups per flexible block group
[  265.673718][T14930] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  265.681134][T14930] EXT4-fs (loop5): mount failed
[  265.762914][T14935] 8021q: adding VLAN 0 to HW filter on device batadv2
[  265.771428][T14935] team0: Port device batadv2 added
[  265.774054][T14924] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 16: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  265.793436][T12019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.822603][T12379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.861095][T14943] loop3: detected capacity change from 0 to 512
[  265.862043][T14937] __nla_validate_parse: 19 callbacks suppressed
[  265.862058][T14937] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3678'.
[  265.864137][T14937] xt_CT: You must specify a L4 protocol and not use inversions on it
[  265.888037][T14943] EXT4-fs (loop3): too many log groups per flexible block group
[  265.888083][T14943] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  265.888162][T14943] EXT4-fs (loop3): mount failed
[  266.049394][T14959] netlink: 180900 bytes leftover after parsing attributes in process `syz.5.3686'.
[  266.062027][T14959] netlink: zone id is out of range
[  266.067257][T14959] netlink: zone id is out of range
[  266.068070][T14961] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3687'.
[  266.076718][T14959] netlink: set zone limit has 8 unknown bytes
[  266.090227][T14961] 8021q: adding VLAN 0 to HW filter on device team9
[  266.122323][T14965] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3689'.
[  266.133440][   T30] kauditd_printk_skb: 246 callbacks suppressed
[  266.133454][   T30] audit: type=1400 audit(2000000016.630:8128): avc:  denied  { setopt } for  pid=14964 comm="syz.2.3689" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  266.135582][T14965] xt_hashlimit: size too large, truncated to 1048576
[  266.198332][T14969] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3690'.
[  266.218215][T14969] vlan0: entered allmulticast mode
[  266.249852][T14974] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3689'.
[  266.297281][T14976] loop4: detected capacity change from 0 to 1024
[  266.306187][T14976] EXT4-fs: Ignoring removed mblk_io_submit option
[  266.315560][T14979] xt_socket: unknown flags 0xc
[  266.350400][T14976] EXT4-fs: Ignoring removed nobh option
[  266.356231][T14976] EXT4-fs: Ignoring removed bh option
[  266.357424][T14974] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  266.381725][   T30] audit: type=1400 audit(2000000016.870:8129): avc:  denied  { read write } for  pid=14964 comm="syz.2.3689" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  266.406760][   T30] audit: type=1400 audit(2000000016.870:8130): avc:  denied  { open } for  pid=14964 comm="syz.2.3689" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  266.442615][T14981] 8021q: adding VLAN 0 to HW filter on device batadv1
[  266.450724][T14981] team0: Port device batadv1 added
[  266.491398][T14976] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.516601][T14985] loop5: detected capacity change from 0 to 1024
[  266.523643][T14985] EXT4-fs: Ignoring removed mblk_io_submit option
[  266.523863][T14985] EXT4-fs: Ignoring removed nobh option
[  266.523884][T14985] EXT4-fs: Ignoring removed bh option
[  266.577051][T14985] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.618396][T14985] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 16: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  266.633455][T14976] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 16: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  266.655250][T15000] futex_wake_op: syz.0.3697 tries to shift op by -1; fix this program
[  266.666006][   T30] audit: type=1400 audit(2000000017.140:8131): avc:  denied  { bind } for  pid=14999 comm="syz.0.3697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  266.685726][   T30] audit: type=1326 audit(2000000017.140:8132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14999 comm="syz.0.3697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  266.709377][   T30] audit: type=1326 audit(2000000017.140:8133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14999 comm="syz.0.3697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  266.732976][   T30] audit: type=1326 audit(2000000017.150:8134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14999 comm="syz.0.3697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  266.753937][T15005] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  266.756471][   T30] audit: type=1326 audit(2000000017.150:8135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14999 comm="syz.0.3697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  266.756501][   T30] audit: type=1326 audit(2000000017.150:8136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14999 comm="syz.0.3697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  266.809485][T15009] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  266.813325][   T30] audit: type=1326 audit(2000000017.150:8137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14999 comm="syz.0.3697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15e8add169 code=0x7ffc0000
[  266.865372][T15011] loop3: detected capacity change from 0 to 256
[  266.880393][T12019] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.895167][T15013] x_tables: unsorted underflow at hook 3
[  266.913908][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.002155][T15024] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3705'.
[  267.052179][T15029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3709'.
[  267.128484][T15036] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3712'.
[  267.153653][T15036] 8021q: adding VLAN 0 to HW filter on device team9
[  267.195405][T15043] futex_wake_op: syz.3.3714 tries to shift op by -1; fix this program
[  267.260166][T15048] loop5: detected capacity change from 0 to 1024
[  267.261082][T15050] loop3: detected capacity change from 0 to 2048
[  267.274558][T15048] EXT4-fs: Ignoring removed mblk_io_submit option
[  267.281487][T15048] EXT4-fs: Ignoring removed nobh option
[  267.287278][T15048] EXT4-fs: Ignoring removed bh option
[  267.294422][T15050] EXT4-fs: Ignoring removed bh option
[  267.307705][T15052] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3718'.
[  267.314229][T15048] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.320749][T15052] siw: device registration error -23
[  267.336406][T15050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.437111][T15048] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 16: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  267.480267][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.652956][T15059] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  267.678263][T15059] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  267.690651][T15059] EXT4-fs (loop3): This should not happen!! Data will be lost
[  267.690651][T15059] 
[  267.700383][T15059] EXT4-fs (loop3): Total free blocks count 0
[  267.706411][T15059] EXT4-fs (loop3): Free/Dirty block details
[  267.712325][T15059] EXT4-fs (loop3): free_blocks=2415919104
[  267.718110][T15059] EXT4-fs (loop3): dirty_blocks=8224
[  267.723434][T15059] EXT4-fs (loop3): Block reservation details
[  267.729514][T15059] EXT4-fs (loop3): i_reserved_data_blocks=514
[  267.767498][T12914] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[  267.837995][T15079] loop5: detected capacity change from 0 to 512
[  267.848605][T15081] x_tables: unsorted underflow at hook 3
[  267.869812][T15079] EXT4-fs error (device loop5): ext4_quota_enable:7101: comm syz.5.3727: inode #33554432: comm syz.5.3727: iget: illegal inode #
[  267.889024][T15079] EXT4-fs error (device loop5): ext4_quota_enable:7104: comm syz.5.3727: Bad quota inode: 33554432, type: 2
[  267.901253][T15079] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=2, err=-117, ino=33554432). Please run e2fsck to fix.
[  267.917967][T15079] EXT4-fs (loop5): mount failed
[  267.928648][T15087] loop3: detected capacity change from 0 to 256
[  268.013359][T15093] netlink: zone id is out of range
[  268.018540][T15093] netlink: zone id is out of range
[  268.023820][T15093] netlink: zone id is out of range
[  268.028992][T15093] netlink: zone id is out of range
[  268.034307][T15093] netlink: zone id is out of range
[  268.039465][T15093] netlink: zone id is out of range
[  268.065052][T15095] loop3: detected capacity change from 0 to 512
[  268.071618][T15095] EXT4-fs: Ignoring removed mblk_io_submit option
[  268.078612][T15095] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  268.089738][T15095] EXT4-fs (loop3): 1 truncate cleaned up
[  268.096087][T15095] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.186302][    C1] vcan0: j1939_tp_rxtimer: 0xffff88810a93fa00: rx timeout, send abort
[  268.237415][T15106] futex_wake_op: syz.5.3733 tries to shift op by -1; fix this program
[  268.286798][T15111] siw: device registration error -23
[  268.312234][T15117] FAULT_INJECTION: forcing a failure.
[  268.312234][T15117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.325479][T15117] CPU: 1 UID: 0 PID: 15117 Comm: syz.5.3738 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  268.325535][T15117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.325548][T15117] Call Trace:
[  268.325556][T15117]  <TASK>
[  268.325565][T15117]  dump_stack_lvl+0xf2/0x150
[  268.325658][T15117]  dump_stack+0x15/0x1a
[  268.325686][T15117]  should_fail_ex+0x24a/0x260
[  268.325719][T15117]  should_fail+0xb/0x10
[  268.325811][T15117]  should_fail_usercopy+0x1a/0x20
[  268.325849][T15117]  _copy_from_iter+0xd5/0xd00
[  268.325887][T15117]  ? kmalloc_reserve+0x16e/0x190
[  268.325910][T15117]  ? __build_skb_around+0x196/0x1f0
[  268.325972][T15117]  ? __alloc_skb+0x21f/0x310
[  268.326035][T15117]  ? __virt_addr_valid+0x1ed/0x250
[  268.326064][T15117]  ? __check_object_size+0x364/0x520
[  268.326131][T15117]  netlink_sendmsg+0x460/0x6e0
[  268.326255][T15117]  ? __pfx_netlink_sendmsg+0x10/0x10
[  268.326279][T15117]  __sock_sendmsg+0x140/0x180
[  268.326321][T15117]  ____sys_sendmsg+0x326/0x4b0
[  268.326435][T15117]  __sys_sendmsg+0x19d/0x230
[  268.326559][T15117]  __x64_sys_sendmsg+0x46/0x50
[  268.326592][T15117]  x64_sys_call+0x2734/0x2dc0
[  268.326629][T15117]  do_syscall_64+0xc9/0x1c0
[  268.326739][T15117]  ? clear_bhb_loop+0x55/0xb0
[  268.326766][T15117]  ? clear_bhb_loop+0x55/0xb0
[  268.326839][T15117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.326872][T15117] RIP: 0033:0x7fd45d1ad169
[  268.326889][T15117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.326977][T15117] RSP: 002b:00007fd45b817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.326995][T15117] RAX: ffffffffffffffda RBX: 00007fd45d3c5fa0 RCX: 00007fd45d1ad169
[  268.327006][T15117] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000000000000004
[  268.327018][T15117] RBP: 00007fd45b817090 R08: 0000000000000000 R09: 0000000000000000
[  268.327032][T15117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.327046][T15117] R13: 0000000000000000 R14: 00007fd45d3c5fa0 R15: 00007ffc5b969fc8
[  268.327069][T15117]  </TASK>
[  268.694598][    C1] vcan0: j1939_tp_rxtimer: 0xffff88810a93fa00: abort rx timeout. Force session deactivation
[  268.716731][T15130] loop5: detected capacity change from 0 to 2048
[  268.733911][T15130] EXT4-fs: Ignoring removed oldalloc option
[  268.748030][T15132] 8021q: adding VLAN 0 to HW filter on device team9
[  268.755754][T15130] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.770481][T15130] ext4 filesystem being mounted at /542/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  268.790823][T15136] futex_wake_op: syz.4.3746 tries to shift op by -1; fix this program
[  268.908744][T12379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.001525][ T1885] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:7: bg 0: block 345: padding at end of block bitmap is not set
[  269.034107][ T1885] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 236 with error 117
[  269.046889][ T1885] EXT4-fs (loop5): This should not happen!! Data will be lost
[  269.046889][ T1885] 
[  269.067236][T15153] FAULT_INJECTION: forcing a failure.
[  269.067236][T15153] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.071492][ T7102] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.080326][T15153] CPU: 0 UID: 0 PID: 15153 Comm: syz.4.3753 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  269.080413][T15153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  269.080429][T15153] Call Trace:
[  269.080439][T15153]  <TASK>
[  269.080449][T15153]  dump_stack_lvl+0xf2/0x150
[  269.080484][T15153]  dump_stack+0x15/0x1a
[  269.080511][T15153]  should_fail_ex+0x24a/0x260
[  269.080591][T15153]  should_fail+0xb/0x10
[  269.080695][T15153]  should_fail_usercopy+0x1a/0x20
[  269.080822][T15153]  _copy_to_user+0x20/0xa0
[  269.080846][T15153]  simple_read_from_buffer+0xa0/0x110
[  269.080882][T15153]  proc_fail_nth_read+0xf9/0x140
[  269.080920][T15153]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.080956][T15153]  vfs_read+0x19b/0x6f0
[  269.081067][T15153]  ? __rcu_read_unlock+0x4e/0x70
[  269.081096][T15153]  ? __fget_files+0x17c/0x1c0
[  269.081138][T15153]  ksys_read+0xe8/0x1b0
[  269.081170][T15153]  __x64_sys_read+0x42/0x50
[  269.081266][T15153]  x64_sys_call+0x2874/0x2dc0
[  269.081299][T15153]  do_syscall_64+0xc9/0x1c0
[  269.081338][T15153]  ? clear_bhb_loop+0x55/0xb0
[  269.081371][T15153]  ? clear_bhb_loop+0x55/0xb0
[  269.081465][T15153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.081499][T15153] RIP: 0033:0x7f3fd75cbb7c
[  269.081527][T15153] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  269.081551][T15153] RSP: 002b:00007f3fd5c37030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  269.081573][T15153] RAX: ffffffffffffffda RBX: 00007f3fd77e5fa0 RCX: 00007f3fd75cbb7c
[  269.081589][T15153] RDX: 000000000000000f RSI: 00007f3fd5c370a0 RDI: 0000000000000004
[  269.081604][T15153] RBP: 00007f3fd5c37090 R08: 0000000000000000 R09: 0000000000000000
[  269.081619][T15153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.081643][T15153] R13: 0000000000000000 R14: 00007f3fd77e5fa0 R15: 00007ffc9cf29c88
[  269.081664][T15153]  </TASK>
[  269.310183][T15158] vlan0: entered allmulticast mode
[  269.326565][T15161] xt_hashlimit: size too large, truncated to 1048576
[  269.384024][T15167] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  269.398332][T15167] xt_socket: unknown flags 0xc
[  269.600861][T15187] loop4: detected capacity change from 0 to 2048
[  269.607377][T15188] loop5: detected capacity change from 0 to 2048
[  269.607709][T15187] EXT4-fs: Ignoring removed bh option
[  269.617371][T15188] EXT4-fs: Ignoring removed oldalloc option
[  269.646973][T15187] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.660199][T15188] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.677208][T15194] x_tables: unsorted underflow at hook 3
[  269.691741][T15188] ext4 filesystem being mounted at /545/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  269.911160][T15206] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  270.248092][T15199] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  270.309791][T15199] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  270.322162][T15199] EXT4-fs (loop4): This should not happen!! Data will be lost
[  270.322162][T15199] 
[  270.332043][T15199] EXT4-fs (loop4): Total free blocks count 0
[  270.338183][T15199] EXT4-fs (loop4): Free/Dirty block details
[  270.344253][T15199] EXT4-fs (loop4): free_blocks=2415919104
[  270.350037][T15199] EXT4-fs (loop4): dirty_blocks=8224
[  270.355358][T15199] EXT4-fs (loop4): Block reservation details
[  270.361388][T15199] EXT4-fs (loop4): i_reserved_data_blocks=514
[  270.397526][T15218] futex_wake_op: syz.0.3773 tries to shift op by -1; fix this program
[  270.470922][   T51] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set
[  270.488178][   T51] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  270.500959][   T51] EXT4-fs (loop5): This should not happen!! Data will be lost
[  270.500959][   T51] 
[  270.519025][T15221] vlan0: entered allmulticast mode
[  270.539429][   T51] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28
[  270.552230][   T51] EXT4-fs (loop5): This should not happen!! Data will be lost
[  270.552230][   T51] 
[  270.561964][   T51] EXT4-fs (loop5): Total free blocks count 0
[  270.568026][   T51] EXT4-fs (loop5): Free/Dirty block details
[  270.569731][T15226] loop3: detected capacity change from 0 to 256
[  270.573970][   T51] EXT4-fs (loop5): free_blocks=0
[  270.585339][   T51] EXT4-fs (loop5): dirty_blocks=2048
[  270.590645][   T51] EXT4-fs (loop5): Block reservation details
[  270.616926][T15224] Cannot find add_set index 0 as target
[  270.628294][   T85] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[  270.715755][T15234] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15234 comm=syz.0.3780
[  270.747523][T15243] net_ratelimit: 17 callbacks suppressed
[  270.747566][T15243] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  270.805022][T15249] futex_wake_op: syz.5.3785 tries to shift op by -1; fix this program
[  270.906826][T15260] __nla_validate_parse: 10 callbacks suppressed
[  270.906844][T15260] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3789'.
[  270.936243][T15258] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  270.965560][T15260] 8021q: adding VLAN 0 to HW filter on device team10
[  271.140624][T15268] Cannot find add_set index 0 as target
[  271.154700][T15277] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15277 comm=syz.5.3795
[  271.232783][T15286] loop5: detected capacity change from 0 to 1024
[  271.249833][   T30] kauditd_printk_skb: 258 callbacks suppressed
[  271.249849][   T30] audit: type=1400 audit(2000000021.740:8396): avc:  denied  { create } for  pid=15283 comm="syz.2.3797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  271.277347][T15286] EXT4-fs: Ignoring removed mblk_io_submit option
[  271.303930][T15284] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  271.312982][T15284] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  271.325927][T15286] EXT4-fs: Ignoring removed nobh option
[  271.330668][   T30] audit: type=1400 audit(2000000021.770:8397): avc:  denied  { setopt } for  pid=15283 comm="syz.2.3797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  271.331577][T15286] EXT4-fs: Ignoring removed bh option
[  271.394734][T15295] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  271.456201][T15300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3801'.
[  271.507202][T15294] xt_CT: You must specify a L4 protocol and not use inversions on it
[  271.540754][   T30] audit: type=1400 audit(2000000022.030:8398): avc:  denied  { create } for  pid=15274 comm="syz.3.3794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  271.551993][T15286] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 16: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  271.571209][   T30] audit: type=1400 audit(2000000022.030:8399): avc:  denied  { map } for  pid=15274 comm="syz.3.3794" path="socket:[40916]" dev="sockfs" ino=40916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  271.598041][   T30] audit: type=1400 audit(2000000022.030:8400): avc:  denied  { read } for  pid=15274 comm="syz.3.3794" path="socket:[40916]" dev="sockfs" ino=40916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  271.705074][T15308] netlink: 180900 bytes leftover after parsing attributes in process `syz.4.3803'.
[  271.715658][T15307] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15307 comm=syz.2.3807
[  271.728658][T15308] netlink: zone id is out of range
[  271.733824][T15308] netlink: zone id is out of range
[  271.739136][T15308] netlink: zone id is out of range
[  271.747879][T15312] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3804'.
[  271.751405][T15308] netlink: zone id is out of range
[  271.766215][T15308] netlink: zone id is out of range
[  271.766441][T15310] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3806'.
[  271.771358][T15308] netlink: zone id is out of range
[  271.771392][T15308] netlink: zone id is out of range
[  271.780328][T15310] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3806'.
[  271.826642][T15312] 8021q: adding VLAN 0 to HW filter on device team8
[  271.917569][   T30] audit: type=1400 audit(2000000022.400:8401): avc:  denied  { create } for  pid=15320 comm="syz.5.3811" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  271.938496][   T30] audit: type=1400 audit(2000000022.410:8402): avc:  denied  { write } for  pid=15320 comm="syz.5.3811" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  271.961673][   T30] audit: type=1400 audit(2000000022.410:8403): avc:  denied  { open } for  pid=15320 comm="syz.5.3811" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  271.985196][   T30] audit: type=1400 audit(2000000022.410:8404): avc:  denied  { ioctl } for  pid=15320 comm="syz.5.3811" path="/dev/rtc0" dev="devtmpfs" ino=244 ioctlcmd=0x7008 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  272.012119][T15321] sg_write: data in/out 987/14 bytes for SCSI command 0x0-- guessing data in;
[  272.012119][T15321]    program syz.5.3811 not setting count and/or reply_len properly
[  272.031328][T15323] loop4: detected capacity change from 0 to 256
[  272.037758][T15321] loop5: detected capacity change from 0 to 128
[  272.052581][T15321] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  272.074743][T15321] ext2 filesystem being mounted at /555/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  272.128550][T15330] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3814'.
[  272.146640][T15330] vlan0: entered allmulticast mode
[  272.191777][   T30] audit: type=1400 audit(2000000022.630:8405): avc:  denied  { create } for  pid=15320 comm="syz.5.3811" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  272.238018][T15335] loop5: detected capacity change from 0 to 1024
[  272.285506][T15342] futex_wake_op: syz.3.3820 tries to shift op by -1; fix this program
[  272.312876][T15335] EXT4-fs: Ignoring removed mblk_io_submit option
[  272.327458][T15335] EXT4-fs: Ignoring removed nobh option
[  272.333144][T15335] EXT4-fs: Ignoring removed bh option
[  272.474164][T15335] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 16: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  272.510033][T15345] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  272.511348][T15357] xt_socket: unknown flags 0xc
[  272.516581][T15345] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  272.516655][T15345] vhci_hcd vhci_hcd.0: Device attached
[  272.522777][T15362] loop3: detected capacity change from 0 to 1024
[  272.541307][T15362] EXT4-fs: Ignoring removed nomblk_io_submit option
[  272.548385][T15363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3824'.
[  272.568746][T15356] xt_CT: You must specify a L4 protocol and not use inversions on it
[  272.598896][T15362] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3823'.
[  272.701649][T15373] x_tables: unsorted underflow at hook 3
[  273.157314][T15360] vhci_hcd: connection closed
[  273.157644][T12914] vhci_hcd: stop threads
[  273.166822][T12914] vhci_hcd: release socket
[  273.171274][T12914] vhci_hcd: disconnect device
[  273.247446][T15392] loop4: detected capacity change from 0 to 128
[  273.266747][T15392] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.357931][T15395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3837'.
[  273.386586][T15395] xt_CT: You must specify a L4 protocol and not use inversions on it
[  273.401997][T15399] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  273.464212][T15401] 8021q: adding VLAN 0 to HW filter on device team12
[  273.556972][T15405] vlan0: entered allmulticast mode
[  273.698500][T15422] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15422 comm=syz.0.3845
[  273.707140][T15424] loop5: detected capacity change from 0 to 256
[  273.750481][T15429] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  273.760224][T15420] loop3: detected capacity change from 0 to 2048
[  273.769122][T15420] EXT4-fs: Ignoring removed oldalloc option
[  273.800023][T15420] ext4 filesystem being mounted at /189/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  273.804854][T15427] xt_CT: You must specify a L4 protocol and not use inversions on it
[  273.875826][T15447] vlan0: entered allmulticast mode
[  273.909797][   T85] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 345: padding at end of block bitmap is not set
[  273.928570][   T85] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 794 with error 117
[  273.941224][   T85] EXT4-fs (loop3): This should not happen!! Data will be lost
[  273.941224][   T85] 
[  273.994256][T15455] Cannot find add_set index 0 as target
[  274.058422][T15459] loop3: detected capacity change from 0 to 512
[  274.065171][T15459] EXT4-fs: Ignoring removed mblk_io_submit option
[  274.071994][T15459] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  274.083643][T15459] EXT4-fs (loop3): 1 truncate cleaned up
[  274.191236][T15464] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15464 comm=syz.3.3859
[  274.445220][    C0] vcan0: j1939_tp_rxtimer: 0xffff88810cadb000: rx timeout, send abort
[  274.553277][T15476] syz.2.3863 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  274.591144][T15476] SELinux: ebitmap: truncated map
[  274.596996][T15476] SELinux: failed to load policy
[  274.715111][T15487] ==================================================================
[  274.723253][T15487] BUG: KCSAN: data-race in mas_wmb_replace / mtree_range_walk
[  274.730748][T15487] 
[  274.733085][T15487] write to 0xffff8881045dce00 of 8 bytes by task 15484 on cpu 0:
[  274.740804][T15487]  mas_wmb_replace+0x222/0x14d0
[  274.745662][T15487]  mas_wr_store_entry+0x1530/0x23f0
[  274.750873][T15487]  mas_store_prealloc+0x6bf/0x960
[  274.755914][T15487]  vma_complete+0x3a7/0x760
[  274.760441][T15487]  __split_vma+0x5d6/0x6a0
[  274.764863][T15487]  vma_modify+0x105/0x200
[  274.769200][T15487]  vma_modify_flags+0xf1/0x120
[  274.773983][T15487]  mprotect_fixup+0x31a/0x5e0
[  274.778672][T15487]  do_mprotect_pkey+0x6cc/0x9a0
[  274.783531][T15487]  __x64_sys_mprotect+0x48/0x60
[  274.788388][T15487]  x64_sys_call+0x2770/0x2dc0
[  274.793079][T15487]  do_syscall_64+0xc9/0x1c0
[  274.797598][T15487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.803502][T15487] 
[  274.805825][T15487] read to 0xffff8881045dce00 of 8 bytes by task 15487 on cpu 1:
[  274.813454][T15487]  mtree_range_walk+0x33d/0x460
[  274.818322][T15487]  mas_walk+0x16e/0x320
[  274.822492][T15487]  lock_vma_under_rcu+0x95/0x270
[  274.827433][T15487]  exc_page_fault+0x150/0x650
[  274.832120][T15487]  asm_exc_page_fault+0x26/0x30
[  274.836980][T15487] 
[  274.839305][T15487] value changed: 0xffff888110caddc1 -> 0xffff8881045dce00
[  274.846411][T15487] 
[  274.848732][T15487] Reported by Kernel Concurrency Sanitizer on:
[  274.854892][T15487] CPU: 1 UID: 0 PID: 15487 Comm: syz.0.3866 Not tainted 6.14.0-rc7-syzkaller-00067-g76b6905c11fd #0
[  274.865666][T15487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  274.875731][T15487] ==================================================================
[  274.953515][    C0] vcan0: j1939_tp_rxtimer: 0xffff88810cadb000: abort rx timeout. Force session deactivation