last executing test programs:

2.322282688s ago: executing program 1 (id=512):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x20}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000200), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r2, &(0x7f0000000040)="8100", 0x2, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffd}, 0x1c)

2.306398169s ago: executing program 4 (id=513):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x7, &(0x7f0000000100)=ANY=[@ANYBLOB="29802000fffbffff181a0000", @ANYRES32=0x1, @ANYBLOB="0000000000000000d3860001000000009512010000000000185a00"/40], &(0x7f0000000140)='syzkaller\x00', 0xa581, 0x1000, &(0x7f0000000b40)=""/4096, 0x41100, 0x1, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000280)=[0x1, 0x1, 0x1, 0xffffffffffffffff], &(0x7f00000002c0)=[{0x4, 0x3, 0x6, 0x4}, {0x5, 0x4, 0x0, 0xb}, {0x5, 0x3, 0xc, 0x1}, {0x1, 0x4, 0x10, 0x8}], 0x10, 0x8000}, 0x94)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES16=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r4=>0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r6=>0x0, &(0x7f0000000580)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x4})
io_uring_enter(r5, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
fcntl$setpipe(r5, 0x407, 0x6)
r8 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0xca6a, 0x40, 0x3, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r8, 0xb, &(0x7f0000000480), 0x66)
dup2(r5, r5)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000340), 0x4)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000001c0)={0x2, &(0x7f0000000100)=[{0x0, 0x6, 0x1, 0x9}, {0xf, 0x1, 0xfc, 0x401}]})
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, 0x0, 0x4004090)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a118001500060014ea000000120800030043000040a8002b000a", 0x35}], 0x1}, 0x20000880)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0xfe33)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xaf, '\x00', r4, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.235070856s ago: executing program 1 (id=515):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x7, &(0x7f0000000100)=ANY=[@ANYBLOB="29802000fffbffff181a0000", @ANYRES32=0x1, @ANYBLOB="0000000000000000d3860001000000009512010000000000185a00"/40], &(0x7f0000000140)='syzkaller\x00', 0xa581, 0x1000, &(0x7f0000000b40)=""/4096, 0x41100, 0x1, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1, 0x1, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0x8000}, 0x94)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES16=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r4=>0x0})
r5 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r6=>0x0, &(0x7f0000000580)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x4})
io_uring_enter(r5, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
fcntl$setpipe(r5, 0x407, 0x6)
r8 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0xca6a, 0x40, 0x3, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r8, 0xb, &(0x7f0000000480), 0x66)
dup2(r5, r5)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000340), 0x4)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000001c0)={0x2, &(0x7f0000000100)=[{0x0, 0x6, 0x1, 0x9}, {0xf, 0x1, 0xfc, 0x401}]})
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f00000002c0)={&(0x7f0000000040)=@rxrpc=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x80, 0x0}, 0x4004090)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a118001500060014ea000000120800030043000040a8002b000a", 0x35}], 0x1}, 0x20000880)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0xfe33)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xaf, '\x00', r4, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)

1.464057184s ago: executing program 2 (id=522):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x40840)

1.431303597s ago: executing program 4 (id=523):
socket$inet_icmp(0x2, 0x2, 0x1)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
socket(0x400000000010, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2c, 0x3, "9ac420002e61afb9fdd672bad09dfb78c7699c74e891a0c7fffffffffffffff50000000000000000"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)

1.4019933s ago: executing program 4 (id=524):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000040)=@chain={'key_or_keyring:', r0})

1.383646352s ago: executing program 4 (id=525):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc823000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x602100, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'batadv0\x00', 0x112})
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000040)=r0)
close(r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001880)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000100)='\x00\x00', 0x2}, {&(0x7f0000000200)="960c00004500", 0x6}], 0x2}, 0x2c000800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r7, 0x0, 0x1}, 0x18)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r8, 0x0, 0x60, &(0x7f0000000600)={'filter\x00', 0xb001, 0x4, 0x3d0, 0x0, 0xe8, 0x1f8, 0x2e8, 0x2e8, 0x2e8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@uncond, 0xc0, 0x110, 0x0, {0x0, 0x1e03}}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @multicast2, 0x2}}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'netpci0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r9 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x201, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r9, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a68100d7c727e7d63c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028642b17832b10b386a6f73791010500a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ed7eff0d26ff199ee1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd1445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c00"})
ioctl$USBDEVFS_CONTROL(r9, 0xc0185500, &(0x7f00000001c0)={0xa1, 0x0, 0xfffe, 0x3f00, 0x0, 0x2, 0x0})
syz_read_part_table(0x105c, &(0x7f0000000140)="$eJzszzFqAkEYBeA3YXeTNGGvkDqn2LRaaGErHsEbWHgWBT2FFxNll0XEXkT4vmKY+efx4A+vVe4flyRfD4FqOIfpaXObTs7rz+8kv822+xi+Sx/p2uz+//LTjsXTkkPXpLT12JN6v5rN+8syVRbHZ68HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO/gGgAA//9leQsA")

1.336707416s ago: executing program 1 (id=527):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x6, 0x0, 0x0, 0x4, 0x0, 0x100, 0x18827, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x108122, 0x8000000000000000, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000"], 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x1, @dev={0xfe, 0x80, '\x00', 0x33}, 0x4000000}, 0x1c)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(r0, &(0x7f0000000340), 0x0, 0x45833af92e4b38ff, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/udplite\x00')

1.29914959s ago: executing program 2 (id=528):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2c, 0x3, "9ac420002e61afb9fdd672bad09dfb78c7699c74e891a0c7fffffffffffffff50000000000000000"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})

1.19762767s ago: executing program 2 (id=530):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x9, 0x3, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x84000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="186f66c5189000"/20, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000002a00)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@acl}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8WloIFETFI2nSBz1wAYHEAQQSHIo4BSetSt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPRenfTxLVDHk6c4s9H2nZmd92Z786OPTtjN4CuNZT+kUTsjohfI2Iwyy4/YSj76+bCbOWvhdlKErXaa38m9fNuLMxW8n9i8XW7sh21Wp7f0aTc+TcjxqvVyct5fmTm4jsj01euPnX+4vi5yXOTl8ZOnz5x/HDfqbGTbYkzjevGwfenDh148Y1rL1fOXHvrx6/T+u7OjxdxtNNQdnWberTdhXXYniXppNzBirAmabulzdVb7/+D0RMDi8cG44WPOlo5YFPVarVas8/n3FwN+A9LotM1ADqj+KBPn3+LbYuGHtvCH89mD0Bp3DfzLTtSjlJ+Tm/D82079UfEmbm/v0i32KR5CACApb5Nxz9PNhv/leKeJef9L19D2RsR/4+IfRFxV0Tsj4i7I+rn3hsR962x/MYVktvHP6Xr6wpsldLx3zP52tby8V8x+ou9PXluTz3+3uTs+erksfyaHI3eHWl+dNlLlvvu+V8+a9z3aT7NPrRk/JduafnFWDCvx/VywwTdxPjMeFuCT+P/MOJguVn8SRTLOElEHIiIg+ss4/zjXx1qdezf419BG9aZal9GPJa1/1w0xF9IWq5Pjj59auzkSH9UJ4+NFHfF7X76ef7VVuVvKP42SNt/Z9P7P4s/fUZM+iOmr1y9UF+vnV57GfO/fVxJWhzbv877vy95vZ7uy/e9Nz4zc3k0oi95Kc0OLNs/duu1Rb44P43/6JHm/X9f9nhWvxL3R0R6Ex+OiAci4sG87R6KiIcj4sgK8f/w3CNvtzrWuv1XmJVvozT+iRXaP33LS1O32n/tiZ4L33/Tqvzaqtr/RD11NN+zmve/1VZwI9cOAAAA7hSl+nfgk9LwYrpUGh7OvsO/P3aWqlPTM0+cnXr30kT2Xfm90VsqZroGl8yHjuZzw0V+rCF/PJ83/rxnoJ4frkxVJzodPHS5XS36f+r3nk7XDth0fq8F3Uv/h+6l/0P30v+he+n/0KX6mu/+YKvrAXTE2j//+zelHsDWM/6H7qX/Q/fS/6ErtfxtfGlDP/m/UxPl7VGNpomB7VGNIhGlbVGN9iVe+STrEtulPkWivOr/zGKdiR1ND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gkAAP//Uo/mdg==")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x0, 0x700, 0x7}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r4, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="17fffff1008d9f3ff7a17635feafddc334000000020000000000010095000000000000"], &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000280)=r6, 0x4)
syz_emit_ethernet(0x109e, &(0x7f00000003c0)=ANY=[], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r7 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r7, &(0x7f00000003c0)=[{{&(0x7f0000000100)={0xa, 0x4e24, 0xfffffffe, @mcast2}, 0x1c, 0x0}}], 0x1, 0x80)
r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r9}, &(0x7f0000000a00), &(0x7f00000001c0)=r8}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

977.255662ms ago: executing program 1 (id=534):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x18}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
recvmsg(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=""/112, 0x70}, 0x42)

951.740665ms ago: executing program 2 (id=535):
socket$inet_icmp(0x2, 0x2, 0x1)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
socket(0x400000000010, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2c, 0x3, "9ac420002e61afb9fdd672bad09dfb78c7699c74e891a0c7fffffffffffffff50000000000000000"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)

926.904298ms ago: executing program 4 (id=536):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x400c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x64000600)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)

892.885551ms ago: executing program 1 (id=537):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x7, &(0x7f0000000100)=ANY=[@ANYBLOB="29802000fffbffff181a0000", @ANYRES32=0x1, @ANYBLOB="0000000000000000d3860001000000009512010000000000185a00"/40], &(0x7f0000000140)='syzkaller\x00', 0xa581, 0x1000, &(0x7f0000000b40)=""/4096, 0x41100, 0x1, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x6, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1, 0x1, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0x8000}, 0x94)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES16=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r4=>0x0})
r5 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r6=>0x0, &(0x7f0000000580)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x4})
io_uring_enter(r5, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
fcntl$setpipe(r5, 0x407, 0x6)
r8 = io_uring_setup(0x4d3f, &(0x7f0000000200)={0x0, 0xca6a, 0x40, 0x3, 0x6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r8, 0xb, &(0x7f0000000480), 0x66)
dup2(r5, r5)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000340), 0x4)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000001c0)={0x2, &(0x7f0000000100)=[{0x0, 0x6, 0x1, 0x9}, {0xf, 0x1, 0xfc, 0x401}]})
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f00000002c0)={&(0x7f0000000040)=@rxrpc=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x80, 0x0}, 0x4004090)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a118001500060014ea000000120800030043000040a8002b000a", 0x35}], 0x1}, 0x20000880)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0xfe33)
rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xaf, '\x00', r4, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)

892.333471ms ago: executing program 3 (id=538):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='\x00\x00\x00p', @ANYRES16=r1, @ANYBLOB="010003000000ffdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18efffffffffe04b00000000000088d924d8dac4", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7fff}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000800)={'team0\x00', <r5=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000940)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000900)={&(0x7f0000000840)=ANY=[@ANYBLOB="b80000001d33000226bd7000fedbdf250c001c00", @ANYRES32=r5, @ANYBLOB="0000000014000e00e000000200000000000000000000000038001700070000002dbd700027bd70002dbd700026bd7000080000000008000008000000090000006d87000004000000008000000400000028001a00fc000000000000000000000000000000ac1414aa0000000000000000000000000a00360110000a002cbd700026bd70000200000008001d00ea94000005001900cc0000000800180000020000"], 0xb8}, 0x1, 0x0, 0x0, 0x40000}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000003c0)={&(0x7f0000000140)={0x2c, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x10}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40041}, 0x10)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
r8 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000040)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x2, 0x2], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20008010)

841.965726ms ago: executing program 3 (id=539):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb85000000430000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xeb, '\x00', 0x0, @tracing=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, 0x0, 0x20000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="997425bd7000fbdbdf251500000060000180140001"], 0x74}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x2f, 0x1, 0xfd, 0x2, 0x0, 0x4, 0x514, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x37}, 0x0, 0x10000, 0x5, 0x1, 0x8, 0x20005, 0x0, 0x0, 0x4000, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x6)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000380)='./file2\x00', 0x41, &(0x7f00000001c0), 0x67, 0x545, &(0x7f00000006c0)="$eJzs3cFvI1cZAPBvHHvZ7GabFDhAJUqhRbsrWHvT0DbiUIqE4FQJKPcSEieK4sRR7LSbqCJZ8QcgIQRInODCBYk/AAlV4sIRIVWCMwgQCMEWDhygg8YeZ7PJOHG3Tpyufz9pMm/evJnve45mMuOZzAQwtp6KiJci4p00TW9GxHReX8qH2O8OWbu3772xmA1JpOkr/0giyet660ry8dV8scsR8bUvR3wzOR63tbO7ttBo1Lfy6Vp7fbPW2tm9tbq+sFJfqW/Mzc0+P//C/HPzt4fSz2sR8eIX//L97/z0Sy/+8jOv//HVv934VpbWVD7/cD/epfJJM7tdr3Q+i8MLbD1ksIuo3OlhbrKoxcSxmrtnnBMAAMWyY/wPRsQnI+JmTMfEyYezAAAAwPtQ+vmp+G8SkRa71KceAAAAeB8pde6BTUrV/F6AqSiVqtXuPbwfjiulRrPV/vRyc3tjqXuv7ExUSsurjfrt/F7hmagk2fRsp3x/+tkj03MR8XhEfG96sjNdXWw2lkb95QcAAACMiatHzv//PZ2d/x/8N2fsjTQ7AAAAYGhmRp0AAAAAcOYGPf+/cr9Y8EhvAAAA4CJ7+Ov/m0PNAwAAADgTX3n55WxIe++/XnptZ3ut+dqtpXprrbq+vVhdbG5tVleazZXOM/vWT1ldudFsbn42Nrbv1Nr1VrvW2rkc683tjfarqw+8AhsAAAA4R49//M3fJxGx/7nJzpC5NNiiAzYDLqryQan3Hz0Fm/UfHuuO/3xOSQHnYmLUCQAjUx51AsDIVEadADBypz3Po+/NO7/Jx58Ybj4AAMDwXf9o/+v/pROX3D95NnDh2YhhfLn+D+Orc/1/0Dt5HSzAI6Vy2hHAidv83pCzAUbhPV//P1WavquEAACAoZvqDEmpWu5Nl0rVasS1zmsBKsnyaqN+OyIei4jfTVc+kE3Pdlom3gEIAAAAAAAAAAAAAAAAAAAAAAAAAANK0yRSAAAA4JEWUfpr8qvus/yvTz8zdfT7gUvJf6Yjf0Xo6z965Qd3Ftrtrdms/p8H9e0f5vXPTo7iKwwAAAAYB6e8wP9B3fP0fDx7dkkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMJ7evvfGYm84z7h//0JEzBTFL8flzvhyVCLiyr+SKB9aLomIiSHEn8x+fKQofpKldRCyKP7kEOLv3z0xfuznn0JR/KtDiA/j7M1s//NS0fZXiqc64+LtrxzxwPTD6r//i4P930Sf7f/agDGeeOvntb7x70Y8UT4Wfy+L0Iuf9In/9IDxv/H13d1+89IfR1wv/PuT9Jpke8iotdc3a62d3Vur6wsr9ZX6xtzc7PPzL8w/N3+7trzaqOc/C2N892O/eOek/l/pE3/mlP4/c2xtlwpj/O+tO/c+1C1WiuLfeLog/q9/krc4Hr+U/+37VF7O5l/vlfe75cOe/NlvnzxSVT4cf6lP/0/7/d8o7O1xN7/67T8N2BQAOAetnd21hUajvvXIFrKz9AEbZ0dnFyLnsy0k5XH4vQ9S2BvqCtM0TbNt6j2sJ4mL8LF0CqPeMwEAAMN2/6B/1JkAAAAAAAAAAAAAAAAAAADA+DqPx4kdjbl/UEqG8QhtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICh+H8AAAD//+242A8=")
r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB="e90500000400000000000000d7ffffffffffff", @ANYRES32, @ANYBLOB="05000000000000000500"/28], 0x50)
write$binfmt_register(r6, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmmsg(0xffffffffffffffff, &(0x7f0000000f40)=[{{&(0x7f0000000640)=@in={0x2, 0x4e23, @remote}, 0x80, &(0x7f0000000f00)=[{&(0x7f0000000d80)="b29cdf7498fbfaf5da393d73", 0xc}, {&(0x7f0000000dc0)="e1a887bf330fc110a69404abb45f2a5b70484eb05d23989e2dd677ddcfea0b107f214ab74c01e775", 0x28}, {&(0x7f0000000e80)="22ebccfd24a49951035cec6b48208bd6cd1ec5940b3ba797a9d36847ba87580c54e12a3951524416cfdb78bdf4b1949e99b2ef9ed9e8e9411c7fa8aaa98e6b58bb218fc9647b214b561f3a432c98f8a1a7d550854225966ff584e473e2e98b123f472bb4fc68b513b9ef", 0x6a}], 0x3}}], 0x1, 0x810)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x200000000000006}, 0x18)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xe, 0xc, &(0x7f0000000d40)=ANY=[@ANYRESOCT=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x9}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000c40)=ANY=[@ANYBLOB="0b5e73736ceb279761f438198443cf04f17294f579c6b59587dea87f63ab0f2a866e5bf70d9d1beebe53189e4149014ea9ee171adcf3576ccdcac0ac8c", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086", @ANYBLOB="67866536a5ae099a6eb4878477f9e4e9ea4a4469f74f", @ANYRES32=r7, @ANYRES32, @ANYRES64=r9, @ANYRES64=r8, @ANYRESOCT=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000400), 0x4)

830.241377ms ago: executing program 0 (id=540):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000200)='.\x02\x00', 0x2010006, &(0x7f0000000000)=ANY=[], 0x11, 0x55d, &(0x7f0000000b00)="$eJzs3VFv01YbwPHHpYWSV0LoZUKoKnAom1SkEhwXgiKuPOckPeDYke2g9gpVNEUVKUyUSWtvNm7YJm0fgtt9iH0jtI/AZDspzdo0HaUJ6v6/Co5jH/s8x4n86LTxsQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALG8qm2XLPFN0FpWg3nVKGx8fNnde98KudVXHNKuiJX+k+lpuZKvuvLVx82X0//mZDZ/NSvTaTEtO/+7fPHBpcmJ3v6HBDwSW9s7z1c7nfarcQdygq6eG7ytrgMTh6bh1rUycagq5bJ9Z6kWq5rxdbwSJ7qhvEi7SRipee+WKlUqi0oXV8JWUK+6vu6tvH/bse2yelhsajeKw+DOw2LsLRnfN0E9q5NuTuvcTz+Ij0yiEu02lFrf6LQXh3UgrVQ6SiVnWCXHdpxSyXFK5XuVe/dte3LfCvsfZF+N8X9oMV6f8eoNHM9EN/+LL0YCacmyqAN/PKlKJKE0Bmzv6uX/b+7oQ9vdm/97Wf7Kx80zkuX/a/mra4Py/4BYRvezJduyI89lVTrSkba8GntEo/2pi5ZAjMQSipGGuNka1V2jpCJlKYstT2RJahKLkpoY8UVLLCsSSyI6+0R5EokWVxIJJRIl8+LJLVFSkopUZFGUaCnKioTSkkDqUhU3O8q6bGTnfVGUNSjG3Uqlgd0o9D53bXEO6S35H8f3Wa/fwHF86OV/AAAAAABwalnZb9/T8f+UXM2WasbX9rjDAgAAAAAAn1H2l//ZtJhKl66KxfgfAAAAAIDTxsrusbNEpCDX86V1sbLbpfglAAAAAAAAp0T29/9raZHNgXJdrN3pUhj/AwAAAABwSvwydI79uHnO+vMviaIp601z+Wtr003ruZtn8v3O9I400S2T2ox1oXuQrCjnxeSkp2et6bzS7iSY77vF+rA4rIMC+GlvADIkgEuT8pvcyOvcWMvLtd6WvJVCzfi66IX+g5K47oWJRC8n37/Y+EGy7v8aNC5Ysr7RaRefvuysZbG8SY/yZrM7geK+eRQPieV1Nt9Cds/FgT2eym7E6LZbyNu19/Z/ov+8H6XNtzKX15nrznhb6O//dNpmqdjX+3TbbhTTstFpl47Z87dyM69zc/5mXhwQhVMc9B50z4WzN4pPOhf7o7D6ojgvIsOiWBwUhXW0KABgXNaHZCFrf+L/hGvtp2V3+ZfZ/a3M53XmZ7IL6+TMAXnFHnZFt4+Z3f7Y9wykQTk2bff33XbzrPou3eHdwHZj37HSU3jm9eZ3cnlre+f2xubqs/az9gvHWSzbd237niNTWTe6xZ5IP5wj9wAAcsOfsTO0hnU3H1VfFDl4VP3/3a8UFOWpvJSOrMlCdrdB9o2DA49a2PM1hIUho9ZClibzJ7wsHDK2PJvd5dA7rnNo3f4YFkfxVgAAMDJzQ/LwUfL/wpBxd38u7x8dn5VBdUsjPxcAAPxX6Oi9VUh+tqLINJ+UKpWSmyxpFYXeIxWZal0rEyQ68pbcoK5VMwqT0Av9dOGxqepYxa1mM4wSVQsj1Qxjs5w9+V11H/0e64YbJMaLm752Y628MEhcL1FVE59Xzda3vomXdJTtHDe1Z2rGcxMTBioOW5Gni0rFWu+paKo6SEzNpIuBakam4UYr6nHotxpaWWJJZJpJmB+w15YJamHUyA5bHPfJBgDgC7G1vfN8tdNpvzrBhXH3EQAA9CNLAwAAAAAAAAAAAAAAAAAAAADw5RvF/X8sjGPhbPcdHkFbvamgx93lE16wRtrBSREZZ5eHXjp+PNELE4AT93cAAAD//+IERnQ=")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file1\x00', &(0x7f0000000240)=ANY=[], 0x0, 0x1200)

829.704727ms ago: executing program 2 (id=541):
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r0 = eventfd2(0x0, 0x0)
io_setup(0x81, 0x0)
read$eventfd(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000240)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001980)=ANY=[@ANYBLOB="0b01040539010000ce000000050000001602000003000000000000000000000050308fdfeb5c88ba300aca0eacd41cea9f510dbe5d36292470d667cb281bd58d13d34fa36c9f2807a7b1d8f500baca8e0e812d129a070f7e691e46a2419693ab8c00eefb02e5000000000000000000000000000000000000000000000000000000000000000000000000000000003d17000000000000000000000000000000000000000000000000000000000000000d0c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d9244777876979f500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b00000000000000000000000066ee11f9d574b581d5593e8177147542ad57c37f25cbde0d07e4c075cb9a2efd70915a796c3daa02840311e0b346412c5794520adbefe9ab40bd3054da77c055be958b90882dfb6a3337309eaec780f40b3bb01128926942de11fd292ba8dd9340ac8187c85456a4c7078bbff9c48a86b952a2c53a995bbbd86ac4fa97f017c74b75a1a6532ae63e6b61a90c30861e3675745f000cf06b"], 0x466)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={&(0x7f0000000140), 0xc, &(0x7f0000000180)={&(0x7f0000000e80)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a200000000e0a01030000000000000000020000060900010073797a310000000048020000060a0500000000000000000001000006080009400000000224020480e40101800b0001007461726765740000d40102800800024000000000500003009fd135d4292dfa9d4d664323a7ea4cc2bd51fb724533583d026d6fa1dae69e3c2e88bf83442095a1d347e8de0dcc51288147564f041c9f95c5d30af68c8cf32f3ee1d57ab5991af75c56b4e00c0001005345434d41524b006f0003001311e8b65b2adf802b2ab9038fd0972114f2220ba37c986fe7365d99a19ef6086921ba18e30245d5d31dea881afb34d8931a7b72289d610ea3fb7c9a940908f2b5a8d875fd87ff8a6505822a41c5045f85a49dd385661df52dbe0ee8e522404da8b0173b7899c5c6af7f96000a000100484d41524b000000f0000300fb1f9f6c166bf3aa28051cc68960297c6fee4df79ff5b052364c0d55173dd0bbf64d1f87230a79104ac7d30b1ee3cce2664193fdad1e8d60a86f83a50e7a80fd314bfb619eb2e8d0ce7d25026eec376bf2c90eb24e9c48b2bd435535098b927d7dc02c0d054f3c7b53978805b04b29ef06c120a0285f73eb876a81acd5629d0443b80027ebb6e53c9af58363238cd4b59ba4e9f91651cd269b44b05fe457554bd195eed7a00baa2728941d7ed00ddcb1ab7410703e168b48e69b580dc8360495147cada48d539f80f03e175d67a18f3dc1473ac6e5293271109d8204b2aa134dab2453fcdd219ea291f307ca3c000180090001007866726d000000002c0002800800044000000005080002400000000005000300010000000800014000000002080002400000000308000b400000000214000000160a010100000000000000000300000084000000160a050000000000000000000a0000000900020073797a32000000000c00054000000000000000020c000380080001400000000008000740000000020c008380080002400000000314000380080002400000000808000140000000000c00054000000000000000010c00054000000000000000010900020073797a300000001939cdae6dc771fe08000000000000000007000002a0010000090a000c00000000000000000100000508000340000000100900020073797a30000000000c001040000000000000000564010980580102800c00018008000140000000030400018044000180080001400000000108000140000070aa08000140000000080800014000000006080001400000000608000140ffffffff080001400000000508000140000000663400018008000140000000060800014000000100080001400000043a0800014000000c310800014000000c75080001400001000134000180080001400000000808000140000001000800014000000008080001400000000f08000140000003ff08000140800000010c0001800800014000000bd92c0001800800014000000008080001400000f5a10800014000000005080001400000002608000140000000051400018008000140000000ff08000140000000044c000180080001400000095a080001400000000508000140000000000800014000000002080001400000007b0800014000000007080001400000049d080001400000000d0800014000000000080001400000000208000640ffffff001c000000020a010200000000000000000a000001080002400000000020000000080a01010000000000000000030000080c00034000000000000000041c000000120a0500000000000000000000000009080003400000000414000000110001000000"], 0x534}, 0x1, 0x0, 0x0, 0xc005}, 0x800)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
socket$key(0xf, 0x3, 0x2)
close(0xffffffffffffffff)
creat(&(0x7f0000000200)='./file0\x00', 0x109)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x7, &(0x7f0000000480)=ANY=[@ANYRES32, @ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000001000000850000008600000095", @ANYRESOCT, @ANYRESHEX, @ANYRESDEC=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
kexec_load(0x7, 0x1, &(0x7f00000003c0)=[{0x0, 0x0, 0x101, 0x3}], 0x3e0000)
socket$packet(0x11, 0x2, 0x300)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000100001000c000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x2000c080}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}}, 0x40)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

633.947127ms ago: executing program 0 (id=542):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2c, 0x3, "9ac420002e61afb9fdd672bad09dfb78c7699c74e891a0c7fffffffffffffff50000000000000000"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)

563.594824ms ago: executing program 2 (id=543):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000580)={<r1=>0x0, @broadcast, @initdev}, &(0x7f0000000800)=0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18020000000900000000025f37d298c9c9a5f0af1cd2c2d51118ced6c0891d7c4fbaed072e4f35122a1d45737f5657b418c10425fd24a6683ad8350fff959f90ce61052f9197255ebc0fe63c464cd1c66cdb7a0d42e6012b740c631e03ba52a1ea28649fd0a89da3e55c7e07239a2ec143fba0d9f9086fbf147c3aa034e0422be781a8057eaf720fe73a89d0bc28b9e9e84c0e"], 0x0, 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', r1}, 0x94)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x333, &(0x7f00000012c0)=ANY=[@ANYBLOB="120110037c8c0a40f30c0300cabd010203010902210302310020f809041502086a48dd0a09050e10080000090921056c1ccfe4c1b1e779d8adaeb3a7949365a6e01407ac85abf4fa56c52c9995b1d5052ff138d4c7adf67a534b2d813fbca9f195d16c91ff64667ffe0132d22ac5664dfa3f7a8ce494aaaec469882a134379d779ac4e480e3be8d1c6e6c122b7834dc6d19574f2ce7456552703d3d84e999a32039988e776f1be3aebddf1498a53fb98a0a535013249672892f3d1a9596d30ab9397b9dcc11a266e755366883610da10cd1b4a8439ea1a35ddd39dd9bcba467ec4a0759ada85d95e6f4ecf8690e4ce10b9b783b4920994e6b3c941b587e2eb795aefb5d5465f70cc18d91a3cff43c2834c5cfdefa44433575bb8bf832923793da8c60509050504ff03b7b401072501000e0200072501020209000905090cff038005d8f0f660f36020f0ab2d137c1668a3189922a3acd25708594780d3291c5634e9226c86f6c839c50b80da2e056ed1c23fe6ace524381596ea957be4c796fbe32e8407e368a91ca7b04eb38abd2a526865003ec0f9a5eae941b5fafce9a83bb8e0f016bf6b3cc52de8c8e9d19931ee3f5cb1bc5bff94998048c9abb9fd476246632a52f159b82b5a48b8e9880d0a4842c53d5606b3ae7bedf974c9f6e7a07ba1202b22b67c53d74c54ee7fe3c4ca3fbe2f87b63b764abe3a4d16a33b4170314d72c0bf6d8da4b97f31ef5bc777dfd5ff800ccda062a7239ce15050ab2826c1de46024a0612adb537a0464eb36b69bd916a640605b7b7d95e09050a020002080809090504100002974e010725010006040009050a00100001050a0905010110008d070a072501037f06004824e6f7dae0e457f235b53193236fb486c75bc872a93467caa5cdfc0757efe964ae38c3198081f6809f423cec4ff694560a438dd810d09d71552c816c562f0f4fb71346bd54b74e09050b02080000f9006e0d689f49b65ffe5a16cc145b60ddb00a96db11722908799dc1d54d75cb99dfa027da08779611fdc3ce912ccaea5d94bfa02bf207a4071c075d04675a617b33af988d5f4a070d1eabad672ca04c1fc23ffb81fa2d61a9b3d613e6b02be8f17897a17628f7e103002e95821ddaaf090478fe00b9fd0e40"], &(0x7f0000000980)={0xa, &(0x7f0000000840)={0xa, 0x6, 0x200, 0x4, 0xa2, 0x1, 0xff, 0x4}, 0x47, &(0x7f0000000b80)=ANY=[@ANYBLOB="050f4700050a10030208000501faff0710020889fcff03100b0a10030041060905050024100a02460000000ff009e0c000000000c00000003f00000f3f0000000000003000ff00981a25d030dd8dcdd2796d9a083cc0eeac99ad7ec305bb051e3c240ef216919ca50e263762b2bd607c52791cbaeaf19916c01f16f73f03f1262b0a78d07b2432980d191256cd889510dcdea899f26a9ff7eb78ecdd008a8258e6e1903950f3d590776eb53501c9e940d925472aede14739ac190f36f844e6822613a32bcafc87a715e57611b002222d2e7e4d2f30ef5091eb381bb36f1119adeb2c0306bd5c79c3b8780707656f7f45b97abe8e42e1391d3ca0cc5df865ad383f9ce8dd179c51c10bef6eda92cc572ff9cb1595996b6aad901c438f41692cefb021fc3e2dad739f84f33a"], 0x1, [{0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x862e}}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = fsopen(&(0x7f0000000040)='securityfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fspick(r4, &(0x7f00000002c0)='./file0\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0xe, 0x0, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x1000000000000008}, 0x18)
socket(0x10, 0x3, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r7 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r7, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

532.599027ms ago: executing program 0 (id=544):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x58)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd82, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, 0x0, &(0x7f0000000240)=r2}, 0x20)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000580)={<r3=>0x0, 0x3, 0x3, 0x1})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5000943f, &(0x7f0000001300)={{r2}, 0x0, 0xc, @unused=[0xfffffffffffffffa, 0xffffffff00000000, 0x9, 0xa6], @devid=r3})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000980)={&(0x7f0000000ac0)=ANY=[], 0x44}}, 0x8801)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(0xffffffffffffffff, 0xf502, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@dioread_lock}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")

360.780134ms ago: executing program 3 (id=545):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x18, &(0x7f00000001c0)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000e50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x245ce000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

314.753719ms ago: executing program 0 (id=546):
r0 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8, 0xa0}, &(0x7f0000010080), &(0x7f00000001c0))
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
chdir(&(0x7f0000000240)='./file0\x00') (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f0000000040)='./bus\x00', 0x200) (async)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000600)=@nat={'nat\x00', 0x670, 0x5, 0x510, 0x0, 0x228, 0xffffffff, 0x2e8, 0x3d0, 0x478, 0x478, 0xffffffff, 0x478, 0x478, 0x5, 0x0, {[{{@uncond, 0x0, 0x1f0, 0x228, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x5, 0xc, 'bm\x00', "0d01d3e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x79, 0x2, {0x1}}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@dev={0xfe, 0x80, '\x00', 0x10}, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], @ipv4=@dev={0xac, 0x14, 0x14, 0x29}, [0x0, 0xffffff00, 0xff000000], @ipv6=@local, [0xff000000, 0xff, 0x0, 0xff], @ipv4=@broadcast, [0xffffffff, 0xffffff00, 0xff], 0x7, 0x1, 0x5c, 0x4e20, 0x4e22, 0x4e24, 0x4e24, 0x804, 0x20c0}, 0x80, 0x2}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x2f, @rand_addr=0x64010100, @empty, @gre_key=0x1, @icmp_id=0x67}}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@icmp={{0x28}, {0x10, "89ce", 0x1}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'virt_wifi0\x00', 'veth1_vlan\x00', {}, {}, 0x0, 0x0, 0x40}, 0x0, 0xa0, 0xe8, 0x0, {}, [@common=@addrtype={{0x30}, {0x890, 0x218, 0x0, 0x1}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x16, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}, @ipv6=@private1, @icmp_id=0x65, @port=0x4e21}}}, {{@ip={@private=0xa010100, @rand_addr, 0x0, 0x0, 'nicvf0\x00', 'nr0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x570)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) (async)
r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@typedef={0x1, 0x0, 0x0, 0x8, 0x3}, @ptr, @type_tag={0x1, 0x0, 0x0, 0x12, 0x2}]}, {0x0, [0x2e]}}, 0x0, 0x3f, 0x0, 0x1}, 0x28) (async)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[], 0x0, 0x3f, 0x0, 0x8}, 0x28) (async)
fcntl$setlease(r4, 0x400, 0x1)
fremovexattr(r5, &(0x7f0000000040)=@random={'security.', '$+(B\x00'}) (async)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r6, &(0x7f0000002900)=[{&(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000100)="bf", 0x1}], 0x1, 0x0, 0x0, 0xc091}], 0x1, 0x80)
listen(r6, 0x6) (async)
sendmmsg$inet_sctp(r6, &(0x7f0000008c40)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbb4d8313e9605e3d}], 0x1, 0x41) (async)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r8, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x1c, r7, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000) (async)
sendmsg$NL80211_CMD_GET_REG(r4, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000c00)={0x1a8, r7, 0x300, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x41}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}, @NL80211_ATTR_REG_RULES={0x84, 0x22, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x9}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x69}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x800}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x10001}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x6ca}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x9}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xd7ea}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x2}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x200}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x7}, @NL80211_ATTR_REG_RULES={0xd8, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x3}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xfffffffd}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x4}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x3a}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x1ff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x3}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x3}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x10000}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x40000000}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xfe}]}, {0x54, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x1}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xffffffff}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x9}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xa}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x9}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x845}]}]}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x76}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x2}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x4}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x24000c00}, 0x4044) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r9}, 0x10) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000142020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000e02800850000007000000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r10, 0x0, 0x9}, 0x18) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) (async)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1)

183.238492ms ago: executing program 0 (id=547):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000e1b000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000100000028000000e7c492598c", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000400)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18)
r4 = shmget$private(0x0, 0x400000, 0x184, &(0x7f0000c00000/0x400000)=nil)
shmat(r4, &(0x7f0000f62000/0x1000)=nil, 0x7000)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x6083, 0x3)
mbind(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x8002, &(0x7f0000000180)=0x3ff, 0xc, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = syz_io_uring_setup(0x9e, &(0x7f0000000100)={0x0, 0x80da61, 0x1, 0x20000000, 0x40000337}, &(0x7f0000000240), &(0x7f00000001c0))
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000540)='kmem_cache_free\x00', r7}, 0x14)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r9, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)
getrlimit(0x0, &(0x7f0000000280))
io_uring_enter(r5, 0x47ba, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0)

141.995316ms ago: executing program 0 (id=548):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x4e, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa4910075ad2b986dd604dd7080018060020010000000000000000000000000001fe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="60733fe38765d36564f1ca3e06115202000290780000020404ad8800"], 0x0)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000040)='./file1\x00', 0x7f7)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
r3 = open(&(0x7f0000000000)='./bus\x00', 0x4427e, 0x9a)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000040)="858205", 0x3}], 0x1, 0x1400, 0x0, 0x1)
mknod$loop(&(0x7f00000000c0)='./file0\x00', 0xc000, 0x1)
sendfile(r1, r3, 0x0, 0x3)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000080)={0x9, 0x5, 0x8, 0x8})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x5}, 0x2000, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x18)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xe, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000280), 0xe}, 0x10e11, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x5)
syz_clone3(&(0x7f00000003c0)={0x12b125400, &(0x7f00000000c0), 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff})
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
write$cgroup_pid(r8, &(0x7f0000000000), 0xffffff98)
splice(r7, 0x0, r8, 0x0, 0xc, 0x0)

96.248841ms ago: executing program 3 (id=549):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2c, 0x3, "9ac420002e61afb9fdd672bad09dfb78c7699c74e891a0c7fffffffffffffff50000000000000000"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})

68.029914ms ago: executing program 3 (id=550):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='\x00\x00\x00p', @ANYRES16=r1, @ANYBLOB="010003000000ffdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18efffffffffe04b00000000000088d924d8dac4", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7fff}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000800)={'team0\x00', <r5=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000940)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000900)={&(0x7f0000000840)=ANY=[@ANYBLOB="b80000001d33000226bd7000fedbdf250c001c00", @ANYRES32=r5, @ANYBLOB="0000000014000e00e000000200000000000000000000000038001700070000002dbd700027bd70002dbd700026bd7000080000000008000008000000090000006d87000004000000008000000400000028001a00fc000000000000000000000000000000ac1414aa0000000000000000000000000a00360110000a002cbd700026bd70000200000008001d00ea94000005001900cc0000000800180000020000"], 0xb8}, 0x1, 0x0, 0x0, 0x40000}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000003c0)={&(0x7f0000000140)={0x2c, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x10}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40041}, 0x10)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
r7 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000040)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x2, 0x2], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20008010)

32.798417ms ago: executing program 4 (id=551):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc823000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x602100, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'batadv0\x00', 0x112})
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000040)=r0)
close(r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001880)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000100)='\x00\x00', 0x2}, {&(0x7f0000000200)="960c00004500", 0x6}], 0x2}, 0x2c000800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r7, 0x0, 0x1}, 0x18)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r9, 0x0, 0x60, &(0x7f0000000600)={'filter\x00', 0xb001, 0x4, 0x3d0, 0x0, 0xe8, 0x1f8, 0x2e8, 0x2e8, 0x2e8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@uncond, 0xc0, 0x110, 0x0, {0x0, 0x1e03}}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @multicast2, 0x2}}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'netpci0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r10 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x201, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r10, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a68100d7c727e7d63c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028642b17832b10b386a6f73791010500a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ed7eff0d26ff199ee1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd1445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c00"})
ioctl$USBDEVFS_CONTROL(r10, 0xc0185500, 0x0)
syz_read_part_table(0x105c, &(0x7f0000000140)="$eJzszzFqAkEYBeA3YXeTNGGvkDqn2LRaaGErHsEbWHgWBT2FFxNll0XEXkT4vmKY+efx4A+vVe4flyRfD4FqOIfpaXObTs7rz+8kv822+xi+Sx/p2uz+//LTjsXTkkPXpLT12JN6v5rN+8syVRbHZ68HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO/gGgAA//9leQsA")

472.44µs ago: executing program 1 (id=552):
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r0 = eventfd2(0x0, 0x0)
io_setup(0x81, 0x0)
read$eventfd(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000240)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001980)=ANY=[@ANYBLOB="0b01040539010000ce000000050000001602000003000000000000000000000050308fdfeb5c88ba300aca0eacd41cea9f510dbe5d36292470d667cb281bd58d13d34fa36c9f2807a7b1d8f500baca8e0e812d129a070f7e691e46a2419693ab8c00eefb02e5000000000000000000000000000000000000000000000000000000000000000000000000000000003d17000000000000000000000000000000000000000000000000000000000000000d0c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d9244777876979f500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b00000000000000000000000066ee11f9d574b581d5593e8177147542ad57c37f25cbde0d07e4c075cb9a2efd70915a796c3daa02840311e0b346412c5794520adbefe9ab40bd3054da77c055be958b90882dfb6a3337309eaec780f40b3bb01128926942de11fd292ba8dd9340ac8187c85456a4c7078bbff9c48a86b952a2c53a995bbbd86ac4fa97f017c74b75a1a6532ae63e6b61a90c30861e3675745f000cf06b"], 0x466)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={&(0x7f0000000140), 0xc, 0x0, 0x1, 0x0, 0x0, 0xc005}, 0x800)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a0b160000000000000000020000083c000480340001800b0001006e756d67656e000024000280080001400000000308000440000000000340000000010900010073797a3000fb8013172c952b2ec9cfc627b78ed10000000900020073797a3200000000140000001100010000000000000000000500000a00000000000000000000c980591b91280c7a4c624ccf9efdc0bde50eeb739aaa91b07f50ac53bc41c21d2d58f5acde45d6d46426e11fc6b576bc3e8ab84f2102001a23342cb28d515fad5034"], 0x8c}, 0x1, 0x0, 0x0, 0x850}, 0x4040080)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030003130000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af05000600000000000a004e2400000004ff010000000000000000000000000001000000000000000002000100000000000000070c0100000005000500000000000a004e2400000009000000000000000000000000000000000600000000000000020013000300000029bd7000033500002034c2d5e50aa90f3b6ed7201c896d077942dae77d68a54a"], 0x98}, 0x1, 0x7}, 0x8890)
close(0xffffffffffffffff)
creat(&(0x7f0000000200)='./file0\x00', 0x109)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x7, &(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000001000000850000008600000095", @ANYRESOCT=r4, @ANYRESHEX, @ANYRESDEC=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
kexec_load(0x7, 0x1, &(0x7f00000003c0)=[{0x0, 0x0, 0x101, 0x3}], 0x3e0000)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000100001000c000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x2000c080}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}}, 0x40)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r7, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00'}, 0x10)

0s ago: executing program 3 (id=553):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r0, 0x0, 0x20008001)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$inet6(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000600)="e5f1fddfe175759743a2d6055bef6ad67f4806ff6ac3a9", 0x17}], 0x1}, 0x20000044)

kernel console output (not intermixed with test programs):

ute type 2 has an invalid length.
[   35.249614][ T3760] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   35.275589][ T3750] loop1: detected capacity change from 0 to 8192
[   35.311996][ T3769] loop4: detected capacity change from 0 to 512
[   35.319225][ T3769] EXT4-fs: Ignoring removed nomblk_io_submit option
[   35.327220][ T3306]  loop1: p1 p2 p3 p4
[   35.328880][ T3771] __nla_validate_parse: 9 callbacks suppressed
[   35.328894][ T3771] netlink: 72 bytes leftover after parsing attributes in process `syz.3.84'.
[   35.332310][ T3769] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   35.355039][ T3771] loop3: detected capacity change from 0 to 512
[   35.359963][ T3769] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   35.376634][ T3306] loop1: p3 start 331777 is beyond EOD, truncated
[   35.377369][ T3771] EXT4-fs (loop3): orphan cleanup on readonly fs
[   35.383089][ T3306] loop1: p4 size 262238 extends beyond EOD, truncated
[   35.401977][ T3769] EXT4-fs (loop4): 1 truncate cleaned up
[   35.408515][ T3769] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.421171][ T3750]  loop1: p1 p2 p3 p4
[   35.421475][ T3771] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.84: bad orphan inode 13
[   35.435785][ T3771] ext4_test_bit(bit=12, block=18) = 1
[   35.441235][ T3771] is_bad_inode(inode)=0
[   35.445458][ T3771] NEXT_ORPHAN(inode)=2130706432
[   35.450358][ T3771] max_ino=32
[   35.453606][ T3771] i_nlink=1
[   35.457855][ T3750] loop1: p3 start 331777 is beyond EOD, truncated
[   35.464353][ T3750] loop1: p4 size 262238 extends beyond EOD, truncated
[   35.492128][ T3776] FAULT_INJECTION: forcing a failure.
[   35.492128][ T3776] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   35.498024][ T1035] IPVS: starting estimator thread 0...
[   35.505227][ T3776] CPU: 1 UID: 0 PID: 3776 Comm: syz.1.86 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   35.505256][ T3776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   35.505269][ T3776] Call Trace:
[   35.505276][ T3776]  <TASK>
[   35.505284][ T3776]  __dump_stack+0x1d/0x30
[   35.505310][ T3776]  dump_stack_lvl+0xe8/0x140
[   35.505342][ T3776]  dump_stack+0x15/0x1b
[   35.505425][ T3776]  should_fail_ex+0x265/0x280
[   35.505445][ T3776]  should_fail+0xb/0x20
[   35.505463][ T3776]  should_fail_usercopy+0x1a/0x20
[   35.505556][ T3776]  _copy_from_user+0x1c/0xb0
[   35.505591][ T3776]  ___sys_sendmsg+0xc1/0x1d0
[   35.505624][ T3776]  __x64_sys_sendmsg+0xd4/0x160
[   35.505648][ T3776]  x64_sys_call+0x191e/0x3000
[   35.505701][ T3776]  do_syscall_64+0xd2/0x200
[   35.505724][ T3776]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   35.505757][ T3776]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   35.505794][ T3776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   35.505868][ T3776] RIP: 0033:0x7f9e296cf6c9
[   35.505884][ T3776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   35.505904][ T3776] RSP: 002b:00007f9e28137038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   35.505924][ T3776] RAX: ffffffffffffffda RBX: 00007f9e29925fa0 RCX: 00007f9e296cf6c9
[   35.505938][ T3776] RDX: 0000000010008054 RSI: 0000200000000cc0 RDI: 0000000000000005
[   35.505952][ T3776] RBP: 00007f9e28137090 R08: 0000000000000000 R09: 0000000000000000
[   35.505965][ T3776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   35.505999][ T3776] R13: 00007f9e29926038 R14: 00007f9e29925fa0 R15: 00007ffd4c5870c8
[   35.506019][ T3776]  </TASK>
[   35.507700][ T3771] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   35.512359][ T3769] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   35.565005][ T3777] syz_tun: entered allmulticast mode
[   35.610734][ T3771] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   35.668028][ T3768] syz_tun: left allmulticast mode
[   35.670365][ T3778] IPVS: using max 2640 ests per chain, 132000 per kthread
[   35.728774][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.751211][ T3771] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.84: bg 0: block 248: padding at end of block bitmap is not set
[   35.768062][ T3780] netlink: 14 bytes leftover after parsing attributes in process `syz.1.87'.
[   35.777288][ T3786] netlink: 20 bytes leftover after parsing attributes in process `syz.4.88'.
[   35.802584][ T3771] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.84: Failed to acquire dquot type 1
[   35.823723][ T3771] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   35.853252][ T3792] loop4: detected capacity change from 0 to 1024
[   35.863295][ T3792] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   35.889672][ T3792] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.91: Invalid block bitmap block 0 in block_group 0
[   35.910841][ T3792] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.91: Failed to acquire dquot type 0
[   35.923575][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.934538][ T3792] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.91: Freeing blocks not in datazone - block = 0, count = 4096
[   35.953834][ T3792] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.91: Invalid inode bitmap blk 0 in block_group 0
[   35.968475][ T3792] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   35.977196][ T3792] EXT4-fs (loop4): 1 orphan inode deleted
[   35.983101][   T52] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0
[   35.983574][ T3796] loop3: detected capacity change from 0 to 1024
[   35.994927][ T3792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.041126][ T3796] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   36.052683][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.076056][ T3796] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.92: Invalid block bitmap block 0 in block_group 0
[   36.140918][ T3796] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.92: Failed to acquire dquot type 0
[   36.153577][ T3796] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.92: Freeing blocks not in datazone - block = 0, count = 4096
[   36.190011][ T3796] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.92: Invalid inode bitmap blk 0 in block_group 0
[   36.209549][ T2805] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 0
[   36.225374][ T3796] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   36.250683][ T3796] EXT4-fs (loop3): 1 orphan inode deleted
[   36.260119][ T3796] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.272996][ T3814] netlink: 20 bytes leftover after parsing attributes in process `syz.1.100'.
[   36.291009][ T3388] tipc: Node number set to 2886997007
[   36.323864][ T3816] loop2: detected capacity change from 0 to 1024
[   36.333737][ T3816] EXT4-fs: Ignoring removed mblk_io_submit option
[   36.351267][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.399699][ T3816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.413577][ T3816] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   36.434757][ T3816] FAULT_INJECTION: forcing a failure.
[   36.434757][ T3816] name failslab, interval 1, probability 0, space 0, times 0
[   36.447451][ T3816] CPU: 0 UID: 0 PID: 3816 Comm: syz.2.101 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   36.447545][ T3816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   36.447557][ T3816] Call Trace:
[   36.447563][ T3816]  <TASK>
[   36.447570][ T3816]  __dump_stack+0x1d/0x30
[   36.447593][ T3816]  dump_stack_lvl+0xe8/0x140
[   36.447614][ T3816]  dump_stack+0x15/0x1b
[   36.447632][ T3816]  should_fail_ex+0x265/0x280
[   36.447858][ T3816]  should_failslab+0x8c/0xb0
[   36.447891][ T3816]  __kmalloc_noprof+0xa5/0x570
[   36.447921][ T3816]  ? ext4_find_extent+0x16b/0x7a0
[   36.447949][ T3816]  ext4_find_extent+0x16b/0x7a0
[   36.448037][ T3816]  ext4_ext_map_blocks+0x11f/0x38a0
[   36.448118][ T3816]  ? ext4_es_lookup_extent+0x352/0x4f0
[   36.448210][ T3816]  ext4_map_blocks+0x5ee/0xd00
[   36.448244][ T3816]  ? __account_obj_stock+0x211/0x350
[   36.448318][ T3816]  _ext4_get_block+0x10a/0x350
[   36.448357][ T3816]  ext4_get_block+0x39/0x50
[   36.448427][ T3816]  ext4_block_write_begin+0x5e8/0xc00
[   36.448450][ T3816]  ? __pfx_ext4_get_block+0x10/0x10
[   36.448486][ T3816]  ? folio_mapping+0xb9/0xe0
[   36.448521][ T3816]  ext4_write_begin+0x647/0xeb0
[   36.448643][ T3816]  ext4_da_write_begin+0x1fb/0x6e0
[   36.448680][ T3816]  ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0
[   36.448714][ T3816]  generic_perform_write+0x184/0x490
[   36.448803][ T3816]  ext4_buffered_write_iter+0x1ee/0x3c0
[   36.448828][ T3816]  ? ext4_file_write_iter+0xfe/0xf60
[   36.448861][ T3816]  ext4_file_write_iter+0x387/0xf60
[   36.448943][ T3816]  ? path_openat+0x1bf8/0x2170
[   36.448974][ T3816]  do_iter_readv_writev+0x4a1/0x540
[   36.449018][ T3816]  vfs_writev+0x2df/0x8b0
[   36.449065][ T3816]  __se_sys_pwritev2+0xfc/0x1c0
[   36.449155][ T3816]  __x64_sys_pwritev2+0x67/0x80
[   36.449191][ T3816]  x64_sys_call+0x2c59/0x3000
[   36.449287][ T3816]  do_syscall_64+0xd2/0x200
[   36.449312][ T3816]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   36.449347][ T3816]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   36.449388][ T3816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.449432][ T3816] RIP: 0033:0x7f46fe90f6c9
[   36.449450][ T3816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.449534][ T3816] RSP: 002b:00007f46fd36f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   36.449556][ T3816] RAX: ffffffffffffffda RBX: 00007f46feb65fa0 RCX: 00007f46fe90f6c9
[   36.449571][ T3816] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000005
[   36.449585][ T3816] RBP: 00007f46fd36f090 R08: 0000000000000000 R09: 0000000000000000
[   36.449600][ T3816] R10: 0000000000005405 R11: 0000000000000246 R12: 0000000000000002
[   36.449645][ T3816] R13: 00007f46feb66038 R14: 00007f46feb65fa0 R15: 00007ffeaa8062a8
[   36.449672][ T3816]  </TASK>
[   36.730566][ T3825] siw: device registration error -23
[   36.739432][ T3829] C: renamed from team_slave_0 (while UP)
[   36.746998][ T3829] netlink: 'syz.1.105': attribute type 2 has an invalid length.
[   36.754687][ T3829] netlink: 116 bytes leftover after parsing attributes in process `syz.1.105'.
[   36.763708][ T3829] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   36.767610][ T3825] netlink: 'syz.3.104': attribute type 13 has an invalid length.
[   36.786617][ T3825] netlink: 24 bytes leftover after parsing attributes in process `syz.3.104'.
[   36.787148][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.976276][ T3853] netlink: 14 bytes leftover after parsing attributes in process `syz.3.116'.
[   36.990005][ T3853] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   37.002573][ T3853] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   37.012859][ T3853] bond0 (unregistering): Released all slaves
[   37.077224][ T3856] FAULT_INJECTION: forcing a failure.
[   37.077224][ T3856] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   37.090365][ T3856] CPU: 0 UID: 0 PID: 3856 Comm: syz.3.117 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.090419][ T3856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   37.090431][ T3856] Call Trace:
[   37.090438][ T3856]  <TASK>
[   37.090490][ T3856]  __dump_stack+0x1d/0x30
[   37.090512][ T3856]  dump_stack_lvl+0xe8/0x140
[   37.090541][ T3856]  dump_stack+0x15/0x1b
[   37.090547][ T3839] loop2: detected capacity change from 0 to 32768
[   37.090562][ T3856]  should_fail_ex+0x265/0x280
[   37.090620][ T3856]  should_fail+0xb/0x20
[   37.090642][ T3856]  should_fail_usercopy+0x1a/0x20
[   37.090667][ T3856]  _copy_from_user+0x1c/0xb0
[   37.090697][ T3856]  ___sys_sendmsg+0xc1/0x1d0
[   37.090730][ T3856]  __x64_sys_sendmsg+0xd4/0x160
[   37.090755][ T3856]  x64_sys_call+0x191e/0x3000
[   37.090798][ T3856]  do_syscall_64+0xd2/0x200
[   37.090822][ T3856]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   37.090868][ T3856]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   37.090907][ T3856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.090931][ T3856] RIP: 0033:0x7fae98b2f6c9
[   37.090948][ T3856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.091006][ T3856] RSP: 002b:00007fae97597038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   37.091026][ T3856] RAX: ffffffffffffffda RBX: 00007fae98d85fa0 RCX: 00007fae98b2f6c9
[   37.091112][ T3856] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[   37.091126][ T3856] RBP: 00007fae97597090 R08: 0000000000000000 R09: 0000000000000000
[   37.091140][ T3856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.091153][ T3856] R13: 00007fae98d86038 R14: 00007fae98d85fa0 R15: 00007ffeb147dce8
[   37.091211][ T3856]  </TASK>
[   37.124954][ T3858] netlink: 12 bytes leftover after parsing attributes in process `syz.3.118'.
[   37.292893][ T3306]  loop2: p1 p2 p3 < > p4 < p5 p6 >
[   37.309774][ T3306] loop2: p1 start 460800 is beyond EOD, truncated
[   37.316278][ T3306] loop2: p2 size 83886080 extends beyond EOD, truncated
[   37.327960][ T3306] loop2: p5 start 460800 is beyond EOD, truncated
[   37.334642][ T3306] loop2: p6 size 83886080 extends beyond EOD, truncated
[   37.353868][ T3839]  loop2: p1 p2 p3 < > p4 < p5 p6 >
[   37.360163][ T3839] loop2: p1 start 460800 is beyond EOD, truncated
[   37.366651][ T3839] loop2: p2 size 83886080 extends beyond EOD, truncated
[   37.386959][ T3870] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.397369][ T3872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.123'.
[   37.407657][ T3839] loop2: p5 start 460800 is beyond EOD, truncated
[   37.414131][ T3839] loop2: p6 size 83886080 extends beyond EOD, truncated
[   37.432597][ T3872] loop3: detected capacity change from 0 to 164
[   37.464652][ T3870] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.513200][ T3882] loop3: detected capacity change from 0 to 512
[   37.524642][ T3885] netlink: 72 bytes leftover after parsing attributes in process `syz.1.127'.
[   37.544938][ T3870] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.572411][ T3882] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002]
[   37.575076][ T3885] loop1: detected capacity change from 0 to 512
[   37.582092][ T3882] System zones: 1-3, 19-19, 35-38
[   37.604826][ T3885] EXT4-fs (loop1): orphan cleanup on readonly fs
[   37.613561][ T3887] loop2: detected capacity change from 0 to 512
[   37.621771][ T3870] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   37.632972][ T3885] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.127: bad orphan inode 13
[   37.638787][ T3882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.645106][ T3885] ext4_test_bit(bit=12, block=18) = 1
[   37.657200][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   37.661007][ T3885] is_bad_inode(inode)=0
[   37.674809][ T3885] NEXT_ORPHAN(inode)=2130706432
[   37.679637][ T3885] max_ino=32
[   37.682838][ T3885] i_nlink=1
[   37.687017][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   37.687054][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   37.701316][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory
[   37.708013][ T3887] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.128: inode has both inline data and extents flags
[   37.729356][ T3882] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   37.730928][ T3887] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.128: couldn't read orphan inode 15 (err -117)
[   37.741503][ T3885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   37.757298][ T3887] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.768971][ T3882] can0: slcan on ttyS3.
[   37.800566][ T3885] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   37.813708][ T3887] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   37.834665][ T2805] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   37.843277][    C0] hrtimer: interrupt took 28135 ns
[   37.851246][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   37.851278][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   37.862406][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory
[   37.889929][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   37.909576][ T3885] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.127: bg 0: block 248: padding at end of block bitmap is not set
[   37.913270][ T2805] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   37.937803][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.957493][ T2805] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   37.967771][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   37.967767][ T3885] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.127: Failed to acquire dquot type 1
[   37.969722][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   37.988990][ T2805] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.007789][ T3885] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   38.033910][ T3907] netlink: 'syz.4.131': attribute type 2 has an invalid length.
[   38.041613][ T3907] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   38.070631][ T3881] can0 (unregistered): slcan off ttyS3.
[   38.102141][ T3905] loop2: detected capacity change from 0 to 2048
[   38.119229][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.130045][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.151692][ T3905] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.174522][ T3905] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   38.293452][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.314435][ T3939] FAULT_INJECTION: forcing a failure.
[   38.314435][ T3939] name failslab, interval 1, probability 0, space 0, times 0
[   38.314497][ T3939] CPU: 1 UID: 0 PID: 3939 Comm: syz.3.140 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   38.314526][ T3939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   38.314540][ T3939] Call Trace:
[   38.314548][ T3939]  <TASK>
[   38.314556][ T3939]  __dump_stack+0x1d/0x30
[   38.314583][ T3939]  dump_stack_lvl+0xe8/0x140
[   38.314607][ T3939]  dump_stack+0x15/0x1b
[   38.314628][ T3939]  should_fail_ex+0x265/0x280
[   38.314727][ T3939]  ? kobject_uevent_env+0x1c0/0x570
[   38.314762][ T3939]  should_failslab+0x8c/0xb0
[   38.314840][ T3939]  __kmalloc_cache_noprof+0x4c/0x4a0
[   38.314978][ T3939]  kobject_uevent_env+0x1c0/0x570
[   38.315083][ T3939]  ? device_pm_check_callbacks+0x683/0x6a0
[   38.315119][ T3939]  kobject_uevent+0x1d/0x30
[   38.315307][ T3939]  device_del+0x710/0x790
[   38.315332][ T3939]  device_destroy+0x66/0xa0
[   38.315358][ T3939]  vcs_remove_sysfs+0x21/0x60
[   38.315385][ T3939]  vc_deallocate+0xfc/0x250
[   38.315411][ T3939]  vt_disallocate_all+0x175/0x200
[   38.315533][ T3939]  vt_ioctl+0x1592/0x18a0
[   38.315557][ T3939]  ? tty_jobctrl_ioctl+0x29e/0x810
[   38.315590][ T3939]  tty_ioctl+0x7d8/0xb80
[   38.315613][ T3939]  ? __pfx_tty_ioctl+0x10/0x10
[   38.315731][ T3939]  __se_sys_ioctl+0xce/0x140
[   38.315753][ T3939]  __x64_sys_ioctl+0x43/0x50
[   38.315811][ T3939]  x64_sys_call+0x1816/0x3000
[   38.315836][ T3939]  do_syscall_64+0xd2/0x200
[   38.315857][ T3939]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   38.315886][ T3939]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   38.315958][ T3939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.315982][ T3939] RIP: 0033:0x7fae98b2f6c9
[   38.315999][ T3939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.316016][ T3939] RSP: 002b:00007fae97597038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   38.316084][ T3939] RAX: ffffffffffffffda RBX: 00007fae98d85fa0 RCX: 00007fae98b2f6c9
[   38.316097][ T3939] RDX: 0000000000000000 RSI: 0000000000005608 RDI: 0000000000000004
[   38.316109][ T3939] RBP: 00007fae97597090 R08: 0000000000000000 R09: 0000000000000000
[   38.316124][ T3939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.316137][ T3939] R13: 00007fae98d86038 R14: 00007fae98d85fa0 R15: 00007ffeb147dce8
[   38.316234][ T3939]  </TASK>
[   38.388137][ T3942] wg1 speed is unknown, defaulting to 1000
[   38.393404][ T3934] loop1: detected capacity change from 0 to 512
[   38.532090][ T3934] EXT4-fs (loop1): orphan cleanup on readonly fs
[   38.536413][ T3934] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.139: bad orphan inode 13
[   38.536817][ T3934] ext4_test_bit(bit=12, block=18) = 1
[   38.536831][ T3934] is_bad_inode(inode)=0
[   38.536838][ T3934] NEXT_ORPHAN(inode)=2130706432
[   38.536845][ T3934] max_ino=32
[   38.536851][ T3934] i_nlink=1
[   38.537488][ T3934] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   38.541105][ T3934] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   38.551242][ T3934] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.139: bg 0: block 248: padding at end of block bitmap is not set
[   38.551497][ T3934] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.139: Failed to acquire dquot type 1
[   38.551807][ T3934] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   38.576239][ T3954] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.653128][ T3954] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   38.662076][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.694340][ T3954] process 'syz.2.143' launched '/dev/fd/11' with NULL argv: empty string added
[   38.833600][ T3969] loop4: detected capacity change from 0 to 512
[   38.842608][ T3969] EXT4-fs (loop4): orphan cleanup on readonly fs
[   38.842916][ T3969] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.147: bad orphan inode 13
[   38.843024][ T3969] ext4_test_bit(bit=12, block=18) = 1
[   38.843162][ T3969] is_bad_inode(inode)=0
[   38.843169][ T3969] NEXT_ORPHAN(inode)=2130706432
[   38.843176][ T3969] max_ino=32
[   38.843182][ T3969] i_nlink=1
[   38.843260][ T3965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.843359][ T3965] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   38.843712][ T3969] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   38.849697][ T3969] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   38.851543][ T3969] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.147: bg 0: block 248: padding at end of block bitmap is not set
[   38.851759][ T3969] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.147: Failed to acquire dquot type 1
[   38.851937][ T3969] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   38.864021][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.071951][ T3974] loop0: detected capacity change from 0 to 2048
[   39.082178][ T3974] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.082355][ T3974] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.094213][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.180273][ T3983] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   39.341299][ T3983] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   39.384126][ T3983] bond0 (unregistering): Released all slaves
[   39.426265][ T3992] loop1: detected capacity change from 0 to 512
[   39.449800][ T3998] loop2: detected capacity change from 0 to 512
[   39.463472][ T4000] loop4: detected capacity change from 0 to 1024
[   39.466329][ T3992] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.155: inode has both inline data and extents flags
[   39.493931][ T4000] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   39.504908][ T3992] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.155: couldn't read orphan inode 15 (err -117)
[   39.517372][ T3992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.530480][ T4000] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.159: Invalid block bitmap block 0 in block_group 0
[   39.544592][ T3998] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.158: inode has both inline data and extents flags
[   39.546311][ T3992] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   39.561231][ T3998] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.158: couldn't read orphan inode 15 (err -117)
[   39.584225][ T4000] __quota_error: 865 callbacks suppressed
[   39.584240][ T4000] Quota error (device loop4): write_blk: dquota write failed
[   39.584683][ T3998] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.589997][ T4000] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   39.617168][ T3998] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   39.634054][ T4000] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.159: Failed to acquire dquot type 0
[   39.645484][ T4000] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.159: Freeing blocks not in datazone - block = 0, count = 4096
[   39.685585][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.695025][ T4000] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.159: Invalid inode bitmap blk 0 in block_group 0
[   39.707922][   T99] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-7
[   39.716921][   T99] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 0
[   39.728495][ T4000] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   39.737123][   T29] audit: type=1326 audit(1763081924.179:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4009 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   39.760505][   T29] audit: type=1326 audit(1763081924.179:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4009 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   39.783729][   T29] audit: type=1326 audit(1763081924.179:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4009 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   39.807627][   T29] audit: type=1326 audit(1763081924.199:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4009 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   39.809291][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.830966][   T29] audit: type=1326 audit(1763081924.199:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4009 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   39.840063][ T4000] EXT4-fs (loop4): 1 orphan inode deleted
[   39.863257][   T29] audit: type=1326 audit(1763081924.199:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4009 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   39.892254][   T29] audit: type=1326 audit(1763081924.199:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4009 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   39.916140][ T4000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.972825][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.987382][ T4016] loop1: detected capacity change from 0 to 512
[   40.019465][ T4016] EXT4-fs (loop1): orphan cleanup on readonly fs
[   40.026397][ T4016] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.162: bad orphan inode 13
[   40.036776][ T4016] ext4_test_bit(bit=12, block=18) = 1
[   40.042223][ T4016] is_bad_inode(inode)=0
[   40.046370][ T4016] NEXT_ORPHAN(inode)=2130706432
[   40.051303][ T4016] max_ino=32
[   40.054723][ T4016] i_nlink=1
[   40.058964][ T4016] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   40.078835][ T4016] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   40.157876][ T4016] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.162: bg 0: block 248: padding at end of block bitmap is not set
[   40.172439][ T4030] loop2: detected capacity change from 0 to 512
[   40.178928][ T4016] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.162: Failed to acquire dquot type 1
[   40.191274][ T4016] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   40.232223][ T4030] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.169: inode has both inline data and extents flags
[   40.253024][ T4030] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.169: couldn't read orphan inode 15 (err -117)
[   40.264884][ T4038] loop4: detected capacity change from 0 to 512
[   40.265443][ T4030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.273131][ T4038] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.172: inode has both inline data and extents flags
[   40.287455][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.312312][ T4038] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.172: couldn't read orphan inode 15 (err -117)
[   40.335733][ T4017] loop3: detected capacity change from 0 to 32768
[   40.342808][ T4038] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.353303][ T4030] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   40.380455][ T4038] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   40.420777][ T3551]  loop3: p1 p2 p3 < > p4 < p5 p6 >
[   40.429488][ T3551] loop3: p1 start 460800 is beyond EOD, truncated
[   40.429894][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.435962][ T3551] loop3: p2 size 83886080 extends beyond EOD, truncated
[   40.446273][ T3551] loop3: p5 start 460800 is beyond EOD, truncated
[   40.458432][ T3551] loop3: p6 size 83886080 extends beyond EOD, truncated
[   40.467619][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.497213][ T4017]  loop3: p1 p2 p3 < > p4 < p5 p6 >
[   40.503348][ T4017] loop3: p1 start 460800 is beyond EOD, truncated
[   40.509790][ T4017] loop3: p2 size 83886080 extends beyond EOD, truncated
[   40.525825][ T4017] loop3: p5 start 460800 is beyond EOD, truncated
[   40.532396][ T4017] loop3: p6 size 83886080 extends beyond EOD, truncated
[   40.532599][ T4050] loop4: detected capacity change from 0 to 1024
[   40.545822][ T4052] loop1: detected capacity change from 0 to 512
[   40.562621][ T4050] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   40.583907][ T4052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.596685][ T4052] ext4 filesystem being mounted at /31/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   40.602708][ T4050] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.176: Invalid block bitmap block 0 in block_group 0
[   40.620731][ T4050] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.176: Failed to acquire dquot type 0
[   40.632185][ T4050] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.176: Freeing blocks not in datazone - block = 0, count = 4096
[   40.646558][ T4050] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.176: Invalid inode bitmap blk 0 in block_group 0
[   40.660700][ T4050] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   40.669337][ T4050] EXT4-fs (loop4): 1 orphan inode deleted
[   40.676299][   T42] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[   40.696543][ T4050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.712675][ T4052] __nla_validate_parse: 6 callbacks suppressed
[   40.712688][ T4052] netlink: 100 bytes leftover after parsing attributes in process `syz.1.177'.
[   40.790970][ T4064] netlink: 72 bytes leftover after parsing attributes in process `syz.3.180'.
[   40.804201][ T4064] loop3: detected capacity change from 0 to 512
[   40.849933][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.863530][ T4064] EXT4-fs (loop3): orphan cleanup on readonly fs
[   40.888440][ T4064] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.180: bad orphan inode 13
[   40.906728][ T4075] netlink: 20 bytes leftover after parsing attributes in process `syz.4.181'.
[   40.918631][ T4064] ext4_test_bit(bit=12, block=18) = 1
[   40.924095][ T4064] is_bad_inode(inode)=0
[   40.928289][ T4064] NEXT_ORPHAN(inode)=2130706432
[   40.933168][ T4064] max_ino=32
[   40.936360][ T4064] i_nlink=1
[   40.982323][ T4064] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   40.998078][ T4064] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   41.028268][ T4064] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.180: bg 0: block 248: padding at end of block bitmap is not set
[   41.058520][ T4064] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.180: Failed to acquire dquot type 1
[   41.070152][ T4064] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   41.101305][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.118175][ T4082] syzkaller0: entered allmulticast mode
[   41.125541][ T4082] syzkaller0: entered promiscuous mode
[   41.132871][ T4082] syzkaller0 (unregistering): left allmulticast mode
[   41.139571][ T4082] syzkaller0 (unregistering): left promiscuous mode
[   41.205218][ T4085] netlink: 8 bytes leftover after parsing attributes in process `syz.3.185'.
[   41.387223][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.404895][ T4090] netlink: 72 bytes leftover after parsing attributes in process `syz.4.187'.
[   41.436359][ T4093] netlink: 'syz.1.189': attribute type 3 has an invalid length.
[   41.474156][ T4094] loop4: detected capacity change from 0 to 512
[   41.504605][ T4094] EXT4-fs (loop4): orphan cleanup on readonly fs
[   41.511715][ T4094] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.187: bad orphan inode 13
[   41.522283][ T4094] ext4_test_bit(bit=12, block=18) = 1
[   41.527666][ T4094] is_bad_inode(inode)=0
[   41.531871][ T4094] NEXT_ORPHAN(inode)=2130706432
[   41.536733][ T4094] max_ino=32
[   41.539957][ T4094] i_nlink=1
[   41.543823][ T4094] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.559669][ T4094] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   41.580511][ T4094] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.187: bg 0: block 248: padding at end of block bitmap is not set
[   41.652276][ T4094] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.187: Failed to acquire dquot type 1
[   41.668956][ T4094] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   41.706695][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.739883][ T4110] netlink: 72 bytes leftover after parsing attributes in process `syz.3.195'.
[   41.753819][ T4110] loop3: detected capacity change from 0 to 512
[   41.765672][ T4110] EXT4-fs (loop3): orphan cleanup on readonly fs
[   41.835887][ T4110] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.195: bad orphan inode 13
[   41.857550][ T4115] netlink: 12 bytes leftover after parsing attributes in process `syz.4.196'.
[   41.867408][ T4110] ext4_test_bit(bit=12, block=18) = 1
[   41.872847][ T4110] is_bad_inode(inode)=0
[   41.877010][ T4110] NEXT_ORPHAN(inode)=2130706432
[   41.882791][ T4110] max_ino=32
[   41.885986][ T4110] i_nlink=1
[   41.893873][ T4110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   41.909542][ T4110] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   41.931412][ T4110] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.195: bg 0: block 248: padding at end of block bitmap is not set
[   41.962580][ T4110] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.195: Failed to acquire dquot type 1
[   41.975273][ T4110] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   42.011659][ T4120] netlink: 14 bytes leftover after parsing attributes in process `syz.4.197'.
[   42.026112][ T4120] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   42.036660][ T4120] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   42.046808][ T4120] bond0 (unregistering): Released all slaves
[   42.069726][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.196586][ T4122] SET target dimension over the limit!
[   42.207059][ T4130] loop3: detected capacity change from 0 to 8192
[   42.376456][ T4143] netlink: 20 bytes leftover after parsing attributes in process `syz.3.205'.
[   42.395615][ T4137] loop2: detected capacity change from 0 to 8192
[   42.410964][ T4145] netlink: 12 bytes leftover after parsing attributes in process `syz.1.206'.
[   42.452020][ T4137]  loop2: p1 p2 p3 p4
[   42.458245][ T4137] loop2: p3 start 331777 is beyond EOD, truncated
[   42.464791][ T4137] loop2: p4 size 262238 extends beyond EOD, truncated
[   42.495420][ T4151] loop3: detected capacity change from 0 to 2048
[   42.510862][ T4153] bridge_slave_0: entered promiscuous mode
[   42.526352][ T4151] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   42.544832][ T4133] loop4: detected capacity change from 0 to 32768
[   42.628168][ T4133]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[   42.643147][ T4133] loop4: p1 start 460800 is beyond EOD, truncated
[   42.649677][ T4133] loop4: p2 size 83886080 extends beyond EOD, truncated
[   42.653212][ T4151] wg1 speed is unknown, defaulting to 1000
[   42.658793][ T4133] loop4: p5 start 460800 is beyond EOD, truncated
[   42.669042][ T4133] loop4: p6 size 83886080 extends beyond EOD, truncated
[   42.700658][ T4162] loop2: detected capacity change from 0 to 164
[   42.731282][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   42.742107][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   42.742577][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   42.764341][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   42.819680][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   42.821434][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   42.841308][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   42.881399][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory
[   42.937799][ T4179] FAULT_INJECTION: forcing a failure.
[   42.937799][ T4179] name failslab, interval 1, probability 0, space 0, times 0
[   42.950563][ T4179] CPU: 1 UID: 0 PID: 4179 Comm: syz.4.214 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   42.950620][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   42.950633][ T4179] Call Trace:
[   42.950640][ T4179]  <TASK>
[   42.950648][ T4179]  __dump_stack+0x1d/0x30
[   42.950673][ T4179]  dump_stack_lvl+0xe8/0x140
[   42.950728][ T4179]  dump_stack+0x15/0x1b
[   42.950749][ T4179]  should_fail_ex+0x265/0x280
[   42.950772][ T4179]  should_failslab+0x8c/0xb0
[   42.950805][ T4179]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   42.950842][ T4179]  ? __alloc_skb+0x101/0x320
[   42.950897][ T4179]  __alloc_skb+0x101/0x320
[   42.950960][ T4179]  __ip6_append_data+0x190f/0x2390
[   42.950985][ T4179]  ? __pfx_udplite_getfrag+0x10/0x10
[   42.951073][ T4179]  ip6_append_data+0x138/0x240
[   42.951092][ T4179]  ? __pfx_udplite_getfrag+0x10/0x10
[   42.951138][ T4179]  udpv6_sendmsg+0x8a8/0x15b0
[   42.951172][ T4179]  ? avc_has_perm_noaudit+0x1b1/0x200
[   42.951192][ T4179]  ? __pfx_udplite_getfrag+0x10/0x10
[   42.951239][ T4179]  ? __rcu_read_unlock+0x4f/0x70
[   42.951275][ T4179]  ? __pfx_udpv6_sendmsg+0x10/0x10
[   42.951364][ T4179]  inet6_sendmsg+0xac/0xd0
[   42.951392][ T4179]  __sock_sendmsg+0x8b/0x180
[   42.951418][ T4179]  ____sys_sendmsg+0x31e/0x4e0
[   42.951538][ T4179]  ___sys_sendmsg+0x17b/0x1d0
[   42.951569][ T4179]  __x64_sys_sendmsg+0xd4/0x160
[   42.951595][ T4179]  x64_sys_call+0x191e/0x3000
[   42.951621][ T4179]  do_syscall_64+0xd2/0x200
[   42.951642][ T4179]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   42.951755][ T4179]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   42.951791][ T4179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.951813][ T4179] RIP: 0033:0x7fbd4b2ef6c9
[   42.951831][ T4179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.951851][ T4179] RSP: 002b:00007fbd49d57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.951880][ T4179] RAX: ffffffffffffffda RBX: 00007fbd4b545fa0 RCX: 00007fbd4b2ef6c9
[   42.951894][ T4179] RDX: 0000000020000044 RSI: 0000200000000040 RDI: 0000000000000003
[   42.951907][ T4179] RBP: 00007fbd49d57090 R08: 0000000000000000 R09: 0000000000000000
[   42.951919][ T4179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.951933][ T4179] R13: 00007fbd4b546038 R14: 00007fbd4b545fa0 R15: 00007ffde196cc88
[   42.951953][ T4179]  </TASK>
[   43.203954][ T4183] FAULT_INJECTION: forcing a failure.
[   43.203954][ T4183] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   43.217079][ T4183] CPU: 0 UID: 0 PID: 4183 Comm: syz.2.221 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.217109][ T4183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   43.217124][ T4183] Call Trace:
[   43.217131][ T4183]  <TASK>
[   43.217138][ T4183]  __dump_stack+0x1d/0x30
[   43.217214][ T4183]  dump_stack_lvl+0xe8/0x140
[   43.217234][ T4183]  dump_stack+0x15/0x1b
[   43.217253][ T4183]  should_fail_ex+0x265/0x280
[   43.217272][ T4183]  should_fail+0xb/0x20
[   43.217288][ T4183]  should_fail_usercopy+0x1a/0x20
[   43.217309][ T4183]  _copy_from_iter+0xd2/0xe80
[   43.217410][ T4183]  ? __build_skb_around+0x1ab/0x200
[   43.217446][ T4183]  ? __alloc_skb+0x223/0x320
[   43.217579][ T4183]  netlink_sendmsg+0x471/0x6b0
[   43.217612][ T4183]  ? __pfx_netlink_sendmsg+0x10/0x10
[   43.217635][ T4183]  __sock_sendmsg+0x145/0x180
[   43.217739][ T4183]  ____sys_sendmsg+0x31e/0x4e0
[   43.217775][ T4183]  ___sys_sendmsg+0x17b/0x1d0
[   43.217840][ T4183]  __x64_sys_sendmsg+0xd4/0x160
[   43.217866][ T4183]  x64_sys_call+0x191e/0x3000
[   43.217894][ T4183]  do_syscall_64+0xd2/0x200
[   43.217974][ T4183]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   43.218010][ T4183]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   43.218080][ T4183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.218157][ T4183] RIP: 0033:0x7f46fe90f6c9
[   43.218175][ T4183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.218197][ T4183] RSP: 002b:00007f46fd36f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   43.218293][ T4183] RAX: ffffffffffffffda RBX: 00007f46feb65fa0 RCX: 00007f46fe90f6c9
[   43.218309][ T4183] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[   43.218339][ T4183] RBP: 00007f46fd36f090 R08: 0000000000000000 R09: 0000000000000000
[   43.218354][ T4183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.218370][ T4183] R13: 00007f46feb66038 R14: 00007f46feb65fa0 R15: 00007ffeaa8062a8
[   43.218391][ T4183]  </TASK>
[   43.220385][ T4187] loop0: detected capacity change from 0 to 512
[   43.253026][ T4186] loop4: detected capacity change from 0 to 512
[   43.323182][ T4191] loop2: detected capacity change from 0 to 512
[   43.349472][ T4189] loop3: detected capacity change from 0 to 2048
[   43.373526][ T4187] EXT4-fs (loop0): orphan cleanup on readonly fs
[   43.441529][ T4191] EXT4-fs (loop2): orphan cleanup on readonly fs
[   43.459155][ T4186] EXT4-fs (loop4): orphan cleanup on readonly fs
[   43.460560][ T4191] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.225: bad orphan inode 13
[   43.466994][ T4187] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.222: bad orphan inode 13
[   43.486332][ T4186] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.223: bad orphan inode 13
[   43.496971][ T4189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   43.498579][ T4191] ext4_test_bit(bit=12, block=18) = 1
[   43.514520][ T4191] is_bad_inode(inode)=0
[   43.518682][ T4191] NEXT_ORPHAN(inode)=2130706432
[   43.523617][ T4191] max_ino=32
[   43.526813][ T4191] i_nlink=1
[   43.530506][ T4191] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   43.537466][ T4186] ext4_test_bit(bit=12, block=18) = 1
[   43.543334][ T4187] ext4_test_bit(bit=12, block=18) = 1
[   43.548235][ T4186] is_bad_inode(inode)=0
[   43.553642][ T4187] is_bad_inode(inode)=0
[   43.557776][ T4186] NEXT_ORPHAN(inode)=2130706432
[   43.561961][ T4187] NEXT_ORPHAN(inode)=2130706432
[   43.561971][ T4187] max_ino=32
[   43.566809][ T4186] max_ino=32
[   43.571657][ T4187] i_nlink=1
[   43.575376][ T4187] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   43.578020][ T4186] i_nlink=1
[   43.592514][ T4186] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   43.672192][ T4191] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   43.681644][ T4186] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   43.691235][ T4187] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   43.717934][ T4189] wg1 speed is unknown, defaulting to 1000
[   43.721155][ T4187] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.222: bg 0: block 248: padding at end of block bitmap is not set
[   43.739189][ T4191] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.225: bg 0: block 248: padding at end of block bitmap is not set
[   43.765707][ T4212] loop1: detected capacity change from 0 to 1024
[   43.786259][ T4212] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   43.797207][ T4186] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.223: bg 0: block 248: padding at end of block bitmap is not set
[   43.814406][ T4187] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.222: Failed to acquire dquot type 1
[   43.822631][ T4191] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.225: Failed to acquire dquot type 1
[   43.837559][ T4187] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   43.837883][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   43.853035][ T4186] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.223: Failed to acquire dquot type 1
[   43.861867][ T4191] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   43.873169][ T4186] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   43.887469][ T4212] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.229: Invalid block bitmap block 0 in block_group 0
[   43.916308][ T4212] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.229: Failed to acquire dquot type 0
[   43.950681][ T4212] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.229: Freeing blocks not in datazone - block = 0, count = 4096
[   43.965904][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.969595][ T4212] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.229: Invalid inode bitmap blk 0 in block_group 0
[   43.975709][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.996549][ T2805] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 0
[   44.015327][ T4212] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   44.030848][ T4212] EXT4-fs (loop1): 1 orphan inode deleted
[   44.047395][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.059097][ T4212] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.130085][ T4227] loop2: detected capacity change from 0 to 1024
[   44.156217][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.165566][ T4227] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.167417][ T4231] loop0: detected capacity change from 0 to 164
[   44.183334][ T4227] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.236: Invalid block bitmap block 0 in block_group 0
[   44.205097][ T4227] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.236: Failed to acquire dquot type 0
[   44.235869][ T4234] loop3: detected capacity change from 0 to 2048
[   44.249996][ T4227] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.236: Freeing blocks not in datazone - block = 0, count = 4096
[   44.264798][ T4238] FAULT_INJECTION: forcing a failure.
[   44.264798][ T4238] name failslab, interval 1, probability 0, space 0, times 0
[   44.272849][ T4227] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.236: Invalid inode bitmap blk 0 in block_group 0
[   44.277510][ T4238] CPU: 1 UID: 0 PID: 4238 Comm: syz.4.241 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   44.277546][ T4238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   44.277560][ T4238] Call Trace:
[   44.277568][ T4238]  <TASK>
[   44.277576][ T4238]  __dump_stack+0x1d/0x30
[   44.277602][ T4238]  dump_stack_lvl+0xe8/0x140
[   44.277716][ T4238]  dump_stack+0x15/0x1b
[   44.277737][ T4238]  should_fail_ex+0x265/0x280
[   44.277760][ T4238]  should_failslab+0x8c/0xb0
[   44.277821][ T4238]  kmem_cache_alloc_noprof+0x50/0x480
[   44.277879][ T4238]  ? security_inode_alloc+0x37/0x100
[   44.277907][ T4238]  security_inode_alloc+0x37/0x100
[   44.277932][ T4238]  inode_init_always_gfp+0x4b7/0x500
[   44.277963][ T4238]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[   44.278044][ T4238]  alloc_inode+0x58/0x170
[   44.278072][ T4238]  new_inode+0x1d/0xe0
[   44.278169][ T4238]  hugetlbfs_get_inode+0x7b/0x370
[   44.278204][ T4238]  hugetlb_file_setup+0x192/0x3d0
[   44.278270][ T4238]  ksys_mmap_pgoff+0x157/0x310
[   44.278339][ T4238]  x64_sys_call+0x14a3/0x3000
[   44.278364][ T4238]  do_syscall_64+0xd2/0x200
[   44.278389][ T4238]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   44.278421][ T4238]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   44.278519][ T4238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.278548][ T4238] RIP: 0033:0x7fbd4b2ef6c9
[   44.278565][ T4238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.278584][ T4238] RSP: 002b:00007fbd49d57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   44.278605][ T4238] RAX: ffffffffffffffda RBX: 00007fbd4b545fa0 RCX: 00007fbd4b2ef6c9
[   44.278619][ T4238] RDX: 0000000000000003 RSI: 0000000000ff5000 RDI: 0000200000000000
[   44.278633][ T4238] RBP: 00007fbd49d57090 R08: ffffffffffffffff R09: 0000000000000000
[   44.278705][ T4238] R10: 00020000000ec071 R11: 0000000000000246 R12: 0000000000000001
[   44.278719][ T4238] R13: 00007fbd4b546038 R14: 00007fbd4b545fa0 R15: 00007ffde196cc88
[   44.278738][ T4238]  </TASK>
[   44.308685][ T4234] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   44.310202][ T4227] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   44.317424][   T99] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 0
[   44.320784][ T4227] EXT4-fs (loop2): 1 orphan inode deleted
[   44.546141][ T4242] vhci_hcd: default hub control req: a100 vfffe i0000 l0
[   44.579857][ T4227] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.638263][ T4242] loop4: detected capacity change from 0 to 8192
[   44.682805][ T4247] wg1 speed is unknown, defaulting to 1000
[   44.719252][ T3553]  loop4: p1 p2 p3 p4
[   44.726380][ T3553] loop4: p3 start 331777 is beyond EOD, truncated
[   44.732965][ T3553] loop4: p4 size 262238 extends beyond EOD, truncated
[   44.746337][ T4258] loop0: detected capacity change from 0 to 1024
[   44.757472][ T4242]  loop4: p1 p2 p3 p4
[   44.766840][ T4242] loop4: p3 start 331777 is beyond EOD, truncated
[   44.767188][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.773343][ T4242] loop4: p4 size 262238 extends beyond EOD, truncated
[   44.794520][ T4258] EXT4-fs (loop0): 1 truncate cleaned up
[   44.809286][ T4258] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.864058][   T29] kauditd_printk_skb: 384 callbacks suppressed
[   44.864074][   T29] audit: type=1400 audit(1763081929.319:2014): avc:  denied  { create } for  pid=4257 comm="syz.0.248" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   44.890935][ T4267] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.248: corrupted in-inode xattr: bad e_name length
[   44.912467][ T4258] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.248: corrupted in-inode xattr: bad e_name length
[   44.950719][ T4267] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   44.960950][ T4267] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.248: bg 0: block 250: padding at end of block bitmap is not set
[   44.977527][   T29] audit: type=1326 audit(1763081929.399:2015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4257 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   44.983054][ T4272] loop2: detected capacity change from 0 to 164
[   45.000880][   T29] audit: type=1326 audit(1763081929.399:2016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4257 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   45.000912][   T29] audit: type=1326 audit(1763081929.399:2017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4257 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   45.000938][   T29] audit: type=1400 audit(1763081929.409:2018): avc:  denied  { relabelto } for  pid=4257 comm="syz.0.248" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   45.010190][ T4272] iso9660: Unknown parameter '
'
[   45.030512][   T29] audit: type=1326 audit(1763081929.419:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4257 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   45.107845][   T29] audit: type=1326 audit(1763081929.419:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4257 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   45.109135][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   45.131226][   T29] audit: type=1326 audit(1763081929.419:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4257 comm="syz.0.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   45.164234][   T29] audit: type=1326 audit(1763081929.429:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4271 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46fe90f6c9 code=0x7ffc0000
[   45.187542][   T29] audit: type=1326 audit(1763081929.429:2023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4271 comm="syz.2.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46fe90f6c9 code=0x7ffc0000
[   45.222129][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   45.233553][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   45.245414][ T4276] binfmt_misc: register: failed to install interpreter file ./file2
[   45.254998][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   45.274191][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.334680][ T4283] netlink: 'syz.0.256': attribute type 2 has an invalid length.
[   45.342395][ T4283] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   45.367755][ T4284] dvmrp1: entered allmulticast mode
[   45.420566][ T4294] loop1: detected capacity change from 0 to 512
[   45.428570][ T4294] EXT4-fs (loop1): orphan cleanup on readonly fs
[   45.435424][ T4294] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.261: bad orphan inode 13
[   45.446779][ T4294] ext4_test_bit(bit=12, block=18) = 1
[   45.452205][ T4294] is_bad_inode(inode)=0
[   45.456362][ T4294] NEXT_ORPHAN(inode)=2130706432
[   45.461224][ T4294] max_ino=32
[   45.464406][ T4294] i_nlink=1
[   45.468791][ T4294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.485626][ T4294] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   45.501921][ T4294] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.261: bg 0: block 248: padding at end of block bitmap is not set
[   45.516696][ T4294] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.261: Failed to acquire dquot type 1
[   45.528260][ T4294] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   45.612296][ T4300] wg1 speed is unknown, defaulting to 1000
[   46.022295][ T4307] syzkaller0: entered allmulticast mode
[   46.028510][ T4307] syzkaller0: entered promiscuous mode
[   46.036543][ T4307] syzkaller0 (unregistering): left allmulticast mode
[   46.043473][ T4307] syzkaller0 (unregistering): left promiscuous mode
[   46.115216][ T4302] loop4: detected capacity change from 0 to 32768
[   46.163101][ T3306]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[   46.180675][ T3306] loop4: p1 start 460800 is beyond EOD, truncated
[   46.187352][ T3306] loop4: p2 size 83886080 extends beyond EOD, truncated
[   46.198612][ T4311] __nla_validate_parse: 11 callbacks suppressed
[   46.198627][ T4311] netlink: 20 bytes leftover after parsing attributes in process `syz.3.266'.
[   46.203716][ T3306] loop4: p5 start 460800 is beyond EOD, 
[   46.206571][ T4314] Driver unsupported XDP return value 0 on prog  (id 196) dev N/A, expect packet loss!
[   46.213769][ T3306] truncated
[   46.232203][ T3306] loop4: p6 size 83886080 extends beyond EOD, truncated
[   46.313783][ T4316] netlink: 'syz.1.267': attribute type 2 has an invalid length.
[   46.321559][ T4316] netlink: 116 bytes leftover after parsing attributes in process `syz.1.267'.
[   46.330610][ T4316] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   46.353146][ T4302]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[   46.358763][ T4302] loop4: p1 start 460800 is beyond EOD, truncated
[   46.365385][ T4302] loop4: p2 size 83886080 extends beyond EOD, truncated
[   46.373113][ T4321] netlink: 72 bytes leftover after parsing attributes in process `syz.0.269'.
[   46.387167][ T4321] loop0: detected capacity change from 0 to 512
[   46.395339][ T4321] EXT4-fs (loop0): orphan cleanup on readonly fs
[   46.404084][ T4302] loop4: p5 start 460800 is beyond EOD, truncated
[   46.407755][ T4321] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.269: bad orphan inode 13
[   46.410587][ T4302] loop4: p6 size 83886080 extends beyond EOD, truncated
[   46.429619][ T4329] netlink: 20 bytes leftover after parsing attributes in process `syz.3.273'.
[   46.439415][ T4331] loop2: detected capacity change from 0 to 128
[   46.476115][ T4321] ext4_test_bit(bit=12, block=18) = 1
[   46.481671][ T4321] is_bad_inode(inode)=0
[   46.485825][ T4321] NEXT_ORPHAN(inode)=2130706432
[   46.490809][ T4321] max_ino=32
[   46.494020][ T4321] i_nlink=1
[   46.531925][ T4335] netlink: 24 bytes leftover after parsing attributes in process `syz.4.275'.
[   46.564828][ T4333] netlink: 14 bytes leftover after parsing attributes in process `syz.3.274'.
[   46.574823][ T4321] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   46.606145][ T4321] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.269: bg 0: block 248: padding at end of block bitmap is not set
[   46.637287][ T4342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   46.648603][ T4321] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.269: Failed to acquire dquot type 1
[   46.648746][ T4342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   46.668388][ T4321] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.685726][ T4344] netlink: 'syz.4.278': attribute type 2 has an invalid length.
[   46.693415][ T4344] netlink: 116 bytes leftover after parsing attributes in process `syz.4.278'.
[   46.702400][ T4344] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   46.819952][ T4347] netlink: 20 bytes leftover after parsing attributes in process `syz.0.279'.
[   46.868304][ T4349] netlink: 14 bytes leftover after parsing attributes in process `syz.0.280'.
[   47.088032][ T4355] netlink: 20 bytes leftover after parsing attributes in process `syz.1.282'.
[   47.172385][ T4365] loop0: detected capacity change from 0 to 512
[   47.180231][ T4365] EXT4-fs (loop0): orphan cleanup on readonly fs
[   47.187594][ T4365] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.287: bad orphan inode 13
[   47.203650][ T4365] ext4_test_bit(bit=12, block=18) = 1
[   47.209085][ T4365] is_bad_inode(inode)=0
[   47.213311][ T4365] NEXT_ORPHAN(inode)=2130706432
[   47.218155][ T4365] max_ino=32
[   47.221380][ T4365] i_nlink=1
[   47.283010][ T4365] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   47.331106][ T4365] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.287: bg 0: block 248: padding at end of block bitmap is not set
[   47.347193][ T4372] vhci_hcd: default hub control req: a100 vfffe i0000 l0
[   47.383919][ T4365] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.287: Failed to acquire dquot type 1
[   47.420833][ T4365] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   47.436026][ T4372] loop3: detected capacity change from 0 to 8192
[   47.479187][ T4372]  loop3: p1 p2 p3 p4
[   47.484220][ T4372] loop3: p3 start 331777 is beyond EOD, truncated
[   47.490802][ T4372] loop3: p4 size 262238 extends beyond EOD, truncated
[   47.660572][ T4399] loop1: detected capacity change from 0 to 512
[   47.763972][ T4399] EXT4-fs (loop1): orphan cleanup on readonly fs
[   47.781959][ T4399] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.300: bad orphan inode 13
[   47.813467][ T4399] ext4_test_bit(bit=12, block=18) = 1
[   47.818874][ T4399] is_bad_inode(inode)=0
[   47.823243][ T4399] NEXT_ORPHAN(inode)=2130706432
[   47.828090][ T4399] max_ino=32
[   47.831397][ T4399] i_nlink=1
[   47.852375][ T4399] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   47.871302][ T4399] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.300: bg 0: block 248: padding at end of block bitmap is not set
[   47.890239][ T4399] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.300: Failed to acquire dquot type 1
[   47.904895][ T4417] netlink: 'syz.3.307': attribute type 2 has an invalid length.
[   47.912591][ T4417] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   47.928391][ T4399] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.090760][ T4426] wg1 speed is unknown, defaulting to 1000
[   48.328696][ T4429] netlink: 'syz.0.312': attribute type 3 has an invalid length.
[   48.617199][ T4430] loop1: detected capacity change from 0 to 32768
[   48.630647][ T4449] loop0: detected capacity change from 0 to 512
[   48.639033][ T4449] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   48.658560][ T4449] EXT4-fs (loop0): 1 truncate cleaned up
[   48.665469][ T4430]  loop1: p1 p2 p3 < > p4 < p5 p6 >
[   48.680110][ T4430] loop1: p1 start 460800 is beyond EOD, truncated
[   48.686692][ T4430] loop1: p2 size 83886080 extends beyond EOD, truncated
[   48.705719][ T4455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   48.717379][ T4430] loop1: p5 start 460800 is beyond EOD, truncated
[   48.723869][ T4430] loop1: p6 size 83886080 extends beyond EOD, truncated
[   48.724139][ T4457] netlink: 'syz.2.323': attribute type 3 has an invalid length.
[   48.753278][ T4455] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   48.826723][ T4461] loop2: detected capacity change from 0 to 512
[   48.838901][ T4463] loop4: detected capacity change from 0 to 512
[   48.876601][ T4461] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   48.926187][ T4463] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   49.001911][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   49.011892][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   49.013181][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[   49.031977][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   49.042398][ T4477] loop1: detected capacity change from 0 to 512
[   49.059354][ T4480] FAULT_INJECTION: forcing a failure.
[   49.059354][ T4480] name failslab, interval 1, probability 0, space 0, times 0
[   49.072011][ T4480] CPU: 1 UID: 0 PID: 4480 Comm: syz.4.331 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.072041][ T4480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   49.072055][ T4480] Call Trace:
[   49.072062][ T4480]  <TASK>
[   49.072071][ T4480]  __dump_stack+0x1d/0x30
[   49.072108][ T4480]  dump_stack_lvl+0xe8/0x140
[   49.072133][ T4480]  dump_stack+0x15/0x1b
[   49.072153][ T4480]  should_fail_ex+0x265/0x280
[   49.072182][ T4480]  should_failslab+0x8c/0xb0
[   49.072216][ T4480]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   49.072275][ T4480]  ? kstrdup_const+0x3e/0x50
[   49.072314][ T4480]  kstrdup+0x3e/0xd0
[   49.072339][ T4480]  kstrdup_const+0x3e/0x50
[   49.072369][ T4480]  alloc_vfsmnt+0xe7/0x300
[   49.072388][ T4480]  clone_mnt+0x30/0x5d0
[   49.072407][ T4480]  mnt_clone_internal+0x39/0x80
[   49.072491][ T4480]  __se_sys_acct+0x112/0x530
[   49.072514][ T4480]  __x64_sys_acct+0x1f/0x30
[   49.072534][ T4480]  x64_sys_call+0x2f3a/0x3000
[   49.072561][ T4480]  do_syscall_64+0xd2/0x200
[   49.072586][ T4480]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   49.072685][ T4480]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   49.072734][ T4480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.072759][ T4480] RIP: 0033:0x7fbd4b2ef6c9
[   49.072776][ T4480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.072877][ T4480] RSP: 002b:00007fbd49d57038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[   49.072898][ T4480] RAX: ffffffffffffffda RBX: 00007fbd4b545fa0 RCX: 00007fbd4b2ef6c9
[   49.072950][ T4480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000200
[   49.072962][ T4480] RBP: 00007fbd49d57090 R08: 0000000000000000 R09: 0000000000000000
[   49.072974][ T4480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.072986][ T4480] R13: 00007fbd4b546038 R14: 00007fbd4b545fa0 R15: 00007ffde196cc88
[   49.073003][ T4480]  </TASK>
[   49.294352][ T4480] Process accounting resumed
[   49.303774][ T3003] udevd[3003]: worker [3306] terminated by signal 33 (Unknown signal 33)
[   49.320625][ T3003] udevd[3003]: worker [3306] failed while handling '/devices/virtual/block/loop1'
[   49.348711][ T4477] EXT4-fs (loop1): orphan cleanup on readonly fs
[   49.442123][ T4477] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.330: bad orphan inode 13
[   49.459458][ T4477] ext4_test_bit(bit=12, block=18) = 1
[   49.464923][ T4477] is_bad_inode(inode)=0
[   49.469104][ T4477] NEXT_ORPHAN(inode)=2130706432
[   49.473981][ T4477] max_ino=32
[   49.477235][ T4477] i_nlink=1
[   49.575586][ T4494] wg1 speed is unknown, defaulting to 1000
[   49.917078][ T4477] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   49.936851][   T29] kauditd_printk_skb: 698 callbacks suppressed
[   49.936866][   T29] audit: type=1326 audit(1763081934.389:2712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   49.967601][   T29] audit: type=1326 audit(1763081934.399:2713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   49.991406][   T29] audit: type=1326 audit(1763081934.399:2714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   50.001881][ T4477] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.330: bg 0: block 248: padding at end of block bitmap is not set
[   50.014713][   T29] audit: type=1326 audit(1763081934.429:2715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   50.033777][ T4477] Quota error (device loop1): write_blk: dquota write failed
[   50.052247][   T29] audit: type=1326 audit(1763081934.429:2716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   50.059606][ T4477] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   50.082945][   T29] audit: type=1326 audit(1763081934.429:2717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   50.092856][ T4477] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.330: Failed to acquire dquot type 1
[   50.116144][   T29] audit: type=1326 audit(1763081934.429:2718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   50.150591][   T29] audit: type=1326 audit(1763081934.429:2720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   50.176321][ T4477] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   50.266974][ T4512] loop2: detected capacity change from 0 to 512
[   50.293910][ T4512] EXT4-fs (loop2): orphan cleanup on readonly fs
[   50.307170][ T4512] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.343: bad orphan inode 13
[   50.321108][ T4512] ext4_test_bit(bit=12, block=18) = 1
[   50.326517][ T4512] is_bad_inode(inode)=0
[   50.330700][ T4512] NEXT_ORPHAN(inode)=2130706432
[   50.335583][ T4512] max_ino=32
[   50.338789][ T4512] i_nlink=1
[   50.357711][ T4515] FAULT_INJECTION: forcing a failure.
[   50.357711][ T4515] name failslab, interval 1, probability 0, space 0, times 0
[   50.370392][ T4515] CPU: 1 UID: 0 PID: 4515 Comm: syz.0.345 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.370425][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   50.370437][ T4515] Call Trace:
[   50.370445][ T4515]  <TASK>
[   50.370521][ T4515]  __dump_stack+0x1d/0x30
[   50.370546][ T4515]  dump_stack_lvl+0xe8/0x140
[   50.370570][ T4515]  dump_stack+0x15/0x1b
[   50.370590][ T4515]  should_fail_ex+0x265/0x280
[   50.370612][ T4515]  should_failslab+0x8c/0xb0
[   50.370716][ T4515]  kmem_cache_alloc_noprof+0x50/0x480
[   50.370747][ T4515]  ? audit_log_start+0x342/0x720
[   50.370774][ T4515]  audit_log_start+0x342/0x720
[   50.370807][ T4515]  ? kstrtouint+0x76/0xc0
[   50.370895][ T4515]  audit_seccomp+0x48/0x100
[   50.370929][ T4515]  ? __seccomp_filter+0x82d/0x1250
[   50.370980][ T4515]  __seccomp_filter+0x83e/0x1250
[   50.371013][ T4515]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   50.371127][ T4515]  ? vfs_write+0x7e8/0x960
[   50.371154][ T4515]  ? __rcu_read_unlock+0x4f/0x70
[   50.371180][ T4515]  ? __fget_files+0x184/0x1c0
[   50.371264][ T4515]  __secure_computing+0x82/0x150
[   50.371297][ T4515]  syscall_trace_enter+0xcf/0x1e0
[   50.371333][ T4515]  do_syscall_64+0xac/0x200
[   50.371387][ T4515]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.371419][ T4515]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   50.371459][ T4515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.371481][ T4515] RIP: 0033:0x7f55979df6c9
[   50.371533][ T4515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.371554][ T4515] RSP: 002b:00007f559643f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000105
[   50.371576][ T4515] RAX: ffffffffffffffda RBX: 00007f5597c35fa0 RCX: 00007f55979df6c9
[   50.371592][ T4515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[   50.371605][ T4515] RBP: 00007f559643f090 R08: 0000000000000000 R09: 0000000000000000
[   50.371617][ T4515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.371638][ T4515] R13: 00007f5597c36038 R14: 00007f5597c35fa0 R15: 00007ffed8bf0688
[   50.371655][ T4515]  </TASK>
[   50.590653][ T4517] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   50.615975][ T4517] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.343: bg 0: block 248: padding at end of block bitmap is not set
[   50.638410][ T4517] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.343: Failed to acquire dquot type 1
[   50.672492][ T4517] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   50.701831][ T4524] netlink: 'syz.3.347': attribute type 3 has an invalid length.
[   50.704241][ T4525] loop1: detected capacity change from 0 to 512
[   50.716491][ T4522] wg1 speed is unknown, defaulting to 1000
[   50.791877][ T4525] EXT4-fs error (device loop1): ext4_init_orphan_info:581: comm syz.1.344: inode #0: comm syz.1.344: iget: illegal inode #
[   50.852585][ T4525] EXT4-fs (loop1): get orphan inode failed
[   50.972313][ T4525] EXT4-fs (loop1): mount failed
[   50.985913][ T4540] ip6t_srh: unknown srh match flags  4000
[   51.266045][ T4546] wg1 speed is unknown, defaulting to 1000
[   51.429837][ T4548] loop4: detected capacity change from 0 to 512
[   51.501640][ T4548] ------------[ cut here ]------------
[   51.507203][ T4548] EA inode 11 i_nlink=2
[   51.507455][ T4548] WARNING: CPU: 0 PID: 4548 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[   51.521749][ T4548] Modules linked in:
[   51.525743][ T4548] CPU: 0 UID: 0 PID: 4548 Comm: wÞ£ÿ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.535186][ T4548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   51.545264][ T4548] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[   51.551955][ T4548] Code: 90 49 8d 7e 40 e8 06 fa b8 ff 4d 8b 6e 40 4c 89 e7 e8 1a f5 b8 ff 41 8b 56 48 48 c7 c7 d5 d2 55 86 4c 89 ee e8 87 f5 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 08 e4 b5 03 0f 1f 84 00 00 00 00 00
[   51.571765][ T4548] RSP: 0000:ffffc90018cdb5a0 EFLAGS: 00010246
[   51.577835][ T4548] RAX: bbe5b6635a29d200 RBX: ffff88811a0a5308 RCX: 0000000000080000
[   51.585872][ T4548] RDX: ffffc90004e7d000 RSI: 000000000000584d RDI: 000000000000584e
[   51.593891][ T4548] RBP: 0000000000000002 R08: 0001c90018cdb427 R09: 0000000000000000
[   51.602001][ T4548] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811a0a52b8
[   51.609985][ T4548] R13: 000000000000000b R14: ffff88811a0a5270 R15: 0000000000000001
[   51.618005][ T4548] FS:  00007fbd49d576c0(0000) GS:ffff8882aee13000(0000) knlGS:0000000000000000
[   51.627009][ T4548] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   51.633624][ T4548] CR2: 0000000000000000 CR3: 0000000121746000 CR4: 00000000003506f0
[   51.641727][ T4548] Call Trace:
[   51.645002][ T4548]  <TASK>
[   51.648016][ T4548]  ext4_xattr_set_entry+0x77f/0x1020
[   51.653457][ T4548]  ext4_xattr_ibody_set+0x184/0x3c0
[   51.658753][ T4548]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[   51.664796][ T4548]  __ext4_expand_extra_isize+0x246/0x280
[   51.670515][ T4548]  __ext4_mark_inode_dirty+0x29d/0x3f0
[   51.676078][ T4548]  ext4_evict_inode+0x80e/0xd90
[   51.681046][ T4548]  ? __pfx_ext4_evict_inode+0x10/0x10
[   51.686433][ T4548]  evict+0x2e3/0x550
[   51.690338][ T4548]  ? __dquot_initialize+0x146/0x7c0
[   51.695624][ T4548]  iput+0x4ed/0x650
[   51.699591][ T4548]  ext4_process_orphan+0x1a9/0x1c0
[   51.704778][ T4548]  ext4_orphan_cleanup+0x6a8/0xa00
[   51.709946][ T4548]  ext4_fill_super+0x3483/0x3810
[   51.714964][ T4548]  ? snprintf+0x86/0xb0
[   51.719222][ T4548]  ? set_blocksize+0x1a8/0x310
[   51.724052][ T4548]  ? sb_set_blocksize+0xe3/0x100
[   51.729070][ T4548]  ? setup_bdev_super+0x30e/0x370
[   51.734151][ T4548]  ? __pfx_ext4_fill_super+0x10/0x10
[   51.739508][ T4548]  get_tree_bdev_flags+0x291/0x300
[   51.744670][ T4548]  ? __pfx_ext4_fill_super+0x10/0x10
[   51.749997][ T4548]  get_tree_bdev+0x1f/0x30
[   51.754492][ T4548]  ext4_get_tree+0x1c/0x30
[   51.758937][ T4548]  vfs_get_tree+0x57/0x1d0
[   51.763409][ T4548]  do_new_mount+0x24d/0x660
[   51.767932][ T4548]  path_mount+0x4a5/0xb70
[   51.772365][ T4548]  ? user_path_at+0x109/0x130
[   51.777058][ T4548]  __se_sys_mount+0x28c/0x2e0
[   51.781862][ T4548]  __x64_sys_mount+0x67/0x80
[   51.786524][ T4548]  x64_sys_call+0x2b51/0x3000
[   51.791290][ T4548]  do_syscall_64+0xd2/0x200
[   51.792669][ T4518] syz.1.344 (4518) used greatest stack depth: 6184 bytes left
[   51.795840][ T4548]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   51.809386][ T4548]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   51.815258][ T4548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.821190][ T4548] RIP: 0033:0x7fbd4b2f0e6a
[   51.824266][ T4554] __nla_validate_parse: 21 callbacks suppressed
[   51.824282][ T4554] netlink: 12 bytes leftover after parsing attributes in process `syz.1.357'.
[   51.825644][ T4548] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.860417][ T4548] RSP: 002b:00007fbd49d56e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   51.868870][ T4548] RAX: ffffffffffffffda RBX: 00007fbd49d56ef0 RCX: 00007fbd4b2f0e6a
[   51.876864][ T4548] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fbd49d56eb0
[   51.884871][ T4548] RBP: 0000200000000180 R08: 00007fbd49d56ef0 R09: 0000000000800700
[   51.892953][ T4548] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   51.900955][ T4548] R13: 00007fbd49d56eb0 R14: 000000000000046f R15: 0000200000000200
[   51.908931][ T4548]  </TASK>
[   51.911965][ T4548] ---[ end trace 0000000000000000 ]---
[   51.918045][ T4548] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #18: comm wÞ£ÿ: iget: bad extra_isize 90 (inode size 256)
[   51.931704][ T4548] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm wÞ£ÿ: error while reading EA inode 18 err=-117
[   51.944070][ T4548] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #18: comm wÞ£ÿ: iget: bad extra_isize 90 (inode size 256)
[   51.957606][ T4548] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm wÞ£ÿ: error while reading EA inode 18 err=-117
[   51.969939][ T4548] EXT4-fs (loop4): 1 orphan inode deleted
[   51.995632][ T4556] netlink: 12 bytes leftover after parsing attributes in process `syz.1.357'.
[   52.020223][ T4558] loop0: detected capacity change from 0 to 128
[   52.032210][ T4558] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   52.044689][ T4558] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   52.059708][ T4558] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4558 comm=syz.0.358
[   52.072200][ T4558] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4558 comm=syz.0.358
[   52.147888][ T4562] loop1: detected capacity change from 0 to 512
[   52.180009][ T4562] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.210738][ T2805] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   52.256446][ T4569] loop0: detected capacity change from 0 to 512
[   52.270199][ T4570] wg1 speed is unknown, defaulting to 1000
[   52.280007][ T4572] netlink: 20 bytes leftover after parsing attributes in process `syz.4.363'.
[   52.341368][ T4569] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.362: inode has both inline data and extents flags
[   52.386582][ T4569] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.362: couldn't read orphan inode 15 (err -117)
[   52.440672][ T4569] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   52.481412][ T4543] Set syz1 is full, maxelem 65536 reached
[   52.584744][ T4586] loop3: detected capacity change from 0 to 164
[   52.592565][ T4577] netlink: 14 bytes leftover after parsing attributes in process `syz.4.365'.
[   52.640914][ T4589] netlink: 12 bytes leftover after parsing attributes in process `syz.1.370'.
[   52.666151][ T4589] netlink: 12 bytes leftover after parsing attributes in process `syz.1.370'.
[   52.687194][ T4591] netlink: 14 bytes leftover after parsing attributes in process `syz.4.371'.
[   52.719912][ T4595] loop1: detected capacity change from 0 to 2048
[   52.741470][ T4593] netlink: 20 bytes leftover after parsing attributes in process `syz.3.372'.
[   52.783298][ T4601] netlink: 20 bytes leftover after parsing attributes in process `syz.4.375'.
[   52.838174][ T4606] xt_HMARK: proto mask must be zero with L3 mode
[   52.994075][ T4610] wg1 speed is unknown, defaulting to 1000
[   53.303283][ T4619] netlink: 72 bytes leftover after parsing attributes in process `syz.2.381'.
[   53.421185][ T4625] bridge_slave_1: left allmulticast mode
[   53.422224][ T4619] loop2: detected capacity change from 0 to 512
[   53.426867][ T4625] bridge_slave_1: left promiscuous mode
[   53.438902][ T4625] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.453211][ T4625] bridge_slave_0: left allmulticast mode
[   53.457939][ T4619] EXT4-fs (loop2): orphan cleanup on readonly fs
[   53.458882][ T4625] bridge_slave_0: left promiscuous mode
[   53.470934][ T4625] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.477673][ T4619] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.381: bad orphan inode 13
[   53.489170][ T4605] loop3: detected capacity change from 0 to 32768
[   53.489393][ T4619] ext4_test_bit(bit=12, block=18) = 1
[   53.501116][ T4619] is_bad_inode(inode)=0
[   53.505290][ T4619] NEXT_ORPHAN(inode)=2130706432
[   53.510132][ T4619] max_ino=32
[   53.513345][ T4619] i_nlink=1
[   53.522505][ T4619] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   53.561495][ T4619] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.381: bg 0: block 248: padding at end of block bitmap is not set
[   53.577102][ T4619] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.381: Failed to acquire dquot type 1
[   53.595099][ T4619] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   53.632676][ T4605]  loop3: p1 p2 p3 < > p4 < p5 p6 >
[   53.638212][ T4605] loop3: p1 start 460800 is beyond EOD, truncated
[   53.644772][ T4605] loop3: p2 size 83886080 extends beyond EOD, truncated
[   53.687600][ T4638] FAULT_INJECTION: forcing a failure.
[   53.687600][ T4638] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.700788][ T4638] CPU: 0 UID: 0 PID: 4638 Comm: syz.1.388 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   53.700827][ T4638] Tainted: [W]=WARN
[   53.700835][ T4638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.700926][ T4638] Call Trace:
[   53.700933][ T4638]  <TASK>
[   53.700942][ T4638]  __dump_stack+0x1d/0x30
[   53.700965][ T4638]  dump_stack_lvl+0xe8/0x140
[   53.701045][ T4638]  dump_stack+0x15/0x1b
[   53.701067][ T4638]  should_fail_ex+0x265/0x280
[   53.701090][ T4638]  should_fail+0xb/0x20
[   53.701117][ T4638]  should_fail_usercopy+0x1a/0x20
[   53.701143][ T4638]  _copy_to_user+0x20/0xa0
[   53.701171][ T4638]  simple_read_from_buffer+0xb5/0x130
[   53.701201][ T4638]  proc_fail_nth_read+0x10e/0x150
[   53.701262][ T4638]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   53.701296][ T4638]  vfs_read+0x1a8/0x770
[   53.701319][ T4638]  ? __rcu_read_unlock+0x4f/0x70
[   53.701346][ T4638]  ? __fget_files+0x184/0x1c0
[   53.701418][ T4638]  ksys_read+0xda/0x1a0
[   53.701446][ T4638]  __x64_sys_read+0x40/0x50
[   53.701489][ T4638]  x64_sys_call+0x27c0/0x3000
[   53.701517][ T4638]  do_syscall_64+0xd2/0x200
[   53.701543][ T4638]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.701577][ T4638]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.701753][ T4638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.701861][ T4638] RIP: 0033:0x7f9e296ce0dc
[   53.701879][ T4638] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   53.701897][ T4638] RSP: 002b:00007f9e28137030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   53.701916][ T4638] RAX: ffffffffffffffda RBX: 00007f9e29925fa0 RCX: 00007f9e296ce0dc
[   53.701930][ T4638] RDX: 000000000000000f RSI: 00007f9e281370a0 RDI: 0000000000000004
[   53.701945][ T4638] RBP: 00007f9e28137090 R08: 0000000000000000 R09: 0000000000000000
[   53.701960][ T4638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.701975][ T4638] R13: 00007f9e29926038 R14: 00007f9e29925fa0 R15: 00007ffd4c5870c8
[   53.702048][ T4638]  </TASK>
[   53.913289][ T4605] loop3: p5 start 460800 is beyond EOD, truncated
[   53.919749][ T4605] loop3: p6 size 83886080 extends beyond EOD, truncated
[   53.955313][ T4642] loop4: detected capacity change from 0 to 512
[   53.981798][ T4642] EXT4-fs (loop4): orphan cleanup on readonly fs
[   53.998823][ T4642] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.391: bad orphan inode 13
[   54.012584][ T4642] ext4_test_bit(bit=12, block=18) = 1
[   54.017960][ T4642] is_bad_inode(inode)=0
[   54.022141][ T4642] NEXT_ORPHAN(inode)=2130706432
[   54.026994][ T4642] max_ino=32
[   54.030233][ T4642] i_nlink=1
[   54.087292][ T3555] udevd[3555]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[   54.089004][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   54.108124][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   54.118652][ T4642] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   54.131597][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   54.137505][ T4646] wg1 speed is unknown, defaulting to 1000
[   54.151833][ T4642] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.391: bg 0: block 248: padding at end of block bitmap is not set
[   54.187136][ T4642] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.391: Failed to acquire dquot type 1
[   54.199455][ T4642] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   54.226659][ T4656] netlink: 'syz.1.397': attribute type 1 has an invalid length.
[   54.302685][ T4663] xt_HMARK: proto mask must be zero with L3 mode
[   54.348406][ T4667] loop1: detected capacity change from 0 to 512
[   54.362745][ T4667] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.401: inode has both inline data and extents flags
[   54.377213][ T4667] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.401: couldn't read orphan inode 15 (err -117)
[   54.392263][ T4667] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   54.445659][ T4675] loop4: detected capacity change from 0 to 2048
[   54.528258][ T4681] netlink: 'syz.3.407': attribute type 3 has an invalid length.
[   54.599303][ T4686] xt_HMARK: proto mask must be zero with L3 mode
[   54.646893][ T4682] wg1 speed is unknown, defaulting to 1000
[   54.719476][ T4690] loop1: detected capacity change from 0 to 128
[   54.775355][ T4690] syz.1.409: attempt to access beyond end of device
[   54.775355][ T4690] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[   54.869214][ T4690] wg1 speed is unknown, defaulting to 1000
[   54.890578][ T4703] loop2: detected capacity change from 0 to 512
[   54.904062][ T4705] loop0: detected capacity change from 0 to 512
[   54.906875][ T4703] EXT4-fs (loop2): orphan cleanup on readonly fs
[   54.921105][ T4697] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   54.928592][ T4697] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   54.946047][ T4705] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.416: inode has both inline data and extents flags
[   54.946478][ T4697] vhci_hcd: invalid port number 32
[   54.960528][ T4703] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.415: bad orphan inode 13
[   54.964368][ T4697] vhci_hcd: default hub control req: 0300 vfffa i0020 l0
[   54.965445][   T29] kauditd_printk_skb: 275 callbacks suppressed
[   54.965513][   T29] audit: type=1400 audit(1763081939.419:2987): avc:  denied  { listen } for  pid=4687 comm="syz.1.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   55.007219][   T29] audit: type=1326 audit(1763081939.439:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4696 comm="syz.3.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   55.015172][ T4705] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.416: couldn't read orphan inode 15 (err -117)
[   55.030802][   T29] audit: type=1326 audit(1763081939.439:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4696 comm="syz.3.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   55.046851][ T4703] ext4_test_bit(bit=12, block=18) = 1
[   55.065818][   T29] audit: type=1326 audit(1763081939.439:2990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4696 comm="syz.3.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   55.071165][ T4703] is_bad_inode(inode)=0
[   55.071174][ T4703] NEXT_ORPHAN(inode)=2130706432
[   55.094468][   T29] audit: type=1326 audit(1763081939.439:2991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4696 comm="syz.3.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   55.098584][ T4703] max_ino=32
[   55.098593][ T4703] i_nlink=1
[   55.133029][   T29] audit: type=1326 audit(1763081939.439:2992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4696 comm="syz.3.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   55.154212][ T4705] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   55.156325][   T29] audit: type=1326 audit(1763081939.439:2993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4696 comm="syz.3.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   55.193969][   T29] audit: type=1326 audit(1763081939.439:2994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4696 comm="syz.3.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   55.217322][   T29] audit: type=1400 audit(1763081939.439:2995): avc:  denied  { ioctl } for  pid=4696 comm="syz.3.413" path="socket:[8127]" dev="sockfs" ino=8127 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   55.241870][   T29] audit: type=1326 audit(1763081939.439:2996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4696 comm="syz.3.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae98b2f6c9 code=0x7ffc0000
[   55.296537][ T4703] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   55.322218][ T4703] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.415: bg 0: block 248: padding at end of block bitmap is not set
[   55.337714][ T4703] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.415: Failed to acquire dquot type 1
[   55.352434][ T4703] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   55.370647][ T4720] xt_HMARK: proto mask must be zero with L3 mode
[   55.457465][ T4734] loop0: detected capacity change from 0 to 128
[   55.466245][ T4734] ext4 filesystem being mounted at /73/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   55.535680][ T4740] loop4: detected capacity change from 0 to 2048
[   55.572141][ T4750] loop3: detected capacity change from 0 to 128
[   55.583037][ T4740] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.605160][ T4744] netlink: 'syz.2.426': attribute type 2 has an invalid length.
[   55.612879][ T4744] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   55.698179][ T4757] loop4: detected capacity change from 0 to 512
[   55.709967][ T4762] xt_HMARK: proto mask must be zero with L3 mode
[   55.752281][ T4757] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.430: inode has both inline data and extents flags
[   55.765829][ T4757] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.430: couldn't read orphan inode 15 (err -117)
[   55.779781][ T4757] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   55.800087][ T4768] loop1: detected capacity change from 0 to 512
[   55.816888][ T4769] FAULT_INJECTION: forcing a failure.
[   55.816888][ T4769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.830011][ T4769] CPU: 0 UID: 0 PID: 4769 Comm: syz.3.436 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   55.830045][ T4769] Tainted: [W]=WARN
[   55.830051][ T4769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   55.830065][ T4769] Call Trace:
[   55.830071][ T4769]  <TASK>
[   55.830080][ T4769]  __dump_stack+0x1d/0x30
[   55.830105][ T4769]  dump_stack_lvl+0xe8/0x140
[   55.830137][ T4769]  dump_stack+0x15/0x1b
[   55.830184][ T4769]  should_fail_ex+0x265/0x280
[   55.830206][ T4769]  should_fail+0xb/0x20
[   55.830232][ T4769]  should_fail_usercopy+0x1a/0x20
[   55.830256][ T4769]  _copy_to_user+0x20/0xa0
[   55.830287][ T4769]  simple_read_from_buffer+0xb5/0x130
[   55.830317][ T4769]  proc_fail_nth_read+0x10e/0x150
[   55.830363][ T4769]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   55.830462][ T4769]  vfs_read+0x1a8/0x770
[   55.830491][ T4769]  ? __rcu_read_unlock+0x4f/0x70
[   55.830519][ T4769]  ? __fget_files+0x184/0x1c0
[   55.830613][ T4769]  ksys_read+0xda/0x1a0
[   55.830644][ T4769]  __x64_sys_read+0x40/0x50
[   55.830672][ T4769]  x64_sys_call+0x27c0/0x3000
[   55.830697][ T4769]  do_syscall_64+0xd2/0x200
[   55.830720][ T4769]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   55.830828][ T4769]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   55.830938][ T4769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.830962][ T4769] RIP: 0033:0x7fae98b2e0dc
[   55.830979][ T4769] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   55.830999][ T4769] RSP: 002b:00007fae97597030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   55.831020][ T4769] RAX: ffffffffffffffda RBX: 00007fae98d85fa0 RCX: 00007fae98b2e0dc
[   55.831034][ T4769] RDX: 000000000000000f RSI: 00007fae975970a0 RDI: 0000000000000008
[   55.831071][ T4769] RBP: 00007fae97597090 R08: 0000000000000000 R09: 0000000000000000
[   55.831139][ T4769] R10: 000000000000001e R11: 0000000000000246 R12: 0000000000000001
[   55.831152][ T4769] R13: 00007fae98d86038 R14: 00007fae98d85fa0 R15: 00007ffeb147dce8
[   55.831169][ T4769]  </TASK>
[   56.065193][ T4778] syz.0.440 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   56.079377][ T4768] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.123292][ T4782] loop3: detected capacity change from 0 to 2048
[   56.144650][ T4782] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.301439][ T4802] xt_HMARK: proto mask must be zero with L3 mode
[   56.338998][ T4808] loop0: detected capacity change from 0 to 2048
[   56.372747][ T4811] loop3: detected capacity change from 0 to 128
[   56.380931][ T4811] ext4 filesystem being mounted at /99/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   56.575752][ T4818] wg1 speed is unknown, defaulting to 1000
[   56.921858][ T4824] loop3: detected capacity change from 0 to 2048
[   56.952403][ T4824] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.979280][ T4832] loop1: detected capacity change from 0 to 1024
[   56.986767][ T4828] loop2: detected capacity change from 0 to 2048
[   56.995723][ T4832] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   57.023083][ T4832] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.458: Invalid block bitmap block 0 in block_group 0
[   57.038827][ T4835] loop4: detected capacity change from 0 to 1024
[   57.057047][ T4832] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.458: Failed to acquire dquot type 0
[   57.078856][ T4835] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   57.091884][ T4832] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.458: Freeing blocks not in datazone - block = 0, count = 4096
[   57.107373][ T4832] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.458: Invalid inode bitmap blk 0 in block_group 0
[   57.126616][ T4832] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   57.140859][   T42] EXT4-fs error (device loop1): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[   57.145674][ T4835] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.459: Invalid block bitmap block 0 in block_group 0
[   57.152708][ T4832] EXT4-fs (loop1): 1 orphan inode deleted
[   57.187841][ T4844] xt_HMARK: proto mask must be zero with L3 mode
[   57.205271][ T4843] wg1 speed is unknown, defaulting to 1000
[   57.222501][ T4835] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.459: Failed to acquire dquot type 0
[   57.235917][ T4835] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.459: Freeing blocks not in datazone - block = 0, count = 4096
[   57.266089][ T4835] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.459: Invalid inode bitmap blk 0 in block_group 0
[   57.280928][   T42] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 0
[   57.292526][ T4835] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   57.292592][ T4847] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.311769][ T4835] EXT4-fs (loop4): 1 orphan inode deleted
[   57.328101][ T4847] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.347565][ T4850] __nla_validate_parse: 19 callbacks suppressed
[   57.347580][ T4850] netlink: 14 bytes leftover after parsing attributes in process `syz.3.464'.
[   57.368600][ T4852] netlink: 8 bytes leftover after parsing attributes in process `syz.0.463'.
[   57.387513][ T4854] netlink: 20 bytes leftover after parsing attributes in process `syz.3.465'.
[   57.403308][ T4852] netlink: 'syz.0.463': attribute type 10 has an invalid length.
[   57.433096][ T4852] team0 (unregistering): Port device C removed
[   57.470652][ T4852] team0 (unregistering): Port device team_slave_1 removed
[   57.525883][ T4866] netlink: 14 bytes leftover after parsing attributes in process `syz.4.471'.
[   57.569762][ T4873] xt_HMARK: proto mask must be zero with L3 mode
[   57.582157][ T4871] loop3: detected capacity change from 0 to 2048
[   57.601775][ T4875] netlink: 14 bytes leftover after parsing attributes in process `syz.0.475'.
[   57.680118][ T4883] netlink: 20 bytes leftover after parsing attributes in process `syz.0.478'.
[   57.694823][ T4885] loop4: detected capacity change from 0 to 164
[   57.769416][ T4894] FAULT_INJECTION: forcing a failure.
[   57.769416][ T4894] name failslab, interval 1, probability 0, space 0, times 0
[   57.782153][ T4894] CPU: 0 UID: 0 PID: 4894 Comm: syz.4.482 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   57.782227][ T4894] Tainted: [W]=WARN
[   57.782234][ T4894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   57.782249][ T4894] Call Trace:
[   57.782257][ T4894]  <TASK>
[   57.782302][ T4894]  __dump_stack+0x1d/0x30
[   57.782326][ T4894]  dump_stack_lvl+0xe8/0x140
[   57.782347][ T4894]  dump_stack+0x15/0x1b
[   57.782368][ T4894]  should_fail_ex+0x265/0x280
[   57.782424][ T4894]  ? snd_seq_pool_new+0x32/0xe0
[   57.782451][ T4894]  should_failslab+0x8c/0xb0
[   57.782487][ T4894]  __kmalloc_cache_noprof+0x4c/0x4a0
[   57.782528][ T4894]  snd_seq_pool_new+0x32/0xe0
[   57.782619][ T4894]  snd_seq_fifo_resize+0x4b/0x1c0
[   57.782653][ T4894]  snd_seq_ioctl_set_client_pool+0x24c/0x310
[   57.782709][ T4894]  snd_seq_ioctl+0x177/0x300
[   57.782738][ T4894]  ? __pfx_snd_seq_ioctl+0x10/0x10
[   57.782760][ T4894]  __se_sys_ioctl+0xce/0x140
[   57.782781][ T4894]  __x64_sys_ioctl+0x43/0x50
[   57.782816][ T4894]  x64_sys_call+0x1816/0x3000
[   57.782842][ T4894]  do_syscall_64+0xd2/0x200
[   57.782908][ T4894]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   57.782937][ T4894]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   57.782979][ T4894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.783001][ T4894] RIP: 0033:0x7fbd4b2ef6c9
[   57.783017][ T4894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.783074][ T4894] RSP: 002b:00007fbd49d57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   57.783093][ T4894] RAX: ffffffffffffffda RBX: 00007fbd4b545fa0 RCX: 00007fbd4b2ef6c9
[   57.783107][ T4894] RDX: 0000200000000180 RSI: 000000004058534c RDI: 0000000000000003
[   57.783120][ T4894] RBP: 00007fbd49d57090 R08: 0000000000000000 R09: 0000000000000000
[   57.783133][ T4894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.783151][ T4894] R13: 00007fbd4b546038 R14: 00007fbd4b545fa0 R15: 00007ffde196cc88
[   57.783221][ T4894]  </TASK>
[   58.038884][ T4895] wg1 speed is unknown, defaulting to 1000
[   58.250022][ T4905] xt_HMARK: proto mask must be zero with L3 mode
[   58.357199][ T4908] tipc: Started in network mode
[   58.362290][ T4908] tipc: Node identity ac14140f, cluster identity 4711
[   58.378826][ T4908] tipc: New replicast peer: 255.255.255.83
[   58.384739][ T4908] tipc: Enabled bearer <udp:£>, priority 10
[   58.438580][ T4914] FAULT_INJECTION: forcing a failure.
[   58.438580][ T4914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.445536][ T4916] netlink: 72 bytes leftover after parsing attributes in process `syz.1.490'.
[   58.451754][ T4914] CPU: 1 UID: 0 PID: 4914 Comm: syz.2.486 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   58.451874][ T4914] Tainted: [W]=WARN
[   58.451881][ T4914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.451895][ T4914] Call Trace:
[   58.451902][ T4914]  <TASK>
[   58.451971][ T4914]  __dump_stack+0x1d/0x30
[   58.451996][ T4914]  dump_stack_lvl+0xe8/0x140
[   58.452061][ T4914]  dump_stack+0x15/0x1b
[   58.452080][ T4914]  should_fail_ex+0x265/0x280
[   58.452102][ T4914]  should_fail+0xb/0x20
[   58.452120][ T4914]  should_fail_usercopy+0x1a/0x20
[   58.452215][ T4914]  _copy_to_user+0x20/0xa0
[   58.452250][ T4914]  simple_read_from_buffer+0xb5/0x130
[   58.452279][ T4914]  proc_fail_nth_read+0x10e/0x150
[   58.452319][ T4914]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   58.452354][ T4914]  vfs_read+0x1a8/0x770
[   58.452380][ T4914]  ? __rcu_read_unlock+0x4f/0x70
[   58.452409][ T4914]  ? __fget_files+0x184/0x1c0
[   58.452556][ T4914]  ksys_read+0xda/0x1a0
[   58.452585][ T4914]  __x64_sys_read+0x40/0x50
[   58.452676][ T4914]  x64_sys_call+0x27c0/0x3000
[   58.452702][ T4914]  do_syscall_64+0xd2/0x200
[   58.452725][ T4914]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.452811][ T4914]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.452863][ T4914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.452887][ T4914] RIP: 0033:0x7f46fe90e0dc
[   58.452974][ T4914] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   58.452993][ T4914] RSP: 002b:00007f46fd36f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   58.453014][ T4914] RAX: ffffffffffffffda RBX: 00007f46feb65fa0 RCX: 00007f46fe90e0dc
[   58.453028][ T4914] RDX: 000000000000000f RSI: 00007f46fd36f0a0 RDI: 0000000000000006
[   58.453041][ T4914] RBP: 00007f46fd36f090 R08: 0000000000000000 R09: 0000000000000000
[   58.453075][ T4914] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[   58.453088][ T4914] R13: 00007f46feb66038 R14: 00007f46feb65fa0 R15: 00007ffeaa8062a8
[   58.453107][ T4914]  </TASK>
[   58.464784][ T4908] usb usb3: usbfs: process 4908 (syz.0.488) did not claim interface 0 before use
[   58.477210][ T4910] netlink: 14 bytes leftover after parsing attributes in process `syz.4.489'.
[   58.492298][ T4916] loop1: detected capacity change from 0 to 512
[   58.519260][ T4908] vhci_hcd: default hub control req: a100 vfffe i0000 l0
[   58.712180][ T4919] netlink: 20 bytes leftover after parsing attributes in process `syz.3.491'.
[   58.733559][ T4916] EXT4-fs (loop1): orphan cleanup on readonly fs
[   58.740092][ T4915] loop0: detected capacity change from 0 to 8192
[   58.746130][ T4916] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.490: bad orphan inode 13
[   58.780836][ T4916] ext4_test_bit(bit=12, block=18) = 1
[   58.780863][ T4915]  loop0: p1 p2 p3 p4
[   58.786258][ T4916] is_bad_inode(inode)=0
[   58.786270][ T4916] NEXT_ORPHAN(inode)=2130706432
[   58.786278][ T4916] max_ino=32
[   58.786285][ T4916] i_nlink=1
[   58.828161][ T4916] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   58.828537][ T4915] loop0: p3 start 331777 is beyond EOD, truncated
[   58.843992][ T4915] loop0: p4 size 262238 extends beyond EOD, truncated
[   58.888425][ T3003]  loop0: p1 p2 p3 p4
[   58.893756][ T3003] loop0: p3 start 331777 is beyond EOD, truncated
[   58.900252][ T3003] loop0: p4 size 262238 extends beyond EOD, truncated
[   58.942803][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   58.942927][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   58.963821][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   58.989882][ T4916] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.490: bg 0: block 248: padding at end of block bitmap is not set
[   58.994800][ T4936] loop0: detected capacity change from 0 to 2048
[   59.018367][ T4926] netlink: 152 bytes leftover after parsing attributes in process `syz.2.495'.
[   59.042267][ T4916] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.490: Failed to acquire dquot type 1
[   59.070097][ T4938] wg1 speed is unknown, defaulting to 1000
[   59.295756][ T3537] udevd[3537]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   59.307142][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   59.321751][ T3555] udevd[3555]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   59.351901][ T4943] wg1 speed is unknown, defaulting to 1000
[   59.431168][ T3423] tipc: Node number set to 2886997007
[   59.447614][ T4916] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   59.606013][ T4951] loop1: detected capacity change from 0 to 2048
[   59.759337][ T4956] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket pid=4956 comm=syz.4.503
[   59.890081][ T4961] wg1 speed is unknown, defaulting to 1000
[   60.033408][   T29] kauditd_printk_skb: 517 callbacks suppressed
[   60.033490][   T29] audit: type=1326 audit(1763081944.489:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4959 comm="syz.2.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46fe90f6c9 code=0x7ffc0000
[   60.259402][ T4976] netlink: 'syz.4.509': attribute type 10 has an invalid length.
[   60.300324][ T4976] team0 (unregistering): Port device C removed
[   60.313663][ T4980] vhci_hcd: default hub control req: a100 vfffe i0000 l0
[   60.321011][ T4976] team0 (unregistering): Port device team_slave_1 removed
[   60.328327][   T29] audit: type=1326 audit(1763081944.769:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   60.351812][   T29] audit: type=1326 audit(1763081944.769:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f55979ddf10 code=0x7ffc0000
[   60.375158][   T29] audit: type=1326 audit(1763081944.769:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   60.398601][   T29] audit: type=1326 audit(1763081944.769:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   60.408935][ T4980] loop0: detected capacity change from 0 to 8192
[   60.421965][   T29] audit: type=1326 audit(1763081944.769:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   60.452092][   T29] audit: type=1326 audit(1763081944.769:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   60.475451][   T29] audit: type=1326 audit(1763081944.779:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   60.498795][   T29] audit: type=1326 audit(1763081944.779:3510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f55979df6c9 code=0x7ffc0000
[   60.522222][   T29] audit: type=1326 audit(1763081944.779:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4979 comm="syz.0.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f55979df703 code=0x7ffc0000
[   60.522436][ T4983] loop3: detected capacity change from 0 to 8192
[   60.570540][ T4977] tipc: Started in network mode
[   60.575459][ T4977] tipc: Node identity ac14140f, cluster identity 4711
[   60.583326][ T4977] tipc: New replicast peer: 255.255.255.83
[   60.589190][ T4977] tipc: Enabled bearer <udp:£>, priority 10
[   60.633559][ T4980]  loop0: p1 p2 p3 p4
[   60.637806][ T4983]  loop3: p1 p2 p3 p4
[   60.641545][ T4980] loop0: p3 start 331777 is beyond EOD, truncated
[   60.648196][ T4980] loop0: p4 size 262238 extends beyond EOD, truncated
[   60.663282][ T4983] loop3: p3 start 331777 is beyond EOD, truncated
[   60.669748][ T4983] loop3: p4 size 262238 extends beyond EOD, truncated
[   60.686977][ T3003]  loop0: p1 p2 p3 p4
[   60.693269][ T3003] loop0: p3 start 331777 is beyond EOD, truncated
[   60.699705][ T3003] loop0: p4 size 262238 extends beyond EOD, truncated
[   60.749286][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   60.772840][ T4993] netlink: 'syz.1.515': attribute type 2 has an invalid length.
[   60.780598][ T4993] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   60.801777][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   60.817360][ T3555] udevd[3555]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   60.849550][ T5000] loop3: detected capacity change from 0 to 2048
[   60.860109][ T3551] udevd[3551]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   60.861798][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   60.887053][ T3555] udevd[3555]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   60.897534][ T3761] udevd[3761]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   60.944625][ T5002] wg1 speed is unknown, defaulting to 1000
[   61.216094][ T5006] wg1 speed is unknown, defaulting to 1000
[   61.455393][ T5017] loop2: detected capacity change from 0 to 2048
[   61.472129][ T5017] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.502210][ T5021] netlink: 'syz.2.522': attribute type 10 has an invalid length.
[   61.518865][ T5021] team0 (unregistering): Port device C removed
[   61.528352][ T5021] team0 (unregistering): Port device team_slave_1 removed
[   61.612779][ T3368] tipc: Node number set to 2886997007
[   61.640050][ T5027] vhci_hcd: default hub control req: a100 vfffe i0000 l0
[   61.661924][ T5030] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   61.720280][ T5036] netlink: 'syz.1.527': attribute type 39 has an invalid length.
[   61.801204][ T5038] loop2: detected capacity change from 0 to 512
[   61.833429][ T5038] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.530: inode has both inline data and extents flags
[   61.843045][ T5041] SELinux: failed to load policy
[   61.848341][ T5030] loop0: detected capacity change from 0 to 8192
[   61.859450][ T5027] loop4: detected capacity change from 0 to 8192
[   61.869112][ T5038] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.530: couldn't read orphan inode 15 (err -117)
[   61.889932][ T5038] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[   61.907469][ T3551]  loop0: p1 p2 p3 p4
[   61.912855][ T3551] loop0: p3 start 331777 is beyond EOD, truncated
[   61.919359][ T3551] loop0: p4 size 262238 extends beyond EOD, truncated
[   61.927222][ T5027]  loop4: p1 p2 p3 p4
[   61.958146][ T5027] loop4: p3 start 331777 is beyond EOD, truncated
[   61.962868][ T5030]  loop0: p1 p2 p3 p4
[   61.964678][ T5027] loop4: p4 size 262238 extends beyond EOD, truncated
[   61.988636][ T5030] loop0: p3 start 331777 is beyond EOD, truncated
[   61.995164][ T5030] loop0: p4 size 262238 extends beyond EOD, truncated
[   62.019856][ T5048] netlink: 'syz.3.533': attribute type 3 has an invalid length.
[   62.137311][ T5062] loop3: detected capacity change from 0 to 512
[   62.161254][ T5062] EXT4-fs (loop3): orphan cleanup on readonly fs
[   62.174036][ T5062] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.539: bad orphan inode 13
[   62.186529][ T5062] ext4_test_bit(bit=12, block=18) = 1
[   62.191948][ T5062] is_bad_inode(inode)=0
[   62.196129][ T5062] NEXT_ORPHAN(inode)=2130706432
[   62.201045][ T5062] max_ino=32
[   62.204229][ T5062] i_nlink=1
[   62.212607][ T5057] netlink: 'syz.1.537': attribute type 2 has an invalid length.
[   62.220288][ T5057] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   62.251072][ T5069] wg1 speed is unknown, defaulting to 1000
[   62.359976][ T5062] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   62.443316][ T5074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.463695][ T5062] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.539: bg 0: block 248: padding at end of block bitmap is not set
[   62.523935][ T5074] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.543696][ T5062] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.539: Failed to acquire dquot type 1
[   62.555951][ T5062] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   62.598726][ T5078] loop0: detected capacity change from 0 to 2048
[   62.612164][ T5078] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.668161][ T5086] loop0: detected capacity change from 0 to 1024
[   62.675147][ T5086] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.701174][ T5086] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   62.709406][ T5086] System zones: 0-1, 3-36
[   62.780459][ T5093] __nla_validate_parse: 12 callbacks suppressed
[   62.780475][ T5093] netlink: 14 bytes leftover after parsing attributes in process `syz.0.547'.
[   62.939869][ T5103] tipc: Started in network mode
[   62.944840][ T5103] tipc: Node identity ac14140f, cluster identity 4711
[   62.956861][ T5103] tipc: New replicast peer: 255.255.255.83
[   62.957079][ T5105] netlink: 20 bytes leftover after parsing attributes in process `syz.1.552'.
[   62.962834][ T5103] tipc: Enabled bearer <udp:£>, priority 10
[   62.987770][ T3313] ==================================================================
[   62.995881][ T3313] BUG: KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event
[   63.004738][ T3313] 
[   63.007051][ T3313] write to 0xffff888104014b34 of 4 bytes by task 3551 on cpu 1:
[   63.014669][ T3313]  fsnotify_detach_mark+0xba/0x160
[   63.019779][ T3313]  fsnotify_destroy_mark+0x70/0x150
[   63.024973][ T3313]  __se_sys_inotify_rm_watch+0xe8/0x170
[   63.030516][ T3313]  __x64_sys_inotify_rm_watch+0x31/0x40
[   63.036061][ T3313]  x64_sys_call+0x2e95/0x3000
[   63.040737][ T3313]  do_syscall_64+0xd2/0x200
[   63.045232][ T3313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.051117][ T3313] 
[   63.053487][ T3313] read to 0xffff888104014b34 of 4 bytes by task 3313 on cpu 0:
[   63.061013][ T3313]  fsnotify_handle_inode_event+0x125/0x220
[   63.066822][ T3313]  fsnotify+0x13cf/0x14b0
[   63.071139][ T3313]  __fsnotify_parent+0x2ed/0x330
[   63.076072][ T3313]  __fput+0x1de/0x650
[   63.080041][ T3313]  fput_close_sync+0x6e/0x120
[   63.084704][ T3313]  __x64_sys_close+0x56/0xf0
[   63.089285][ T3313]  x64_sys_call+0x273c/0x3000
[   63.093957][ T3313]  do_syscall_64+0xd2/0x200
[   63.098451][ T3313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.104336][ T3313] 
[   63.106642][ T3313] value changed: 0x00000003 -> 0x00000000
[   63.112338][ T3313] 
[   63.114648][ T3313] Reported by Kernel Concurrency Sanitizer on:
[   63.120785][ T3313] CPU: 0 UID: 0 PID: 3313 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   63.132234][ T3313] Tainted: [W]=WARN
[   63.136020][ T3313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.146070][ T3313] ==================================================================
[   63.196100][ T5110] loop4: detected capacity change from 0 to 8192
[   63.240966][ T5110]  loop4: p1 p2 p3 p4
[   63.246013][ T5110] loop4: p3 start 331777 is beyond EOD, truncated
[   63.252560][ T5110] loop4: p4 size 262238 extends beyond EOD, truncated
[   63.990467][ T1035] tipc: Node number set to 2886997007