last executing test programs:

10m52.213979743s ago: executing program 2 (id=1012):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000700)={[{@nolazytime}, {@abort}, {@jqfmt_vfsv0}], [{@obj_type={'obj_type', 0x3d, 'T\b\x00C\x00'}}, {@uid_eq}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r3, 0xa928e000)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES64=r2, @ANYRES64, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)

10m51.87126769s ago: executing program 2 (id=1013):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000)

10m51.688455855s ago: executing program 2 (id=1015):
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r0, 0x400000000000003, 0x4002)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0xffffffff}]}}]}, 0x38}}, 0x4048000)

10m50.191920876s ago: executing program 2 (id=1035):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@orlov}, {@noauto_da_alloc}, {@inlinecrypt}, {@dioread_lock}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0300", 0x14, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, 0x0, 0x0)
io_setup(0x7, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f0000000040)}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&'], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0xa, 0x200, 0x7, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r4, &(0x7f0000000a40)='&', &(0x7f0000000040)=""/98}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r4, &(0x7f0000000000), &(0x7f0000000040)=""/76}, 0x20)
io_submit(0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1818e58, &(0x7f0000000040), 0x22, 0x65f, &(0x7f0000002980)="$eJzs3c9rXFsdAPDvvZOkSZo2qYjYoBhw0YI0TWqx6sa2LuyiYMEuRFw0NEkNnf6gScHWggm4UFAQcVukG/8B99K9OxHU3Vs/6Hs8+niF90rncWfuNJPJ/MqPmUkynw8kc+655+ac79w5uefemTM3gIE1k/1KI05HvLuVREzWrJuIysqZvNzrT57dzn6SKJV+9nESSZ5XLZ/kj8fzhdGI+PfViK8Utte7+uTp3YViqeK3EefX7j08v/rk6bmVewt3lu4s3Z+/8P2Ll+Z+MH9xvqahu3c8f7x2/aff+NPvfvW95f8UzyVxOW4O/2Yx6uLYLzMxE+/yEGvzhyLiUpZo8LwcNoUmaQ6HQv56HI6Ir8VkFMpLFZOx8se+Ng7oqlIhotRa0q4AcFjp3jCoquOA6rl9Z+fBN7s8KumdV1cqJ0Db4x/KLzmMls+Nxl8nNWdGlWsbU/tQf1bH22ejz98+m34eW65DvHm/d4b2oZ5m1jci4uuN4k/KbZsqR5rFn245v08jYi4iRvL2/XgPbUhq0t24DtPKTuKv3Q9Z/Jfzxyz/6i7rr7+s1ev4ARhML6/kB/L1bGnz+JeNParjn2gw/pnY+1syZf0+/jUf/1WP96PlcU9aNw7Lxiw3Gv/J4fqMD/5w7S/N6q+M/6az8d9o9pjVXx0L9sKrjYjpuvh/nwWbj3+y+JMG+z8rcutyZ3X85L8fXWu2rib+5/2Iv/Qi4kzD85/NUWmWavH+5PnlleLSXOV3wzr++a9f/r1Z/Y3jP9aFSBvL9v94k/hr9n9av132nDxs/Cc36jP+cePFvWb1T7Td/+mHI0nlfHMkz/n1xtrao/mIkeR6XiTPX1hbe3ShdbyVMm9K5cf5Svxnv924/295/ddFNVb9l9mBhz+/+7rZut28/mveTH5X6rANzWTxL7bf/9v6f5b35w7r+OwXj7/ZbF2r+Mf2EhgAAAAAAAAMoLT8HmySzr5Pp+nsbGW+7FdjPC0+WF37zvKDx/cXI86WPw85nEaalD8yMllZTpZXikvz+edhq8sX6pa/GxGnIuKvhbHy8uztB8XFfgcPAAAAAAAAAAAAAAAAAAAAB8TxfP5/9T7VnxYq8/+BAfH+i/233eah7QrgkOvmDSaBg63c/1sd4k/2ri1Abzn+w+DaQf/v3Z0pgZ5w/IfBpf/D4Nph/z/RrXYAvef4D4NL/4fBpf8DAAAAwJF06lsv/59ExPoPx8o/mZF8nUm/cLQNtyswUrtQ6GpbgN7abY8e2ed2AL3X/qt/gKOq7fg/83n+5YDdbw7QB0mjzPLgoNS6879suOWmjb23DQAAAAAAAAAAAACoOHO6+fz/juYGAIeWaX8wuHY4/z/d/abAQeOr/2FwOccH2szij9FmK9rN/wcAAAAAAAAAAAAA9s1E+SdJZ/PJfRORprOzESciYiqGk+WV4tJcRJyMiP8Vho9ly/P9bjQAAAAAAAAAAAAAAAAAAAAcMatPnt5dKBaXHtUmvtiWc7QT1bugti9c6qBMy8SPYodbRdL7p2UsIvq+U7qWGKrJSSLWsz3f0eYx1e2nJQ7C85Mn+vyPCQAAAAAAAAAAAAAAAAAABlDN3OPGpv/W4xYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQO9t3v+/TWJxvLJBR4W3JvodIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwOH0ZAAD//6w3Oic=")
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc002, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
recvmsg$can_j1939(r5, &(0x7f0000000240)={&(0x7f0000000080)=@qipcrtr, 0x80, &(0x7f0000000800)=[{&(0x7f00000001c0)=""/119, 0x77}, {&(0x7f00000002c0)=""/196, 0xc4}, {&(0x7f00000004c0)=""/196, 0xc4}, {&(0x7f00000005c0)=""/186, 0xba}, {&(0x7f0000001b80)=""/4096, 0x1000}, {&(0x7f0000000780)=""/72, 0x48}], 0x6, &(0x7f0000000100)=""/62, 0x3e}, 0x40)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r6, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x6b2, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8, 0x10000000000]})

10m49.319285537s ago: executing program 4 (id=1040):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
unshare(0x62040200)

10m49.305262698s ago: executing program 2 (id=1041):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x2405, 0x4, 0x0, 0x0, 0x21ca, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaa80}, 0x0, 0x0, 0xffffffffffffffff, 0xd)

10m49.029474831s ago: executing program 2 (id=1046):
socket$packet(0x11, 0xa, 0x300)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000240)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ppoll(&(0x7f00000001c0)=[{r1, 0x2000}], 0x1, 0x0, 0x0, 0x0)
write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="0e9496d2e774f9bf20090000"], 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@deltaction={0x7c, 0x31, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}]}, @TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1ff}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}]}, @TCA_ACT_TAB={0x14, 0x1, [{0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}]}, 0x7c}}, 0x0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="e0b7b6dd13ef0c548e9eab4cdf632196e30db0fc058454afc663941ef099908addd791c1a941c6f909282436e7865bcc6eb201da995f60340286419130446ac364cd15ed2d54396605a1eefafd0aa41b789195f3e319aa76ebd5d10d03cb4f0381aecb5a93296c96ca317e48e09ac8a34971ca4b286f6a35eef8d629cf448e8457b041463339fa018e9d0f294995087695fb9e4399"], &(0x7f00000002c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x7fff}, 0x18)
close_range(r3, 0xffffffffffffffff, 0x200000000000000)

10m48.970442756s ago: executing program 32 (id=1046):
socket$packet(0x11, 0xa, 0x300)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000240)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ppoll(&(0x7f00000001c0)=[{r1, 0x2000}], 0x1, 0x0, 0x0, 0x0)
write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="0e9496d2e774f9bf20090000"], 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@deltaction={0x7c, 0x31, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}]}, @TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1ff}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}]}, @TCA_ACT_TAB={0x14, 0x1, [{0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}]}, 0x7c}}, 0x0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="e0b7b6dd13ef0c548e9eab4cdf632196e30db0fc058454afc663941ef099908addd791c1a941c6f909282436e7865bcc6eb201da995f60340286419130446ac364cd15ed2d54396605a1eefafd0aa41b789195f3e319aa76ebd5d10d03cb4f0381aecb5a93296c96ca317e48e09ac8a34971ca4b286f6a35eef8d629cf448e8457b041463339fa018e9d0f294995087695fb9e4399"], &(0x7f00000002c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x7fff}, 0x18)
close_range(r3, 0xffffffffffffffff, 0x200000000000000)

10m48.189087749s ago: executing program 4 (id=1050):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000450000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r1)

10m48.132077573s ago: executing program 4 (id=1051):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, 0x0, 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

10m48.025468352s ago: executing program 4 (id=1052):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@orlov}, {@noauto_da_alloc}, {@inlinecrypt}, {@dioread_lock}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0300", 0x14, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, 0x0, 0x0)
io_setup(0x7, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f0000000040)}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&'], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0xa, 0x200, 0x7, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r4, &(0x7f0000000a40)='&', &(0x7f0000000040)=""/98}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r4, &(0x7f0000000000), &(0x7f0000000040)=""/76}, 0x20)
io_submit(0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1818e58, &(0x7f0000000040), 0x22, 0x65f, &(0x7f0000002980)="$eJzs3c9rXFsdAPDvvZOkSZo2qYjYoBhw0YI0TWqx6sa2LuyiYMEuRFw0NEkNnf6gScHWggm4UFAQcVukG/8B99K9OxHU3Vs/6Hs8+niF90rncWfuNJPJ/MqPmUkynw8kc+655+ac79w5uefemTM3gIE1k/1KI05HvLuVREzWrJuIysqZvNzrT57dzn6SKJV+9nESSZ5XLZ/kj8fzhdGI+PfViK8Utte7+uTp3YViqeK3EefX7j08v/rk6bmVewt3lu4s3Z+/8P2Ll+Z+MH9xvqahu3c8f7x2/aff+NPvfvW95f8UzyVxOW4O/2Yx6uLYLzMxE+/yEGvzhyLiUpZo8LwcNoUmaQ6HQv56HI6Ir8VkFMpLFZOx8se+Ng7oqlIhotRa0q4AcFjp3jCoquOA6rl9Z+fBN7s8KumdV1cqJ0Db4x/KLzmMls+Nxl8nNWdGlWsbU/tQf1bH22ejz98+m34eW65DvHm/d4b2oZ5m1jci4uuN4k/KbZsqR5rFn245v08jYi4iRvL2/XgPbUhq0t24DtPKTuKv3Q9Z/Jfzxyz/6i7rr7+s1ev4ARhML6/kB/L1bGnz+JeNParjn2gw/pnY+1syZf0+/jUf/1WP96PlcU9aNw7Lxiw3Gv/J4fqMD/5w7S/N6q+M/6az8d9o9pjVXx0L9sKrjYjpuvh/nwWbj3+y+JMG+z8rcutyZ3X85L8fXWu2rib+5/2Iv/Qi4kzD85/NUWmWavH+5PnlleLSXOV3wzr++a9f/r1Z/Y3jP9aFSBvL9v94k/hr9n9av132nDxs/Cc36jP+cePFvWb1T7Td/+mHI0nlfHMkz/n1xtrao/mIkeR6XiTPX1hbe3ShdbyVMm9K5cf5Svxnv924/295/ddFNVb9l9mBhz+/+7rZut28/mveTH5X6rANzWTxL7bf/9v6f5b35w7r+OwXj7/ZbF2r+Mf2EhgAAAAAAAAMoLT8HmySzr5Pp+nsbGW+7FdjPC0+WF37zvKDx/cXI86WPw85nEaalD8yMllZTpZXikvz+edhq8sX6pa/GxGnIuKvhbHy8uztB8XFfgcPAAAAAAAAAAAAAAAAAAAAB8TxfP5/9T7VnxYq8/+BAfH+i/233eah7QrgkOvmDSaBg63c/1sd4k/2ri1Abzn+w+DaQf/v3Z0pgZ5w/IfBpf/D4Nph/z/RrXYAvef4D4NL/4fBpf8DAAAAwJF06lsv/59ExPoPx8o/mZF8nUm/cLQNtyswUrtQ6GpbgN7abY8e2ed2AL3X/qt/gKOq7fg/83n+5YDdbw7QB0mjzPLgoNS6879suOWmjb23DQAAAAAAAAAAAACoOHO6+fz/juYGAIeWaX8wuHY4/z/d/abAQeOr/2FwOccH2szij9FmK9rN/wcAAAAAAAAAAAAA9s1E+SdJZ/PJfRORprOzESciYiqGk+WV4tJcRJyMiP8Vho9ly/P9bjQAAAAAAAAAAAAAAAAAAAAcMatPnt5dKBaXHtUmvtiWc7QT1bugti9c6qBMy8SPYodbRdL7p2UsIvq+U7qWGKrJSSLWsz3f0eYx1e2nJQ7C85Mn+vyPCQAAAAAAAAAAAAAAAAAABlDN3OPGpv/W4xYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQO9t3v+/TWJxvLJBR4W3JvodIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwOH0ZAAD//6w3Oic=")
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc002, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
recvmsg$can_j1939(r5, &(0x7f0000000240)={&(0x7f0000000080)=@qipcrtr, 0x80, &(0x7f0000000800)=[{&(0x7f00000001c0)=""/119, 0x77}, {&(0x7f00000002c0)=""/196, 0xc4}, {&(0x7f00000004c0)=""/196, 0xc4}, {&(0x7f00000005c0)=""/186, 0xba}, {&(0x7f0000001b80)=""/4096, 0x1000}, {&(0x7f0000000780)=""/72, 0x48}], 0x6, &(0x7f0000000100)=""/62, 0x3e}, 0x40)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r6, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x6b2, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8, 0x10000000000]})

10m47.202480109s ago: executing program 4 (id=1056):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r3 = dup(r2)
ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x12, 0x0, 0x0, 0x0, 0x0})

10m46.875083145s ago: executing program 4 (id=1059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000)

10m46.835224329s ago: executing program 33 (id=1059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000)

4m11.346851157s ago: executing program 5 (id=3418):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
read(r0, 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000140)=ANY=[], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1fc, 0x0)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000380)={'syztnl1\x00', <r5=>0x0, 0x2f, 0xf, 0x5, 0x4, 0x48, @local, @mcast1, 0x8000, 0x8, 0x57, 0x8fa}})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYRESHEX=r4, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000180001000000000000000000020000000000000900000000060015000200000014001680100008800c00018006000180"], 0x38}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030003200000002cbd7000fcdbdf2502000900080000000a0000000000000005000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000400030c0000000005000500000000000a0000000000000000000000000000000000000000000001070000000000000010000800c003000067328c217950d4ed0ce9fd283e7a39cddf91db11b8d33fe41b6225fa8075fb71275ea059e57dbe5ddb41c0ece4532edb885207438d8c8ccd0b4736f5a7f78c02c158f5c563524df4f34de949509868d522a81cd34a99546e74c7f8725419f8e1f7ff115bd0f7914e267c1fc4f70fee6200286b016552268c"], 0x100}, 0x1, 0x7}, 0x14)
r9 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(0xffffffffffffffff, &(0x7f0000000bc0)=[{&(0x7f0000000880)=""/197, 0xc5}], 0x24a, 0x0, 0xa)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000300))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000c80)={0x8, <r10=>0x0}, 0x8)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xa, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="c56bea0f180000000000000002200000000000004eb649d1433e62396e18110000", @ANYRES32=r7, @ANYRESHEX=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x1c, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r11}, 0x18)
r12 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r12, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r12, 0x40605346, &(0x7f0000000100)={0x0, 0x0, {0x1, 0x0, 0x0, 0x3, 0x2}})

4m11.274390033s ago: executing program 5 (id=3420):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
socket$inet6(0xa, 0x3, 0x8000000003c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000010a850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r4}, 0x18)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000000)={0x3, 0x10, 0x6, 0x6, 0x0, 0x100, 0x0})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r6=>r2, {0x5}}, './file0\x00'})
setsockopt$inet6_tcp_TLS_RX(r6, 0x6, 0x2, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = dup(r0)
ioctl$PTP_CLOCK_GETCAPS(r7, 0x80503d01, &(0x7f00000001c0))
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r8}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r9}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000004c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000400)={<r10=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r7, &(0x7f0000000500)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x5, @loopback, 0xfe}, r10}}, 0x30)
socket(0x200000000000011, 0x2, 0x1)

4m10.352931548s ago: executing program 5 (id=3423):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000640)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30ee60a4d7e51ffc9a5accbe20844356dd0ce192542d5e58d80657b3b5fb7a3d39337dfe5af64aaf38a0a2a57", 0x72}, {&(0x7f0000000800)="104b0b7073fbd7f77a847bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881f12d750072abc05a7cb8f0e3", 0x64}], 0x2}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000e80)="d61f2c7a6ddbff16a09972b62284a63c170b9a6ec5cd29dfa047b76a9a0eeb4055b0e2843cb487ed4657c459c397cd02eb261fc7d521b1f2e95c3ce17726db0d3236a6d3b52d3f066554d84292329c8a6f034ff8d85d61dcf7ae508c5925903fb1feb7d07fe481313ad476131cf19514d6c77835e9cf82df2f153d9b82985da3e260fc6942d183b2958886a77e1f2726097d1888a25bee0fdec661520a057f8559f17e462bdf938f7f2303447bfaa744d3891372a825c63e83ff21654af922eaac39ab491cec071d31eebd6526d7a8ddd052d30beb5f20e8db56962aeca814ad530c1413e502b92f3e51eaf75ec5b595b19e4945a1a821a8c47f804465f9e04d0ec9aff13036fe4f3a56b324e9ea795cc89d0f30433f3fa8aa7cc4dd93197840d644c6e48329c266316227ea917708cde40163a6b092d3c722a71e9f21255315cb87a74916d56da0479e7e8865b289fc8095a8477e7fee5eda0c55ec6d53c7aac85f6171717935832962f6db7889683497f3f5a4aa6c6af16908cc4c853536c4f624a75cae053c053f8490c028c15bf043adf4729306a4069324be546a83f71c16a15b86f1d6cb5505808acf055c982dfb14eaaa", 0x1b4}], 0x1}}], 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

4m10.20520089s ago: executing program 5 (id=3425):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@orlov}, {@noauto_da_alloc}, {@inlinecrypt}, {@dioread_lock}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0300", 0x14, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, 0x0, 0x0)
io_setup(0x7, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f0000000040)}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&'], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0xa, 0x200, 0x7, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r4, &(0x7f0000000a40)='&', &(0x7f0000000040)=""/98}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r4, &(0x7f0000000000), &(0x7f0000000040)=""/76}, 0x20)
io_submit(0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1818e58, &(0x7f0000000040), 0x22, 0x65f, &(0x7f0000002980)="$eJzs3c9rXFsdAPDvvZOkSZo2qYjYoBhw0YI0TWqx6sa2LuyiYMEuRFw0NEkNnf6gScHWggm4UFAQcVukG/8B99K9OxHU3Vs/6Hs8+niF90rncWfuNJPJ/MqPmUkynw8kc+655+ac79w5uefemTM3gIE1k/1KI05HvLuVREzWrJuIysqZvNzrT57dzn6SKJV+9nESSZ5XLZ/kj8fzhdGI+PfViK8Utte7+uTp3YViqeK3EefX7j08v/rk6bmVewt3lu4s3Z+/8P2Ll+Z+MH9xvqahu3c8f7x2/aff+NPvfvW95f8UzyVxOW4O/2Yx6uLYLzMxE+/yEGvzhyLiUpZo8LwcNoUmaQ6HQv56HI6Ir8VkFMpLFZOx8se+Ng7oqlIhotRa0q4AcFjp3jCoquOA6rl9Z+fBN7s8KumdV1cqJ0Db4x/KLzmMls+Nxl8nNWdGlWsbU/tQf1bH22ejz98+m34eW65DvHm/d4b2oZ5m1jci4uuN4k/KbZsqR5rFn245v08jYi4iRvL2/XgPbUhq0t24DtPKTuKv3Q9Z/Jfzxyz/6i7rr7+s1ev4ARhML6/kB/L1bGnz+JeNParjn2gw/pnY+1syZf0+/jUf/1WP96PlcU9aNw7Lxiw3Gv/J4fqMD/5w7S/N6q+M/6az8d9o9pjVXx0L9sKrjYjpuvh/nwWbj3+y+JMG+z8rcutyZ3X85L8fXWu2rib+5/2Iv/Qi4kzD85/NUWmWavH+5PnlleLSXOV3wzr++a9f/r1Z/Y3jP9aFSBvL9v94k/hr9n9av132nDxs/Cc36jP+cePFvWb1T7Td/+mHI0nlfHMkz/n1xtrao/mIkeR6XiTPX1hbe3ShdbyVMm9K5cf5Svxnv924/295/ddFNVb9l9mBhz+/+7rZut28/mveTH5X6rANzWTxL7bf/9v6f5b35w7r+OwXj7/ZbF2r+Mf2EhgAAAAAAAAMoLT8HmySzr5Pp+nsbGW+7FdjPC0+WF37zvKDx/cXI86WPw85nEaalD8yMllZTpZXikvz+edhq8sX6pa/GxGnIuKvhbHy8uztB8XFfgcPAAAAAAAAAAAAAAAAAAAAB8TxfP5/9T7VnxYq8/+BAfH+i/233eah7QrgkOvmDSaBg63c/1sd4k/2ri1Abzn+w+DaQf/v3Z0pgZ5w/IfBpf/D4Nph/z/RrXYAvef4D4NL/4fBpf8DAAAAwJF06lsv/59ExPoPx8o/mZF8nUm/cLQNtyswUrtQ6GpbgN7abY8e2ed2AL3X/qt/gKOq7fg/83n+5YDdbw7QB0mjzPLgoNS6879suOWmjb23DQAAAAAAAAAAAACoOHO6+fz/juYGAIeWaX8wuHY4/z/d/abAQeOr/2FwOccH2szij9FmK9rN/wcAAAAAAAAAAAAA9s1E+SdJZ/PJfRORprOzESciYiqGk+WV4tJcRJyMiP8Vho9ly/P9bjQAAAAAAAAAAAAAAAAAAAAcMatPnt5dKBaXHtUmvtiWc7QT1bugti9c6qBMy8SPYodbRdL7p2UsIvq+U7qWGKrJSSLWsz3f0eYx1e2nJQ7C85Mn+vyPCQAAAAAAAAAAAAAAAAAABlDN3OPGpv/W4xYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQO9t3v+/TWJxvLJBR4W3JvodIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwOH0ZAAD//6w3Oic=")
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc002, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
recvmsg$can_j1939(r5, &(0x7f0000000240)={&(0x7f0000000080)=@qipcrtr, 0x80, &(0x7f0000000800)=[{&(0x7f00000001c0)=""/119, 0x77}, {&(0x7f00000002c0)=""/196, 0xc4}, {&(0x7f00000004c0)=""/196, 0xc4}, {&(0x7f00000005c0)=""/186, 0xba}, {&(0x7f0000001b80)=""/4096, 0x1000}, {&(0x7f0000000780)=""/72, 0x48}], 0x6, &(0x7f0000000100)=""/62, 0x3e}, 0x40)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r6, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x6b2, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8, 0x10000000000]})

4m9.316675812s ago: executing program 5 (id=3427):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$OSF_MSG_REMOVE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="60100000010501"], 0x1060}}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004480)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x25dfdbff, {0x0, 0x0, 0x1300}}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

4m8.869473708s ago: executing program 5 (id=3432):
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x22, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
gettid()
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xff, 0x40, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r2}, 0x4)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@grpjquota}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x499, &(0x7f00000009c0)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEQdFI/NHS8kMOXjCacFBjogeMp9oWUinUQE2EVK0e8GhIvBP/C+NJL0a5aOJV74aEGGICooc1szNDd8tuf9DSpeznk2z3vZnXnfedmbfz5r3dDaBj7U7/JBGbIuL3iOjNsrP6skJpuRvXpkf+uTY9kkS1+vZfSa3c9WvTI0XR4v82ZplqNc/3NNnuhfcihicmxs7k+YGpUx8O9Jw7/+L4qeETYyfGTg8dPnxg/87uQ0MHlxXfJ93ZcxrX9e2fTu7YdvTdi2+MHLv4/s9JKbK4Y04crbx55PKCZertzvZuU88s5YXWgM116aRSv2bXL7PpZmcC7VSOiPRwddXaf2+UY/2tdb3x2hdtrRxwV1Wr1eo878ozVeA+lkS7awC0R3GhT+9/i8cqdT3uCVePZDdAadw38ke2phKlLLGra8797UraHRHHZm5eSh+xyHEIAIDl+D7t/7zQrP9XikeyRG0G5YF8DqUvIh6MiC0R8VBEbI2IhyNqZR+NiMeWuP25MyS3939KV+44uEVI+38v53Nbjf2/UlGkr5znNtfi70qOj0+M7avtk3Lsja6e4+PJ2OA82/jh1d++arWuvv93bGZ9REyPFH3BvB5XKnMG6EaHp4aXE3O9q59HbK80iz+JYhoniYhtEbH9Drcx/lz9hNCmhnWN8d+8lG6/Mf55VO6wQnWq30Q8mx3/mZgTf2bL35HPT6ZHp3F+cvClQ0MHB9bFxNi+geKsuN3lXy+81Wr7y4p/BaTHf0PT8//WLHBfsi7i7LnzJ2vztWeXvo0Lf3zZ8p5m4fgbzv+jm/Pzvzt5p7Ygn96Nj4enps4MRnQnr9++fGj21Yp8UT6Nf++e5u1/S8zuiccjYkdE7IyIJ9KbwrzuT0bEUxGxZ574f3rl6Q+WHv/qzJWm8Y8udPyj/vgvPVE++eN3C8e/LiJaHf8DtdTefMli3v8WW8Hl7DsAAABYK7LPwCel/lvpUqm/P/sM/9bYUJqYPDv1/PHJj06PZiN3fdFVKka6euvGQwfzseEiPzQnvz8fN/66vL6W7x+ZnBhtd/DQ4Ta2aP+pP8vtrh1w163APBqwRmn/0Lkq/zVku9tWEWBVJa7/0NG0f+hczdr/Zy1L9397VysDrCrXf+hci2j/M9lT614BsDa5/kPn0v6hI7X8bnxpWV/5X/XEv/nvGd4r9bn/E1G6J6px/ycqi/4xiyUkqr1Z+0+X9DQt0+53JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJXxfwAAAP//X7Lkjw==")
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r3, 0x10001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r4, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)

4m8.869169978s ago: executing program 34 (id=3432):
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x22, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
gettid()
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xff, 0x40, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r2}, 0x4)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@grpjquota}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x499, &(0x7f00000009c0)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEQdFI/NHS8kMOXjCacFBjogeMp9oWUinUQE2EVK0e8GhIvBP/C+NJL0a5aOJV74aEGGICooc1szNDd8tuf9DSpeznk2z3vZnXnfedmbfz5r3dDaBj7U7/JBGbIuL3iOjNsrP6skJpuRvXpkf+uTY9kkS1+vZfSa3c9WvTI0XR4v82ZplqNc/3NNnuhfcihicmxs7k+YGpUx8O9Jw7/+L4qeETYyfGTg8dPnxg/87uQ0MHlxXfJ93ZcxrX9e2fTu7YdvTdi2+MHLv4/s9JKbK4Y04crbx55PKCZertzvZuU88s5YXWgM116aRSv2bXL7PpZmcC7VSOiPRwddXaf2+UY/2tdb3x2hdtrRxwV1Wr1eo878ozVeA+lkS7awC0R3GhT+9/i8cqdT3uCVePZDdAadw38ke2phKlLLGra8797UraHRHHZm5eSh+xyHEIAIDl+D7t/7zQrP9XikeyRG0G5YF8DqUvIh6MiC0R8VBEbI2IhyNqZR+NiMeWuP25MyS3939KV+44uEVI+38v53Nbjf2/UlGkr5znNtfi70qOj0+M7avtk3Lsja6e4+PJ2OA82/jh1d++arWuvv93bGZ9REyPFH3BvB5XKnMG6EaHp4aXE3O9q59HbK80iz+JYhoniYhtEbH9Drcx/lz9hNCmhnWN8d+8lG6/Mf55VO6wQnWq30Q8mx3/mZgTf2bL35HPT6ZHp3F+cvClQ0MHB9bFxNi+geKsuN3lXy+81Wr7y4p/BaTHf0PT8//WLHBfsi7i7LnzJ2vztWeXvo0Lf3zZ8p5m4fgbzv+jm/Pzvzt5p7Ygn96Nj4enps4MRnQnr9++fGj21Yp8UT6Nf++e5u1/S8zuiccjYkdE7IyIJ9KbwrzuT0bEUxGxZ574f3rl6Q+WHv/qzJWm8Y8udPyj/vgvPVE++eN3C8e/LiJaHf8DtdTefMli3v8WW8Hl7DsAAABYK7LPwCel/lvpUqm/P/sM/9bYUJqYPDv1/PHJj06PZiN3fdFVKka6euvGQwfzseEiPzQnvz8fN/66vL6W7x+ZnBhtd/DQ4Ta2aP+pP8vtrh1w163APBqwRmn/0Lkq/zVku9tWEWBVJa7/0NG0f+hczdr/Zy1L9397VysDrCrXf+hci2j/M9lT614BsDa5/kPn0v6hI7X8bnxpWV/5X/XEv/nvGd4r9bn/E1G6J6px/ycqi/4xiyUkqr1Z+0+X9DQt0+53JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJXxfwAAAP//X7Lkjw==")
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r3, 0x10001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r4, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)

48.685857546s ago: executing program 0 (id=4393):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")

47.212323665s ago: executing program 0 (id=4398):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
read(r0, 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000140)=ANY=[], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1fc, 0x0)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000180001000000000000000000020000000000000900000000060015000200000014001680100008800c00018006000180"], 0x38}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030003200000002cbd7000fcdbdf2502000900080000000a0000000000000005000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000400030c0000000005000500000000000a0000000000000000000000000000000000000000000001070000000000000010000800c003000067328c217950d4ed0ce9fd283e7a39cddf91db11b8d33fe41b6225fa8075fb71275ea059e57dbe5ddb41c0ece4532edb885207438d8c8ccd0b4736f5a7f78c02c158f5c563524df4f34de949509868d522a81cd34a99546e74c7f8725419f8e1f7ff115bd0f7914e267c1fc4f70fee6200286b016552268c"], 0x100}, 0x1, 0x7}, 0x14)
r8 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(0xffffffffffffffff, &(0x7f0000000bc0)=[{&(0x7f0000000880)=""/197, 0xc5}], 0x24a, 0x0, 0xa)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000300))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000c80)={0x8, <r9=>0x0}, 0x8)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xa, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="c56bea0f180000000000000002200000000000004eb649d1433e62396e18110000", @ANYRES32=r6, @ANYRESHEX=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x1c, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r10}, 0x18)
r11 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r11, 0x40605346, &(0x7f0000000100)={0x0, 0x0, {0x1, 0x0, 0x0, 0x3, 0x2}})

47.182120607s ago: executing program 0 (id=4399):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x4, 0x522, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_bp={0x0, 0x6}, 0x0, 0x10000, 0x1e, 0x2, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)}, 0x8000)
r1 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001fa1ff0000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4810)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000e2000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
getpid()
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x58, 0x5}, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r6], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r7, 0x0, 0x40}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{}, &(0x7f0000000a00), &(0x7f0000000a40)=r5}, 0x20)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')

46.65209343s ago: executing program 0 (id=4403):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000001000030500fffffffffffffff4000000", @ANYRES32=0x0, @ANYBLOB="15460100ef000000280012800b0001006d61637365630000180002800c0001004057000000000000050003"], 0x50}}, 0x4000000)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffed6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r4}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
sendmsg$unix(r5, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r6, &(0x7f0000001140), 0x700, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', r8, 0x0, 0x200002}, 0x18)
syz_emit_ethernet(0x66, &(0x7f00000004c0)={@broadcast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x1000002, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0xfffff788}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0xffff}}}, {0x8, 0x6558, 0xfffffffe}}}}}}, 0x0)
msgsnd(0x0, 0x0, 0xfd1, 0x0)
r9 = socket(0x10, 0x803, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x74, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x48, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x2, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}]}}]}, 0x74}}, 0x24040084)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @jmp={0x5, 0x1, 0x4, 0x7, 0x2, 0xc, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000003c0)='GPL\x00', 0x3, 0x47, &(0x7f0000000640)=""/71, 0x41000, 0x20, '\x00', r11, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x0, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x0, 0x1, 0x10001, 0x43e00000}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000700)=[{0x2, 0x4, 0xc, 0x1}, {0x5, 0x1, 0xb, 0x10}, {0x2, 0x1, 0x0, 0x4}, {0x1, 0x1, 0x10}], 0x10, 0x9}, 0x94)

46.529399061s ago: executing program 0 (id=4404):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040), 0x1, 0x513, &(0x7f0000000440)="$eJzs3c9vI1cdAPCvnThxfrRJSw+AoF3awoJW6yTeNqp6oOWEEKqE6BGkbUi8URQ7jmKnNGEP6RmJExKVOMGRP4DznrhzQXDjshyQ+BGBNkgcjGY8znoTexM2GzuKPx9pNPPmzc73vfX6vcw3a78ARtaNiDiIiImI+Cgi5rLzuWyL99tbct2jw/urR4f3V3PRan34j1xan5yLrj+TmMnuWYyI73874ke503Ebe/ubK9VqZScrLzRr2wuNvf3bG7WV9cp6ZatcXl5aXnznztvlJ+59Ea/VJrKjLz/8/cE3fpLcczY7092P56nd7sJxnMR4RHz3MoINwVjWn4lhN4Rnko+IlyPi9fT9Pxdj6asJAFxnrdZctOa6ywDAdZdPc2C5fCnLBcxGPl8qtXN4r8R0vlpvNG/dq+9urbVzZfNRyN/bqFYWs1zhfBRySXkpPX5cLp8o34mIlyLi55NTabm0Wq+uDfMHHwAYYTMn5v9/T7bnfwDgmisOuwEAwMCZ/wFg9Jj/AWD0mP8BYPS05/+pYTcDABggz/8AMHrM/wAwUr73wQfJ1jrKvv967eO93c36x7fXKo3NUm13tbRa39kurdfr6+l39tTOul+1Xt9eeit2P5n/5najudDY279bq+9uNe+m3+t9t1JIrzoYQM8AgH5eeu3Bn3LJjPzuVLpF11oOhaG2DLhs+WE3ABiasWE3ABiaHqt9TQ6jHcDgXeAZX3oAromz1tctnv6A0HuX2R7g8t38gvw/jKqu/L//BQwjRv4fRleP/D8wIlqt3HnX/I/zXggAXG1y/ECf3/+/nO1/k/1y4IdrJ6/47DJbBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFdbZ/3fUrYW+Gzk86VSxAsRMR+F3L2NamUxIl6MiD9OFiaT8tKQ2wwAXFT+r7ls/a+bc2/OPlH16szx4URE/PiXH/7ik5Vmc+cPERO5f052zjc/y86XB996AOBsnXk63Xc9yD86vL/a2QbZnr99KyKK7fhHhxNxdBx/PMbTfTEKETH9r1xWbst15S4u4uDTiPh8r/7nYjbNgbRXPj0ZP4n9wkDj55+In0/r2vvk7+Jzz6EtMGoeJOPP+73ef/m4ke57v/+L6Qh1cdn4l9xq9SgdAx/H74x/Y33GvxvnjfHW777TPpo6XfdpxBfHIzqxj7rGn078XJ/4b54z/p+/9Orr/epav4q4Gb3jd8daaNa2Fxp7+7c3aivrlfXKVrm8vLS8+M6dt8sLaY56of9s8Pd3b73Yry7p/3Sf+MUz+v/Vc/b/1//96AdfeUr8r7/RK34+XnlK/GRO/No5469M/7Z46uTM4/hrffp/1ut/65zxH/5l/9Sy4QDA8DT29jdXqtXKzigcJM/agwza+XH7KvT9ehzEgF/B/+fgvUHFmojeVT99o/3P7URVq/VMsfqNGM8j6wZcBcdv+oj4z1Ov/NmjVmtgzQIAAAAAAAAAAAAAALoM4hNLw+4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA19f/AgAA//9prcps")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x8, &(0x7f0000000200), 0x64)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="f70100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x6}, 0x18)
accept4$tipc(0xffffffffffffffff, 0x0, 0x0, 0x80000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x801, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c0080000206010800000000000000000000004011000100060000000500050000000000050004000000000009000273683a69702c6d61726b00000000"], 0x4c}}, 0x48000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000000906010200000000000000000500fff7240007800c000180080001406401012008000a40004000020c00028008000140640101000900020073797a31000000000500010007"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
pipe2(&(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x0)
splice(r7, 0x0, r4, &(0x7f0000000140)=0x8008, 0x3, 0x8)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9, 0x0, 0xffffffffffffffff}, 0x18)
setsockopt$inet6_tcp_TCP_ULP(r8, 0x6, 0x1f, &(0x7f0000000040), 0x4)

46.473088195s ago: executing program 0 (id=4406):
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x14, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800000}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_read_part_table(0x5c0, &(0x7f0000000000)="$eJzs27+KJFUUB+BfVXdXdYNLa2KoDZsYuYHxsKOyOywYLIKZoKmJiGAgKFONookamRj4AptMIBgZD6IvIMIwBoJmIgZq4Fyp/jc1YySNqPB9QXHuufeccxuqwwr/b2U+SkbXkuO6rrbx/I9k+dLTSbtYrSebfH/ghQd37t5b3K+aXa5KfuqSetOnfzTJY7vGWWyiL8b58MHR+x99/FaTLt35cZJPky4p7fZqq9p80vzl0r9V2+b8u564tq52j16XhzNdRbeyectGq3TaPmre23v+ycHp8nYflPXQWXM5Pcnh1dN1jm+uo0l+vsikXuy2Nm/T7fX1rmqTUspk0Gb7L5gMpj315XfHWTbrndGgtnc2S147e/7JatADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/nrKxWhzmkWlSJeN+9dkzVbc+NF5nnm3G6/Xvw6L9nByczt959/U6bx688s2rb39/9OP0lySj3Dp6qLTt7tzLaQdV46S+SPLobN/5Zdv2jReH6UWW+ermt4/Xo5Qyv8xPqv75edLluctaAAAAAAAAAAAAAAAAAAAA2NOdu/cW9+vZ9uv6epsvmSbVtQ/cy6+llMOU5kp2luTr81RJfkiphltNMr+RpP2gyWajS0q5Mf3nfhF/x58BAAD//++eW/s=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r3}, 0x10)
r5 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

31.040612695s ago: executing program 35 (id=4406):
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x14, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x800000}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_read_part_table(0x5c0, &(0x7f0000000000)="$eJzs27+KJFUUB+BfVXdXdYNLa2KoDZsYuYHxsKOyOywYLIKZoKmJiGAgKFONookamRj4AptMIBgZD6IvIMIwBoJmIgZq4Fyp/jc1YySNqPB9QXHuufeccxuqwwr/b2U+SkbXkuO6rrbx/I9k+dLTSbtYrSebfH/ghQd37t5b3K+aXa5KfuqSetOnfzTJY7vGWWyiL8b58MHR+x99/FaTLt35cZJPky4p7fZqq9p80vzl0r9V2+b8u564tq52j16XhzNdRbeyectGq3TaPmre23v+ycHp8nYflPXQWXM5Pcnh1dN1jm+uo0l+vsikXuy2Nm/T7fX1rmqTUspk0Gb7L5gMpj315XfHWTbrndGgtnc2S147e/7JatADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/nrKxWhzmkWlSJeN+9dkzVbc+NF5nnm3G6/Xvw6L9nByczt959/U6bx688s2rb39/9OP0lySj3Dp6qLTt7tzLaQdV46S+SPLobN/5Zdv2jReH6UWW+ermt4/Xo5Qyv8xPqv75edLluctaAAAAAAAAAAAAAAAAAAAA2NOdu/cW9+vZ9uv6epsvmSbVtQ/cy6+llMOU5kp2luTr81RJfkiphltNMr+RpP2gyWajS0q5Mf3nfhF/x58BAAD//++eW/s=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r3}, 0x10)
r5 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

9.147868809s ago: executing program 6 (id=4792):
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)

8.996246971s ago: executing program 6 (id=4794):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)

8.923897907s ago: executing program 6 (id=4796):
r0 = gettid()
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100))
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)

8.318505566s ago: executing program 6 (id=4800):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast})
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000140)=@gcm_256={{0x303}, "1c236b0a9004a6db", "29f93aa1381248c4e94cc98734dfc1ba5291857169073f338f933a7bf68ed789", "175b838c", "679fe636a1f32af2"}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r0, r1, 0x0)

7.394601341s ago: executing program 6 (id=4802):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
read(r0, 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000140)=ANY=[], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1fc, 0x0)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000180001000000000000000000020000000000000900000000060015000200000014001680100008800c00018006000180"], 0x38}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030003200000002cbd7000fcdbdf2502000900080000000a0000000000000005000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000400030c0000000005000500000000000a0000000000000000000000000000000000000000000001070000000000000010000800c003000067328c217950d4ed0ce9fd283e7a39cddf91db11b8d33fe41b6225fa8075fb71275ea059e57dbe5ddb41c0ece4532edb885207438d8c8ccd0b4736f5a7f78c02c158f5c563524df4f34de949509868d522a81cd34a99546e74c7f8725419f8e1f7ff115bd0f7914e267c1fc4f70fee6200286b016552268c"], 0x100}, 0x1, 0x7}, 0x14)
r8 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(0xffffffffffffffff, &(0x7f0000000bc0)=[{&(0x7f0000000880)=""/197, 0xc5}], 0x24a, 0x0, 0xa)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000300))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000c80)={0x8, <r9=>0x0}, 0x8)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xa, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="c56bea0f180000000000000002200000000000004eb649d1433e62396e18110000", @ANYRES32=r6, @ANYRESHEX=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x1c, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r10}, 0x18)
r11 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r11, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r11, 0x40605346, &(0x7f0000000100)={0x0, 0x0, {0x1, 0x0, 0x0, 0x3, 0x2}})

7.139812092s ago: executing program 6 (id=4803):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
io_setup(0xb2, &(0x7f0000000200))
ppoll(&(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)

5.070949219s ago: executing program 7 (id=4824):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000001000030500fffffffffffffff4000000", @ANYRES32=0x0, @ANYBLOB="15460100ef000000280012800b0001006d61637365630000180002800c0001004057000000000000050003"], 0x50}}, 0x4000000)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffed6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r3}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
sendmsg$unix(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r5, &(0x7f0000001140), 0x700, 0x2, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)

4.804104291s ago: executing program 7 (id=4827):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000bc0)='cdg\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)="316f825a3d29f96a2260cb755dbee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae81", 0x38}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001bc0)='\\', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000cc0)}, {&(0x7f0000000440)="b59ab5b5605cfd10e340419732036259ca30dbb7bcdd58192e7733f24e6f3f6d10a9a08583a54e6f4a249b34f1d1865353927c9a5e9abd5dedaf1b67c9315604e2ddb9a19fcfa1d7c3576e39378562bf3b5d57d46059409638f8a66e74e5fbb8612e082186448e06e0b1eedea331b6bc7a799d2c6005924c6bae59e26a728bd320fe1fbd", 0x84}, {&(0x7f0000000500)="45adafaa4c01ab52a575862f348c3e52fd0de073d851f6e1350b511d487155f3b588836741c50af22d176f366a9740dc5eb6f07aed2a64d3746a4bb4dc7176707a821fb4ad529a9c03ae52b8f1f0a720b1e41633ef477cfdbe3137c650c56f6fed6f64912743dbe48f6d1b3fa05d65791ddc86b198b13537b82822a519e1cf0dd54bceaec981c9c33136a301", 0x8c}], 0x3}}], 0x3, 0x4048055)

4.651154033s ago: executing program 7 (id=4829):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000045"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = dup(r2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)

4.411515483s ago: executing program 7 (id=4830):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r4=>0x0, <r5=>0x0})
close(r4)
close(r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
syz_usb_connect(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b0000000904"], 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000020000008500000086000000181100", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000800038004000380080005"], 0x3c}, 0x1, 0x0, 0x0, 0x4008040}, 0x0)

3.709617479s ago: executing program 7 (id=4844):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000001000030500fffffffffffffff4000000", @ANYRES32=0x0, @ANYBLOB="15460100ef000000280012800b0001006d61637365630000180002800c0001004057000000000000050003"], 0x50}}, 0x4000000)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffed6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r4}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
sendmsg$unix(r5, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r6, &(0x7f0000001140), 0x700, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', 0xffffffffffffffff, 0x0, 0x200002}, 0x18)
syz_emit_ethernet(0x66, &(0x7f00000004c0)={@broadcast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x1000002, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0xfffff788}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0xffff}}}, {0x8, 0x6558, 0xfffffffe}}}}}}, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x74, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x48, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x2, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}]}}]}, 0x74}}, 0x24040084)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @jmp={0x5, 0x1, 0x4, 0x7, 0x2, 0xc, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000003c0)='GPL\x00', 0x3, 0x47, &(0x7f0000000640)=""/71, 0x41000, 0x20, '\x00', r10, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x0, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x0, 0x1, 0x10001, 0x43e00000}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000700)=[{0x2, 0x4, 0xc, 0x1}, {0x5, 0x1, 0xb, 0x10}, {0x2, 0x1, 0x0, 0x4}, {0x1, 0x1, 0x10}], 0x10, 0x9}, 0x94)

3.638294935s ago: executing program 7 (id=4846):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
listen(0xffffffffffffffff, 0x0)
io_setup(0xb2, &(0x7f0000000200))
ppoll(&(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)

1.926002194s ago: executing program 1 (id=4855):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)

1.906547216s ago: executing program 1 (id=4856):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000740), 0x80000002, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c250000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0, 0x1}, 0x4, 0x800000000000c8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x1}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000fffe800000000000"], 0xfdef)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0xffffffffffffffae}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfdef)

1.760064657s ago: executing program 1 (id=4857):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f00000003c0)=""/67}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000014c0)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x18)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0x7000000)

1.73424675s ago: executing program 1 (id=4858):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000140)=@gcm_256={{0x303}, "1c236b0a9004a6db", "29f93aa1381248c4e94cc98734dfc1ba5291857169073f338f933a7bf68ed789", "175b838c", "679fe636a1f32af2"}, 0x38)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r0, r1, 0x0)

1.711296392s ago: executing program 1 (id=4859):
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r0, 0x400000000000003, 0x4002)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b0000000500000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x4048000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000580)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")

1.662568235s ago: executing program 8 (id=4860):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
read(r0, 0x0, 0x0)
r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000140)=ANY=[], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1fc, 0x0)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000380)={'syztnl1\x00', <r5=>0x0, 0x2f, 0xf, 0x5, 0x4, 0x48, @local, @mcast1, 0x8000, 0x8, 0x57, 0x8fa}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYRESHEX=r4, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000180001000000000000000000020000000000000900000000060015000200000014001680100008800c00018006000180"], 0x38}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030003200000002cbd7000fcdbdf2502000900080000000a0000000000000005000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000400030c0000000005000500000000000a0000000000000000000000000000000000000000000001070000000000000010000800c003000067328c217950d4ed0ce9fd283e7a39cddf91db11b8d33fe41b6225fa8075fb71275ea059e57dbe5ddb41c0ece4532edb885207438d8c8ccd0b4736f5a7f78c02c158f5c563524df4f34de949509868d522a81cd34a99546e74c7f8725419f8e1f7ff115bd0f7914e267c1fc4f70fee6200286b016552268c"], 0x100}, 0x1, 0x7}, 0x14)
r9 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(0xffffffffffffffff, &(0x7f0000000bc0)=[{&(0x7f0000000880)=""/197, 0xc5}], 0x24a, 0x0, 0xa)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000300))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000c80)={0x8, <r10=>0x0}, 0x8)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xa, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="c56bea0f180000000000000002200000000000004eb649d1433e62396e18110000", @ANYRES32=r7, @ANYRESHEX=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x1c, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r11}, 0x18)
r12 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r12, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r12, 0x40605346, &(0x7f0000000100)={0x0, 0x0, {0x1, 0x0, 0x0, 0x3, 0x2}})

1.581655142s ago: executing program 8 (id=4861):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000001300)=@gcm_256={{0x304}, "67c3f71b0f188109", "2c9e910757c2725dd5795f705ac44b9d43498e33fe93a0c9001c5c65f7107d0d", "ddfb00", "5a3e2c1b40238e79"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace030000f5", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d03a", "29a78ab9b0a4e8ae"}, 0x38)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcc2)
close(r2)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
getgid()
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x84, &(0x7f0000000440)={0x0, @in6={{0xa, 0x4e20, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9}}, 0xfff8, 0x86}, &(0x7f0000000500)=0xff3e)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
sendto$inet(r4, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)

641.307738ms ago: executing program 8 (id=4865):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f00000003c0)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}, @mask_cswp={0x58, 0x114, 0x9, {{0x2b80, 0x1}, &(0x7f0000000340)=0x9, &(0x7f0000000380), 0xffffffffffff63b1, 0x7, 0x3, 0xffffffffffffffff, 0x10, 0x3ff}}], 0xe8}, 0x0)

599.430441ms ago: executing program 8 (id=4866):
socket(0x10, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast})
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000003b00)=[{{&(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)

530.240487ms ago: executing program 8 (id=4868):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000740), 0x80000002, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c250000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0, 0x1}, 0x4, 0x800000000000c8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x1}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000fffe800000000000"], 0xfdef)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0xffffffffffffffae}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfdef)

250.57975ms ago: executing program 3 (id=4872):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast})
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
close_range(r0, r1, 0x0)

224.548182ms ago: executing program 8 (id=4873):
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001e00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/vlan/vlan1\x00')
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x8983, &(0x7f00000000c0)={0x1, 'vlan1\x00', {}, 0x5832})
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000140)={0x100, 0x1ff, 0x1, 0x6, 0xfffffffffffffffa, 0x5, 0x2, 0x8}, &(0x7f0000000080)={0x7f, 0x3, 0xfffffffffffffff8, 0x8001, 0x28a0, 0x82, 0x7, 0x5}, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
stat(0x0, 0x0)
write(r3, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
epoll_create1(0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r4=>0x0})
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000576ff1e1db61ed87e00000095000000000000005ecc69612c3df19ff6d656"], &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x23, '\x00', r4, @fallback=0x8, r5, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r2, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0x8}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
sendfile(r3, r2, 0x0, 0x3ffff)
listxattr(0x0, 0x0, 0x0)

148.160518ms ago: executing program 3 (id=4874):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000bc0)='cdg\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)="316f825a3d29f96a2260cb755dbee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae81", 0x38}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001bc0)='\\', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000cc0)="644bc70b5137bd270a7827f12d5c8e58783d93a355b538e9ce68dd037a1cbe8ff0c3ce552efffd9153aaf9176e604131e20b96009fa0958ca60c7c854fa8067751dba6a67cad0a2a89287e155e54430daa2905cc4d", 0x55}, {&(0x7f0000000440)="b59ab5b5605cfd10e340419732036259ca30dbb7bcdd58192e7733f24e6f3f6d10a9a08583a54e6f4a249b34f1d1865353927c9a5e9abd5dedaf1b67c9315604e2ddb9a19fcfa1d7c3576e39378562bf3b5d57d46059409638f8a66e74e5fbb8612e082186448e06e0b1eedea331b6bc7a799d2c6005924c6bae59e26a728bd320fe1fbd", 0x84}, {&(0x7f0000000500)="45adafaa4c01ab52a575862f348c3e52fd0de073d851f6e1350b511d487155f3b588836741c50af22d176f366a9740dc5eb6f07aed2a64d3746a4bb4dc7176707a821fb4ad529a9c03ae52b8f1f0a720b1e41633ef477cfdbe3137c650c56f6fed6f64912743dbe48f6d1b3fa05d65791ddc86b198b13537b82822a519e1cf0dd54bceaec981c9c33136a301", 0x8c}], 0x3}}], 0x3, 0x4048055)

97.545392ms ago: executing program 3 (id=4875):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=@newqdisc={0x468, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x4, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x0, 0x7, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25cf, 0x800000, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x20000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x10000, 0x401, 0xfffffffe, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0xfffffffe, 0x0, 0xffffffff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, 0x1ff, 0x0, 0x0, 0x0, 0x80000000, 0xfffffffa, 0x7, 0x9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffd, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffe, 0x0, 0xd5a9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x9, 0xfffffeff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x100000, 0x1000, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0xd4, 0x8000c, 0x5, 0x0, 0x0, 0xffffffff, 0x3032, 0x0, 0x1, 0x0, 0x6, 0x8, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x1, 0x20000000, 0x4, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdab7, 0x0, 0x0, 0x1, 0x2, 0x3ff, 0xfffffffc, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0xf6b2, 0xfffe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x24243af6, 0x0, 0x0, 0x0, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff, 0x8009bb, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x7, 0x0, 0x0, 0x0, 0xffffffff, 0x9]}, @TCA_TBF_RATE64={0xc}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x2, 0x0, 0x5, 0x0, 0x0, 0x40}}}]}}]}, 0x468}, 0x1, 0x0, 0x0, 0x45}, 0x0)

96.524572ms ago: executing program 1 (id=4876):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000001300)=@gcm_256={{0x304}, "67c3f71b0f188109", "2c9e910757c2725dd5795f705ac44b9d43498e33fe93a0c9001c5c65f7107d0d", "ddfb00", "5a3e2c1b40238e79"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace030000f5", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d03a", "29a78ab9b0a4e8ae"}, 0x38)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcc2)
close(r2)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
getgid()
socket(0x2, 0x80805, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
sendto$inet(r3, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)

68.334204ms ago: executing program 3 (id=4877):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000001000030500fffffffffffffff4000000", @ANYRES32=0x0, @ANYBLOB="15460100ef000000280012800b0001006d61637365630000180002800c0001004057000000000000050003"], 0x50}}, 0x4000000)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffed6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r4}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000003800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x5c, 0x160, 0xd0, 0x3e0, 0x1e0, 0x228, 0x25a, 0x1e0, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0x0, 0x1fe], 'veth0_to_batadv\x00', 'batadv_slave_0\x00', {}, {0xff}}, 0x5002, 0xa8, 0xd0, 0x52020000, {0x0, 0x6802000000000000}}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev, @mcast1, [], [], 'virt_wifi0\x00', 'lo\x00', {}, {}, 0x89}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x7, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$unix(r5, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r6, &(0x7f0000001140), 0x700, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', r7, 0x0, 0x200002}, 0x18)
syz_emit_ethernet(0x66, &(0x7f00000004c0)={@broadcast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x1000002, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0xfffff788}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0xffff}}}, {0x8, 0x6558, 0xfffffffe}}}}}}, 0x0)
msgsnd(0x0, 0x0, 0xfd1, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x74, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x48, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x2, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}]}}]}, 0x74}}, 0x24040084)

19.198358ms ago: executing program 3 (id=4878):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
time(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x75, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bind$can_j1939(r0, &(0x7f0000000340)={0x1d, r1, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)

0s ago: executing program 3 (id=4879):
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001e00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/vlan/vlan1\x00')
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x8983, &(0x7f00000000c0)={0x1, 'vlan1\x00', {}, 0x5832})
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000140)={0x100, 0x1ff, 0x1, 0x6, 0xfffffffffffffffa, 0x5, 0x2, 0x8}, &(0x7f0000000080)={0x7f, 0x3, 0xfffffffffffffff8, 0x8001, 0x28a0, 0x82, 0x7, 0x5}, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
stat(0x0, 0x0)
write(r3, &(0x7f00000009c0)="3bf58d7d45d32c", 0x7)
r4 = perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r5 = epoll_create1(0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r6=>0x0})
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000576ff1e1db61ed87e00000095000000000000005ecc69612c3df19ff6d656"], &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x23, '\x00', r6, @fallback=0x8, r7, 0x8, &(0x7f0000000240)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r2, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0x8}, {0x3, 0x1, 0x3, 0xa}, {0x4, 0x3, 0x6, 0x8}, {0x1, 0x3, 0x2, 0x4}, {0x0, 0x1, 0x8, 0x7}, {0x5, 0x4, 0xa, 0xc}], 0x10, 0xffff34f0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)={0xa0000004})
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7fffeffd)

kernel console output (not intermixed with test programs):

.451198][T18852] FAULT_INJECTION: forcing a failure.
[  769.451198][T18852] name failslab, interval 1, probability 0, space 0, times 0
[  769.464176][T18852] CPU: 1 UID: 0 PID: 18852 Comm: syz.3.4314 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  769.464234][T18852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  769.464248][T18852] Call Trace:
[  769.464255][T18852]  <TASK>
[  769.464265][T18852]  __dump_stack+0x1d/0x30
[  769.464290][T18852]  dump_stack_lvl+0xe8/0x140
[  769.464356][T18852]  dump_stack+0x15/0x1b
[  769.464374][T18852]  should_fail_ex+0x265/0x280
[  769.464399][T18852]  should_failslab+0x8c/0xb0
[  769.464499][T18852]  __kvmalloc_node_noprof+0x123/0x4e0
[  769.464528][T18852]  ? file_tty_write+0x19e/0x690
[  769.464558][T18852]  file_tty_write+0x19e/0x690
[  769.464602][T18852]  ? __pfx_tty_write+0x10/0x10
[  769.464667][T18852]  tty_write+0x25/0x30
[  769.464692][T18852]  vfs_write+0x527/0x960
[  769.464718][T18852]  ksys_write+0xda/0x1a0
[  769.464749][T18852]  __x64_sys_write+0x40/0x50
[  769.464783][T18852]  x64_sys_call+0x27fe/0x2ff0
[  769.464805][T18852]  do_syscall_64+0xd2/0x200
[  769.464833][T18852]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  769.464858][T18852]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  769.464957][T18852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.464977][T18852] RIP: 0033:0x7f0e69d9ebe9
[  769.464995][T18852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  769.465013][T18852] RSP: 002b:00007f0e687ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  769.465034][T18852] RAX: ffffffffffffffda RBX: 00007f0e69fc5fa0 RCX: 00007f0e69d9ebe9
[  769.465054][T18852] RDX: 00000000fffffecc RSI: 0000200000000240 RDI: 0000000000000005
[  769.465072][T18852] RBP: 00007f0e687ff090 R08: 0000000000000000 R09: 0000000000000000
[  769.465160][T18852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  769.465207][T18852] R13: 00007f0e69fc6038 R14: 00007f0e69fc5fa0 R15: 00007ffe521714e8
[  769.465221][T18852]  </TASK>
[  769.758381][T18857] netlink: 'syz.1.4317': attribute type 10 has an invalid length.
[  769.767110][T18857] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4317'.
[  769.869596][T18872] loop6: detected capacity change from 0 to 512
[  769.888083][T18872] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  769.932337][T18872] EXT4-fs (loop6): 1 truncate cleaned up
[  769.940868][T18872] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  769.969606][T18877] FAULT_INJECTION: forcing a failure.
[  769.969606][T18877] name failslab, interval 1, probability 0, space 0, times 0
[  769.983007][T18877] CPU: 0 UID: 0 PID: 18877 Comm: syz.0.4322 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  769.983040][T18877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  769.983053][T18877] Call Trace:
[  769.983061][T18877]  <TASK>
[  769.983071][T18877]  __dump_stack+0x1d/0x30
[  769.983100][T18877]  dump_stack_lvl+0xe8/0x140
[  769.983119][T18877]  dump_stack+0x15/0x1b
[  769.983134][T18877]  should_fail_ex+0x265/0x280
[  769.983153][T18877]  should_failslab+0x8c/0xb0
[  769.983199][T18877]  __kvmalloc_node_noprof+0x123/0x4e0
[  769.983284][T18877]  ? file_tty_write+0x19e/0x690
[  769.983314][T18877]  file_tty_write+0x19e/0x690
[  769.983339][T18877]  ? __pfx_tty_write+0x10/0x10
[  769.983393][T18877]  tty_write+0x25/0x30
[  769.983449][T18877]  vfs_write+0x527/0x960
[  769.983553][T18877]  ksys_write+0xda/0x1a0
[  769.983573][T18877]  __x64_sys_write+0x40/0x50
[  769.983591][T18877]  x64_sys_call+0x27fe/0x2ff0
[  769.983609][T18877]  do_syscall_64+0xd2/0x200
[  769.983664][T18877]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  769.983690][T18877]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  769.983773][T18877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.983795][T18877] RIP: 0033:0x7f4ddcaaebe9
[  769.983813][T18877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  769.983831][T18877] RSP: 002b:00007f4ddb517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  769.983852][T18877] RAX: ffffffffffffffda RBX: 00007f4ddccd5fa0 RCX: 00007f4ddcaaebe9
[  769.983873][T18877] RDX: 00000000fffffecc RSI: 0000200000000240 RDI: 0000000000000004
[  769.983886][T18877] RBP: 00007f4ddb517090 R08: 0000000000000000 R09: 0000000000000000
[  769.983897][T18877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  769.983915][T18877] R13: 00007f4ddccd6038 R14: 00007f4ddccd5fa0 R15: 00007ffe6bdfe5c8
[  769.983933][T18877]  </TASK>
[  770.182875][T18874] loop3: detected capacity change from 0 to 512
[  770.191553][T18874] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  770.212640][T18872] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  770.225743][T18874] EXT4-fs (loop3): 1 truncate cleaned up
[  770.231973][T18874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  770.250566][T18885] SELinux:  Context system_u:object_r:modules_dep_t:s0 is not valid (left unmapped).
[  770.260440][   T29] kauditd_printk_skb: 47 callbacks suppressed
[  770.260453][   T29] audit: type=1400 audit(1755187821.393:9845): avc:  denied  { relabelto } for  pid=18884 comm="syz.0.4325" name="memfd:" dev="hugetlbfs" ino=51083 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:modules_dep_t:s0"
[  770.331317][   T29] audit: type=1400 audit(1755187821.393:9846): avc:  denied  { associate } for  pid=18884 comm="syz.0.4325" name="memfd:" dev="hugetlbfs" ino=51083 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:modules_dep_t:s0"
[  770.360258][   T29] audit: type=1400 audit(1755187821.393:9847): avc:  denied  { write } for  pid=18884 comm="syz.0.4325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  770.380076][   T29] audit: type=1400 audit(1755187821.463:9848): avc:  denied  { kexec_image_load } for  pid=18888 comm="syz.0.4326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  770.400899][   T29] audit: type=1400 audit(1755187821.463:9849): avc:  denied  { ioctl } for  pid=18882 comm="syz.1.4324" path="socket:[51079]" dev="sockfs" ino=51079 ioctlcmd=0x7452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  770.400929][   T29] audit: type=1326 audit(1755187821.463:9850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18882 comm="syz.1.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  770.401104][   T29] audit: type=1326 audit(1755187821.463:9851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18882 comm="syz.1.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  770.401127][   T29] audit: type=1326 audit(1755187821.463:9852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18882 comm="syz.1.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  770.401207][   T29] audit: type=1326 audit(1755187821.463:9853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18882 comm="syz.1.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  770.401229][   T29] audit: type=1326 audit(1755187821.463:9854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18882 comm="syz.1.4324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  770.438334][T18889] loop7: detected capacity change from 0 to 512
[  770.441315][T18889] EXT4-fs: test_dummy_encryption option not supported
[  770.665831][T18897] pim6reg1: entered promiscuous mode
[  770.671353][T18897] pim6reg1: entered allmulticast mode
[  770.703811][T18897] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4328'.
[  770.728419][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  770.835191][T18907] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4333'.
[  770.922731][T18913] FAULT_INJECTION: forcing a failure.
[  770.922731][T18913] name failslab, interval 1, probability 0, space 0, times 0
[  770.935671][T18913] CPU: 0 UID: 0 PID: 18913 Comm: syz.0.4335 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  770.935762][T18913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  770.935775][T18913] Call Trace:
[  770.935782][T18913]  <TASK>
[  770.935792][T18913]  __dump_stack+0x1d/0x30
[  770.935881][T18913]  dump_stack_lvl+0xe8/0x140
[  770.935937][T18913]  dump_stack+0x15/0x1b
[  770.935980][T18913]  should_fail_ex+0x265/0x280
[  770.936003][T18913]  should_failslab+0x8c/0xb0
[  770.936027][T18913]  kmem_cache_alloc_node_noprof+0x57/0x320
[  770.936057][T18913]  ? __alloc_skb+0x101/0x320
[  770.936127][T18913]  __alloc_skb+0x101/0x320
[  770.936163][T18913]  netlink_alloc_large_skb+0xba/0xf0
[  770.936193][T18913]  netlink_sendmsg+0x3cf/0x6b0
[  770.936212][T18913]  ? __pfx_netlink_sendmsg+0x10/0x10
[  770.936310][T18913]  __sock_sendmsg+0x145/0x180
[  770.936332][T18913]  ____sys_sendmsg+0x31e/0x4e0
[  770.936352][T18913]  ___sys_sendmsg+0x17b/0x1d0
[  770.936447][T18913]  __x64_sys_sendmsg+0xd4/0x160
[  770.936467][T18913]  x64_sys_call+0x191e/0x2ff0
[  770.936485][T18913]  do_syscall_64+0xd2/0x200
[  770.936509][T18913]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  770.936591][T18913]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  770.936612][T18913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.936631][T18913] RIP: 0033:0x7f4ddcaaebe9
[  770.936647][T18913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.936697][T18913] RSP: 002b:00007f4ddb517038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  770.936786][T18913] RAX: ffffffffffffffda RBX: 00007f4ddccd5fa0 RCX: 00007f4ddcaaebe9
[  770.936800][T18913] RDX: 0000000024000000 RSI: 0000200000009b40 RDI: 0000000000000003
[  770.936814][T18913] RBP: 00007f4ddb517090 R08: 0000000000000000 R09: 0000000000000000
[  770.936828][T18913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.936839][T18913] R13: 00007f4ddccd6038 R14: 00007f4ddccd5fa0 R15: 00007ffe6bdfe5c8
[  770.936853][T18913]  </TASK>
[  771.155879][T18917] hub 8-0:1.0: USB hub found
[  771.160677][T18917] hub 8-0:1.0: 8 ports detected
[  771.888937][T18946] loop6: detected capacity change from 0 to 512
[  771.896544][T18946] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  772.786365][T18946] EXT4-fs (loop6): 1 truncate cleaned up
[  772.793337][T18946] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  772.869405][T18971] loop1: detected capacity change from 0 to 512
[  772.907572][T18971] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  772.980925][T18971] ext4 filesystem being mounted at /266/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  773.028225][ T6738] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  773.067719][T18971] FAULT_INJECTION: forcing a failure.
[  773.067719][T18971] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  773.081322][T18971] CPU: 0 UID: 0 PID: 18971 Comm: syz.1.4353 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  773.081355][T18971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  773.081370][T18971] Call Trace:
[  773.081380][T18971]  <TASK>
[  773.081388][T18971]  __dump_stack+0x1d/0x30
[  773.081410][T18971]  dump_stack_lvl+0xe8/0x140
[  773.081483][T18971]  dump_stack+0x15/0x1b
[  773.081498][T18971]  should_fail_ex+0x265/0x280
[  773.081517][T18971]  should_fail_alloc_page+0xf2/0x100
[  773.081539][T18971]  __alloc_frozen_pages_noprof+0xff/0x360
[  773.081604][T18971]  alloc_pages_mpol+0xb3/0x250
[  773.081634][T18971]  folio_alloc_noprof+0x97/0x150
[  773.081664][T18971]  filemap_alloc_folio_noprof+0x66/0x210
[  773.081761][T18971]  __filemap_get_folio+0x28f/0x6b0
[  773.081794][T18971]  ? ext4_chunk_trans_extent+0x178/0x1a0
[  773.081834][T18971]  ext4_write_begin+0x2e9/0xe70
[  773.081852][T18971]  ? ext4_xattr_get+0x322/0x470
[  773.081893][T18971]  ? __pfx_ext4_xattr_security_get+0x10/0x10
[  773.081917][T18971]  ? __vfs_getxattr+0x2ad/0x2c0
[  773.081985][T18971]  ext4_da_write_begin+0x1fb/0x6e0
[  773.082005][T18971]  ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0
[  773.082147][T18971]  generic_perform_write+0x181/0x490
[  773.082179][T18971]  ext4_buffered_write_iter+0x1ee/0x3c0
[  773.082211][T18971]  ? ext4_file_write_iter+0xfe/0xf00
[  773.082240][T18971]  ext4_file_write_iter+0x383/0xf00
[  773.082331][T18971]  ? kstrtouint_from_user+0x9f/0xf0
[  773.082353][T18971]  ? avc_policy_seqno+0x15/0x30
[  773.082381][T18971]  ? selinux_file_permission+0x1e4/0x320
[  773.082438][T18971]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  773.082466][T18971]  vfs_write+0x527/0x960
[  773.082490][T18971]  ksys_write+0xda/0x1a0
[  773.082570][T18971]  __x64_sys_write+0x40/0x50
[  773.082657][T18971]  x64_sys_call+0x27fe/0x2ff0
[  773.082679][T18971]  do_syscall_64+0xd2/0x200
[  773.082707][T18971]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  773.082735][T18971]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  773.082823][T18971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  773.082849][T18971] RIP: 0033:0x7faa3d16ebe9
[  773.082918][T18971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  773.082935][T18971] RSP: 002b:00007faa3bbcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  773.082955][T18971] RAX: ffffffffffffffda RBX: 00007faa3d395fa0 RCX: 00007faa3d16ebe9
[  773.082968][T18971] RDX: 000000000208e24b RSI: 0000200000000240 RDI: 0000000000000004
[  773.082982][T18971] RBP: 00007faa3bbcf090 R08: 0000000000000000 R09: 0000000000000000
[  773.082995][T18971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  773.083009][T18971] R13: 00007faa3d396038 R14: 00007faa3d395fa0 R15: 00007ffd834fac48
[  773.083080][T18971]  </TASK>
[  773.407483][T14118] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  773.478816][T18984] hub 8-0:1.0: USB hub found
[  773.483919][T18984] hub 8-0:1.0: 8 ports detected
[  773.644660][T18986] FAULT_INJECTION: forcing a failure.
[  773.644660][T18986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  773.658400][T18986] CPU: 1 UID: 0 PID: 18986 Comm: syz.7.4358 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  773.658479][T18986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  773.658490][T18986] Call Trace:
[  773.658497][T18986]  <TASK>
[  773.658507][T18986]  __dump_stack+0x1d/0x30
[  773.658532][T18986]  dump_stack_lvl+0xe8/0x140
[  773.658557][T18986]  dump_stack+0x15/0x1b
[  773.658574][T18986]  should_fail_ex+0x265/0x280
[  773.658594][T18986]  should_fail+0xb/0x20
[  773.658608][T18986]  should_fail_usercopy+0x1a/0x20
[  773.658628][T18986]  _copy_from_user+0x1c/0xb0
[  773.658682][T18986]  ___sys_sendmsg+0xc1/0x1d0
[  773.658712][T18986]  __x64_sys_sendmsg+0xd4/0x160
[  773.658800][T18986]  x64_sys_call+0x191e/0x2ff0
[  773.658824][T18986]  do_syscall_64+0xd2/0x200
[  773.658849][T18986]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  773.658870][T18986]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  773.658946][T18986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  773.658969][T18986] RIP: 0033:0x7f4f485cebe9
[  773.658985][T18986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  773.659031][T18986] RSP: 002b:00007f4f4702f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  773.659053][T18986] RAX: ffffffffffffffda RBX: 00007f4f487f5fa0 RCX: 00007f4f485cebe9
[  773.659066][T18986] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  773.659078][T18986] RBP: 00007f4f4702f090 R08: 0000000000000000 R09: 0000000000000000
[  773.659091][T18986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  773.659105][T18986] R13: 00007f4f487f6038 R14: 00007f4f487f5fa0 R15: 00007ffffc05e818
[  773.659125][T18986]  </TASK>
[  773.745346][T18982] loop6: detected capacity change from 0 to 128
[  774.224403][T18998] loop1: detected capacity change from 0 to 2048
[  774.253778][T18998] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  774.268836][T18997] loop6: detected capacity change from 0 to 2048
[  774.310561][T19004] loop7: detected capacity change from 0 to 512
[  774.728594][T19006] loop3: detected capacity change from 0 to 512
[  774.898518][T19012] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:169: inode #12: comm syz.1.4363: inline data xattr refers to an external xattr inode
[  774.914095][T19004] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  775.070757][T19006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  775.083816][T19006] ext4 filesystem being mounted at /222/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  775.737400][T18948] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  775.783957][   T29] kauditd_printk_skb: 89 callbacks suppressed
[  775.783975][   T29] audit: type=1400 audit(1755187826.913:9944): avc:  denied  { shutdown } for  pid=19015 comm="syz.6.4366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  775.812206][   T29] audit: type=1400 audit(1755187826.913:9945): avc:  denied  { write } for  pid=19015 comm="syz.6.4366" lport=49418 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  775.875829][T19012] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:169: inode #12: comm syz.1.4363: inline data xattr refers to an external xattr inode
[  775.988602][T19004] EXT4-fs (loop7): orphan cleanup on readonly fs
[  776.022457][T19004] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4361: bg 0: block 248: padding at end of block bitmap is not set
[  776.054711][   T29] audit: type=1400 audit(1755187827.113:9946): avc:  denied  { bind } for  pid=18996 comm="syz.1.4363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  776.077250][   T29] audit: type=1400 audit(1755187827.113:9947): avc:  denied  { getopt } for  pid=18996 comm="syz.1.4363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  776.214796][T19004] Quota error (device loop7): write_blk: dquota write failed
[  776.222354][T19004] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  776.232840][T19004] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4361: Failed to acquire dquot type 1
[  776.386402][T19004] EXT4-fs (loop7): 1 truncate cleaned up
[  776.405535][T19028] loop6: detected capacity change from 0 to 512
[  776.449837][T18998] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  776.463356][T18998] EXT4-fs (loop1): This should not happen!! Data will be lost
[  776.463356][T18998] 
[  776.473503][T18998] EXT4-fs (loop1): Total free blocks count 0
[  776.479745][T18998] EXT4-fs (loop1): Free/Dirty block details
[  776.485761][T18998] EXT4-fs (loop1): free_blocks=2415919104
[  776.491634][T18998] EXT4-fs (loop1): dirty_blocks=8208
[  776.497191][T18998] EXT4-fs (loop1): Block reservation details
[  776.503294][T18998] EXT4-fs (loop1): i_reserved_data_blocks=513
[  776.521418][T19028] EXT4-fs: test_dummy_encryption option not supported
[  776.647185][T19004] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  776.730837][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  776.780040][   T12] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  776.862617][T19035] ALSA: seq fatal error: cannot create timer (-22)
[  777.199075][   T29] audit: type=1400 audit(1755187828.333:9948): avc:  denied  { write } for  pid=19053 comm="syz.1.4370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  777.247173][   T29] audit: type=1400 audit(1755187828.333:9949): avc:  denied  { read } for  pid=19053 comm="syz.1.4370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  777.268183][T19056] loop3: detected capacity change from 0 to 1024
[  777.281926][T19056] EXT4-fs: Ignoring removed nomblk_io_submit option
[  777.311650][   T29] audit: type=1400 audit(1755187828.383:9950): avc:  denied  { ioctl } for  pid=19053 comm="syz.1.4370" path="socket:[51548]" dev="sockfs" ino=51548 ioctlcmd=0x2401 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  777.338309][T19056] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  777.361359][T19056] System zones: 0-1, 3-36
[  777.371986][T19056] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  777.389338][   T29] audit: type=1400 audit(1755187828.503:9951): avc:  denied  { getopt } for  pid=19053 comm="syz.1.4370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  777.564086][T19064] netlink: 'syz.0.4383': attribute type 10 has an invalid length.
[  777.572790][T19064] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4383'.
[  777.614038][T19072] loop1: detected capacity change from 0 to 1024
[  777.636582][T19072] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  778.139049][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  778.480089][T19096] FAULT_INJECTION: forcing a failure.
[  778.480089][T19096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  778.493477][T19096] CPU: 0 UID: 0 PID: 19096 Comm: syz.1.4395 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  778.493510][T19096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  778.493524][T19096] Call Trace:
[  778.493542][T19096]  <TASK>
[  778.493552][T19096]  __dump_stack+0x1d/0x30
[  778.493577][T19096]  dump_stack_lvl+0xe8/0x140
[  778.493597][T19096]  dump_stack+0x15/0x1b
[  778.493615][T19096]  should_fail_ex+0x265/0x280
[  778.493669][T19096]  should_fail+0xb/0x20
[  778.493684][T19096]  should_fail_usercopy+0x1a/0x20
[  778.493703][T19096]  _copy_from_user+0x1c/0xb0
[  778.493732][T19096]  sctp_setsockopt+0x154/0xe30
[  778.493796][T19096]  sock_common_setsockopt+0x69/0x80
[  778.493821][T19096]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  778.493849][T19096]  __sys_setsockopt+0x184/0x200
[  778.493946][T19096]  __x64_sys_setsockopt+0x64/0x80
[  778.493967][T19096]  x64_sys_call+0x20ec/0x2ff0
[  778.493987][T19096]  do_syscall_64+0xd2/0x200
[  778.494014][T19096]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  778.494040][T19096]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  778.494128][T19096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.494149][T19096] RIP: 0033:0x7faa3d16ebe9
[  778.494167][T19096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  778.494224][T19096] RSP: 002b:00007faa3bbae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  778.494306][T19096] RAX: ffffffffffffffda RBX: 00007faa3d396090 RCX: 00007faa3d16ebe9
[  778.494320][T19096] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 000000000000000d
[  778.494333][T19096] RBP: 00007faa3bbae090 R08: 000000000000000c R09: 0000000000000000
[  778.494346][T19096] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  778.494378][T19096] R13: 00007faa3d396128 R14: 00007faa3d396090 R15: 00007ffd834fac48
[  778.494396][T19096]  </TASK>
[  778.949558][T19104] loop1: detected capacity change from 0 to 1024
[  778.982156][T19104] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  779.019091][T19104] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  779.050715][T19104] EXT4-fs (loop1): invalid journal inode
[  779.369511][T19109] netlink: 'syz.0.4399': attribute type 10 has an invalid length.
[  779.378962][T19109] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4399'.
[  779.396454][T19105] loop3: detected capacity change from 0 to 512
[  779.404995][T19105] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  779.429725][T19111] FAULT_INJECTION: forcing a failure.
[  779.429725][T19111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  779.443192][T19111] CPU: 0 UID: 0 PID: 19111 Comm: syz.1.4400 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  779.443219][T19111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  779.443282][T19111] Call Trace:
[  779.443288][T19111]  <TASK>
[  779.443295][T19111]  __dump_stack+0x1d/0x30
[  779.443372][T19111]  dump_stack_lvl+0xe8/0x140
[  779.443390][T19111]  dump_stack+0x15/0x1b
[  779.443404][T19111]  should_fail_ex+0x265/0x280
[  779.443468][T19111]  should_fail+0xb/0x20
[  779.443487][T19111]  should_fail_usercopy+0x1a/0x20
[  779.443506][T19111]  _copy_from_user+0x1c/0xb0
[  779.443535][T19111]  ___sys_sendmsg+0xc1/0x1d0
[  779.443574][T19111]  __x64_sys_sendmsg+0xd4/0x160
[  779.443647][T19111]  x64_sys_call+0x191e/0x2ff0
[  779.443670][T19111]  do_syscall_64+0xd2/0x200
[  779.443697][T19111]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  779.443908][T19111]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  779.443930][T19111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.443951][T19111] RIP: 0033:0x7faa3d16ebe9
[  779.444027][T19111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.444044][T19111] RSP: 002b:00007faa3bbcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  779.444066][T19111] RAX: ffffffffffffffda RBX: 00007faa3d395fa0 RCX: 00007faa3d16ebe9
[  779.444080][T19111] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[  779.444094][T19111] RBP: 00007faa3bbcf090 R08: 0000000000000000 R09: 0000000000000000
[  779.444108][T19111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  779.444121][T19111] R13: 00007faa3d396038 R14: 00007faa3d395fa0 R15: 00007ffd834fac48
[  779.444145][T19111]  </TASK>
[  779.641791][T19105] EXT4-fs (loop3): 1 truncate cleaned up
[  779.647880][T19105] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  779.887885][T19126] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4403'.
[  779.898078][T19124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4402'.
[  780.038308][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  780.786205][T19144] loop7: detected capacity change from 0 to 128
[  780.838383][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  780.838401][   T29] audit: type=1400 audit(1755187831.973:10028): avc:  denied  { create } for  pid=19146 comm="syz.1.4410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  780.877466][T19147] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  780.896128][T19147] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  780.896678][   T29] audit: type=1326 audit(1755187832.003:10029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  780.928063][   T29] audit: type=1326 audit(1755187832.003:10030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  780.952645][   T29] audit: type=1326 audit(1755187832.003:10031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  780.977396][   T29] audit: type=1326 audit(1755187832.003:10032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  781.001346][   T29] audit: type=1326 audit(1755187832.003:10033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  781.026919][   T29] audit: type=1326 audit(1755187832.003:10034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  781.051311][   T29] audit: type=1326 audit(1755187832.003:10035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  781.076939][   T29] audit: type=1326 audit(1755187832.013:10036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  781.101934][   T29] audit: type=1326 audit(1755187832.013:10037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19146 comm="syz.1.4410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  781.293392][T19156] loop7: detected capacity change from 0 to 1024
[  781.302184][T19156] EXT4-fs: Ignoring removed nomblk_io_submit option
[  781.316935][T19156] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  781.325334][T19156] System zones: 0-1, 3-36
[  781.347246][T19156] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  781.529303][T19167] loop6: detected capacity change from 0 to 512
[  781.577273][T19167] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  781.592103][T19167] ext4 filesystem being mounted at /557/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  781.616001][ T6738] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  781.669461][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  781.726969][T19184] loop6: detected capacity change from 0 to 128
[  782.016898][T19192] loop1: detected capacity change from 0 to 512
[  782.037383][T19192] EXT4-fs: test_dummy_encryption option not supported
[  782.537995][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  782.863627][T19205] hub 8-0:1.0: USB hub found
[  782.868611][T19205] hub 8-0:1.0: 8 ports detected
[  783.149520][T19208] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4428'.
[  783.174798][T19206] loop3: detected capacity change from 0 to 512
[  783.238921][T19206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  783.253386][T19206] ext4 filesystem being mounted at /234/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  783.296258][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  784.765739][T19216] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4430'.
[  785.114356][T19219] FAULT_INJECTION: forcing a failure.
[  785.114356][T19219] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  785.128313][T19219] CPU: 1 UID: 0 PID: 19219 Comm: syz.7.4432 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  785.128346][T19219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  785.128357][T19219] Call Trace:
[  785.128365][T19219]  <TASK>
[  785.128374][T19219]  __dump_stack+0x1d/0x30
[  785.128441][T19219]  dump_stack_lvl+0xe8/0x140
[  785.128459][T19219]  dump_stack+0x15/0x1b
[  785.128473][T19219]  should_fail_ex+0x265/0x280
[  785.128496][T19219]  should_fail+0xb/0x20
[  785.128515][T19219]  should_fail_usercopy+0x1a/0x20
[  785.128605][T19219]  _copy_to_user+0x20/0xa0
[  785.128628][T19219]  simple_read_from_buffer+0xb5/0x130
[  785.128652][T19219]  proc_fail_nth_read+0x10e/0x150
[  785.128704][T19219]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  785.128805][T19219]  vfs_read+0x1a5/0x770
[  785.128829][T19219]  ? __cond_resched+0x4e/0x90
[  785.128851][T19219]  ksys_read+0xda/0x1a0
[  785.128871][T19219]  __x64_sys_read+0x40/0x50
[  785.128961][T19219]  x64_sys_call+0x27bc/0x2ff0
[  785.129042][T19219]  do_syscall_64+0xd2/0x200
[  785.129069][T19219]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  785.129183][T19219]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  785.129204][T19219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.129223][T19219] RIP: 0033:0x7f4f485cd5fc
[  785.129239][T19219] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  785.129334][T19219] RSP: 002b:00007f4f4700e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  785.129352][T19219] RAX: ffffffffffffffda RBX: 00007f4f487f6090 RCX: 00007f4f485cd5fc
[  785.129364][T19219] RDX: 000000000000000f RSI: 00007f4f4700e0a0 RDI: 0000000000000004
[  785.129375][T19219] RBP: 00007f4f4700e090 R08: 0000000000000000 R09: 0000000000000000
[  785.129386][T19219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  785.129399][T19219] R13: 00007f4f487f6128 R14: 00007f4f487f6090 R15: 00007ffffc05e818
[  785.129415][T19219]  </TASK>
[  785.985628][T19238] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4439'.
[  786.076814][T19226] Illegal XDP return value 4294967274 on prog  (id 2525) dev N/A, expect packet loss!
[  786.116090][T19245] loop3: detected capacity change from 0 to 512
[  786.123369][T19245] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  786.134777][T19245] EXT4-fs (loop3): orphan cleanup on readonly fs
[  786.141485][T19245] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.4441: Block bitmap for bg 0 marked uninitialized
[  786.155883][T19245] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  786.165570][T19245] EXT4-fs (loop3): 1 orphan inode deleted
[  786.171991][T19245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  786.187790][   T29] kauditd_printk_skb: 51 callbacks suppressed
[  786.187807][   T29] audit: type=1400 audit(1755187837.323:10089): avc:  denied  { remount } for  pid=19244 comm="syz.3.4441" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  786.217399][T19245] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  786.232088][T19245] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  786.259441][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  786.360584][T19254] loop7: detected capacity change from 0 to 512
[  786.480831][T19254] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  786.505743][T19254] EXT4-fs (loop7): orphan cleanup on readonly fs
[  786.513418][T19254] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4442: bg 0: block 248: padding at end of block bitmap is not set
[  786.528857][T19254] Quota error (device loop7): write_blk: dquota write failed
[  786.536292][T19254] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  786.546215][T19254] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4442: Failed to acquire dquot type 1
[  786.558523][T19254] EXT4-fs (loop7): 1 truncate cleaned up
[  786.565379][T19254] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  786.610190][   T29] audit: type=1400 audit(1755187837.473:10090): avc:  denied  { create } for  pid=19250 comm="syz.3.4443" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  786.631282][   T29] audit: type=1400 audit(1755187837.473:10091): avc:  denied  { mounton } for  pid=19250 comm="syz.3.4443" path="/240/file0" dev="tmpfs" ino=1297 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  786.799857][   T29] audit: type=1400 audit(1755187837.933:10092): avc:  denied  { unlink } for  pid=14294 comm="syz-executor" name="file0" dev="tmpfs" ino=1297 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  786.880829][T19264] loop6: detected capacity change from 0 to 128
[  786.894273][T19265] loop1: detected capacity change from 0 to 128
[  787.340869][T19274] loop1: detected capacity change from 0 to 128
[  787.407396][   T29] audit: type=1400 audit(1755187838.543:10093): avc:  denied  { ioctl } for  pid=19276 comm="syz.6.4450" path="socket:[51959]" dev="sockfs" ino=51959 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  787.481950][T19277] loop6: detected capacity change from 0 to 512
[  787.507812][T19277] EXT4-fs: Ignoring removed mblk_io_submit option
[  787.528809][T19277] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  787.554324][T19277] EXT4-fs (loop6): 1 truncate cleaned up
[  787.574488][T19277] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  787.841739][T19291] netlink: 'syz.3.4455': attribute type 10 has an invalid length.
[  787.850180][T19291] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4455'.
[  787.891633][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  787.986392][T19296] FAULT_INJECTION: forcing a failure.
[  787.986392][T19296] name failslab, interval 1, probability 0, space 0, times 0
[  787.999744][T19296] CPU: 1 UID: 0 PID: 19296 Comm: syz.3.4457 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  787.999845][T19296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  787.999856][T19296] Call Trace:
[  787.999863][T19296]  <TASK>
[  787.999872][T19296]  __dump_stack+0x1d/0x30
[  787.999896][T19296]  dump_stack_lvl+0xe8/0x140
[  787.999916][T19296]  dump_stack+0x15/0x1b
[  787.999946][T19296]  should_fail_ex+0x265/0x280
[  788.000044][T19296]  ? __se_sys_memfd_create+0x1cc/0x590
[  788.000063][T19296]  should_failslab+0x8c/0xb0
[  788.000084][T19296]  __kmalloc_cache_noprof+0x4c/0x320
[  788.000155][T19296]  ? fput+0x8f/0xc0
[  788.000179][T19296]  __se_sys_memfd_create+0x1cc/0x590
[  788.000198][T19296]  __x64_sys_memfd_create+0x31/0x40
[  788.000215][T19296]  x64_sys_call+0x2abe/0x2ff0
[  788.000277][T19296]  do_syscall_64+0xd2/0x200
[  788.000328][T19296]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  788.000352][T19296]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  788.000443][T19296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.000464][T19296] RIP: 0033:0x7f0e69d9ebe9
[  788.000485][T19296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  788.000501][T19296] RSP: 002b:00007f0e687fee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  788.000518][T19296] RAX: ffffffffffffffda RBX: 00000000000004f9 RCX: 00007f0e69d9ebe9
[  788.000530][T19296] RDX: 00007f0e687feef0 RSI: 0000000000000000 RDI: 00007f0e69e227e8
[  788.000542][T19296] RBP: 0000200000000200 R08: 00007f0e687febb7 R09: 00007f0e687fee40
[  788.000605][T19296] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000740
[  788.000617][T19296] R13: 00007f0e687feef0 R14: 00007f0e687feeb0 R15: 0000200000000780
[  788.000715][T19296]  </TASK>
[  788.203998][   T29] audit: type=1326 audit(1755187839.333:10094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19292 comm="syz.7.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f485cebe9 code=0x7ffc0000
[  788.228036][   T29] audit: type=1326 audit(1755187839.333:10095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19292 comm="syz.7.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f485cebe9 code=0x7ffc0000
[  788.252293][   T29] audit: type=1326 audit(1755187839.333:10096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19292 comm="syz.7.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f485cebe9 code=0x7ffc0000
[  788.321360][T19302] netlink: 'syz.7.4459': attribute type 10 has an invalid length.
[  788.329658][T19302] netlink: 40 bytes leftover after parsing attributes in process `syz.7.4459'.
[  788.347553][ T6738] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  788.454124][T19307] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4462'.
[  788.496685][T19311] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  788.503333][T19311] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  788.511145][T19311] vhci_hcd vhci_hcd.0: Device attached
[  788.619675][T19322] loop6: detected capacity change from 0 to 128
[  788.622809][T19312] vhci_hcd: connection closed
[  788.632855][  T418] vhci_hcd: stop threads
[  788.642065][  T418] vhci_hcd: release socket
[  788.646586][  T418] vhci_hcd: disconnect device
[  788.683487][T19323] hub 8-0:1.0: USB hub found
[  788.688224][T19323] hub 8-0:1.0: 8 ports detected
[  789.104485][T19336] loop3: detected capacity change from 0 to 128
[  789.197999][T19342] FAULT_INJECTION: forcing a failure.
[  789.197999][T19342] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  789.211738][T19342] CPU: 0 UID: 0 PID: 19342 Comm: syz.1.4475 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  789.211850][T19342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  789.211903][T19342] Call Trace:
[  789.211912][T19342]  <TASK>
[  789.211921][T19342]  __dump_stack+0x1d/0x30
[  789.211942][T19342]  dump_stack_lvl+0xe8/0x140
[  789.211959][T19342]  dump_stack+0x15/0x1b
[  789.211973][T19342]  should_fail_ex+0x265/0x280
[  789.212015][T19342]  should_fail+0xb/0x20
[  789.212034][T19342]  should_fail_usercopy+0x1a/0x20
[  789.212057][T19342]  _copy_from_user+0x1c/0xb0
[  789.212088][T19342]  do_ipv6_setsockopt+0x124/0x2160
[  789.212123][T19342]  ? kstrtoull+0x111/0x140
[  789.212142][T19342]  ? avc_has_perm_noaudit+0x1b1/0x200
[  789.212169][T19342]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  789.212310][T19342]  ipv6_setsockopt+0x59/0x130
[  789.212331][T19342]  udpv6_setsockopt+0x99/0xb0
[  789.212358][T19342]  sock_common_setsockopt+0x69/0x80
[  789.212485][T19342]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  789.212520][T19342]  __sys_setsockopt+0x184/0x200
[  789.212542][T19342]  __x64_sys_setsockopt+0x64/0x80
[  789.212601][T19342]  x64_sys_call+0x20ec/0x2ff0
[  789.212623][T19342]  do_syscall_64+0xd2/0x200
[  789.212655][T19342]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  789.212678][T19342]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  789.212723][T19342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.212743][T19342] RIP: 0033:0x7faa3d16ebe9
[  789.212756][T19342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.212771][T19342] RSP: 002b:00007faa3bbcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  789.212788][T19342] RAX: ffffffffffffffda RBX: 00007faa3d395fa0 RCX: 00007faa3d16ebe9
[  789.212866][T19342] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000006
[  789.212881][T19342] RBP: 00007faa3bbcf090 R08: 0000000000000018 R09: 0000000000000000
[  789.212894][T19342] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  789.212907][T19342] R13: 00007faa3d396038 R14: 00007faa3d395fa0 R15: 00007ffd834fac48
[  789.212923][T19342]  </TASK>
[  789.504717][T19348] loop7: detected capacity change from 0 to 512
[  789.530868][T19348] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  789.544210][T19348] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  789.592279][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  789.638075][T19360] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4477'.
[  789.647168][T19360] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4477'.
[  789.666056][T19364] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  789.683974][T19364] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  789.725961][T19366] netlink: 14 bytes leftover after parsing attributes in process `syz.7.4480'.
[  789.749292][T19366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  789.767276][T19366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  789.779579][T19366] bond0 (unregistering): Released all slaves
[  789.831760][T19373] loop6: detected capacity change from 0 to 128
[  789.898883][T19378] loop6: detected capacity change from 0 to 1024
[  789.910086][T19378] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  789.920127][T19378] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  789.931228][T19378] EXT4-fs (loop6): invalid journal inode
[  789.939613][T19379] loop7: detected capacity change from 0 to 512
[  789.947122][T19379] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  789.960454][T19379] EXT4-fs (loop7): orphan cleanup on readonly fs
[  789.967567][T19379] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4485: bg 0: block 248: padding at end of block bitmap is not set
[  789.983559][T19379] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4485: Failed to acquire dquot type 1
[  789.996540][T19379] EXT4-fs (loop7): 1 truncate cleaned up
[  789.996958][T19382] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4487'.
[  790.007062][T19379] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  790.100653][T19388] loop6: detected capacity change from 0 to 512
[  790.116928][T19388] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  790.129940][T19388] ext4 filesystem being mounted at /585/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  790.146077][T19388] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.4490: corrupted xattr block 19: overlapping e_value 
[  790.160534][T19388] EXT4-fs (loop6): Remounting filesystem read-only
[  790.167108][T19388] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  790.176364][T19388] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  790.185924][T19388] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=15
[  790.206003][ T6738] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  790.233750][T19392] loop6: detected capacity change from 0 to 128
[  790.257817][T19392] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  790.271340][T19397] loop3: detected capacity change from 0 to 512
[  790.281208][T19392] ext4 filesystem being mounted at /586/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  790.317052][T19397] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  790.330758][T19397] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  790.352460][T19397] FAULT_INJECTION: forcing a failure.
[  790.352460][T19397] name failslab, interval 1, probability 0, space 0, times 0
[  790.365579][T19397] CPU: 0 UID: 0 PID: 19397 Comm: syz.3.4493 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  790.365611][T19397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  790.365687][T19397] Call Trace:
[  790.365695][T19397]  <TASK>
[  790.365705][T19397]  __dump_stack+0x1d/0x30
[  790.365729][T19397]  dump_stack_lvl+0xe8/0x140
[  790.365758][T19397]  dump_stack+0x15/0x1b
[  790.365772][T19397]  should_fail_ex+0x265/0x280
[  790.365793][T19397]  should_failslab+0x8c/0xb0
[  790.365848][T19397]  kmem_cache_alloc_noprof+0x50/0x310
[  790.365875][T19397]  ? getname_flags+0x80/0x3b0
[  790.365903][T19397]  getname_flags+0x80/0x3b0
[  790.365997][T19397]  do_sys_openat2+0x60/0x110
[  790.366028][T19397]  __x64_sys_openat+0xf2/0x120
[  790.366055][T19397]  x64_sys_call+0x2e9c/0x2ff0
[  790.366087][T19397]  do_syscall_64+0xd2/0x200
[  790.366112][T19397]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  790.366136][T19397]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  790.366176][T19397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.366195][T19397] RIP: 0033:0x7f0e69d9ebe9
[  790.366211][T19397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.366227][T19397] RSP: 002b:00007f0e687ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  790.366244][T19397] RAX: ffffffffffffffda RBX: 00007f0e69fc5fa0 RCX: 00007f0e69d9ebe9
[  790.366295][T19397] RDX: 0000000000000441 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  790.366307][T19397] RBP: 00007f0e687ff090 R08: 0000000000000000 R09: 0000000000000000
[  790.366318][T19397] R10: 000000000000014a R11: 0000000000000246 R12: 0000000000000001
[  790.366331][T19397] R13: 00007f0e69fc6038 R14: 00007f0e69fc5fa0 R15: 00007ffe521714e8
[  790.366351][T19397]  </TASK>
[  790.563026][T19247] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  790.579340][T19247] EXT4-fs (loop3): Remounting filesystem read-only
[  790.579572][T19401] loop1: detected capacity change from 0 to 128
[  790.603868][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  790.719207][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  790.864878][T19413] loop3: detected capacity change from 0 to 512
[  790.934588][T19412] loop1: detected capacity change from 0 to 1024
[  790.946209][T19413] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  790.999927][T19412] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  791.023310][T19413] EXT4-fs (loop3): 1 truncate cleaned up
[  791.031494][T19413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  791.059558][T19412] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  791.093067][T19412] EXT4-fs (loop1): invalid journal inode
[  791.318711][ T6738] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  791.340746][   T29] kauditd_printk_skb: 155 callbacks suppressed
[  791.340767][   T29] audit: type=1326 audit(1755187842.473:10250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.373933][   T29] audit: type=1326 audit(1755187842.473:10251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.379728][T19424] FAULT_INJECTION: forcing a failure.
[  791.379728][T19424] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  791.398369][   T29] audit: type=1326 audit(1755187842.473:10252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.411541][T19424] CPU: 1 UID: 0 PID: 19424 Comm: syz.1.4501 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  791.411623][T19424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  791.411637][T19424] Call Trace:
[  791.411646][T19424]  <TASK>
[  791.411656][T19424]  __dump_stack+0x1d/0x30
[  791.411679][T19424]  dump_stack_lvl+0xe8/0x140
[  791.411705][T19424]  dump_stack+0x15/0x1b
[  791.411722][T19424]  should_fail_ex+0x265/0x280
[  791.411799][T19424]  should_fail+0xb/0x20
[  791.411820][T19424]  should_fail_usercopy+0x1a/0x20
[  791.411883][T19424]  _copy_from_user+0x1c/0xb0
[  791.411911][T19424]  do_sock_getsockopt+0xf1/0x240
[  791.411933][T19424]  __x64_sys_getsockopt+0x11e/0x1a0
[  791.411955][T19424]  x64_sys_call+0x2bc6/0x2ff0
[  791.411988][T19424]  do_syscall_64+0xd2/0x200
[  791.412014][T19424]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  791.412039][T19424]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  791.412068][T19424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.412107][T19424] RIP: 0033:0x7faa3d16ebe9
[  791.412124][T19424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  791.412141][T19424] RSP: 002b:00007faa3bbcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  791.412185][T19424] RAX: ffffffffffffffda RBX: 00007faa3d395fa0 RCX: 00007faa3d16ebe9
[  791.412198][T19424] RDX: 0000000000000045 RSI: 0000000000000001 RDI: 0000000000000003
[  791.412288][T19424] RBP: 00007faa3bbcf090 R08: 00002000000001c0 R09: 0000000000000000
[  791.412301][T19424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  791.412317][T19424] R13: 00007faa3d396038 R14: 00007faa3d395fa0 R15: 00007ffd834fac48
[  791.412335][T19424]  </TASK>
[  791.615194][   T29] audit: type=1326 audit(1755187842.473:10253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.638956][   T29] audit: type=1326 audit(1755187842.473:10254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.663317][   T29] audit: type=1326 audit(1755187842.473:10255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.687275][   T29] audit: type=1326 audit(1755187842.473:10256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.711590][   T29] audit: type=1326 audit(1755187842.473:10257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.735429][   T29] audit: type=1326 audit(1755187842.473:10258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.760917][   T29] audit: type=1326 audit(1755187842.473:10259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19418 comm="syz.1.4499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  791.863474][T19431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  791.877368][T19431] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  792.360206][T19435] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  792.366930][T19435] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  792.374835][T19435] vhci_hcd vhci_hcd.0: Device attached
[  792.382179][T19436] vhci_hcd: cannot find the pending unlink 1
[  792.466068][T19436] vhci_hcd: connection closed
[  792.466437][ T9253] vhci_hcd: stop threads
[  792.476035][ T9253] vhci_hcd: release socket
[  792.478415][T19442] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4500'.
[  792.480637][ T9253] vhci_hcd: disconnect device
[  792.490910][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  792.513925][T19443] syzkaller1: entered promiscuous mode
[  792.519739][T19443] syzkaller1: entered allmulticast mode
[  792.577441][T19443] bridge0: port 3(dummy0) entered disabled state
[  792.584037][T19443] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.591673][T19443] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.636407][T19443] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  792.646663][T19443] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  792.680662][T19443] syzkaller1: left promiscuous mode
[  792.686470][T19443] syzkaller1: left allmulticast mode
[  792.693756][T19452] dummy0: left allmulticast mode
[  792.705383][T19452] bridge0: port 3(dummy0) entered disabled state
[  792.717252][   T31] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  792.737605][   T31] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  792.750841][   T31] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  792.764235][   T31] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  792.880093][T19459] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4512'.
[  793.016677][T19465] FAULT_INJECTION: forcing a failure.
[  793.016677][T19465] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  793.030642][T19465] CPU: 1 UID: 0 PID: 19465 Comm: syz.3.4515 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  793.030669][T19465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  793.030725][T19465] Call Trace:
[  793.030742][T19465]  <TASK>
[  793.030751][T19465]  __dump_stack+0x1d/0x30
[  793.030783][T19465]  dump_stack_lvl+0xe8/0x140
[  793.030799][T19465]  dump_stack+0x15/0x1b
[  793.030813][T19465]  should_fail_ex+0x265/0x280
[  793.030832][T19465]  should_fail+0xb/0x20
[  793.030850][T19465]  should_fail_usercopy+0x1a/0x20
[  793.030874][T19465]  _copy_from_user+0x1c/0xb0
[  793.030923][T19465]  ___sys_sendmsg+0xc1/0x1d0
[  793.030958][T19465]  __x64_sys_sendmsg+0xd4/0x160
[  793.030981][T19465]  x64_sys_call+0x191e/0x2ff0
[  793.030999][T19465]  do_syscall_64+0xd2/0x200
[  793.031021][T19465]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  793.031062][T19465]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  793.031086][T19465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  793.031104][T19465] RIP: 0033:0x7f0e69d9ebe9
[  793.031119][T19465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  793.031199][T19465] RSP: 002b:00007f0e687ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  793.031220][T19465] RAX: ffffffffffffffda RBX: 00007f0e69fc5fa0 RCX: 00007f0e69d9ebe9
[  793.031310][T19465] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000007
[  793.031324][T19465] RBP: 00007f0e687ff090 R08: 0000000000000000 R09: 0000000000000000
[  793.031338][T19465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  793.031351][T19465] R13: 00007f0e69fc6038 R14: 00007f0e69fc5fa0 R15: 00007ffe521714e8
[  793.031373][T19465]  </TASK>
[  793.221341][T19467] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4516'.
[  793.411710][T19479] loop1: detected capacity change from 0 to 1024
[  793.423901][T19481] SELinux:  Context Ü is not valid (left unmapped).
[  793.434422][T19479] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  793.453833][T19479] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  793.464363][T19479] EXT4-fs (loop1): invalid journal inode
[  793.515781][T19488] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4527'.
[  793.742050][T19501] loop6: detected capacity change from 0 to 512
[  794.234591][T19512] loop3: detected capacity change from 0 to 128
[  794.418138][T19501] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  794.433323][T19501] EXT4-fs (loop6): 1 truncate cleaned up
[  794.439735][T19501] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  794.940019][T19528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4540'.
[  795.449211][ T6738] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  795.586052][T19550] loop6: detected capacity change from 0 to 128
[  795.696013][T19558] FAULT_INJECTION: forcing a failure.
[  795.696013][T19558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  795.709647][T19558] CPU: 0 UID: 0 PID: 19558 Comm: syz.3.4548 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  795.709676][T19558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  795.709686][T19558] Call Trace:
[  795.709694][T19558]  <TASK>
[  795.709702][T19558]  __dump_stack+0x1d/0x30
[  795.709778][T19558]  dump_stack_lvl+0xe8/0x140
[  795.709797][T19558]  dump_stack+0x15/0x1b
[  795.709814][T19558]  should_fail_ex+0x265/0x280
[  795.709840][T19558]  should_fail+0xb/0x20
[  795.709858][T19558]  should_fail_usercopy+0x1a/0x20
[  795.709880][T19558]  _copy_from_user+0x1c/0xb0
[  795.709903][T19558]  ___sys_sendmsg+0xc1/0x1d0
[  795.709935][T19558]  __x64_sys_sendmsg+0xd4/0x160
[  795.709977][T19558]  x64_sys_call+0x191e/0x2ff0
[  795.710060][T19558]  do_syscall_64+0xd2/0x200
[  795.710146][T19558]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  795.710246][T19558]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  795.710271][T19558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.710292][T19558] RIP: 0033:0x7f0e69d9ebe9
[  795.710363][T19558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  795.710380][T19558] RSP: 002b:00007f0e687ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  795.710397][T19558] RAX: ffffffffffffffda RBX: 00007f0e69fc5fa0 RCX: 00007f0e69d9ebe9
[  795.710415][T19558] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  795.710425][T19558] RBP: 00007f0e687ff090 R08: 0000000000000000 R09: 0000000000000000
[  795.710436][T19558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  795.710448][T19558] R13: 00007f0e69fc6038 R14: 00007f0e69fc5fa0 R15: 00007ffe521714e8
[  795.710504][T19558]  </TASK>
[  795.923411][T19560] netlink: 'syz.3.4549': attribute type 27 has an invalid length.
[  795.957130][T19566] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4552'.
[  795.972912][T19560] bridge0: port 3(dummy0) entered disabled state
[  795.979563][T19560] bridge0: port 2(bridge_slave_1) entered disabled state
[  795.986950][T19560] bridge0: port 1(bridge_slave_0) entered disabled state
[  795.987085][T19567] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4549'.
[  796.026792][T19560] batadv_slave_0: left promiscuous mode
[  796.034143][T19560] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  796.098523][T19560] veth3: left promiscuous mode
[  796.120795][  T418] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  796.144288][T19560] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=19560 comm=syz.3.4549
[  796.160109][  T418] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  796.171135][  T418] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  796.187553][  T418] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  796.263020][T19538] chnl_net:caif_netlink_parms(): no params data found
[  796.274234][T19583] loop6: detected capacity change from 0 to 128
[  796.295568][T19585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  796.304475][T19585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  796.326666][T19538] bridge0: port 1(bridge_slave_0) entered blocking state
[  796.333864][T19538] bridge0: port 1(bridge_slave_0) entered disabled state
[  796.341631][T19538] bridge_slave_0: entered allmulticast mode
[  796.348647][T19538] bridge_slave_0: entered promiscuous mode
[  796.355797][T19538] bridge0: port 2(bridge_slave_1) entered blocking state
[  796.363057][T19538] bridge0: port 2(bridge_slave_1) entered disabled state
[  796.370662][T19538] bridge_slave_1: entered allmulticast mode
[  796.377610][T19538] bridge_slave_1: entered promiscuous mode
[  796.386876][T19591] loop6: detected capacity change from 0 to 512
[  796.400340][T19591] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  796.410904][T19538] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  796.422596][T19538] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  796.454692][T19538] team0: Port device team_slave_0 added
[  796.464527][T19538] team0: Port device team_slave_1 added
[  796.482479][T19538] batman_adv: batadv0: Adding interface: batadv_slave_0
[  796.489532][T19538] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  796.516553][T19538] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  796.528175][T19538] batman_adv: batadv0: Adding interface: batadv_slave_1
[  796.535238][T19538] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  796.561689][T19538] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  796.630583][T19538] hsr_slave_0: entered promiscuous mode
[  796.637770][T19538] hsr_slave_1: entered promiscuous mode
[  796.644064][T19538] debugfs: 'hsr0' already exists in 'hsr'
[  796.649863][T19538] Cannot create hsr debugfs directory
[  796.739070][T19538] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  796.751092][T19538] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  797.250781][T19606] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4562'.
[  797.369691][T19609] loop1: detected capacity change from 0 to 512
[  797.380171][T19609] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  797.488561][T19609] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  797.502794][T19609] ext4 filesystem being mounted at /322/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  797.518376][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  797.518394][   T29] audit: type=1400 audit(1755187848.653:10318): avc:  denied  { ioctl } for  pid=19607 comm="syz.1.4563" path="/322/file0/cpu.stat" dev="loop1" ino=18 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  797.754094][T14118] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  797.755521][T19538] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  797.773640][T19538] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  797.792974][T19613] loop1: detected capacity change from 0 to 512
[  797.811658][T19613] EXT4-fs: Ignoring removed mblk_io_submit option
[  797.826104][T19613] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  797.839195][T19613] EXT4-fs (loop1): 1 truncate cleaned up
[  797.845627][T19613] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  798.011987][T19624] netlink: 'syz.6.4566': attribute type 10 has an invalid length.
[  798.017336][T19538] 8021q: adding VLAN 0 to HW filter on device bond0
[  798.020806][T19624] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4566'.
[  798.032002][T19538] 8021q: adding VLAN 0 to HW filter on device team0
[  798.047450][T19626] hub 8-0:1.0: USB hub found
[  798.052279][T19626] hub 8-0:1.0: 8 ports detected
[  798.064738][T19624] bridge0: port 3(dummy0) entered blocking state
[  798.071609][T19624] bridge0: port 3(dummy0) entered disabled state
[  798.081511][T19624] dummy0: entered allmulticast mode
[  798.097748][T19628] loop7: detected capacity change from 0 to 128
[  798.115520][T19624] bridge0: port 3(dummy0) entered blocking state
[  798.122518][T19624] bridge0: port 3(dummy0) entered forwarding state
[  798.140262][  T418] bridge0: port 1(bridge_slave_0) entered blocking state
[  798.147379][  T418] bridge0: port 1(bridge_slave_0) entered forwarding state
[  798.160578][  T133] bridge0: port 2(bridge_slave_1) entered blocking state
[  798.167882][  T133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  798.207090][T19632] FAULT_INJECTION: forcing a failure.
[  798.207090][T19632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  798.220552][T19632] CPU: 1 UID: 0 PID: 19632 Comm: syz.7.4568 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  798.220629][T19632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  798.220641][T19632] Call Trace:
[  798.220647][T19632]  <TASK>
[  798.220655][T19632]  __dump_stack+0x1d/0x30
[  798.220684][T19632]  dump_stack_lvl+0xe8/0x140
[  798.220702][T19632]  dump_stack+0x15/0x1b
[  798.220717][T19632]  should_fail_ex+0x265/0x280
[  798.220793][T19632]  should_fail+0xb/0x20
[  798.220820][T19632]  should_fail_usercopy+0x1a/0x20
[  798.221012][T19632]  _copy_from_user+0x1c/0xb0
[  798.221038][T19632]  ___sys_sendmsg+0xc1/0x1d0
[  798.221069][T19632]  __x64_sys_sendmsg+0xd4/0x160
[  798.221160][T19632]  x64_sys_call+0x191e/0x2ff0
[  798.221248][T19632]  do_syscall_64+0xd2/0x200
[  798.221275][T19632]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  798.221329][T19632]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  798.221350][T19632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.221371][T19632] RIP: 0033:0x7f4f485cebe9
[  798.221385][T19632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  798.221474][T19632] RSP: 002b:00007f4f4702f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  798.221495][T19632] RAX: ffffffffffffffda RBX: 00007f4f487f5fa0 RCX: 00007f4f485cebe9
[  798.221509][T19632] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  798.221523][T19632] RBP: 00007f4f4702f090 R08: 0000000000000000 R09: 0000000000000000
[  798.221566][T19632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  798.221584][T19632] R13: 00007f4f487f6038 R14: 00007f4f487f5fa0 R15: 00007ffffc05e818
[  798.221604][T19632]  </TASK>
[  798.426284][T19634] loop6: detected capacity change from 0 to 1024
[  798.436545][T19634] EXT4-fs: Ignoring removed nomblk_io_submit option
[  798.471242][T19640] process 'gtp' launched './file0' with NULL argv: empty string added
[  798.471651][   T29] audit: type=1400 audit(1755187849.603:10319): avc:  denied  { execute } for  pid=19638 comm="gtp" name="file0" dev="tmpfs" ino=1236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  798.504343][T19634] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  798.513012][T19634] System zones: 0-1, 3-36
[  798.518074][   T29] audit: type=1400 audit(1755187849.613:10320): avc:  denied  { execute_no_trans } for  pid=19638 comm="gtp" path="/223/file0" dev="tmpfs" ino=1236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  798.541256][   T29] audit: type=1400 audit(1755187849.613:10321): avc:  denied  { map } for  pid=19638 comm="gtp" path="socket:[53788]" dev="sockfs" ino=53788 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  798.565657][T19634] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  798.596747][T19538] 8021q: adding VLAN 0 to HW filter on device batadv0
[  798.746631][T14118] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  798.766926][T19538] veth0_vlan: entered promiscuous mode
[  798.779378][T19538] veth1_vlan: entered promiscuous mode
[  798.794253][   T29] audit: type=1326 audit(1755187849.923:10322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19659 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  798.818388][   T29] audit: type=1326 audit(1755187849.923:10323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19659 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  798.835124][T19538] veth0_macvtap: entered promiscuous mode
[  798.842561][   T29] audit: type=1326 audit(1755187849.923:10324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19659 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  798.872442][   T29] audit: type=1326 audit(1755187849.923:10325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19659 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  798.897192][   T29] audit: type=1326 audit(1755187849.923:10326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19659 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  798.923700][T19538] veth1_macvtap: entered promiscuous mode
[  798.927626][   T29] audit: type=1326 audit(1755187849.923:10327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19659 comm="syz.1.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa3d16ebe9 code=0x7ffc0000
[  798.944645][T19538] batman_adv: batadv0: Interface activated: batadv_slave_0
[  798.980351][T19538] batman_adv: batadv0: Interface activated: batadv_slave_1
[  798.994081][   T41] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  799.005068][   T41] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  799.017573][   T41] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  799.027269][   T41] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  799.080737][T19665] loop1: detected capacity change from 0 to 512
[  799.090251][T19665] EXT4-fs: Ignoring removed mblk_io_submit option
[  799.100897][T19665] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  799.134015][T19665] EXT4-fs (loop1): 1 truncate cleaned up
[  799.141463][T19665] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  799.197905][ T6738] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  799.493047][  T418] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  799.514568][T19678] chnl_net:caif_netlink_parms(): no params data found
[  799.561796][  T418] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  799.609626][T19678] bridge0: port 1(bridge_slave_0) entered blocking state
[  799.616876][T19678] bridge0: port 1(bridge_slave_0) entered disabled state
[  799.624398][T19678] bridge_slave_0: entered allmulticast mode
[  799.632074][T19678] bridge_slave_0: entered promiscuous mode
[  799.639118][T19678] bridge0: port 2(bridge_slave_1) entered blocking state
[  799.646525][T19678] bridge0: port 2(bridge_slave_1) entered disabled state
[  799.654790][T19678] bridge_slave_1: entered allmulticast mode
[  799.661818][T19678] bridge_slave_1: entered promiscuous mode
[  799.703460][  T418] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  799.745965][T19678] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  799.757482][T19702] loop3: detected capacity change from 0 to 512
[  799.772925][T19702] EXT4-fs: Ignoring removed mblk_io_submit option
[  799.780469][  T418] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  799.799025][T19700] loop8: detected capacity change from 0 to 512
[  799.800589][T19702] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  799.817252][T19700] EXT4-fs: test_dummy_encryption option not supported
[  799.838787][T19678] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  799.869319][T19702] EXT4-fs (loop3): 1 truncate cleaned up
[  799.888163][T19702] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  799.928682][T19678] team0: Port device team_slave_0 added
[  799.935923][T19678] team0: Port device team_slave_1 added
[  799.954307][T19678] batman_adv: batadv0: Adding interface: batadv_slave_0
[  799.961323][T19678] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  799.988710][T19678] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  800.001673][T19678] batman_adv: batadv0: Adding interface: batadv_slave_1
[  800.009342][T19678] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  800.037815][T19678] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  800.152491][T19678] hsr_slave_0: entered promiscuous mode
[  800.160236][T19708] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4584'.
[  800.180519][T19678] hsr_slave_1: entered promiscuous mode
[  800.188035][T14118] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  800.200965][T19678] debugfs: 'hsr0' already exists in 'hsr'
[  800.207008][T19678] Cannot create hsr debugfs directory
[  800.252375][  T418] dummy0: left allmulticast mode
[  800.270224][  T418] bridge0: port 3(dummy0) entered disabled state
[  800.279347][  T418] bridge_slave_1: left allmulticast mode
[  800.285135][  T418] bridge_slave_1: left promiscuous mode
[  800.291254][  T418] bridge0: port 2(bridge_slave_1) entered disabled state
[  800.302609][  T418] bridge_slave_0: left allmulticast mode
[  800.308347][  T418] bridge_slave_0: left promiscuous mode
[  800.314101][  T418] bridge0: port 1(bridge_slave_0) entered disabled state
[  800.501823][  T418] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  800.555763][  T418] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  800.571043][  T418] bond0 (unregistering): Released all slaves
[  800.603581][T19740] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4591'.
[  800.625014][  T418] tipc: Left network mode
[  800.641076][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  800.680352][  T418] hsr_slave_0: left promiscuous mode
[  800.693626][  T418] hsr_slave_1: left promiscuous mode
[  800.717388][  T418] batman_adv: batadv0: Removing interface: batadv_slave_0
[  800.731335][  T418] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  800.738915][  T418] batman_adv: batadv0: Removing interface: batadv_slave_1
[  800.750793][T19748] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  800.761432][  T418] veth1_macvtap: left promiscuous mode
[  800.761878][T19748] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  800.769400][  T418] veth0_macvtap: left promiscuous mode
[  800.791183][  T418] veth1_vlan: left promiscuous mode
[  800.796864][  T418] veth0_vlan: left promiscuous mode
[  800.913272][  T418] team0 (unregistering): Port device team_slave_1 removed
[  800.925730][  T418] team0 (unregistering): Port device team_slave_0 removed
[  801.292846][T19791] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4595'.
[  801.400590][T19678] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  801.423388][T19678] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  801.439333][T19802] loop7: detected capacity change from 0 to 512
[  801.446742][T19802] EXT4-fs: Ignoring removed mblk_io_submit option
[  801.453217][T19678] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  801.468961][T19678] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  801.490207][T19802] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  801.529186][T19802] EXT4-fs (loop7): 1 truncate cleaned up
[  801.543839][T19802] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  801.590346][T19829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4600'.
[  801.609477][T19678] 8021q: adding VLAN 0 to HW filter on device bond0
[  801.657690][T19678] 8021q: adding VLAN 0 to HW filter on device team0
[  801.691613][T19678] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  801.702071][T19678] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  801.740055][ T9240] bridge0: port 1(bridge_slave_0) entered blocking state
[  801.747213][ T9240] bridge0: port 1(bridge_slave_0) entered forwarding state
[  801.819420][ T9240] bridge0: port 2(bridge_slave_1) entered blocking state
[  801.826801][ T9240] bridge0: port 2(bridge_slave_1) entered forwarding state
[  801.864255][T19837] dummy0: left allmulticast mode
[  801.870126][T19837] bridge0: port 3(dummy0) entered disabled state
[  801.881371][T19844] dummy0: left allmulticast mode
[  801.921095][T19844] dummy0: left promiscuous mode
[  801.926403][T19844] bridge0: port 3(dummy0) entered disabled state
[  802.036540][T19678] 8021q: adding VLAN 0 to HW filter on device batadv0
[  802.301319][T19678] veth0_vlan: entered promiscuous mode
[  802.320213][T19678] veth1_vlan: entered promiscuous mode
[  802.349701][T19678] veth0_macvtap: entered promiscuous mode
[  802.365125][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  802.379349][T19678] veth1_macvtap: entered promiscuous mode
[  802.391526][T19678] batman_adv: batadv0: Interface activated: batadv_slave_0
[  802.416595][T19678] batman_adv: batadv0: Interface activated: batadv_slave_1
[  802.445766][   T31] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  802.483533][   T31] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  802.501478][   T31] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  802.541526][T19909] loop6: detected capacity change from 0 to 128
[  802.551373][   T31] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  802.562161][T19905] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  802.569819][T19905] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  802.577628][T19905] vhci_hcd vhci_hcd.0: Device attached
[  802.623431][T19914] netlink: 'syz.3.4607': attribute type 10 has an invalid length.
[  802.631769][T19914] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4607'.
[  802.643473][T19914] dummy0: entered promiscuous mode
[  802.657396][T19914] bridge0: port 3(dummy0) entered blocking state
[  802.664444][T19914] bridge0: port 3(dummy0) entered disabled state
[  802.729442][   T29] kauditd_printk_skb: 100 callbacks suppressed
[  802.729460][   T29] audit: type=1326 audit(1755187853.863:10428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  802.764212][T19914] dummy0: entered allmulticast mode
[  802.786690][T19910] vhci_hcd: connection closed
[  802.789853][   T31] vhci_hcd: stop threads
[  802.799201][   T31] vhci_hcd: release socket
[  802.803690][   T31] vhci_hcd: disconnect device
[  802.809776][   T29] audit: type=1326 audit(1755187853.863:10429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  802.834372][   T29] audit: type=1326 audit(1755187853.863:10430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  802.848526][T19924] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4612'.
[  802.858478][   T29] audit: type=1326 audit(1755187853.863:10431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  802.872390][ T3412] usb 4-1: enqueue for inactive port 0
[  802.892599][   T29] audit: type=1326 audit(1755187853.863:10432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  802.922367][   T29] audit: type=1326 audit(1755187853.863:10433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  802.946336][   T29] audit: type=1326 audit(1755187853.863:10434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  802.970834][   T29] audit: type=1326 audit(1755187853.863:10435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  802.995530][   T29] audit: type=1326 audit(1755187853.943:10436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  803.019855][   T29] audit: type=1326 audit(1755187853.943:10437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19923 comm="syz.6.4612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  803.067175][T19924] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4612'.
[  803.151486][T19937] loop7: detected capacity change from 0 to 512
[  803.164650][T19937] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  803.244914][T19937] EXT4-fs (loop7): orphan cleanup on readonly fs
[  803.253661][T19937] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4611: bg 0: block 248: padding at end of block bitmap is not set
[  803.273023][T19937] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4611: Failed to acquire dquot type 1
[  803.286019][T19937] EXT4-fs (loop7): 1 truncate cleaned up
[  803.361756][T19932] FAULT_INJECTION: forcing a failure.
[  803.361756][T19932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  803.375262][T19932] CPU: 1 UID: 0 PID: 19932 Comm: syz.3.4614 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  803.375295][T19932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  803.375307][T19932] Call Trace:
[  803.375316][T19932]  <TASK>
[  803.375397][T19932]  __dump_stack+0x1d/0x30
[  803.375423][T19932]  dump_stack_lvl+0xe8/0x140
[  803.375473][T19932]  dump_stack+0x15/0x1b
[  803.375487][T19932]  should_fail_ex+0x265/0x280
[  803.375506][T19932]  should_fail+0xb/0x20
[  803.375540][T19932]  should_fail_usercopy+0x1a/0x20
[  803.375573][T19932]  _copy_from_user+0x1c/0xb0
[  803.375622][T19932]  __sys_bpf+0x178/0x7b0
[  803.375657][T19932]  __x64_sys_bpf+0x41/0x50
[  803.375696][T19932]  x64_sys_call+0x2aea/0x2ff0
[  803.375717][T19932]  do_syscall_64+0xd2/0x200
[  803.375746][T19932]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  803.375799][T19932]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  803.375886][T19932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.375909][T19932] RIP: 0033:0x7f0e69d9ebe9
[  803.375924][T19932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  803.376018][T19932] RSP: 002b:00007f0e687ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  803.376037][T19932] RAX: ffffffffffffffda RBX: 00007f0e69fc5fa0 RCX: 00007f0e69d9ebe9
[  803.376051][T19932] RDX: 0000000000000040 RSI: 00002000000012c0 RDI: 000000000000001c
[  803.376063][T19932] RBP: 00007f0e687ff090 R08: 0000000000000000 R09: 0000000000000000
[  803.376075][T19932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  803.376086][T19932] R13: 00007f0e69fc6038 R14: 00007f0e69fc5fa0 R15: 00007ffe521714e8
[  803.376104][T19932]  </TASK>
[  803.562485][ T3412] usb 4-1: enqueue for inactive port 0
[  803.585212][T19937] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  803.680601][T19945] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4618'.
[  803.828847][T19948] loop1: detected capacity change from 0 to 128
[  804.617427][T19961] netlink: 'syz.8.4624': attribute type 10 has an invalid length.
[  804.625623][T19961] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4624'.
[  804.661998][T19961] dummy0: entered promiscuous mode
[  804.679654][T19961] bridge0: port 3(dummy0) entered blocking state
[  804.686805][T19961] bridge0: port 3(dummy0) entered disabled state
[  804.700394][T19961] dummy0: entered allmulticast mode
[  804.720034][T19961] bridge0: port 3(dummy0) entered blocking state
[  804.726643][T19961] bridge0: port 3(dummy0) entered forwarding state
[  804.782587][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  804.799173][T19964] loop3: detected capacity change from 0 to 512
[  804.809624][T19964] EXT4-fs: test_dummy_encryption option not supported
[  804.856918][T19967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  804.873905][T19969] loop8: detected capacity change from 0 to 128
[  804.881759][T19967] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  805.063663][T19977] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4630'.
[  805.179269][T19981] dummy0: left allmulticast mode
[  805.184854][T19981] bridge0: port 3(dummy0) entered disabled state
[  805.279694][T19982] hub 8-0:1.0: USB hub found
[  805.285107][T19982] hub 8-0:1.0: 8 ports detected
[  805.385331][ T3412] usb usb4-port1: attempt power cycle
[  805.419057][T19992] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  805.488366][T19994] hub 8-0:1.0: USB hub found
[  805.531353][T19994] hub 8-0:1.0: 8 ports detected
[  805.581362][T20000] loop7: detected capacity change from 0 to 128
[  805.607891][T20003] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4640'.
[  805.672539][T20009] loop7: detected capacity change from 0 to 164
[  805.772796][T20017] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  805.784254][T20017] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  805.809809][T20013] hub 8-0:1.0: USB hub found
[  805.814670][T20013] hub 8-0:1.0: 8 ports detected
[  806.100801][T20026] hub 8-0:1.0: USB hub found
[  806.105589][T20026] hub 8-0:1.0: 8 ports detected
[  806.343040][T20032] loop7: detected capacity change from 0 to 128
[  807.542657][T20060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  807.560296][T20060] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  807.642206][T20062] loop1: detected capacity change from 0 to 512
[  807.741559][T20062] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  807.754741][T20062] ext4 filesystem being mounted at /351/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  807.827227][ T3412] usb usb4-port1: unable to enumerate USB device
[  807.925076][   T29] kauditd_printk_skb: 94 callbacks suppressed
[  807.925096][   T29] audit: type=1326 audit(1755187859.003:10530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20046 comm="syz.6.4657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  807.955351][   T29] audit: type=1326 audit(1755187859.003:10531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20046 comm="syz.6.4657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe63a3ebe9 code=0x7ffc0000
[  807.995755][T20058] bridge0: port 2(bridge_slave_1) entered disabled state
[  808.004086][T20058] bridge0: port 1(bridge_slave_0) entered disabled state
[  808.170641][T20058] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  808.200830][T20058] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  808.310937][   T41] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  808.331565][   T41] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  808.422734][   T41] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  808.459830][   T41] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  808.811407][T20076] loop8: detected capacity change from 0 to 512
[  808.819439][T20076] EXT4-fs: Ignoring removed mblk_io_submit option
[  808.844819][T20076] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  808.877582][T20076] EXT4-fs (loop8): 1 truncate cleaned up
[  808.890550][T20076] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  809.149291][T14118] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  809.389114][T20095] hub 8-0:1.0: USB hub found
[  809.406103][T20095] hub 8-0:1.0: 8 ports detected
[  809.701181][T20114] loop6: detected capacity change from 0 to 512
[  809.709347][T20114] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  809.753181][T19538] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  809.774412][T20117] loop7: detected capacity change from 0 to 512
[  809.863958][T20120] loop3: detected capacity change from 0 to 128
[  810.093478][T20117] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  810.106385][T20117] ext4 filesystem being mounted at /254/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  810.147915][T20114] EXT4-fs (loop6): orphan cleanup on readonly fs
[  810.156132][T20114] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4683: bg 0: block 248: padding at end of block bitmap is not set
[  810.173309][T20114] Quota error (device loop6): write_blk: dquota write failed
[  810.181593][T20114] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  810.191960][T20114] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.4683: Failed to acquire dquot type 1
[  810.207858][T20114] EXT4-fs (loop6): 1 truncate cleaned up
[  810.214971][T20114] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  810.261830][T19678] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  810.372716][   T29] audit: type=1326 audit(1755187861.503:10532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20124 comm="syz.3.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  810.464783][   T29] audit: type=1326 audit(1755187861.533:10533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20124 comm="syz.3.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  810.488902][   T29] audit: type=1326 audit(1755187861.533:10534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20124 comm="syz.3.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  810.513440][   T29] audit: type=1326 audit(1755187861.533:10535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20124 comm="syz.3.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  810.537418][   T29] audit: type=1326 audit(1755187861.533:10536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20124 comm="syz.3.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  810.561457][   T29] audit: type=1326 audit(1755187861.533:10537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20124 comm="syz.3.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  810.757300][T20144] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  810.765168][T20144] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  810.773521][T20144] vhci_hcd vhci_hcd.0: Device attached
[  810.843461][T20152] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4693'.
[  810.947790][T20145] vhci_hcd: connection closed
[  810.948098][  T133] vhci_hcd: stop threads
[  810.957663][  T133] vhci_hcd: release socket
[  810.962245][  T133] vhci_hcd: disconnect device
[  811.050557][T20159] loop3: detected capacity change from 0 to 512
[  811.152201][T20159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  811.194627][T20159] ext4 filesystem being mounted at /292/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  811.366228][T20164] loop8: detected capacity change from 0 to 512
[  811.388607][T20164] EXT4-fs: test_dummy_encryption option not supported
[  811.421882][T20158] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.4695: corrupted inode contents
[  811.440737][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  811.508703][T20158] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.4695: mark_inode_dirty error
[  811.558396][T20172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4698'.
[  811.608650][T20173] loop7: detected capacity change from 0 to 128
[  811.623509][T20158] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.4695: corrupted inode contents
[  811.650869][T20158] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.4695: mark_inode_dirty error
[  811.699242][T20177] loop6: detected capacity change from 0 to 128
[  811.793952][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  811.795630][T20182] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  811.827692][T20180] 9pnet_fd: Insufficient options for proto=fd
[  811.832549][T20182] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  811.940254][T20192] ÿÿÿÿÿÿ: renamed from vlan1
[  812.032150][T20201] loop6: detected capacity change from 0 to 128
[  812.077923][T20204] loop3: detected capacity change from 0 to 128
[  812.270157][T20221] 9pnet_fd: Insufficient options for proto=fd
[  812.494255][T20232] loop1: detected capacity change from 0 to 128
[  812.592957][T20238] loop3: detected capacity change from 0 to 128
[  812.695875][T20245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4729'.
[  812.786744][T20252] FAULT_INJECTION: forcing a failure.
[  812.786744][T20252] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  812.800467][T20252] CPU: 0 UID: 0 PID: 20252 Comm: syz.7.4732 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  812.800548][T20252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  812.800560][T20252] Call Trace:
[  812.800565][T20252]  <TASK>
[  812.800572][T20252]  __dump_stack+0x1d/0x30
[  812.800593][T20252]  dump_stack_lvl+0xe8/0x140
[  812.800611][T20252]  dump_stack+0x15/0x1b
[  812.800629][T20252]  should_fail_ex+0x265/0x280
[  812.800707][T20252]  should_fail+0xb/0x20
[  812.800721][T20252]  should_fail_usercopy+0x1a/0x20
[  812.800820][T20252]  _copy_to_user+0x20/0xa0
[  812.800855][T20252]  simple_read_from_buffer+0xb5/0x130
[  812.800939][T20252]  proc_fail_nth_read+0x10e/0x150
[  812.800965][T20252]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  812.800985][T20252]  vfs_read+0x1a5/0x770
[  812.801077][T20252]  ? __rcu_read_unlock+0x4f/0x70
[  812.801096][T20252]  ? __fget_files+0x184/0x1c0
[  812.801118][T20252]  ksys_read+0xda/0x1a0
[  812.801141][T20252]  __x64_sys_read+0x40/0x50
[  812.801224][T20252]  x64_sys_call+0x27bc/0x2ff0
[  812.801242][T20252]  do_syscall_64+0xd2/0x200
[  812.801317][T20252]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  812.801343][T20252]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  812.801368][T20252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.801386][T20252] RIP: 0033:0x7f4f485cd5fc
[  812.801400][T20252] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  812.801489][T20252] RSP: 002b:00007f4f4702f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  812.801506][T20252] RAX: ffffffffffffffda RBX: 00007f4f487f5fa0 RCX: 00007f4f485cd5fc
[  812.801521][T20252] RDX: 000000000000000f RSI: 00007f4f4702f0a0 RDI: 0000000000000007
[  812.801535][T20252] RBP: 00007f4f4702f090 R08: 0000000000000000 R09: 0000000000000000
[  812.801548][T20252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  812.801562][T20252] R13: 00007f4f487f6038 R14: 00007f4f487f5fa0 R15: 00007ffffc05e818
[  812.801597][T20252]  </TASK>
[  813.034114][T20255] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4733'.
[  813.505424][T20271] loop6: detected capacity change from 0 to 128
[  813.567186][T20276] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4741'.
[  813.636861][   T29] kauditd_printk_skb: 73 callbacks suppressed
[  813.636875][   T29] audit: type=1326 audit(1755187864.773:10611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.688360][   T29] audit: type=1326 audit(1755187864.813:10612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.712229][   T29] audit: type=1326 audit(1755187864.813:10613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.736585][   T29] audit: type=1326 audit(1755187864.813:10614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.762872][   T29] audit: type=1326 audit(1755187864.813:10615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.788640][   T29] audit: type=1326 audit(1755187864.813:10616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.813316][   T29] audit: type=1326 audit(1755187864.813:10617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.837269][   T29] audit: type=1326 audit(1755187864.813:10618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.861865][   T29] audit: type=1326 audit(1755187864.813:10619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.886318][   T29] audit: type=1326 audit(1755187864.813:10620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20277 comm="syz.3.4742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  813.994891][T20293] loop6: detected capacity change from 0 to 128
[  814.051101][T20301] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  814.084625][T20301] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  814.098520][T20305] loop7: detected capacity change from 0 to 512
[  814.105994][T20305] EXT4-fs: Ignoring removed mblk_io_submit option
[  814.112852][T20305] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  814.125691][T20305] EXT4-fs (loop7): 1 truncate cleaned up
[  814.132136][T20305] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  814.382023][T20311] FAULT_INJECTION: forcing a failure.
[  814.382023][T20311] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  814.395677][T20311] CPU: 0 UID: 0 PID: 20311 Comm: syz.1.4753 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  814.395706][T20311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  814.395815][T20311] Call Trace:
[  814.395823][T20311]  <TASK>
[  814.395833][T20311]  __dump_stack+0x1d/0x30
[  814.395857][T20311]  dump_stack_lvl+0xe8/0x140
[  814.395877][T20311]  dump_stack+0x15/0x1b
[  814.395903][T20311]  should_fail_ex+0x265/0x280
[  814.395961][T20311]  should_fail+0xb/0x20
[  814.395976][T20311]  should_fail_usercopy+0x1a/0x20
[  814.395996][T20311]  _copy_from_user+0x1c/0xb0
[  814.396022][T20311]  ___sys_sendmsg+0xc1/0x1d0
[  814.396056][T20311]  __sys_sendmmsg+0x178/0x300
[  814.396086][T20311]  __x64_sys_sendmmsg+0x57/0x70
[  814.396108][T20311]  x64_sys_call+0x1c4a/0x2ff0
[  814.396197][T20311]  do_syscall_64+0xd2/0x200
[  814.396223][T20311]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  814.396245][T20311]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  814.396267][T20311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.396319][T20311] RIP: 0033:0x7faa3d16ebe9
[  814.396333][T20311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  814.396349][T20311] RSP: 002b:00007faa3bbcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  814.396369][T20311] RAX: ffffffffffffffda RBX: 00007faa3d395fa0 RCX: 00007faa3d16ebe9
[  814.396381][T20311] RDX: 0000000000000002 RSI: 0000200000003b00 RDI: 0000000000000004
[  814.396453][T20311] RBP: 00007faa3bbcf090 R08: 0000000000000000 R09: 0000000000000000
[  814.396466][T20311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  814.396478][T20311] R13: 00007faa3d396038 R14: 00007faa3d395fa0 R15: 00007ffd834fac48
[  814.396497][T20311]  </TASK>
[  814.724117][T20320] netlink: 'syz.6.4757': attribute type 10 has an invalid length.
[  814.732516][T20320] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4757'.
[  814.764485][T20320] dummy0: entered promiscuous mode
[  814.810669][T20320] bridge0: port 3(dummy0) entered blocking state
[  814.822191][T20320] bridge0: port 3(dummy0) entered disabled state
[  814.840298][T20320] dummy0: entered allmulticast mode
[  814.966585][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  815.019517][T20331] loop6: detected capacity change from 0 to 128
[  815.033096][T20334] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4763'.
[  815.043449][T20332] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4762'.
[  815.104011][T20340] loop3: detected capacity change from 0 to 512
[  815.118586][T20340] EXT4-fs: test_dummy_encryption option not supported
[  815.170017][T20342] netlink: 'syz.8.4765': attribute type 10 has an invalid length.
[  815.178239][T20342] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4765'.
[  815.228545][T20342] bridge0: port 3(dummy0) entered blocking state
[  815.236083][T20342] bridge0: port 3(dummy0) entered disabled state
[  815.266677][T20347] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4764'.
[  815.473467][T20342] dummy0: entered allmulticast mode
[  815.544895][T20342] bridge0: port 3(dummy0) entered blocking state
[  815.554334][T20342] bridge0: port 3(dummy0) entered forwarding state
[  815.762838][T20362] loop8: detected capacity change from 0 to 512
[  815.788325][T20362] EXT4-fs: Ignoring removed mblk_io_submit option
[  815.825944][T20362] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  815.871196][T20365] netlink: 'syz.6.4772': attribute type 10 has an invalid length.
[  815.888425][T20365] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4772'.
[  815.912426][T20362] EXT4-fs (loop8): 1 truncate cleaned up
[  815.965542][T20362] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  816.000916][T20377] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4776'.
[  816.022240][T20374] loop7: detected capacity change from 0 to 1024
[  816.049230][T20374] EXT4-fs: Ignoring removed nomblk_io_submit option
[  816.060860][T20379] loop6: detected capacity change from 0 to 512
[  816.100898][T20382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  816.111176][T20382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  816.121157][T20374] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  816.168112][T20379] EXT4-fs: Ignoring removed mblk_io_submit option
[  816.175415][T20374] System zones: 0-1, 3-36
[  816.180052][T20379] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  816.195995][T20374] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  816.197195][T20379] EXT4-fs (loop6): 1 truncate cleaned up
[  816.222035][T20379] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  816.609828][T19538] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  816.940221][T19678] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  816.955493][T20395] loop1: detected capacity change from 0 to 512
[  816.968086][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  816.978063][T20395] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  817.016613][T20396] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4782'.
[  817.037545][T20400] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  817.049025][T20395] EXT4-fs (loop1): orphan cleanup on readonly fs
[  817.119060][T20395] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4780: bg 0: block 248: padding at end of block bitmap is not set
[  817.183175][T20411] loop6: detected capacity change from 0 to 128
[  817.203622][T20395] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.4780: Failed to acquire dquot type 1
[  817.215801][T20395] EXT4-fs (loop1): 1 truncate cleaned up
[  817.222251][T20395] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  817.293013][T20413] netlink: 'syz.7.4788': attribute type 10 has an invalid length.
[  817.304878][T20413] netlink: 40 bytes leftover after parsing attributes in process `syz.7.4788'.
[  817.584542][T20433] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4795'.
[  817.584833][T20432] hub 8-0:1.0: USB hub found
[  817.671315][T20432] hub 8-0:1.0: 8 ports detected
[  817.679401][T20437] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  817.978640][T20446] loop7: detected capacity change from 0 to 512
[  818.874922][T20446] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  819.182016][T20456] loop6: detected capacity change from 0 to 128
[  819.424262][T20446] EXT4-fs (loop7): 1 truncate cleaned up
[  819.430635][T20446] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  819.563307][T20464] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4804'.
[  819.602561][T20462] hub 8-0:1.0: USB hub found
[  819.608182][T20462] hub 8-0:1.0: 8 ports detected
[  819.608976][T15522] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  819.624456][T20466] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4805'.
[  819.684750][   T29] kauditd_printk_skb: 80 callbacks suppressed
[  819.684768][   T29] audit: type=1326 audit(1755187870.813:10699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.716313][   T29] audit: type=1326 audit(1755187870.813:10700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.740818][   T29] audit: type=1326 audit(1755187870.823:10701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.765668][   T29] audit: type=1326 audit(1755187870.823:10702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.791523][   T29] audit: type=1326 audit(1755187870.823:10703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.815746][   T29] audit: type=1326 audit(1755187870.823:10704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.840559][   T29] audit: type=1326 audit(1755187870.823:10705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.865012][   T29] audit: type=1326 audit(1755187870.823:10706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.889484][   T29] audit: type=1326 audit(1755187870.903:10707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  819.913395][   T29] audit: type=1326 audit(1755187870.903:10708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20469 comm="syz.8.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360e41ebe9 code=0x7ffc0000
[  820.014142][T20478] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  820.021050][T20478] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  820.029023][T20478] vhci_hcd vhci_hcd.0: Device attached
[  820.037396][T20479] vhci_hcd: cannot find the pending unlink 1
[  820.355090][ T3365] usb 8-1: SetAddress Request (2) to port 0
[  820.361214][ T3365] usb 8-1: new SuperSpeed USB device number 2 using vhci_hcd
[  820.847138][T20479] vhci_hcd: connection reset by peer
[  820.852666][ T9240] vhci_hcd: stop threads
[  820.857090][ T9240] vhci_hcd: release socket
[  820.861621][ T9240] vhci_hcd: disconnect device
[  820.962038][T14118] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  820.981852][T20505] loop1: detected capacity change from 0 to 128
[  821.055893][T20512] loop1: detected capacity change from 0 to 128
[  821.200571][T20517] loop1: detected capacity change from 0 to 512
[  821.327622][T20517] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  821.341232][T20517] ext4 filesystem being mounted at /379/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  821.493666][T20524] loop3: detected capacity change from 0 to 128
[  821.501980][T20523] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4824'.
[  822.131486][T20541] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  822.166008][T20541] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  822.494621][T20555] loop3: detected capacity change from 0 to 128
[  822.587475][T20558] 9pnet_fd: Insufficient options for proto=fd
[  822.722367][T20566] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  822.729202][T20566] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  822.737380][T20566] vhci_hcd vhci_hcd.0: Device attached
[  822.816754][T20574] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4844'.
[  823.079912][T20580] loop8: detected capacity change from 0 to 512
[  823.210048][T14118] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  823.262067][T20580] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  823.275157][T20580] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  823.563688][T20567] vhci_hcd: connection closed
[  823.564363][ T9240] vhci_hcd: stop threads
[  823.573482][ T9240] vhci_hcd: release socket
[  823.578033][ T9240] vhci_hcd: disconnect device
[  824.324141][T20592] loop3: detected capacity change from 0 to 128
[  824.461621][T20600] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  824.536983][T20608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  824.558630][T20608] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  824.841884][T19538] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  824.871086][T20621] loop8: detected capacity change from 0 to 128
[  825.044781][T20626] loop1: detected capacity change from 0 to 512
[  825.053005][T20626] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  825.232087][T20626] EXT4-fs (loop1): 1 truncate cleaned up
[  825.238593][T20626] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  825.344989][   T29] kauditd_printk_skb: 65 callbacks suppressed
[  825.345008][   T29] audit: type=1326 audit(1755187876.433:10774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.376223][   T29] audit: type=1326 audit(1755187876.433:10775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.400188][   T29] audit: type=1326 audit(1755187876.433:10776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.424387][   T29] audit: type=1326 audit(1755187876.433:10777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.448738][   T29] audit: type=1326 audit(1755187876.443:10778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.473016][   T29] audit: type=1326 audit(1755187876.443:10779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.497257][   T29] audit: type=1326 audit(1755187876.443:10780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.521593][   T29] audit: type=1326 audit(1755187876.443:10781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.545992][   T29] audit: type=1326 audit(1755187876.443:10782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.570049][   T29] audit: type=1326 audit(1755187876.443:10783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20629 comm="syz.3.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e69d9ebe9 code=0x7ffc0000
[  825.606459][ T3365] usb 8-1: device descriptor read/8, error -110
[  825.844511][ T3365] usb 8-1: new SuperSpeed USB device number 2 using vhci_hcd
[  825.881115][ T3365] usb 8-1: enqueue for inactive port 0
[  825.889365][ T3365] usb 8-1: enqueue for inactive port 0
[  825.895201][ T3365] usb 8-1: enqueue for inactive port 0
[  825.991530][T20646] 9pnet_fd: Insufficient options for proto=fd
[  826.308289][T20663] loop8: detected capacity change from 0 to 512
[  826.335237][T20663] EXT4-fs: Ignoring removed mblk_io_submit option
[  826.379329][T20663] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  826.407405][T14118] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  826.412525][T20669] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  826.419876][T20663] EXT4-fs (loop8): 1 truncate cleaned up
[  826.444281][T20675] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4877'.
[  826.456329][T20663] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  826.521233][T20679] loop3: detected capacity change from 0 to 512
[  826.529528][T20679] EXT4-fs: Ignoring removed mblk_io_submit option
[  826.538526][T20679] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  826.556503][T20679] EXT4-fs (loop3): 1 truncate cleaned up
[  826.563113][T20679] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  826.775635][T20682] ==================================================================
[  826.784277][T20682] BUG: KCSAN: data-race in touch_atime / touch_atime
[  826.791231][T20682] 
[  826.793657][T20682] read to 0xffff8881177e8180 of 4 bytes by task 20679 on cpu 1:
[  826.801544][T20682]  touch_atime+0x194/0x340
[  826.806133][T20682]  filemap_splice_read+0x6ba/0x740
[  826.811449][T20682]  ext4_file_splice_read+0x8f/0xb0
[  826.816950][T20682]  splice_direct_to_actor+0x26c/0x680
[  826.822522][T20682]  do_splice_direct+0xda/0x150
[  826.827667][T20682]  do_sendfile+0x380/0x650
[  826.832109][T20682]  __x64_sys_sendfile64+0x105/0x150
[  826.837340][T20682]  x64_sys_call+0x2bb0/0x2ff0
[  826.842038][T20682]  do_syscall_64+0xd2/0x200
[  826.846579][T20682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.852831][T20682] 
[  826.855253][T20682] write to 0xffff8881177e8180 of 4 bytes by task 20682 on cpu 0:
[  826.863356][T20682]  touch_atime+0x1e8/0x340
[  826.867806][T20682]  filemap_splice_read+0x6ba/0x740
[  826.872951][T20682]  ext4_file_splice_read+0x8f/0xb0
[  826.878102][T20682]  splice_direct_to_actor+0x26c/0x680
[  826.884368][T20682]  do_splice_direct+0xda/0x150
[  826.889254][T20682]  do_sendfile+0x380/0x650
[  826.893814][T20682]  __x64_sys_sendfile64+0x105/0x150
[  826.899127][T20682]  x64_sys_call+0x2bb0/0x2ff0
[  826.903826][T20682]  do_syscall_64+0xd2/0x200
[  826.908361][T20682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.914277][T20682] 
[  826.916697][T20682] value changed: 0x35d824e7 -> 0x3670bb67
[  826.922417][T20682] 
[  826.924752][T20682] Reported by Kernel Concurrency Sanitizer on:
[  826.930906][T20682] CPU: 0 UID: 0 PID: 20682 Comm: syz.3.4879 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) 
[  826.935254][ T3365] usb usb8-port1: attempt power cycle
[  826.943592][T20682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  826.943611][T20682] ==================================================================
[  827.157920][T19538] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  827.431330][T14294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  828.805194][ T3365] usb usb8-port1: unable to enumerate USB device
[  830.655229][ T3365] usb usb8-port1: attempt power cycle
[  832.485218][ T3365] usb usb8-port1: unable to enumerate USB device