last executing test programs:

3.067960744s ago: executing program 4 (id=1875):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = open(&(0x7f0000000280)='.\x00', 0x2000, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
fcntl$setsig(r1, 0xa, 0x11)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r1, 0xc0105303, &(0x7f00000000c0)={0x3, 0x2})
openat(0xffffffffffffff9c, &(0x7f0000002600)='./file1\x00', 0x105040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000040)={[{@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000140)={<r5=>0x0, 0x1}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000300)={r5, @in6={{0xa, 0x4e24, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}}, 0x400, 0x401}, &(0x7f0000000240)=0x90)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r6, &(0x7f0000004200)='t', 0x1)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0xfeff)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r7, 0xe8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendfile(r6, r2, 0x0, 0x7ffff000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b)

2.219947887s ago: executing program 1 (id=1888):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_open_dev$evdev(0x0, 0x2, 0x0)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x17}]}}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x84}}, 0x0)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000004000000030000f13f0001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000d0001007564703a73797a3200048823"], 0x54}, 0x1, 0x0, 0x0, 0x8804}, 0x0)

2.202200537s ago: executing program 4 (id=1889):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000ac0)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)

2.179416737s ago: executing program 2 (id=1890):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_clone3(&(0x7f00000004c0)={0x100000000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)=<r1=>0x0, {0x28}, &(0x7f0000000200)=""/9, 0x9, &(0x7f0000000340)=""/104, &(0x7f0000000240)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x4}, 0x58)
fcntl$lock(r0, 0x5, &(0x7f00000003c0)={0x1, 0x1, 0x4, 0xf0, r1})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000100)='kmem_cache_free\x00', r5, 0x0, 0xfffffffffffffff8}, 0x18)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
fremovexattr(r6, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r8, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}}, 0x24)

2.03143313s ago: executing program 2 (id=1891):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e0000008500000005000000"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000100)={&(0x7f0000001600)=""/4096, 0x1000})

1.99585719s ago: executing program 2 (id=1892):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000074000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021380011800a0001006c696d6974000000280002800c00024000000000000000030c00014000000000000001010c0001400000000000000101b81700000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000008c1703800c0000800800034000000002"], 0x1874}}, 0x0)

1.97549361s ago: executing program 2 (id=1893):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "7fa727", 0x0, 0x2c, 0x0, @private2={0xfc, 0x2, '\x00', 0x4}, @local}}}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000400)={0x4, &(0x7f00000003c0)=[{0x65, 0x2, 0x3, 0x81}, {0x2, 0x3, 0x0, 0x3}, {0x1, 0xfb, 0xc0, 0x7}, {0x6, 0x40, 0xe4}]})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000180)={'wg1\x00', &(0x7f0000000000)=@ethtool_dump={0x3e, 0x7fff, 0x7}})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@allocspi={0xf8, 0x16, 0x1, 0x70bd25, 0x0, {{{@in6=@mcast1, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0xa0}, {@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x23}}, 0x0, 0x33}, @in6=@empty, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff1, 0x3}, {0x4, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x796}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x1a0b1}}, 0xf8}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
recvmsg$unix(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000009c0)=""/119, 0x77}], 0x1}, 0x2000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x2}]})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
socket$packet(0x11, 0xa, 0x300)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000007c0)={0x118, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x108, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0a}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x8, 0xe6, 0x0, 0x0, @pid=0xffffffffffffffff}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0xc008, &(0x7f0000001140)=ANY=[@ANYRES8=0x0, @ANYBLOB="150372626c9d5f3317ad8221d37e160e79c5f6e278be2130ca7330b2", @ANYRESDEC, @ANYRES16, @ANYBLOB="017bd269f7dd3a93fa412d09c2790257816e859e38befc7634f092626c62b45f123b8f0f84059ba4351abe0bfd3933e564c513028b41a418555d5e4c744478e7ca03d24a2c1b0f248513f8f9cfc324431f5d5a6999ad47b61152edad98c141cf359dfcf021d4e8a18166aa7767e69420c5308149bcddd4a62a31d8f902a24645ef50e8395e891793f46aaa025a260c8d784a1ec9233755d12803582f0700000000000000df6c634447f23d2cd9e65d3461d3a09b93f7318e486e862f288bb7ce21e0df72e59ed16f3796c260b5be486b21c5d7cf21996406b4b3240f4255406a009a12c844c2d35cefba99e2b26b01a1347225c1a8cb9f6630d930847f193662a5eea4daf62aeb29324a86f8ec6367bf3105d3529316d3e044bbeedf80c3b301686b44cd51c9ff53690e9269caf72a039b5e32b3e543b8fbba25a1eaf60c3e1da6becef1750a9e8d991ef03ce3d14d85d69f6ff54465fba8ad4aef62561284fdc9cba6fea9a38fb5244e7729c047949660af09fa91fd17928f55f6bed589cdf6e6dde72206336961da8ce2c100ff90ac4a598e9846bc2b868a640021bec390b7f460d14330beadd5458a0352cde0d6c8bc1655da9121090c98cdf98438ab1baa3bbbb60db2436ae26fad78755d3df25b0f03c4c8f39f27a668aa45aa2953ebd6a34233a386f3d63a07f7e491a2db98af12cc6fc814e8a75efcf90c0e2a56a833d53b086be1ec10efe3c7d46abfedb36fc2fc75ebbdabcd356e489fe87dbf67bfe8de6d24d4db48c65da860ccf9f9b2f8b1fc8c8d2e7293a465ea21757521a1b0677f50901ea19c53fd3a8ca59fbc328e69b0d064746a000000a1ed7631a64c8ecb86645f66b4efc49b74ec93f4897a56c7dbb42f094e6685051a0d42bed7598cc30ffc08bc2db500c5e5f9d51fc89d25f3a202b0abc67dd7926f915d61c24e031636d984759a36ba0b3a06151764621bdbe91b510a6064aa51e0a73317ccb02dbb89c701eac52445561f7355071ef71ae5427f612f8620f6b9a80c440af2f162"], 0x40, 0x2f6, &(0x7f0000000e40)="$eJzs3M9r02AYwPGnXbd2HVt7EEFF9qIXvYSt3oUiG4gFZa7iDxCyNdXS2JamTCri6smr/4Zjx11koPMP2MWbJy/iZRfBy0BnpU3q0i3dus4tG/1+YLzP8r5Pm+R9W54Uko37b5/ls5aW1SsSjCgJitRkSyTeiBzzoyISkIA0myF7Y8RuanJ15OeXi0pEkqnU1IxS08nZawml1Nj4h+cvly+tVUburYythmU9/njjR+Lb+tn1cxt/Zp/mLJWzVKFYUbqaK36t6HOmoTI5K68pdcc0dMtQuYJllO3+YsV5WymVqkovZEajpbJhWUovVFXeqKpKUVXKVaU/0XMFpWmaGo1K/9gcbzalg+all2Zm9GSPbzrfYx7+u7U9e8vl1ofnU729J710dPsEAABOqlb9H3bX/5vt9X/AaYPu+t9Rk1qj/r/74OGtLur/1aEO9X9xV/3vXF9IW3/WLFL/9yqye1N6aaD3+h+nRHlYwrIs25/o14+WJ5oB9T8AAAAAAAAAAAAAAAAAAAAAAKfBZr0eq9frsUYbFDtu/IWdG0Za//u9nzga7vm35zrUmHXmv0+4btyLiJhvFtILabu1+5NZyYkphkxITH4314PDjqdvpqYCqikuH81FJ39xIT3Qnj8pMYl750/a+ao9f1Ci7vyExOSMd37CM39Irlx25WsSk8/zUhRTMs11vZ3/alKpG7dTO/KHJeNxxxwAAAAAAKeRpv7xvH7XtE79dn43vw9MeF6fh+R8yN9jBwAAAACgX1jVF3ndNI3yvsE7J2Pfwd+dgV2/8mGDwQMcRbfB+2YQ6PTKkQOduiMIWs9k3nPwsDOorcv5eWbxcLsx6Mexj/tywkONRe/aEu04eGzA64TvFYSdpzI3tmzVd4y5vnLhl39r7Fi/hgAAAAAcg+2i3+89AQAAAAAAAAAAAAAAAAAAAAAAAAAAAACgfx3H48T8PkYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpPgbAAD//zi/FSY=")
open(&(0x7f0000000000)='./file1\x00', 0x147042, 0x60)
socket$xdp(0x2c, 0x3, 0x0)

1.836148262s ago: executing program 1 (id=1897):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000074000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021380011800a0001006c696d6974000000280002800c00024000000000000000030c00014000000000000001010c0001400000000000000101b81700000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000008c1703800c0000800800034000000002"], 0x1874}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
capget(0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file1\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, r4)

1.782496743s ago: executing program 1 (id=1899):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040), 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000000), &(0x7f0000000100)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r3, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r3, 0x5, 0x4)

1.553275767s ago: executing program 0 (id=1903):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e0000008500000005000000"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000100)={&(0x7f0000001600)=""/4096, 0x1000})

1.550967337s ago: executing program 3 (id=1904):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = open(&(0x7f0000000280)='.\x00', 0x2000, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
fcntl$setsig(r1, 0xa, 0x11)
openat(0xffffffffffffff9c, &(0x7f0000002600)='./file1\x00', 0x105040, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000040)={[{@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000140)={<r5=>0x0, 0x1}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000300)={r5, @in6={{0xa, 0x4e24, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}}, 0x400, 0x401}, &(0x7f0000000240)=0x90)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r6, &(0x7f0000004200)='t', 0x1)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0xfeff)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r7, 0xe8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendfile(r6, r2, 0x0, 0x7ffff000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)

1.525046177s ago: executing program 0 (id=1905):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000600)=""/235, 0xeb}, {&(0x7f0000000540)=""/167, 0xa7}], 0x3}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='6@\x00\x00'], 0xfe33)

1.482201608s ago: executing program 1 (id=1906):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)
ioctl$TCSETSW2(r2, 0x5453, 0x0)

1.425849148s ago: executing program 0 (id=1907):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="810c437bf102e18c49001d0000041000"], 0x28}}, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
syz_clone3(&(0x7f00000007c0)={0x40122000, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1.34683171s ago: executing program 1 (id=1908):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFbDlr11L85eTUmcrskew1ORTlLWl+YoUyvn/p18/aHasf/6VbWn4+Fszqca20pfE5M1MLU3cTc73rH0XsL7WKP1leCUhj3xcR+zdYxpnDXx9sd2z1+FfQgXWm6lcRT9Su/+Voij+XrLw+Ob41KrNHxvNWcaeff7nyervy7yr+Dkiv//aW7X85/pGkfr12fj3/+xdPpo9X/vi07T3NRtv/UPJmw773pxYWLkxEDCWv1ipdv3+y6bzJ2+en8R96tHX/3xO3X4kDEZE24gcj4qGIeDir+yO/7V71Vfjxxcfe2Xj83ZXGP7P2618djsgbwuJQZInlPa0TxbM/fNtQ6Ejr+He3vf7HllKHsj1ref9bS73W25oBAABgsypExM5ICmPL6UJhbKz2N/x7Y3uhMje/8NSpuffOz9S+IzAS5UI+0zVcNx86kd3W5/nJpvzRbN748+K2pfzY9Fxlpt/Bw4Db0ab/p/4s9rt2QNf5vhYMLv0fBpf+D4Przv6/tS/1AHqvxef/tn7UA+i9VuP/D9fyxJ2drwvQW03937IfDBDzfzC4NtL/vWfAvaG00k82D/W0KkDvzG+L1b8kL7GZEvkv13SjiHLaWg5HxOLFKPQ9UokuJvr9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAZ/wYAAP//oTXhaw==")

1.239995471s ago: executing program 0 (id=1909):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_clone3(&(0x7f00000004c0)={0x100000000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)=<r1=>0x0, {0x28}, &(0x7f0000000200)=""/9, 0x9, &(0x7f0000000340)=""/104, &(0x7f0000000240)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x4}, 0x58)
fcntl$lock(r0, 0x5, &(0x7f00000003c0)={0x1, 0x1, 0x4, 0xf0, r1})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000100)='kmem_cache_free\x00', r5, 0x0, 0xfffffffffffffff8}, 0x18)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
fremovexattr(r6, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r7 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r7, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}}, 0x24)

1.238936291s ago: executing program 4 (id=1910):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000300)=""/1, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x7, &(0x7f0000000340)=ANY=[@ANYRESHEX=r0, @ANYRESDEC, @ANYRES32], &(0x7f0000000240)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@nolazytime}, {@jqfmt_vfsold}, {@journal_path={'journal_path', 0x3d, './file0/../file0'}}, {@noquota}, {@nodioread_nolock}, {@journal_checksum}, {@data_err_abort}], [{@seclabel}]}, 0x3, 0x473, &(0x7f0000000640)="$eJzs3M1vG0UbAPBn7Tht+pW8Vd9CP4AgQJQCSZOW0gMXEEgcQEKCQzmGJK1K0wY1QSJVBQGhckSVOHFBHJH4CzjBBcENiQsHuKNKFeqlhZPRZncT2zhpmjpepf79pHVndtedeTwz9uxO7AB61nD6kETsiojfI2IwyzafMJz9c/vmlcm/b16ZTKJef/OvpC89fOvmlcXi1OJ5O4tMX0Tl0yQOtSl3buHy+YmZmelLeX50/sJ7o3MLl589d2Hi7PTZ6Yvjp06dOD72/Mnx5zoSZxrXrYMfzh4+8Orb116fPH3tnZ+/TYr4szgmO1LQiuG1Dj5Rr3e4uHLtbkhnPYOtoJoN06gtjf/BqMZK4w3GK5+UWjlgU9Xr9fr+5Vyt9fBiHbiPJVF2DYByFB/06fVvsXVx+lG6Gy9mF0Bp3LfzLTvSF5X8nFrL9W0nDUfE6cV/vkq32Jz7EAAATb5P5z/PtJv/VWJ/w3l78jWUoYj4X0TsjYiTEbEvIv4fsXTuAxHx4F2W37pIkpU/0LCncn2jsa1HOv97IV/bap7/FbO/GKrmud1L8deSM+dmpo/lr8mRqG1L82NrlPHDy79+vtqxxvlfuqXlF3PBvB7X+7Y1P2dqYn7iXmJudOPjiIN97eJPllcCkog4EBEHN1jGuaPfHF7t2J3jX0MH1pnqX0c8mbX/YrTEX0jWXp8c3R4z08dGi17Rxi9X31it/HuKvwPS9t/Rtv8vxz+UNK7Xzt3N//7lU+nj1T8+W/WaZqP9vz95q2nfBxPz85fGIvqT17JKN+4fbzlvfOX8NP4jj7Uf/3tj5ZU4FBFpJ34oIh6OiEfyuj/62547vgo/vfT4uy27qivxD5Te/lPrb//6YETRERb6I08s72mfqJ7/8bumQodWko3tv2fV9j+xlDqS71nP+9966nW3vRkAAAC2qkpE7IqkMrKcrlRGRrK/4d8XOyozs3PzT5+Zff/iVPYdgaGoVYo7XYMN90PH8sv6Ij/ekj+e3zf+ojqwlB+ZnJ2ZKjt46HE7Vxn/qT+zu5Tbyq0hsKl8Xwt6l/EPvcv4h9713/G/vTlb6V5dgO5q8/k/UEY9gO5rHv/Zj4B8tJ4n7tqc+gDd0/L5Xy2rHkD3uf8HvWsj4997Btwf+tb6yeb+rlYF6J65gbjzl+QltlKiWK3djCJqaW85GhELl6NSeqQSm5go+50JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgM/4NAAD//55o4Oc=")
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0xb, 0xffffffffffffffff, 0x2)
r1 = socket(0x27, 0x2, 0x10000000000002)
connect$rxrpc(r1, &(0x7f0000000140)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @private=0xa010102}}, 0x24)
sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="180000010000000010010000050000000a00000000000000"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x70, &(0x7f0000000300)=ANY=[], 0x0, 0xfff, 0x0, 0x0, 0x41100, 0x3}, 0x94)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x8001)
open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x80)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c000200200000001f000000060001000000000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a0001"], 0x64}}, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0xa5941, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
llistxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000380)=""/116, 0x74)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r0, 0x0, 0x2}, 0x18)
setsockopt$sock_void(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f00000002c0)=0x4, 0x4)

1.064294334s ago: executing program 3 (id=1911):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000340)={0x5, 0x800, 0x201, 0x2, 0x0, 0xffffffff, 0x8, 0x7}, 0x20)
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x541b, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_io_uring_setup(0x1f87, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000042}, 0x4000004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)

1.029923364s ago: executing program 2 (id=1912):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$can_raw(0x1d, 0x3, 0x1)
socket$can_raw(0x1d, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@errors_remount}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x10}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@nojournal_checksum}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
dup(r1)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000030000005800018044000400200001000a000000000000000000000000000000400000000000000000000000200002000a00000000000000fc"], 0x6c}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYRES32=r3, @ANYBLOB="14000100004000"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x20000080)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

904.620486ms ago: executing program 4 (id=1913):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000600)=""/235, 0xeb}, {&(0x7f0000000540)=""/167, 0xa7}], 0x3}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='6@\x00\x00'], 0xfe33)

878.794227ms ago: executing program 0 (id=1914):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$evdev(&(0x7f0000000c80), 0x3, 0x40000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000008c0)={0x4, &(0x7f0000000780)=[{0x401, 0x3, 0x8, 0x5}, {0x3, 0x1, 0x3, 0x80000000}, {0xd28d, 0x3, 0x7, 0x6a95}, {0x8001, 0x4, 0x8, 0x75e8}]})
ioctl$EVIOCGVERSION(r0, 0x80044501, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r3 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x3, 0x4, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000a40)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r2, @ANYRES16=r0, @ANYRES8=r1, @ANYRESDEC=r3, @ANYRES16=r0, @ANYRES64=r4, @ANYRESHEX=r3, @ANYBLOB="e3bb5c25788c660508630d92f78a250a745eb4ca060b00cfbdabb5198af646e4a853f1377f37e0c9a34221639b4101dba47cbff5b643e9cc3a0e29af5501194396e90e81b2eeafb63d4b1145144377fdf8ffd0d9136d08a356a29b333ed44470e66f23ac08cfc332700990034e47cc6481c84a36b5d69d27fcf5a90e74153a7555337618446455e7565bda95e0a810b7e2064552bdadb2", @ANYRESOCT=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3e39, &(0x7f0000000800)={0x0, 0x19, 0x1000, 0x0, 0x132}, &(0x7f0000ff0000), 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000840)={[], [{@smackfsroot={'smackfsroot', 0x3d, ')'}}, {@uid_lt}, {@audit}, {@uid_gt={'uid>', r6}}, {@subj_user={'subj_user', 0x3d, 'GPL\x00'}}]}, 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESDEC=r2], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet6_opts(r8, 0x29, 0x40, &(0x7f00000001c0)=ANY=[], 0xd0060)

800.506618ms ago: executing program 3 (id=1915):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e0000008500000005000000"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000100)={&(0x7f0000001600)=""/4096, 0x1000})

785.893808ms ago: executing program 2 (id=1916):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001b00)=@bloom_filter={0x1e, 0x0, 0x3, 0xfffffffb, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x0, 0xd}, 0x50)
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="000202"], 0x18)

775.142058ms ago: executing program 4 (id=1917):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10)
openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x5e, &(0x7f0000003680)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @loopback={0xff00000000000000, 0x1ff0000aa}, @private1}}}}}}, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000040)={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0xfa, {0x2, 0x4e23, @multicast2}, 'nicvf0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0x80000000000}, 0x18)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)

768.489638ms ago: executing program 0 (id=1918):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001b00)=@bloom_filter={0x1e, 0x0, 0x3, 0xfffffffb, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x0, 0xd}, 0x50)
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="000202"], 0x18) (fail_nth: 1)

762.280068ms ago: executing program 3 (id=1919):
io_setup(0x1, &(0x7f0000000000)=<r0=>0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRESOCT=r0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, 0x94)
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x8)
getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000540)={r4, 0x9, {0x0, 0x0, 0x0, 0x94c7, 0x477c2fc3, 0x0, 0x0, 0x6, 0x20, "64ca15ae2fcd3cc6b7072bad69ec25f6e478bba8b65897bd242eab59fe13fd8e59c0765a5fbd7d4b99c54ab8d78628f986749d64d3e4b004fc2017c91a64efa9", "87ddcd037e30bc420838f8c5575f2ded4dbc7b1bf72b2ee08daf1d699e12ee11f39530f002763d1eb4cb6d6bbdb8fee5f28acf80bc9374b8ba3f687ff627bcdf", "c24b93368b0cebc3246dfd9342c2d3af792ef4f1f2e4a16bdbd766a5b6c11b99", [0xffffffffffff8001, 0xffffffffffffff68]}})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000300)=0xc)
close(r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r10, r9, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r10}, &(0x7f0000000000), &(0x7f0000000080)=r5}, 0x20)
recvmsg$unix(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
io_destroy(r0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r11)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)={0x30, r12, 0x60b, 0x1ffc, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x30}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

426.972913ms ago: executing program 1 (id=1920):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000ac0)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x2)
readv(r3, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)

425.895004ms ago: executing program 4 (id=1921):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = open(&(0x7f0000000280)='.\x00', 0x2000, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
fcntl$setsig(r1, 0xa, 0x11)
openat(0xffffffffffffff9c, &(0x7f0000002600)='./file1\x00', 0x105040, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000040)={[{@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000140)={<r5=>0x0, 0x1}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000300)={r5, @in6={{0xa, 0x4e24, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}}, 0x400, 0x401}, &(0x7f0000000240)=0x90)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r6, &(0x7f0000004200)='t', 0x1)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0xfeff)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r7, 0xe8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendfile(r6, r2, 0x0, 0x7ffff000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)

326.397375ms ago: executing program 3 (id=1922):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x600a, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
mount(0x0, &(0x7f00000006c0)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x4014, 0x0) (fail_nth: 6)

0s ago: executing program 3 (id=1923):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r0 = open(&(0x7f0000000280)='.\x00', 0x2000, 0x0)
fcntl$notify(r0, 0x402, 0x8000003d)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
fcntl$setsig(r0, 0xa, 0x11)
openat(0xffffffffffffff9c, &(0x7f0000002600)='./file1\x00', 0x105040, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000040)={[{@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000140)={<r4=>0x0, 0x1}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000300)={r4, @in6={{0xa, 0x4e24, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}}, 0x400, 0x401}, &(0x7f0000000240)=0x90)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7ffff000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0xfeff)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r6, 0xe8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendfile(r5, r1, 0x0, 0x7ffff000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)

kernel console output (not intermixed with test programs):

7652] loop4: detected capacity change from 0 to 4096
[  124.269259][ T7653] vhci_hcd: connection closed
[  124.269726][ T3942] vhci_hcd: stop threads
[  124.278803][ T3942] vhci_hcd: release socket
[  124.283409][ T3942] vhci_hcd: disconnect device
[  124.343689][ T7672] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.1214: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  124.582213][ T7686] loop4: detected capacity change from 0 to 1024
[  124.753605][   T29] kauditd_printk_skb: 121 callbacks suppressed
[  124.753622][   T29] audit: type=1326 audit(124.742:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  124.766888][ T7694] FAULT_INJECTION: forcing a failure.
[  124.766888][ T7694] name failslab, interval 1, probability 0, space 0, times 0
[  124.782662][   T29] audit: type=1326 audit(124.752:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  124.795383][ T7694] CPU: 1 UID: 0 PID: 7694 Comm: syz.0.1225 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  124.795422][ T7694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.795440][ T7694] Call Trace:
[  124.795467][ T7694]  <TASK>
[  124.795526][ T7694]  __dump_stack+0x1d/0x30
[  124.795554][ T7694]  dump_stack_lvl+0xe8/0x140
[  124.795626][ T7694]  dump_stack+0x15/0x1b
[  124.795649][ T7694]  should_fail_ex+0x265/0x280
[  124.795689][ T7694]  ? audit_log_d_path+0x8d/0x150
[  124.795808][ T7694]  should_failslab+0x8c/0xb0
[  124.795838][ T7694]  __kmalloc_cache_noprof+0x4c/0x320
[  124.795877][ T7694]  audit_log_d_path+0x8d/0x150
[  124.795962][ T7694]  audit_log_d_path_exe+0x42/0x70
[  124.796006][ T7694]  audit_log_task+0x1e9/0x250
[  124.796048][ T7694]  audit_seccomp+0x61/0x100
[  124.796153][ T7694]  ? __seccomp_filter+0x68c/0x10d0
[  124.796183][ T7694]  __seccomp_filter+0x69d/0x10d0
[  124.796215][ T7694]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  124.796299][ T7694]  ? vfs_write+0x75e/0x8e0
[  124.796344][ T7694]  ? __rcu_read_unlock+0x4f/0x70
[  124.796375][ T7694]  ? __fget_files+0x184/0x1c0
[  124.796407][ T7694]  __secure_computing+0x82/0x150
[  124.796436][ T7694]  syscall_trace_enter+0xcf/0x1e0
[  124.796470][ T7694]  do_syscall_64+0xac/0x200
[  124.796493][ T7694]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.796593][ T7694]  ? clear_bhb_loop+0x40/0x90
[  124.796621][ T7694]  ? clear_bhb_loop+0x40/0x90
[  124.796650][ T7694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.796716][ T7694] RIP: 0033:0x7ff01dd7e929
[  124.796788][ T7694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.796814][ T7694] RSP: 002b:00007ff01c3e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010b
[  124.796846][ T7694] RAX: ffffffffffffffda RBX: 00007ff01dfa5fa0 RCX: 00007ff01dd7e929
[  124.796864][ T7694] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 0000000000000003
[  124.796881][ T7694] RBP: 00007ff01c3e7090 R08: 0000000000000000 R09: 0000000000000000
[  124.796940][ T7694] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000001
[  124.796956][ T7694] R13: 0000000000000000 R14: 00007ff01dfa5fa0 R15: 00007ffda531f308
[  124.796982][ T7694]  </TASK>
[  124.943234][ T7706] __nla_validate_parse: 9 callbacks suppressed
[  124.943248][ T7706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1228'.
[  124.949307][   T29] audit: type=1326 audit(124.752:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  124.954071][ T7706] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1228'.
[  124.958682][   T29] audit: type=1326 audit(124.752:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  124.964611][ T7706] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1228'.
[  124.969052][   T29] audit: type=1326 audit(124.752:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  125.045955][ T7714] loop4: detected capacity change from 0 to 1024
[  125.046678][   T29] audit: type=1326 audit(124.752:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  125.062565][ T7714] EXT4-fs: Ignoring removed orlov option
[  125.078514][   T29] audit: type=1326 audit(124.752:3628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff01dd7d290 code=0x7ffc0000
[  125.200017][   T29] audit: type=1326 audit(124.752:3629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff01dd7d290 code=0x7ffc0000
[  125.222917][   T29] audit: type=1326 audit(124.752:3630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  125.245778][   T29] audit: type=1326 audit(124.752:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7693 comm="syz.0.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7ff01dd807bc code=0x7ffc0000
[  125.277183][ T7722] loop1: detected capacity change from 0 to 1024
[  125.321178][ T7727] loop3: detected capacity change from 0 to 512
[  125.328738][ T7727] journal_path: Lookup failure for './file0/../file0'
[  125.335725][ T7727] EXT4-fs: error: could not find journal device path
[  125.376025][ T7732] loop3: detected capacity change from 0 to 1024
[  125.382894][ T7732] EXT4-fs: Ignoring removed orlov option
[  125.426819][ T7739] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.1231: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  125.444126][ T7740] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1237'.
[  125.454332][ T7731] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1237'.
[  125.522843][ T7748] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.1238: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  125.569238][ T7749] ip6gre1: entered promiscuous mode
[  125.645042][ T7752] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1243'.
[  125.654807][ T7752] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1243'.
[  125.664172][ T7752] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1243'.
[  125.702825][ T7754] lo speed is unknown, defaulting to 1000
[  125.709098][ T7754] vxcan1 speed is unknown, defaulting to 1000
[  125.745680][ T7756] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  125.807989][ T7765] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1245'.
[  125.848987][ T7768] loop0: detected capacity change from 0 to 1024
[  125.857527][ T7768] EXT4-fs: Ignoring removed orlov option
[  125.918194][ T7775] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1251'.
[  126.074742][ T7788] loop1: detected capacity change from 0 to 512
[  126.082157][ T7788] journal_path: Lookup failure for './file0/../file0'
[  126.089072][ T7788] EXT4-fs: error: could not find journal device path
[  126.243919][ T7808] loop0: detected capacity change from 0 to 4096
[  126.485190][ T7814] loop0: detected capacity change from 0 to 1024
[  126.603848][ T7821] loop3: detected capacity change from 0 to 512
[  126.611198][ T7821] journal_path: Lookup failure for './file0/../file0'
[  126.618149][ T7821] EXT4-fs: error: could not find journal device path
[  127.005862][ T7844] netlink: 'syz.2.1272': attribute type 13 has an invalid length.
[  127.265823][ T7846] loop1: detected capacity change from 0 to 1024
[  127.272793][ T7846] EXT4-fs: Ignoring removed orlov option
[  127.397684][ T7851] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.1273: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  127.477183][ T7855] loop0: detected capacity change from 0 to 4096
[  127.527384][ T7859] loop1: detected capacity change from 0 to 1024
[  127.892231][ T7869] serio: Serial port ptm0
[  127.940263][ T7891] loop4: detected capacity change from 0 to 1024
[  128.061466][ T7899] loop4: detected capacity change from 0 to 128
[  128.075511][ T7899] xt_l2tp: invalid flags combination: 8
[  128.630896][ T7914] netlink: 'syz.3.1291': attribute type 13 has an invalid length.
[  128.785310][ T7919] loop2: detected capacity change from 0 to 4096
[  129.132980][ T7953] FAULT_INJECTION: forcing a failure.
[  129.132980][ T7953] name failslab, interval 1, probability 0, space 0, times 0
[  129.145739][ T7953] CPU: 0 UID: 0 PID: 7953 Comm: syz.4.1305 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  129.145774][ T7953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.145790][ T7953] Call Trace:
[  129.145798][ T7953]  <TASK>
[  129.145812][ T7953]  __dump_stack+0x1d/0x30
[  129.145838][ T7953]  dump_stack_lvl+0xe8/0x140
[  129.145889][ T7953]  dump_stack+0x15/0x1b
[  129.145909][ T7953]  should_fail_ex+0x265/0x280
[  129.145953][ T7953]  should_failslab+0x8c/0xb0
[  129.145981][ T7953]  kmem_cache_alloc_noprof+0x50/0x310
[  129.146010][ T7953]  ? audit_log_start+0x365/0x6c0
[  129.146050][ T7953]  audit_log_start+0x365/0x6c0
[  129.146118][ T7953]  ? vfs_readv+0x541/0x690
[  129.146141][ T7953]  audit_seccomp+0x48/0x100
[  129.146232][ T7953]  ? __seccomp_filter+0x68c/0x10d0
[  129.146295][ T7953]  __seccomp_filter+0x69d/0x10d0
[  129.146391][ T7953]  __secure_computing+0x82/0x150
[  129.146411][ T7953]  syscall_trace_enter+0xcf/0x1e0
[  129.146515][ T7953]  do_syscall_64+0xac/0x200
[  129.146533][ T7953]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.146557][ T7953]  ? clear_bhb_loop+0x40/0x90
[  129.146632][ T7953]  ? clear_bhb_loop+0x40/0x90
[  129.146659][ T7953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.146683][ T7953] RIP: 0033:0x7f60ddbad33c
[  129.146697][ T7953] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  129.146744][ T7953] RSP: 002b:00007f60dc217030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  129.146765][ T7953] RAX: ffffffffffffffda RBX: 00007f60dddd5fa0 RCX: 00007f60ddbad33c
[  129.146777][ T7953] RDX: 000000000000000f RSI: 00007f60dc2170a0 RDI: 0000000000000004
[  129.146789][ T7953] RBP: 00007f60dc217090 R08: 0000000000000000 R09: 0000000000000000
[  129.146800][ T7953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.146812][ T7953] R13: 0000000000000000 R14: 00007f60dddd5fa0 R15: 00007ffccb383288
[  129.146835][ T7953]  </TASK>
[  129.438641][ T7960] loop4: detected capacity change from 0 to 1024
[  129.446723][ T7960] EXT4-fs: Ignoring removed orlov option
[  129.586564][ T7966] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.1308: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  129.608004][ T7965] loop2: detected capacity change from 0 to 1024
[  129.619330][ T7965] EXT4-fs: Ignoring removed orlov option
[  129.731529][ T7970] loop3: detected capacity change from 0 to 4096
[  129.796552][ T7973] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.1309: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  129.980138][ T7987] netlink: 'syz.4.1313': attribute type 27 has an invalid length.
[  129.988086][ T7987] __nla_validate_parse: 13 callbacks suppressed
[  129.988102][ T7987] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1313'.
[  129.997960][ T7984] loop0: detected capacity change from 0 to 4096
[  130.012419][ T7987] A link change request failed with some changes committed already. Interface netdevsim1 may have been left with an inconsistent configuration, please check.
[  130.032506][ T7984] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.1312: corrupted inode contents
[  130.072204][ T7996] loop1: detected capacity change from 0 to 1024
[  130.081627][ T7984] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #15: comm syz.0.1312: mark_inode_dirty error
[  130.099038][ T7984] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.1312: corrupted inode contents
[  130.112821][ T8000] netlink: 'syz.0.1312': attribute type 1 has an invalid length.
[  130.136415][   T29] kauditd_printk_skb: 228 callbacks suppressed
[  130.136430][   T29] audit: type=1400 audit(130.122:3858): avc:  denied  { rename } for  pid=7975 comm="syz.0.1312" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  130.140319][ T7984] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.1312: mark_inode_dirty error
[  130.194736][ T7984] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.1312: corrupted inode contents
[  130.213473][ T7984] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.1312: mark_inode_dirty error
[  130.226057][ T8010] loop3: detected capacity change from 0 to 764
[  130.240206][ T7984] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.1312: corrupted inode contents
[  130.252889][ T8013] loop1: detected capacity change from 0 to 1024
[  130.253500][ T8014] netlink: 'syz.4.1317': attribute type 13 has an invalid length.
[  130.272402][ T8013] EXT4-fs: Ignoring removed orlov option
[  130.279580][ T7984] EXT4-fs error (device loop0): ext4_truncate:4597: inode #15: comm syz.0.1312: mark_inode_dirty error
[  130.291502][ T7984] EXT4-fs error (device loop0) in ext4_setattr:5986: Corrupt filesystem
[  130.318269][ T8000] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #15: comm syz.0.1312: corrupted inode contents
[  130.330575][ T8017] loop3: detected capacity change from 0 to 1024
[  130.338572][ T8017] EXT4-fs: Ignoring removed orlov option
[  130.358815][ T8020] loop2: detected capacity change from 0 to 512
[  130.366114][ T8020] journal_path: Lookup failure for './file0/../file0'
[  130.372948][ T8020] EXT4-fs: error: could not find journal device path
[  130.387640][   T29] audit: type=1326 audit(130.372:3859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.410647][   T29] audit: type=1326 audit(130.372:3860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.433588][   T29] audit: type=1326 audit(130.372:3861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.456451][   T29] audit: type=1326 audit(130.372:3862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.479761][   T29] audit: type=1326 audit(130.402:3863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.503530][   T29] audit: type=1326 audit(130.492:3864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.526419][   T29] audit: type=1326 audit(130.492:3865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.549964][   T29] audit: type=1326 audit(130.532:3866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.572739][   T29] audit: type=1326 audit(130.532:3867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8019 comm="syz.2.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  130.620132][ T8024] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.1320: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  130.641894][ T3307] EXT4-fs unmount: 105 callbacks suppressed
[  130.641914][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.730116][ T8027] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1322'.
[  130.809303][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.819260][ T8031] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1323'.
[  130.852118][ T8033] lo speed is unknown, defaulting to 1000
[  130.859805][ T8033] vxcan1 speed is unknown, defaulting to 1000
[  130.876132][ T8035] lo speed is unknown, defaulting to 1000
[  130.899521][ T8036] netlink: 'syz.1.1324': attribute type 1 has an invalid length.
[  130.912083][ T8037] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  130.925626][ T8036] FAULT_INJECTION: forcing a failure.
[  130.925626][ T8036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.938838][ T8036] CPU: 0 UID: 0 PID: 8036 Comm: syz.1.1324 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  130.938886][ T8036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.938901][ T8036] Call Trace:
[  130.938960][ T8036]  <TASK>
[  130.938978][ T8036]  __dump_stack+0x1d/0x30
[  130.939082][ T8036]  dump_stack_lvl+0xe8/0x140
[  130.939106][ T8036]  dump_stack+0x15/0x1b
[  130.939125][ T8036]  should_fail_ex+0x265/0x280
[  130.939214][ T8036]  should_fail+0xb/0x20
[  130.939273][ T8036]  should_fail_usercopy+0x1a/0x20
[  130.939310][ T8036]  _copy_from_user+0x1c/0xb0
[  130.939333][ T8036]  bpf_test_init+0xdf/0x160
[  130.939425][ T8036]  bpf_prog_test_run_xdp+0x274/0x910
[  130.939469][ T8036]  ? __rcu_read_unlock+0x4f/0x70
[  130.939498][ T8036]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  130.939545][ T8036]  bpf_prog_test_run+0x22a/0x390
[  130.939632][ T8036]  __sys_bpf+0x3dc/0x790
[  130.939671][ T8036]  __x64_sys_bpf+0x41/0x50
[  130.939776][ T8036]  x64_sys_call+0x2478/0x2fb0
[  130.939814][ T8036]  do_syscall_64+0xd2/0x200
[  130.939833][ T8036]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.939861][ T8036]  ? clear_bhb_loop+0x40/0x90
[  130.939883][ T8036]  ? clear_bhb_loop+0x40/0x90
[  130.939975][ T8036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.940001][ T8036] RIP: 0033:0x7f37b338e929
[  130.940019][ T8036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.940041][ T8036] RSP: 002b:00007f37b19d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  130.940091][ T8036] RAX: ffffffffffffffda RBX: 00007f37b35b6080 RCX: 00007f37b338e929
[  130.940105][ T8036] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  130.940117][ T8036] RBP: 00007f37b19d6090 R08: 0000000000000000 R09: 0000000000000000
[  130.940128][ T8036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.940139][ T8036] R13: 0000000000000000 R14: 00007f37b35b6080 R15: 00007ffd22e71788
[  130.940159][ T8036]  </TASK>
[  130.942360][ T8035] vxcan1 speed is unknown, defaulting to 1000
[  131.032727][ T8041] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1327'.
[  131.129010][ T8043] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1328'.
[  131.175824][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.285024][ T8060] loop3: detected capacity change from 0 to 1024
[  131.291846][ T8060] EXT4-fs: Ignoring removed orlov option
[  131.300097][ T8060] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.342806][ T8068] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1336'.
[  131.359587][ T8069] loop0: detected capacity change from 0 to 4096
[  131.369043][ T8069] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.477814][ T8075] netlink: 'syz.2.1338': attribute type 4 has an invalid length.
[  131.556951][ T8077] loop2: detected capacity change from 0 to 4096
[  131.567737][ T8077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.651494][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.692370][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.821356][ T8093] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  131.827929][ T8093] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  131.835491][ T8093] vhci_hcd vhci_hcd.0: Device attached
[  131.897016][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.914832][ T8094] vhci_hcd: connection closed
[  131.915080][ T3953] vhci_hcd: stop threads
[  131.924143][ T3953] vhci_hcd: release socket
[  131.928578][ T3953] vhci_hcd: disconnect device
[  131.941600][ T8109] FAULT_INJECTION: forcing a failure.
[  131.941600][ T8109] name failslab, interval 1, probability 0, space 0, times 0
[  131.954295][ T8109] CPU: 0 UID: 0 PID: 8109 Comm: syz.2.1349 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  131.954321][ T8109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.954332][ T8109] Call Trace:
[  131.954338][ T8109]  <TASK>
[  131.954345][ T8109]  __dump_stack+0x1d/0x30
[  131.954364][ T8109]  dump_stack_lvl+0xe8/0x140
[  131.954507][ T8109]  dump_stack+0x15/0x1b
[  131.954529][ T8109]  should_fail_ex+0x265/0x280
[  131.954576][ T8109]  ? security_load_policy+0x90/0x890
[  131.954608][ T8109]  should_failslab+0x8c/0xb0
[  131.954655][ T8109]  __kmalloc_cache_noprof+0x4c/0x320
[  131.954681][ T8109]  security_load_policy+0x90/0x890
[  131.954769][ T8109]  ? rep_movs_alternative+0x4a/0x90
[  131.954792][ T8109]  sel_write_load+0x1d4/0x380
[  131.954815][ T8109]  ? __pfx_sel_write_load+0x10/0x10
[  131.954862][ T8109]  vfs_write+0x269/0x8e0
[  131.954902][ T8109]  ? __rcu_read_unlock+0x4f/0x70
[  131.954986][ T8109]  ? __fget_files+0x184/0x1c0
[  131.955005][ T8109]  ksys_write+0xda/0x1a0
[  131.955104][ T8109]  __x64_sys_write+0x40/0x50
[  131.955220][ T8109]  x64_sys_call+0x2cdd/0x2fb0
[  131.955239][ T8109]  do_syscall_64+0xd2/0x200
[  131.955255][ T8109]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.955277][ T8109]  ? clear_bhb_loop+0x40/0x90
[  131.955295][ T8109]  ? clear_bhb_loop+0x40/0x90
[  131.955383][ T8109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.955402][ T8109] RIP: 0033:0x7fbf2338e929
[  131.955415][ T8109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.955490][ T8109] RSP: 002b:00007fbf219f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  131.955506][ T8109] RAX: ffffffffffffffda RBX: 00007fbf235b5fa0 RCX: 00007fbf2338e929
[  131.955517][ T8109] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000008
[  131.955528][ T8109] RBP: 00007fbf219f7090 R08: 0000000000000000 R09: 0000000000000000
[  131.955572][ T8109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.955594][ T8109] R13: 0000000000000000 R14: 00007fbf235b5fa0 R15: 00007ffc4db85608
[  131.955618][ T8109]  </TASK>
[  131.955631][ T8109] SELinux: failed to load policy
[  132.616090][ T8159] loop3: detected capacity change from 0 to 1024
[  132.634990][ T8159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.657062][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.747153][ T8171] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  132.753729][ T8171] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  132.761360][ T8171] vhci_hcd vhci_hcd.0: Device attached
[  132.780081][ T3394] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  132.795999][ T8176] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1369'.
[  132.805280][ T3394] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  132.854403][ T8172] vhci_hcd: connection closed
[  132.854677][   T31] vhci_hcd: stop threads
[  132.863866][   T31] vhci_hcd: release socket
[  132.868300][   T31] vhci_hcd: disconnect device
[  132.898231][ T8188] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.907006][ T8188] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.031987][ T8193] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  133.038554][ T8193] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  133.046149][ T8193] vhci_hcd vhci_hcd.0: Device attached
[  133.077092][ T8194] vhci_hcd: connection closed
[  133.077212][   T31] vhci_hcd: stop threads
[  133.082726][ T8197] loop2: detected capacity change from 0 to 1024
[  133.086250][   T31] vhci_hcd: release socket
[  133.097067][   T31] vhci_hcd: disconnect device
[  133.104793][ T8197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.127242][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.149877][ T8203] loop2: detected capacity change from 0 to 1024
[  133.156848][ T8204] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1376'.
[  133.156891][ T8203] EXT4-fs: Ignoring removed orlov option
[  133.167283][ T8199] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1376'.
[  133.174968][ T8203] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.211559][ T8207] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  133.235276][ T8207] lo speed is unknown, defaulting to 1000
[  133.241382][ T8207] vxcan1 speed is unknown, defaulting to 1000
[  133.410952][ T8216] loop1: detected capacity change from 0 to 128
[  133.418419][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.430319][ T8213] pim6reg1: entered promiscuous mode
[  133.435934][ T8213] pim6reg1: entered allmulticast mode
[  133.447073][ T8213] loop3: detected capacity change from 0 to 512
[  133.468161][ T8213] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.493221][ T8222] loop1: detected capacity change from 0 to 4096
[  133.503645][ T8222] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.651113][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.716194][ T8236] lo speed is unknown, defaulting to 1000
[  133.729685][ T8236] vxcan1 speed is unknown, defaulting to 1000
[  133.759262][ T8240] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  133.782439][ T8242] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1388'.
[  133.806132][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.900255][ T8250] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  133.907219][ T8250] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  133.914792][ T8250] vhci_hcd vhci_hcd.0: Device attached
[  133.941156][ T8255] loop4: detected capacity change from 0 to 1024
[  133.948539][ T8255] EXT4-fs: Ignoring removed i_version option
[  133.977862][ T8255] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.990253][ T8259] loop0: detected capacity change from 0 to 764
[  133.999499][ T8251] vhci_hcd: connection closed
[  134.000679][ T3942] vhci_hcd: stop threads
[  134.005446][ T3942] vhci_hcd: release socket
[  134.005457][ T3942] vhci_hcd: disconnect device
[  134.031898][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.068572][ T8262] loop0: detected capacity change from 0 to 1024
[  134.076477][ T8262] EXT4-fs: Ignoring removed orlov option
[  134.088145][ T8262] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.130172][ T8271] serio: Serial port ptm1
[  134.227500][ T8277] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.1396: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  134.464526][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.522576][ T8297] loop1: detected capacity change from 0 to 1024
[  134.529526][ T8297] EXT4-fs: Ignoring removed orlov option
[  134.537226][ T8297] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.555821][ T8303] netlink: 'syz.0.1408': attribute type 13 has an invalid length.
[  134.733091][ T8316] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.1409: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  134.842407][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.964634][ T8327] netlink: 'syz.1.1417': attribute type 13 has an invalid length.
[  135.379834][ T8340] loop0: detected capacity change from 0 to 1024
[  135.387291][ T8340] EXT4-fs: Ignoring removed nobh option
[  135.392930][ T8340] EXT4-fs: Ignoring removed bh option
[  135.405323][ T8340] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.451371][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.487688][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  135.487759][   T29] audit: type=1326 audit(135.472:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.540074][   T29] audit: type=1326 audit(135.502:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.549303][ T8351] __nla_validate_parse: 3 callbacks suppressed
[  135.549369][ T8351] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1423'.
[  135.562997][   T29] audit: type=1326 audit(135.502:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.601220][   T29] audit: type=1326 audit(135.502:4029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.624169][   T29] audit: type=1326 audit(135.502:4030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.635100][ T8348] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1423'.
[  135.647040][   T29] audit: type=1326 audit(135.502:4031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.679084][   T29] audit: type=1326 audit(135.502:4032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.701969][   T29] audit: type=1326 audit(135.502:4033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.724784][   T29] audit: type=1326 audit(135.502:4034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.747739][   T29] audit: type=1326 audit(135.502:4035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff01dd7e929 code=0x7ffc0000
[  135.826893][ T8358] loop0: detected capacity change from 0 to 1024
[  135.859677][ T8361] loop2: detected capacity change from 0 to 4096
[  135.867080][ T8363] lo speed is unknown, defaulting to 1000
[  135.874796][ T8358] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.893651][ T8363] vxcan1 speed is unknown, defaulting to 1000
[  135.923852][ T8361] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.936988][ T8369] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  135.964630][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.989253][ T8371] netlink: 'syz.1.1430': attribute type 13 has an invalid length.
[  136.211592][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.258450][ T8384] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1435'.
[  136.274748][ T8387] loop2: detected capacity change from 0 to 764
[  136.335146][ T8393] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1436'.
[  136.369336][ T8389] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1436'.
[  136.420888][ T8398] loop2: detected capacity change from 0 to 1024
[  136.428879][ T8398] EXT4-fs: Ignoring removed orlov option
[  136.439342][ T8398] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.475754][ T8403] netlink: 'syz.0.1442': attribute type 13 has an invalid length.
[  136.595621][ T8407] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  136.602207][ T8407] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  136.609986][ T8407] vhci_hcd vhci_hcd.0: Device attached
[  136.664047][ T8408] vhci_hcd: connection closed
[  136.664208][   T12] vhci_hcd: stop threads
[  136.673255][   T12] vhci_hcd: release socket
[  136.677693][   T12] vhci_hcd: disconnect device
[  136.685731][ T8412] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.1440: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  136.896252][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.947238][ T8417] loop1: detected capacity change from 0 to 1024
[  136.979066][ T8417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  136.991678][ T8420] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1444'.
[  137.014089][ T8416] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1444'.
[  137.086400][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  137.305333][ T8436] loop2: detected capacity change from 0 to 512
[  137.315455][ T8438] loop1: detected capacity change from 0 to 1024
[  137.332653][ T8436] journal_path: Lookup failure for './file0/../file0'
[  137.335660][ T8428] lo speed is unknown, defaulting to 1000
[  137.339531][ T8436] EXT4-fs: error: could not find journal device path
[  137.345667][ T8428] vxcan1 speed is unknown, defaulting to 1000
[  137.362073][ T8438] EXT4-fs: Ignoring removed nobh option
[  137.367808][ T8438] EXT4-fs: Ignoring removed bh option
[  137.380354][ T8436] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1452'.
[  137.451555][ T8445] loop2: detected capacity change from 0 to 4096
[  137.461814][ T8438] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.476459][ T8445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.522850][ T8456] loop0: detected capacity change from 0 to 764
[  137.530324][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.562923][ T8458] lo speed is unknown, defaulting to 1000
[  137.569554][ T8458] vxcan1 speed is unknown, defaulting to 1000
[  137.793396][ T8475] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1466'.
[  137.801668][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.838546][ T8479] netlink: 'syz.2.1465': attribute type 13 has an invalid length.
[  137.895582][ T8490] loop2: detected capacity change from 0 to 1024
[  137.902788][ T8492] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1468'.
[  137.911231][ T8491] loop0: detected capacity change from 0 to 4096
[  137.921280][ T8491] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.937587][ T8490] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.974749][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.011166][ T8501] loop2: detected capacity change from 0 to 4096
[  138.023905][ T8501] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.180083][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.240722][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.283646][ T8520] SELinux: security_context_str_to_sid (
) failed with errno=-22
[  138.331441][ T8529] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  138.338081][ T8529] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  138.345657][ T8529] vhci_hcd vhci_hcd.0: Device attached
[  138.353071][ T8530] vhci_hcd: connection closed
[  138.354458][   T37] vhci_hcd: stop threads
[  138.363576][   T37] vhci_hcd: release socket
[  138.368082][   T37] vhci_hcd: disconnect device
[  138.411938][ T8533] loop0: detected capacity change from 0 to 1024
[  138.420366][ T8533] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  138.431438][ T8533] EXT4-fs (loop0): group descriptors corrupted!
[  138.452982][ T8533] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  138.493064][ T8535] loop3: detected capacity change from 0 to 4096
[  138.503379][ T8535] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.690631][ T8551] loop4: detected capacity change from 0 to 128
[  138.699059][ T8551] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  138.757242][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.787048][ T8554] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #11: comm syz.4.1493: No space for directory leaf checksum. Please run e2fsck -D.
[  138.802704][ T8554] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #11: comm syz.4.1493: checksumming directory block 0
[  138.922967][ T8573] loop1: detected capacity change from 0 to 1024
[  138.930938][ T8573] EXT4-fs: Ignoring removed orlov option
[  138.946133][ T8573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.978934][ T8571] lo speed is unknown, defaulting to 1000
[  138.985125][ T8571] vxcan1 speed is unknown, defaulting to 1000
[  139.024192][ T3304] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  139.116791][ T8586] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.1499: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  139.159197][ T8592] FAULT_INJECTION: forcing a failure.
[  139.159197][ T8592] name failslab, interval 1, probability 0, space 0, times 0
[  139.172047][ T8592] CPU: 1 UID: 0 PID: 8592 Comm: syz.0.1507 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  139.172077][ T8592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.172089][ T8592] Call Trace:
[  139.172095][ T8592]  <TASK>
[  139.172106][ T8592]  __dump_stack+0x1d/0x30
[  139.172140][ T8592]  dump_stack_lvl+0xe8/0x140
[  139.172231][ T8592]  dump_stack+0x15/0x1b
[  139.172321][ T8592]  should_fail_ex+0x265/0x280
[  139.172417][ T8592]  should_failslab+0x8c/0xb0
[  139.172445][ T8592]  kmem_cache_alloc_noprof+0x50/0x310
[  139.172477][ T8592]  ? _sctp_make_chunk+0xbf/0x210
[  139.172585][ T8592]  _sctp_make_chunk+0xbf/0x210
[  139.172632][ T8592]  sctp_make_abort_user+0x4c/0x3a0
[  139.172657][ T8592]  ? sctp_epaddr_lookup_transport+0x9e/0x130
[  139.172691][ T8592]  sctp_sendmsg_check_sflags+0x17e/0x1e0
[  139.172851][ T8592]  sctp_sendmsg+0x75f/0x18d0
[  139.172885][ T8592]  ? __pfx_sctp_sendmsg+0x10/0x10
[  139.172918][ T8592]  inet_sendmsg+0xc2/0xd0
[  139.172958][ T8592]  __sock_sendmsg+0x102/0x180
[  139.173106][ T8592]  ____sys_sendmsg+0x345/0x4e0
[  139.173148][ T8592]  ___sys_sendmsg+0x17b/0x1d0
[  139.173239][ T8592]  __sys_sendmmsg+0x178/0x300
[  139.173283][ T8592]  __x64_sys_sendmmsg+0x57/0x70
[  139.173363][ T8592]  x64_sys_call+0x2f2f/0x2fb0
[  139.173384][ T8592]  do_syscall_64+0xd2/0x200
[  139.173425][ T8592]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  139.173485][ T8592]  ? clear_bhb_loop+0x40/0x90
[  139.173511][ T8592]  ? clear_bhb_loop+0x40/0x90
[  139.173539][ T8592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.173565][ T8592] RIP: 0033:0x7ff01dd7e929
[  139.173705][ T8592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.173723][ T8592] RSP: 002b:00007ff01c3e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  139.173741][ T8592] RAX: ffffffffffffffda RBX: 00007ff01dfa5fa0 RCX: 00007ff01dd7e929
[  139.173757][ T8592] RDX: 0000000000000001 RSI: 00002000000032c0 RDI: 0000000000000003
[  139.173772][ T8592] RBP: 00007ff01c3e7090 R08: 0000000000000000 R09: 0000000000000000
[  139.173788][ T8592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.173903][ T8592] R13: 0000000000000000 R14: 00007ff01dfa5fa0 R15: 00007ffda531f308
[  139.173924][ T8592]  </TASK>
[  139.487367][ T8602] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  139.493984][ T8602] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  139.501699][ T8602] vhci_hcd vhci_hcd.0: Device attached
[  139.520017][ T8604] vhci_hcd: connection closed
[  139.520256][   T37] vhci_hcd: stop threads
[  139.529350][   T37] vhci_hcd: release socket
[  139.533934][   T37] vhci_hcd: disconnect device
[  139.616523][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.654923][ T8611] loop1: detected capacity change from 0 to 1024
[  139.661958][ T8611] EXT4-fs: Ignoring removed nobh option
[  139.667729][ T8611] EXT4-fs: Ignoring removed bh option
[  139.695781][ T8611] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.744684][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.835381][ T8625] loop2: detected capacity change from 0 to 1024
[  139.842274][ T8625] EXT4-fs: Ignoring removed orlov option
[  139.851862][ T8625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.982896][ T8629] lo speed is unknown, defaulting to 1000
[  139.988992][ T8629] vxcan1 speed is unknown, defaulting to 1000
[  140.141228][ T8633] loop3: detected capacity change from 0 to 1024
[  140.159112][ T8635] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.1518: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  140.178163][ T8633] EXT4-fs: Ignoring removed orlov option
[  140.195391][ T8633] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.240877][ T8639] netlink: 'syz.4.1520': attribute type 1 has an invalid length.
[  140.248814][ T8639] netlink: 'syz.4.1520': attribute type 2 has an invalid length.
[  140.309532][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.329653][ T8642] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  140.370155][ T8645] lo speed is unknown, defaulting to 1000
[  140.376432][ T8645] vxcan1 speed is unknown, defaulting to 1000
[  140.415624][ T8647] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  140.482331][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.628500][ T8654] loop2: detected capacity change from 0 to 1024
[  140.635608][ T8654] EXT4-fs: Ignoring removed nobh option
[  140.641300][ T8654] EXT4-fs: Ignoring removed bh option
[  140.814875][ T8659] __nla_validate_parse: 7 callbacks suppressed
[  140.814950][ T8659] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1526'.
[  140.855958][ T8656] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1526'.
[  140.870653][ T8660] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1526'.
[  141.103407][ T8669] loop4: detected capacity change from 0 to 512
[  141.110928][ T8669] journal_path: Lookup failure for './file0/../file0'
[  141.117916][ T8669] EXT4-fs: error: could not find journal device path
[  141.153233][   T29] kauditd_printk_skb: 219 callbacks suppressed
[  141.153252][   T29] audit: type=1326 audit(141.122:4253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.182317][   T29] audit: type=1326 audit(141.122:4254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.205201][   T29] audit: type=1326 audit(141.122:4255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.228029][   T29] audit: type=1326 audit(141.122:4256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.250910][   T29] audit: type=1326 audit(141.122:4257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.273794][   T29] audit: type=1326 audit(141.122:4258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.296674][   T29] audit: type=1326 audit(141.122:4259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.319560][   T29] audit: type=1326 audit(141.122:4260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.342413][   T29] audit: type=1326 audit(141.122:4261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.365129][   T29] audit: type=1326 audit(141.122:4262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8668 comm="syz.4.1530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  141.725486][ T8654] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.739104][ T8675] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1531'.
[  142.153090][ T8680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1532'.
[  142.163707][ T8680] netlink: 'syz.1.1532': attribute type 2 has an invalid length.
[  142.204830][ T8675] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1531'.
[  142.237372][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.267892][ T8678] --map-set only usable from mangle table
[  142.369942][ T8685] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1534'.
[  142.422683][ T8689] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1533'.
[  142.431819][ T8689] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  142.610934][ T8698] loop2: detected capacity change from 0 to 1024
[  142.644941][ T8698] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.682494][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.945450][ T8706] loop2: detected capacity change from 0 to 2048
[  142.966677][ T8706] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.979756][ T8714] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1538'.
[  143.009027][ T8706] lo speed is unknown, defaulting to 1000
[  143.015136][ T8706] vxcan1 speed is unknown, defaulting to 1000
[  143.120399][ T8717] loop3: detected capacity change from 0 to 1024
[  143.128164][ T8717] EXT4-fs: Ignoring removed nobh option
[  143.133796][ T8717] EXT4-fs: Ignoring removed bh option
[  143.157439][ T8717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.212176][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.254892][ T8726] loop1: detected capacity change from 0 to 512
[  143.276014][ T8724] lo speed is unknown, defaulting to 1000
[  143.282085][ T8726] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  143.298431][ T8724] vxcan1 speed is unknown, defaulting to 1000
[  143.310613][ T8726] EXT4-fs (loop1): mount failed
[  143.364930][ T8726] vhci_hcd: invalid port number 176
[  143.578185][ T8739] openvswitch: netlink: Message has 6 unknown bytes.
[  143.802559][ T8745] loop4: detected capacity change from 0 to 1024
[  144.005672][ T8760] loop2: detected capacity change from 0 to 4096
[  144.343666][ T8769] loop1: detected capacity change from 0 to 4096
[  144.564127][ T8784] loop3: detected capacity change from 0 to 1024
[  144.570863][ T8784] EXT4-fs: Ignoring removed orlov option
[  144.665160][ T8789] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.1565: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  144.831475][ T8795] hsr0: entered promiscuous mode
[  144.845822][ T8795] hsr_slave_0: left promiscuous mode
[  144.854013][ T8795] hsr_slave_1: left promiscuous mode
[  144.854584][ T8797] loop4: detected capacity change from 0 to 1024
[  144.866378][ T8797] EXT4-fs: Ignoring removed orlov option
[  144.872947][ T8795] hsr0 (unregistering): left promiscuous mode
[  144.927087][ T8800] FAULT_INJECTION: forcing a failure.
[  144.927087][ T8800] name failslab, interval 1, probability 0, space 0, times 0
[  144.939881][ T8800] CPU: 0 UID: 0 PID: 8800 Comm: syz.3.1570 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  144.939943][ T8800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.940031][ T8800] Call Trace:
[  144.940036][ T8800]  <TASK>
[  144.940046][ T8800]  __dump_stack+0x1d/0x30
[  144.940073][ T8800]  dump_stack_lvl+0xe8/0x140
[  144.940098][ T8800]  dump_stack+0x15/0x1b
[  144.940158][ T8800]  should_fail_ex+0x265/0x280
[  144.940192][ T8800]  ? flow_change+0x1bf/0xc80
[  144.940299][ T8800]  should_failslab+0x8c/0xb0
[  144.940325][ T8800]  __kmalloc_cache_noprof+0x4c/0x320
[  144.940361][ T8800]  flow_change+0x1bf/0xc80
[  144.940402][ T8800]  ? flow_init+0x31/0x80
[  144.940463][ T8800]  ? __pfx_flow_change+0x10/0x10
[  144.940600][ T8800]  tc_new_tfilter+0xde1/0x10a0
[  144.940636][ T8800]  ? __pfx_tc_new_tfilter+0x10/0x10
[  144.940653][ T8800]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  144.940674][ T8800]  ? avc_has_perm_noaudit+0x1b1/0x200
[  144.940786][ T8800]  netlink_rcv_skb+0x120/0x220
[  144.940826][ T8800]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  144.940859][ T8800]  rtnetlink_rcv+0x1c/0x30
[  144.941010][ T8800]  netlink_unicast+0x5a5/0x680
[  144.941045][ T8800]  netlink_sendmsg+0x58b/0x6b0
[  144.941078][ T8800]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.941103][ T8800]  __sock_sendmsg+0x145/0x180
[  144.941155][ T8800]  ____sys_sendmsg+0x31e/0x4e0
[  144.941191][ T8800]  ___sys_sendmsg+0x17b/0x1d0
[  144.941276][ T8800]  __x64_sys_sendmsg+0xd4/0x160
[  144.941352][ T8800]  x64_sys_call+0x2999/0x2fb0
[  144.941380][ T8800]  do_syscall_64+0xd2/0x200
[  144.941398][ T8800]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  144.941423][ T8800]  ? clear_bhb_loop+0x40/0x90
[  144.941527][ T8800]  ? clear_bhb_loop+0x40/0x90
[  144.941556][ T8800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.941582][ T8800] RIP: 0033:0x7fbac3f4e929
[  144.941601][ T8800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.941624][ T8800] RSP: 002b:00007fbac25b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.941708][ T8800] RAX: ffffffffffffffda RBX: 00007fbac4175fa0 RCX: 00007fbac3f4e929
[  144.941724][ T8800] RDX: 00000000200400d4 RSI: 0000200000000140 RDI: 0000000000000004
[  144.941738][ T8800] RBP: 00007fbac25b7090 R08: 0000000000000000 R09: 0000000000000000
[  144.941749][ T8800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.941764][ T8800] R13: 0000000000000000 R14: 00007fbac4175fa0 R15: 00007ffe44876208
[  144.941789][ T8800]  </TASK>
[  145.285116][ T8804] loop3: detected capacity change from 0 to 1024
[  145.352706][ T8808] loop2: detected capacity change from 0 to 4096
[  145.433364][ T8821] loop0: detected capacity change from 0 to 1024
[  145.448245][ T8821] EXT4-fs: Ignoring removed nobh option
[  145.453944][ T8821] EXT4-fs: Ignoring removed bh option
[  145.535108][ T8832] loop0: detected capacity change from 0 to 1024
[  145.542148][ T8832] EXT4-fs: Ignoring removed orlov option
[  145.610371][ T8837] loop4: detected capacity change from 0 to 1024
[  145.628521][ T8837] EXT4-fs: Ignoring removed orlov option
[  145.635401][ T8839] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.1581: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  145.674787][ T8842] FAULT_INJECTION: forcing a failure.
[  145.674787][ T8842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.688053][ T8842] CPU: 1 UID: 0 PID: 8842 Comm: syz.1.1585 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  145.688088][ T8842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.688176][ T8842] Call Trace:
[  145.688184][ T8842]  <TASK>
[  145.688193][ T8842]  __dump_stack+0x1d/0x30
[  145.688214][ T8842]  dump_stack_lvl+0xe8/0x140
[  145.688237][ T8842]  dump_stack+0x15/0x1b
[  145.688252][ T8842]  should_fail_ex+0x265/0x280
[  145.688318][ T8842]  should_fail+0xb/0x20
[  145.688349][ T8842]  should_fail_usercopy+0x1a/0x20
[  145.688381][ T8842]  _copy_to_user+0x20/0xa0
[  145.688476][ T8842]  simple_read_from_buffer+0xb5/0x130
[  145.688560][ T8842]  proc_fail_nth_read+0x100/0x140
[  145.688597][ T8842]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  145.688626][ T8842]  vfs_read+0x19d/0x6f0
[  145.688659][ T8842]  ? __rcu_read_unlock+0x4f/0x70
[  145.688683][ T8842]  ? __rcu_read_unlock+0x4f/0x70
[  145.688703][ T8842]  ? __fget_files+0x184/0x1c0
[  145.688730][ T8842]  ksys_read+0xda/0x1a0
[  145.688839][ T8842]  __x64_sys_read+0x40/0x50
[  145.688873][ T8842]  x64_sys_call+0x2d77/0x2fb0
[  145.688899][ T8842]  do_syscall_64+0xd2/0x200
[  145.688954][ T8842]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.688979][ T8842]  ? clear_bhb_loop+0x40/0x90
[  145.689005][ T8842]  ? clear_bhb_loop+0x40/0x90
[  145.689033][ T8842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.689067][ T8842] RIP: 0033:0x7f37b338d33c
[  145.689081][ T8842] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  145.689101][ T8842] RSP: 002b:00007f37b19f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  145.689201][ T8842] RAX: ffffffffffffffda RBX: 00007f37b35b5fa0 RCX: 00007f37b338d33c
[  145.689218][ T8842] RDX: 000000000000000f RSI: 00007f37b19f70a0 RDI: 0000000000000004
[  145.689234][ T8842] RBP: 00007f37b19f7090 R08: 0000000000000000 R09: 0000000000000000
[  145.689248][ T8842] R10: 0000000000000814 R11: 0000000000000246 R12: 0000000000000001
[  145.689260][ T8842] R13: 0000000000000000 R14: 00007f37b35b5fa0 R15: 00007ffd22e71788
[  145.689280][ T8842]  </TASK>
[  145.942243][ T8847] __nla_validate_parse: 10 callbacks suppressed
[  145.942263][ T8847] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1586'.
[  146.004407][ T8851] loop2: detected capacity change from 0 to 764
[  146.011138][ T8851] iso9660: Unknown parameter 'GPL'
[  146.029563][ T8854] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.1582: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  146.091992][ T8855] netlink: 'syz.1.1589': attribute type 13 has an invalid length.
[  146.207945][ T8861] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1591'.
[  146.270088][ T8866] loop2: detected capacity change from 0 to 4096
[  146.399661][ T8875] loop4: detected capacity change from 0 to 4096
[  146.469348][ T8863] serio: Serial port ptm0
[  146.625047][ T8884] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1599'.
[  146.661150][ T8890] loop2: detected capacity change from 0 to 1024
[  146.668177][ T8890] EXT4-fs: Ignoring removed orlov option
[  146.741866][ T8892] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.1600: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  146.833452][ T8896] FAULT_INJECTION: forcing a failure.
[  146.833452][ T8896] name failslab, interval 1, probability 0, space 0, times 0
[  146.846296][ T8896] CPU: 1 UID: 0 PID: 8896 Comm:  Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  146.846328][ T8896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.846370][ T8896] Call Trace:
[  146.846395][ T8896]  <TASK>
[  146.846404][ T8896]  __dump_stack+0x1d/0x30
[  146.846424][ T8896]  dump_stack_lvl+0xe8/0x140
[  146.846464][ T8896]  dump_stack+0x15/0x1b
[  146.846480][ T8896]  should_fail_ex+0x265/0x280
[  146.846518][ T8896]  should_failslab+0x8c/0xb0
[  146.846622][ T8896]  __kmalloc_noprof+0xa5/0x3e0
[  146.846687][ T8896]  ? security_inode_init_security+0xc5/0x330
[  146.846719][ T8896]  security_inode_init_security+0xc5/0x330
[  146.846746][ T8896]  ? __pfx_shmem_initxattrs+0x10/0x10
[  146.846830][ T8896]  shmem_tmpfile+0x78/0x110
[  146.846851][ T8896]  vfs_tmpfile+0x226/0x4d0
[  146.846881][ T8896]  do_tmpfile+0xa8/0x190
[  146.846965][ T8896]  path_openat+0x1dd7/0x2170
[  146.846990][ T8896]  ? do_user_addr_fault+0xdaf/0x1090
[  146.847037][ T8896]  ? _parse_integer_limit+0x170/0x190
[  146.847075][ T8896]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  146.847180][ T8896]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  146.847228][ T8896]  do_filp_open+0x109/0x230
[  146.847278][ T8896]  do_sys_openat2+0xa6/0x110
[  146.847366][ T8896]  __x64_sys_open+0xe6/0x110
[  146.847400][ T8896]  x64_sys_call+0x14d4/0x2fb0
[  146.847427][ T8896]  do_syscall_64+0xd2/0x200
[  146.847482][ T8896]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  146.847606][ T8896]  ? clear_bhb_loop+0x40/0x90
[  146.847628][ T8896]  ? clear_bhb_loop+0x40/0x90
[  146.847649][ T8896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.847673][ T8896] RIP: 0033:0x7f60ddbae929
[  146.847692][ T8896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.847715][ T8896] RSP: 002b:00007f60dc217038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  146.847772][ T8896] RAX: ffffffffffffffda RBX: 00007f60dddd5fa0 RCX: 00007f60ddbae929
[  146.847787][ T8896] RDX: 00000000000001b0 RSI: 2b9dbf9fbccd67bd RDI: 0000200000000980
[  146.847810][ T8896] RBP: 00007f60dc217090 R08: 0000000000000000 R09: 0000000000000000
[  146.847821][ T8896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.847833][ T8896] R13: 0000000000000000 R14: 00007f60dddd5fa0 R15: 00007ffccb383288
[  146.847852][ T8896]  </TASK>
[  147.175558][   T29] kauditd_printk_skb: 131 callbacks suppressed
[  147.175577][   T29] audit: type=1400 audit(147.162:4393): avc:  denied  { append } for  pid=8900 comm="syz.2.1603" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  147.221387][ T8904] loop4: detected capacity change from 0 to 1024
[  147.230377][ T8902] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1604'.
[  147.234535][ T8909] loop2: detected capacity change from 0 to 4096
[  147.241494][ T8904] EXT4-fs: Ignoring removed orlov option
[  147.251621][ T8908] netlink: 'syz.3.1607': attribute type 2 has an invalid length.
[  147.252539][   T29] audit: type=1326 audit(147.192:4394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.259478][ T8908] netlink: 'syz.3.1607': attribute type 1 has an invalid length.
[  147.282240][   T29] audit: type=1326 audit(147.192:4395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.282277][   T29] audit: type=1326 audit(147.192:4396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.290103][ T8908] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1607'.
[  147.312912][   T29] audit: type=1326 audit(147.192:4397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.367712][   T29] audit: type=1326 audit(147.192:4398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.374103][ T8899] xt_hashlimit: max too large, truncated to 1048576
[  147.390575][   T29] audit: type=1326 audit(147.192:4399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.390613][   T29] audit: type=1326 audit(147.192:4400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.442913][   T29] audit: type=1326 audit(147.192:4401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.465760][   T29] audit: type=1326 audit(147.192:4402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz.1.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37b338e929 code=0x7ffc0000
[  147.526729][ T8908] lo speed is unknown, defaulting to 1000
[  147.535272][ T8908] vxcan1 speed is unknown, defaulting to 1000
[  147.585626][ T8924] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.1605: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  147.983403][ T8942] netlink: 'syz.2.1614': attribute type 13 has an invalid length.
[  148.039367][ T8948] loop4: detected capacity change from 0 to 1024
[  148.060074][ T8949] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1615'.
[  148.088754][ T8944] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1615'.
[  148.172007][ T8951] loop3: detected capacity change from 0 to 8192
[  148.183013][ T8951] bio_check_eod: 4 callbacks suppressed
[  148.183029][ T8951] syz.3.1618: attempt to access beyond end of device
[  148.183029][ T8951] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  148.220382][ T8957] loop1: detected capacity change from 0 to 4096
[  148.228462][ T8951] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  148.236376][ T8951] FAT-fs (loop3): Filesystem has been set read-only
[  148.246807][ T8959] loop0: detected capacity change from 0 to 512
[  148.253778][ T8951] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  148.260999][ T8959] journal_path: Lookup failure for './file0/../file0'
[  148.262223][ T8951] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  148.268607][ T8959] EXT4-fs: error: could not find journal device path
[  148.285645][ T8948] 9pnet_fd: Insufficient options for proto=fd
[  148.360365][ T8967] loop0: detected capacity change from 0 to 1024
[  148.371522][ T8970] loop3: detected capacity change from 0 to 512
[  148.383588][ T8967] EXT4-fs: Ignoring removed orlov option
[  148.387391][ T8970] journal_path: Lookup failure for './file0/../file0'
[  148.396154][ T8970] EXT4-fs: error: could not find journal device path
[  148.409712][ T8962] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1617: Allocating blocks 497-513 which overlap fs metadata
[  148.502177][ T8947] EXT4-fs (loop4): pa ffff8881069c6540: logic 272, phys. 385, len 8
[  148.510369][ T8947] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  148.581265][ T8977] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1625'.
[  148.599395][ T8979] loop1: detected capacity change from 0 to 1024
[  148.606774][ T8979] EXT4-fs: Ignoring removed orlov option
[  148.617570][ T8974] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1625'.
[  148.685991][ T8985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1629'.
[  148.701442][ T8988] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.1626: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  148.749130][ T8990] netlink: 'syz.4.1631': attribute type 1 has an invalid length.
[  148.761970][ T8992] loop3: detected capacity change from 0 to 2048
[  148.775161][ T8990] bond1: entered promiscuous mode
[  148.780361][ T8990] bond1: entered allmulticast mode
[  148.794041][ T8990] geneve2: entered allmulticast mode
[  148.800467][ T8990] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.809265][ T8990] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.818069][ T8990] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.826857][ T8990] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.838008][ T8990] bond1: (slave geneve2): making interface the new active one
[  148.843283][ T8997] netlink: 'syz.2.1632': attribute type 2 has an invalid length.
[  148.845622][ T8990] geneve2: entered promiscuous mode
[  148.860963][ T8990] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  149.004600][ T8992] lo: entered promiscuous mode
[  149.009586][ T8992] tunl0: entered promiscuous mode
[  149.014952][ T8992] gre0: entered promiscuous mode
[  149.020009][ T8992] gretap0: entered promiscuous mode
[  149.025338][ T8992] erspan0: entered promiscuous mode
[  149.030650][ T8992] ip_vti0: entered promiscuous mode
[  149.036012][ T8992] ip6_vti0: entered promiscuous mode
[  149.041492][ T8992] sit0: entered promiscuous mode
[  149.046621][ T8992] ip6tnl0: entered promiscuous mode
[  149.052000][ T8992] ip6gre0: entered promiscuous mode
[  149.057355][ T8992] syz_tun: entered promiscuous mode
[  149.062707][ T8992] ip6gretap0: entered promiscuous mode
[  149.068298][ T8992] bridge0: entered promiscuous mode
[  149.073617][ T8992] vcan0: entered promiscuous mode
[  149.078722][ T8992] bond0: entered promiscuous mode
[  149.083798][ T8992] bond_slave_0: entered promiscuous mode
[  149.089562][ T8992] bond_slave_1: entered promiscuous mode
[  149.095597][ T8992] team0: entered promiscuous mode
[  149.100808][ T8992] team_slave_0: entered promiscuous mode
[  149.106621][ T8992] team_slave_1: entered promiscuous mode
[  149.112416][ T8992] dummy0: entered promiscuous mode
[  149.117713][ T8992] nlmon0: entered promiscuous mode
[  149.122906][ T8992] caif0: entered promiscuous mode
[  149.128247][ T8992] batadv0: entered promiscuous mode
[  149.128333][ T8992] vxcan0: entered promiscuous mode
[  149.128376][ T8992] vxcan1: entered promiscuous mode
[  149.128455][ T8992] veth0: entered promiscuous mode
[  149.128500][ T8992] veth1: entered promiscuous mode
[  149.128673][ T8992] wg1: entered promiscuous mode
[  149.128730][ T8992] wg2: entered promiscuous mode
[  149.128840][ T8992] veth0_to_bridge: entered promiscuous mode
[  149.129096][ T8992] veth1_to_bridge: entered promiscuous mode
[  149.129229][ T8992] veth0_to_bond: entered promiscuous mode
[  149.129385][ T8992] veth1_to_bond: entered promiscuous mode
[  149.129666][ T8992] veth0_to_team: entered promiscuous mode
[  149.129809][ T8992] veth1_to_team: entered promiscuous mode
[  149.130040][ T8992] veth1_to_batadv: entered promiscuous mode
[  149.130093][ T8992] batadv_slave_1: entered promiscuous mode
[  149.130209][ T8992] xfrm0: entered promiscuous mode
[  149.130323][ T8992] veth0_to_hsr: entered promiscuous mode
[  149.130381][ T8992] hsr_slave_0: entered promiscuous mode
[  149.130467][ T8992] veth1_to_hsr: entered promiscuous mode
[  149.234737][ T8992] hsr_slave_1: entered promiscuous mode
[  149.234808][ T8992] veth1_virt_wifi: entered promiscuous mode
[  149.234917][ T8992] veth0_virt_wifi: entered promiscuous mode
[  149.235161][ T8992] vlan0: entered promiscuous mode
[  149.235315][ T8992] vlan1: entered promiscuous mode
[  149.235543][ T8992] macvlan0: entered promiscuous mode
[  149.247074][ T9013] loop2: detected capacity change from 0 to 1024
[  149.253081][ T8992] macvlan1: entered promiscuous mode
[  149.279293][ T9013] EXT4-fs: Ignoring removed i_version option
[  149.280132][ T8992] ipvlan0: entered promiscuous mode
[  149.291502][ T8992] ipvlan1: entered promiscuous mode
[  149.291804][ T8992] macvtap0: entered promiscuous mode
[  149.302439][ T8992] macsec0: entered promiscuous mode
[  149.308002][ T8992] geneve0: entered promiscuous mode
[  149.308196][ T8992] geneve1: entered promiscuous mode
[  149.319077][ T8992] netdevsim netdevsim3 eth0: entered promiscuous mode
[  149.326409][ T8992] netdevsim netdevsim3 eth1: entered promiscuous mode
[  149.333777][ T8992] netdevsim netdevsim3 eth2: entered promiscuous mode
[  149.350266][ T9017] loop0: detected capacity change from 0 to 512
[  149.361517][ T8992] netdevsim netdevsim3 eth3: entered promiscuous mode
[  149.361657][ T8992] syztnl1: entered promiscuous mode
[  149.375021][ T9008] bridge0: port 3(macvlan2) entered blocking state
[  149.375063][ T9008] bridge0: port 3(macvlan2) entered disabled state
[  149.375241][ T9008] macvlan2: entered allmulticast mode
[  149.375255][ T9008] bridge0: entered allmulticast mode
[  149.376938][ T9017] journal_path: Lookup failure for './file0/../file0'
[  149.376958][ T9017] EXT4-fs: error: could not find journal device path
[  149.378572][ T9008] macvlan2: left allmulticast mode
[  149.378589][ T9008] bridge0: left allmulticast mode
[  149.386978][ T9019] loop1: detected capacity change from 0 to 512
[  149.561570][ T9023] loop4: detected capacity change from 0 to 4096
[  149.756162][ T9030] serio: Serial port ptm0
[  149.925704][ T9036] loop3: detected capacity change from 0 to 512
[  150.468111][ T9040] loop0: detected capacity change from 0 to 1024
[  150.505509][ T9040] EXT4-fs: Ignoring removed nobh option
[  150.511185][ T9040] EXT4-fs: Ignoring removed bh option
[  150.672210][ T9046] loop1: detected capacity change from 0 to 1024
[  150.679377][ T9046] EXT4-fs: Ignoring removed orlov option
[  150.852558][ T9054] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.1647: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  150.875628][ T9053] loop2: detected capacity change from 0 to 1024
[  150.883741][ T9053] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  150.893428][ T9053] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  150.904864][ T9053] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  150.913078][ T9053] EXT4-fs (loop2): orphan cleanup on readonly fs
[  150.920379][ T9053] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.1644: Inode bitmap for bg 0 marked uninitialized
[  150.945707][ T9053] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (32298!=35945)
[  150.990645][ T9057] loop4: detected capacity change from 0 to 2048
[  151.021801][ T9051] loop0: detected capacity change from 0 to 8192
[  151.052965][ T9051] FAULT_INJECTION: forcing a failure.
[  151.052965][ T9051] name failslab, interval 1, probability 0, space 0, times 0
[  151.065694][ T9051] CPU: 1 UID: 0 PID: 9051 Comm: syz.0.1646 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  151.065772][ T9051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  151.065789][ T9051] Call Trace:
[  151.065797][ T9051]  <TASK>
[  151.065807][ T9051]  __dump_stack+0x1d/0x30
[  151.065827][ T9051]  dump_stack_lvl+0xe8/0x140
[  151.065845][ T9051]  dump_stack+0x15/0x1b
[  151.065860][ T9051]  should_fail_ex+0x265/0x280
[  151.065958][ T9051]  should_failslab+0x8c/0xb0
[  151.065984][ T9051]  kmem_cache_alloc_noprof+0x50/0x310
[  151.066008][ T9051]  ? alloc_empty_file+0x76/0x200
[  151.066034][ T9051]  alloc_empty_file+0x76/0x200
[  151.066144][ T9051]  path_openat+0x68/0x2170
[  151.066175][ T9051]  ? do_user_addr_fault+0xdaf/0x1090
[  151.066271][ T9051]  ? _parse_integer_limit+0x170/0x190
[  151.066368][ T9051]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  151.066416][ T9051]  ? exc_page_fault+0x62/0xa0
[  151.066444][ T9051]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  151.066486][ T9051]  do_filp_open+0x109/0x230
[  151.066551][ T9051]  do_sys_openat2+0xa6/0x110
[  151.066577][ T9051]  __x64_sys_creat+0x65/0x90
[  151.066604][ T9051]  x64_sys_call+0x114d/0x2fb0
[  151.066631][ T9051]  do_syscall_64+0xd2/0x200
[  151.066652][ T9051]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  151.066683][ T9051]  ? clear_bhb_loop+0x40/0x90
[  151.066773][ T9051]  ? clear_bhb_loop+0x40/0x90
[  151.066800][ T9051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.066827][ T9051] RIP: 0033:0x7ff01dd7e929
[  151.066845][ T9051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.066934][ T9051] RSP: 002b:00007ff01c3e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  151.066956][ T9051] RAX: ffffffffffffffda RBX: 00007ff01dfa5fa0 RCX: 00007ff01dd7e929
[  151.066972][ T9051] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000280
[  151.066988][ T9051] RBP: 00007ff01c3e7090 R08: 0000000000000000 R09: 0000000000000000
[  151.067003][ T9051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.067019][ T9051] R13: 0000000000000000 R14: 00007ff01dfa5fa0 R15: 00007ffda531f308
[  151.067040][ T9051]  </TASK>
[  151.336328][ T9057] ip6gre1: entered allmulticast mode
[  151.415574][ T9064] loop0: detected capacity change from 0 to 1024
[  151.422419][ T9064] EXT4-fs: Ignoring removed orlov option
[  151.473598][ T9069] loop2: detected capacity change from 0 to 1024
[  151.480837][ T9069] EXT4-fs: Ignoring removed orlov option
[  151.500934][ T9068] loop1: detected capacity change from 0 to 128
[  151.540309][ T9068] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  151.551112][ T9079] __nla_validate_parse: 4 callbacks suppressed
[  151.551131][ T9079] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1651'.
[  151.581579][ T9082] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.1649: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  151.603954][ T9075] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1651'.
[  151.712902][ T9086] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1656'.
[  151.798733][ T9090] loop4: detected capacity change from 0 to 1024
[  151.814681][ T9090] EXT4-fs: Ignoring removed orlov option
[  151.922717][ T9096] loop1: detected capacity change from 0 to 4096
[  152.034980][ T9100] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.1658: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  152.129643][ T9106] loop2: detected capacity change from 0 to 512
[  152.146584][ T9106] journal_path: Lookup failure for './file0/../file0'
[  152.153515][ T9106] EXT4-fs: error: could not find journal device path
[  152.184281][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  152.184299][   T29] audit: type=1326 audit(152.172:4672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.213468][   T29] audit: type=1326 audit(152.172:4673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.236350][   T29] audit: type=1326 audit(152.172:4674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.296972][ T9108] loop2: detected capacity change from 0 to 764
[  152.366461][ T9110] pim6reg: entered allmulticast mode
[  152.371891][   T29] audit: type=1326 audit(152.172:4675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.394789][   T29] audit: type=1326 audit(152.172:4676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.417723][   T29] audit: type=1326 audit(152.172:4677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.440615][   T29] audit: type=1326 audit(152.172:4678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.463448][   T29] audit: type=1326 audit(152.172:4679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.486423][   T29] audit: type=1326 audit(152.172:4680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.509158][   T29] audit: type=1326 audit(152.172:4681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9105 comm="syz.2.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf2338e929 code=0x7ffc0000
[  152.548277][ T9115] pim6reg: left allmulticast mode
[  152.646155][ T9116] syzkaller0: entered promiscuous mode
[  152.651699][ T9116] syzkaller0: entered allmulticast mode
[  152.667454][ T9121] loop3: detected capacity change from 0 to 128
[  152.703249][ T9121] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  152.746490][ T9126] loop1: detected capacity change from 0 to 1024
[  152.776511][ T9131] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1672'.
[  152.793560][ T9135] loop4: detected capacity change from 0 to 764
[  152.856841][ T9139] loop1: detected capacity change from 0 to 8192
[  152.865794][ T9139] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1675'.
[  152.918827][ T9148] loop1: detected capacity change from 0 to 512
[  152.925801][ T9148] EXT4-fs: Ignoring removed mblk_io_submit option
[  152.934087][ T9148] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  152.942271][ T9148] EXT4-fs (loop1): orphan cleanup on readonly fs
[  152.949061][ T9148] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  152.964479][ T9148] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  152.971929][ T9148] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1677: bg 0: block 40: padding at end of block bitmap is not set
[  152.986558][ T9148] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  152.995800][ T9148] EXT4-fs (loop1): 1 truncate cleaned up
[  153.004635][ T9153] loop4: detected capacity change from 0 to 1024
[  153.012106][ T9153] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  153.015889][ T9148] pim6reg: entered allmulticast mode
[  153.023153][ T9153] EXT4-fs (loop4): group descriptors corrupted!
[  153.035205][ T9148] pim6reg: left allmulticast mode
[  153.137004][ T9157] loop1: detected capacity change from 0 to 4096
[  153.412486][ T9163] loop2: detected capacity change from 0 to 8192
[  153.422598][ T9163] syz.2.1680: attempt to access beyond end of device
[  153.422598][ T9163] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  153.437915][ T9163] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  153.445846][ T9163] FAT-fs (loop2): Filesystem has been set read-only
[  153.455277][ T9163] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  153.472752][ T9163] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  153.566867][ T9167] loop1: detected capacity change from 0 to 8192
[  153.592040][ T9170] loop2: detected capacity change from 0 to 8192
[  153.606349][ T9170] syz.2.1683: attempt to access beyond end of device
[  153.606349][ T9170] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  153.629414][ T9167] syz.1.1682: attempt to access beyond end of device
[  153.629414][ T9167] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  153.649384][ T9170] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  153.657441][ T9170] FAT-fs (loop2): Filesystem has been set read-only
[  153.665621][ T9167] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  153.673567][ T9167] FAT-fs (loop1): Filesystem has been set read-only
[  153.691616][ T9170] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  153.713700][ T9170] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  153.724436][ T9167] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  153.744104][ T9167] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[  153.966585][ T9188] lo speed is unknown, defaulting to 1000
[  153.973135][ T9188] vxcan1 speed is unknown, defaulting to 1000
[  154.137391][ T9190] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1688'.
[  154.315291][ T9197] loop1: detected capacity change from 0 to 1024
[  154.323417][ T9197] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.329931][ T9197] EXT4-fs: Ignoring removed nomblk_io_submit option
[  154.337812][ T9197] EXT4-fs: Ignoring removed bh option
[  154.354314][ T9197] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[  154.404017][ T9193] loop1: detected capacity change from 0 to 8192
[  154.629410][ T9210] loop4: detected capacity change from 0 to 764
[  154.656115][ T9212] futex_wake_op: syz.4.1697 tries to shift op by -1; fix this program
[  154.682481][ T9212] 9pnet_fd: Insufficient options for proto=fd
[  154.710950][ T9212] SELinux:  policydb magic number 0x332f0001 does not match expected magic number 0xf97cff8c
[  154.721525][ T9212] SELinux: failed to load policy
[  154.741642][ T9216] lo speed is unknown, defaulting to 1000
[  154.747885][ T9216] vxcan1 speed is unknown, defaulting to 1000
[  154.784205][ T9221] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1698'.
[  154.820769][ T9222] netlink: 'syz.4.1700': attribute type 13 has an invalid length.
[  154.829344][ T9222] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.838373][ T9222] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.847271][ T9222] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.856161][ T9222] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  155.169033][ T9224] loop2: detected capacity change from 0 to 4096
[  155.259468][ T9230] loop3: detected capacity change from 0 to 128
[  155.297095][ T9230] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  155.394706][ T9237] loop3: detected capacity change from 0 to 764
[  155.448903][ T9245] loop2: detected capacity change from 0 to 164
[  155.485116][ T9249] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1708'.
[  155.637424][ T9254] loop4: detected capacity change from 0 to 4096
[  155.703250][ T9256] loop0: detected capacity change from 0 to 8192
[  155.725712][ T9256] syz.0.1714: attempt to access beyond end of device
[  155.725712][ T9256] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  155.742387][ T9256] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1)
[  155.750363][ T9256] FAT-fs (loop0): Filesystem has been set read-only
[  155.758451][ T9256] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1)
[  155.769852][ T9256] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1)
[  155.864088][ T9262] loop4: detected capacity change from 0 to 1024
[  155.871193][ T9262] EXT4-fs: Ignoring removed nobh option
[  155.876909][ T9262] EXT4-fs: Ignoring removed bh option
[  155.951440][ T9270] loop4: detected capacity change from 0 to 764
[  155.989988][ T9273] loop4: detected capacity change from 0 to 4096
[  156.205460][ T9279] syzkaller0: entered promiscuous mode
[  156.211051][ T9279] syzkaller0: entered allmulticast mode
[  156.229525][ T9279] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27134 sclass=netlink_route_socket pid=9279 comm=syz.0.1723
[  156.260496][ T9284] lo speed is unknown, defaulting to 1000
[  156.267827][ T9284] vxcan1 speed is unknown, defaulting to 1000
[  156.305791][ T9287] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1724'.
[  156.368849][ T9289] loop3: detected capacity change from 0 to 8192
[  156.386182][ T9289] syz.3.1726: attempt to access beyond end of device
[  156.386182][ T9289] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  156.391410][ T9294] loop0: detected capacity change from 0 to 1024
[  156.403074][ T9289] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  156.413972][ T9289] FAT-fs (loop3): Filesystem has been set read-only
[  156.414902][ T9294] EXT4-fs: Ignoring removed nobh option
[  156.423411][ T9289] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  156.426381][ T9294] EXT4-fs: Ignoring removed bh option
[  156.435278][ T9289] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  156.458861][ T9296] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1729'.
[  156.496699][ T9302] openvswitch: netlink: Message has 6 unknown bytes.
[  156.558183][ T9304] loop0: detected capacity change from 0 to 1024
[  156.565446][ T9304] EXT4-fs: Ignoring removed mblk_io_submit option
[  156.572001][ T9304] EXT4-fs: Ignoring removed nomblk_io_submit option
[  156.579618][ T9304] EXT4-fs: Ignoring removed bh option
[  156.594165][ T9304] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[  156.612378][ T9304] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  156.618974][ T9304] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  156.626523][ T9304] vhci_hcd vhci_hcd.0: Device attached
[  156.671675][ T9304] loop0: detected capacity change from 0 to 8192
[  156.681209][ T9309] vhci_hcd: connection closed
[  156.681520][   T37] vhci_hcd: stop threads
[  156.690578][   T37] vhci_hcd: release socket
[  156.695035][   T37] vhci_hcd: disconnect device
[  156.981539][ T9316] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1734'.
[  156.991367][ T9315] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1734'.
[  157.088736][ T9325] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1736'.
[  157.123862][ T9326] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1738'.
[  157.203214][   T29] kauditd_printk_skb: 533 callbacks suppressed
[  157.203233][   T29] audit: type=1326 audit(157.182:5214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.208036][ T9329] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1739'.
[  157.209463][   T29] audit: type=1326 audit(157.182:5215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.266141][   T29] audit: type=1326 audit(157.192:5216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.289028][   T29] audit: type=1326 audit(157.192:5217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.311979][   T29] audit: type=1326 audit(157.192:5218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.334946][   T29] audit: type=1326 audit(157.192:5219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.357802][   T29] audit: type=1326 audit(157.192:5220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.380748][   T29] audit: type=1326 audit(157.192:5221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.403590][   T29] audit: type=1326 audit(157.192:5222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.415470][ T9333] loop2: detected capacity change from 0 to 1024
[  157.426475][   T29] audit: type=1326 audit(157.192:5223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9327 comm="syz.4.1739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  157.435371][ T9333] EXT4-fs: Ignoring removed nobh option
[  157.461372][ T9333] EXT4-fs: Ignoring removed bh option
[  157.670446][ T9340] lo speed is unknown, defaulting to 1000
[  157.677419][ T9340] vxcan1 speed is unknown, defaulting to 1000
[  157.999677][ T9342] loop3: detected capacity change from 0 to 1024
[  158.030265][ T9349] loop1: detected capacity change from 0 to 128
[  158.067490][ T9351] loop3: detected capacity change from 0 to 128
[  158.115224][ T9351] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  158.135968][ T9352] hub 9-0:1.0: USB hub found
[  158.156877][ T9352] hub 9-0:1.0: 8 ports detected
[  158.223629][ T9358] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1747'.
[  158.247312][ T9356] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1747'.
[  158.309838][ T9362] lo speed is unknown, defaulting to 1000
[  158.316358][ T9362] vxcan1 speed is unknown, defaulting to 1000
[  158.381393][ T9365] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1749'.
[  158.418073][ T9370] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1752'.
[  158.427127][ T9370] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1752'.
[  158.715607][ T9424] loop2: detected capacity change from 0 to 1024
[  158.722269][ T9424] ext4: Unknown parameter 'smackfsroot'
[  158.906452][ T9441] loop2: detected capacity change from 0 to 512
[  158.913765][ T9441] journal_path: Lookup failure for './file0/../file0'
[  158.920589][ T9441] EXT4-fs: error: could not find journal device path
[  158.963214][ T9449] loop2: detected capacity change from 0 to 1024
[  158.970224][ T9449] EXT4-fs: Ignoring removed orlov option
[  158.987510][ T9451] loop1: detected capacity change from 0 to 4096
[  159.248864][ T9466] loop4: detected capacity change from 0 to 1024
[  159.263775][ T9466] ext4: Unknown parameter 'smackfsroot'
[  159.466920][ T9480] loop1: detected capacity change from 0 to 512
[  159.474755][ T9480] journal_path: Lookup failure for './file0/../file0'
[  159.481666][ T9480] EXT4-fs: error: could not find journal device path
[  159.589285][ T9486] loop2: detected capacity change from 0 to 4096
[  159.610514][ T9488] loop1: detected capacity change from 0 to 8192
[  159.743244][ T9495] loop1: detected capacity change from 0 to 1024
[  159.752049][ T9495] EXT4-fs: Ignoring removed orlov option
[  160.129777][ T9504] loop0: detected capacity change from 0 to 1024
[  160.144552][ T9506] loop3: detected capacity change from 0 to 128
[  160.145049][ T9504] EXT4-fs: Ignoring removed nobh option
[  160.156654][ T9504] EXT4-fs: Ignoring removed bh option
[  160.173941][ T9502] loop2: detected capacity change from 0 to 2048
[  160.251464][ T9513] loop0: detected capacity change from 0 to 1024
[  160.258106][ T9517] loop4: detected capacity change from 0 to 512
[  160.262351][ T9513] ext4: Unknown parameter 'smackfsroot'
[  160.265798][ T9517] journal_path: Lookup failure for './file0/../file0'
[  160.277088][ T9517] EXT4-fs: error: could not find journal device path
[  160.336832][ T9524] loop4: detected capacity change from 0 to 512
[  160.344321][ T9524] EXT4-fs: Ignoring removed i_version option
[  160.362752][ T9530] loop1: detected capacity change from 0 to 512
[  160.370353][ T9524] EXT4-fs (loop4): orphan cleanup on readonly fs
[  160.377549][ T9524] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1787: bg 0: block 131: padding at end of block bitmap is not set
[  160.391492][ T9533] loop3: detected capacity change from 0 to 1024
[  160.399056][ T9524] EXT4-fs (loop4): Remounting filesystem read-only
[  160.405986][ T9524] EXT4-fs (loop4): 1 truncate cleaned up
[  160.461134][ T9539] loop1: detected capacity change from 0 to 1024
[  160.469272][ T9539] EXT4-fs: Ignoring removed nobh option
[  160.474993][ T9539] EXT4-fs: Ignoring removed bh option
[  160.536986][ T9549] new mount options do not match the existing superblock, will be ignored
[  160.651025][ T9556] FAULT_INJECTION: forcing a failure.
[  160.651025][ T9556] name failslab, interval 1, probability 0, space 0, times 0
[  160.667670][ T9556] CPU: 1 UID: 0 PID: 9556 Comm: syz.0.1797 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  160.667699][ T9556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  160.667711][ T9556] Call Trace:
[  160.667717][ T9556]  <TASK>
[  160.667726][ T9556]  __dump_stack+0x1d/0x30
[  160.667752][ T9556]  dump_stack_lvl+0xe8/0x140
[  160.667833][ T9556]  dump_stack+0x15/0x1b
[  160.667855][ T9556]  should_fail_ex+0x265/0x280
[  160.667889][ T9556]  should_failslab+0x8c/0xb0
[  160.667910][ T9556]  kmem_cache_alloc_noprof+0x50/0x310
[  160.667934][ T9556]  ? getname_flags+0x80/0x3b0
[  160.667983][ T9556]  getname_flags+0x80/0x3b0
[  160.668083][ T9556]  __se_sys_newstat+0x4b/0x280
[  160.668189][ T9556]  ? __bpf_trace_sys_enter+0x10/0x30
[  160.668211][ T9556]  ? trace_sys_enter+0xd0/0x110
[  160.668234][ T9556]  __x64_sys_newstat+0x31/0x40
[  160.668254][ T9556]  x64_sys_call+0x781/0x2fb0
[  160.668279][ T9556]  do_syscall_64+0xd2/0x200
[  160.668367][ T9556]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  160.668396][ T9556]  ? clear_bhb_loop+0x40/0x90
[  160.668421][ T9556]  ? clear_bhb_loop+0x40/0x90
[  160.668476][ T9556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.668496][ T9556] RIP: 0033:0x7ff01dd7e929
[  160.668510][ T9556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.668555][ T9556] RSP: 002b:00007ff01c3e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  160.668579][ T9556] RAX: ffffffffffffffda RBX: 00007ff01dfa5fa0 RCX: 00007ff01dd7e929
[  160.668615][ T9556] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000380
[  160.668651][ T9556] RBP: 00007ff01c3e7090 R08: 0000000000000000 R09: 0000000000000000
[  160.668663][ T9556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.668674][ T9556] R13: 0000000000000000 R14: 00007ff01dfa5fa0 R15: 00007ffda531f308
[  160.668697][ T9556]  </TASK>
[  160.918961][ T3312] EXT4-fs unmount: 104 callbacks suppressed
[  160.919053][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.000252][ T9564] loop2: detected capacity change from 0 to 512
[  161.013192][ T9566] loop1: detected capacity change from 0 to 512
[  161.021614][ T9564] journal_path: Lookup failure for './file0/../file0'
[  161.028506][ T9564] EXT4-fs: error: could not find journal device path
[  161.050197][ T9566] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.091655][ T9566] EXT4-fs (loop1): shut down requested (0)
[  161.131144][ T9566] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[  161.148792][ T9566] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[  161.167877][ T9566] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[  161.173719][ T9577] FAULT_INJECTION: forcing a failure.
[  161.173719][ T9577] name failslab, interval 1, probability 0, space 0, times 0
[  161.188837][ T9566] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=15
[  161.189375][ T9577] CPU: 1 UID: 0 PID: 9577 Comm: syz.0.1806 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  161.189436][ T9577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  161.189452][ T9577] Call Trace:
[  161.189462][ T9577]  <TASK>
[  161.189471][ T9577]  __dump_stack+0x1d/0x30
[  161.189510][ T9577]  dump_stack_lvl+0xe8/0x140
[  161.189537][ T9577]  dump_stack+0x15/0x1b
[  161.189559][ T9577]  should_fail_ex+0x265/0x280
[  161.189602][ T9577]  should_failslab+0x8c/0xb0
[  161.189695][ T9577]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  161.189737][ T9577]  ? __d_alloc+0x3d/0x350
[  161.189771][ T9577]  __d_alloc+0x3d/0x350
[  161.189856][ T9577]  d_alloc+0x2e/0x100
[  161.189885][ T9577]  lookup_one_qstr_excl_raw+0x95/0x1b0
[  161.189933][ T9577]  filename_create+0x14a/0x290
[  161.189974][ T9577]  do_mkdirat+0x52/0x3f0
[  161.190087][ T9577]  __x64_sys_mkdirat+0x4c/0x60
[  161.190127][ T9577]  x64_sys_call+0x2be0/0x2fb0
[  161.190170][ T9577]  do_syscall_64+0xd2/0x200
[  161.190193][ T9577]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  161.190230][ T9577]  ? clear_bhb_loop+0x40/0x90
[  161.190326][ T9577]  ? clear_bhb_loop+0x40/0x90
[  161.190355][ T9577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.190384][ T9577] RIP: 0033:0x7ff01dd7e929
[  161.190406][ T9577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.190489][ T9577] RSP: 002b:00007ff01c3e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  161.190516][ T9577] RAX: ffffffffffffffda RBX: 00007ff01dfa5fa0 RCX: 00007ff01dd7e929
[  161.190533][ T9577] RDX: 0000000000000408 RSI: 0000200000000300 RDI: 0000000000000003
[  161.190551][ T9577] RBP: 00007ff01c3e7090 R08: 0000000000000000 R09: 0000000000000000
[  161.190630][ T9577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.190647][ T9577] R13: 0000000000000000 R14: 00007ff01dfa5fa0 R15: 00007ffda531f308
[  161.190711][ T9577]  </TASK>
[  161.412692][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.454925][ T9581] lo speed is unknown, defaulting to 1000
[  161.462899][ T9586] loop4: detected capacity change from 0 to 1024
[  161.492064][ T9581] vxcan1 speed is unknown, defaulting to 1000
[  161.525448][ T9586] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.604639][ T9593] loop2: detected capacity change from 0 to 256
[  161.611277][ T9593] msdos: Bad value for 'gid'
[  161.615954][ T9593] msdos: Bad value for 'gid'
[  161.628851][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.667360][ T9594] lo speed is unknown, defaulting to 1000
[  161.684543][ T9594] vxcan1 speed is unknown, defaulting to 1000
[  161.776009][ T9602] loop0: detected capacity change from 0 to 512
[  161.785854][ T9602] journal_path: Lookup failure for './file0/../file0'
[  161.792705][ T9602] EXT4-fs: error: could not find journal device path
[  162.227668][ T9604] lo speed is unknown, defaulting to 1000
[  162.233849][ T9604] vxcan1 speed is unknown, defaulting to 1000
[  162.366541][ T9616] __nla_validate_parse: 18 callbacks suppressed
[  162.366555][ T9616] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1817'.
[  162.382743][ T9611] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1817'.
[  162.386033][ T9613] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1818'.
[  162.489602][   T29] kauditd_printk_skb: 261 callbacks suppressed
[  162.489620][   T29] audit: type=1400 audit(162.472:5483): avc:  denied  { shutdown } for  pid=9625 comm="syz.2.1823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  162.540602][ T9628] serio: Serial port ptm0
[  162.586493][ T9632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1825'.
[  162.595546][ T9632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1825'.
[  162.686279][ T9635] binfmt_misc: register: failed to install interpreter file ./file2
[  162.798375][ T9641] loop3: detected capacity change from 0 to 1024
[  162.806427][ T9641] ext4: Unknown parameter 'smackfsroot'
[  162.851561][   T29] audit: type=1326 audit(162.832:5484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbac3f458e7 code=0x7ffc0000
[  162.876709][   T29] audit: type=1326 audit(162.832:5485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbac3eeab19 code=0x7ffc0000
[  162.899552][   T29] audit: type=1326 audit(162.832:5486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbac3f458e7 code=0x7ffc0000
[  162.922405][   T29] audit: type=1326 audit(162.832:5487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbac3eeab19 code=0x7ffc0000
[  162.945203][   T29] audit: type=1326 audit(162.832:5488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbac3f4e929 code=0x7ffc0000
[  162.968347][   T29] audit: type=1326 audit(162.832:5489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbac3f4e929 code=0x7ffc0000
[  162.991285][   T29] audit: type=1326 audit(162.832:5490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fbac3f4e929 code=0x7ffc0000
[  162.995505][ T9648] netlink: 'syz.3.1830': attribute type 1 has an invalid length.
[  163.014067][   T29] audit: type=1326 audit(162.862:5491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbac3f458e7 code=0x7ffc0000
[  163.044575][   T29] audit: type=1326 audit(162.862:5492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9642 comm="syz.3.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbac3eeab19 code=0x7ffc0000
[  163.135724][ T9651] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1831'.
[  163.163381][ T9653] loop3: detected capacity change from 0 to 1024
[  163.172476][ T9653] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.197882][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.231761][ T9661] loop3: detected capacity change from 0 to 1024
[  163.239090][ T9660] loop2: detected capacity change from 0 to 1024
[  163.246246][ T9660] EXT4-fs: Ignoring removed orlov option
[  163.251800][ T9661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.265361][ T9661] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.266907][ T9660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.634195][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.175548][ T9685] loop3: detected capacity change from 0 to 1024
[  164.195000][ T9687] loop4: detected capacity change from 0 to 1024
[  164.201743][ T9683] loop1: detected capacity change from 0 to 4096
[  164.204681][ T9685] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.222533][ T9687] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.226964][ T9683] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.264861][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.274758][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.367333][ T9701] SELinux: failed to load policy
[  164.461334][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.546141][ T9709] loop4: detected capacity change from 0 to 1024
[  164.565926][ T9709] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.608395][ T9709] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.639155][ T9716] loop0: detected capacity change from 0 to 1024
[  164.646054][ T9716] ext4: Unknown parameter 'smackfsroot'
[  164.688953][ T9715] loop2: detected capacity change from 0 to 8192
[  164.712297][ T9715] syz.2.1852: attempt to access beyond end of device
[  164.712297][ T9715] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  164.719289][ T9720] loop1: detected capacity change from 0 to 1024
[  164.741732][ T9715] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  164.749713][ T9715] FAT-fs (loop2): Filesystem has been set read-only
[  164.766182][ T9715] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  164.774903][ T9720] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.788479][ T9715] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  164.819105][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.925890][ T9733] loop1: detected capacity change from 0 to 512
[  164.942816][ T9733] EXT4-fs: test_dummy_encryption option not supported
[  164.977196][ T9733] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1858'.
[  164.994895][ T9736] loop2: detected capacity change from 0 to 4096
[  165.042553][ T9736] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.057734][ T9738] loop0: detected capacity change from 0 to 1024
[  165.075010][ T9738] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  165.085997][ T9738] EXT4-fs (loop0): group descriptors corrupted!
[  165.155300][ T9738] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  165.187897][ T9745] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1862'.
[  165.196859][ T9745] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1862'.
[  165.409753][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.488007][ T9757] loop4: detected capacity change from 0 to 1024
[  165.497292][ T9757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.520826][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.770503][ T9777] loop1: detected capacity change from 0 to 1024
[  165.777426][ T9777] EXT4-fs: Ignoring removed orlov option
[  165.788820][ T9777] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.801670][ T9768] netlink: 'syz.4.1870': attribute type 13 has an invalid length.
[  165.809560][ T9768] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1870'.
[  165.820000][ T9768] erspan0: refused to change device tx_queue_len
[  165.826418][ T9768] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  165.959403][ T9787] loop4: detected capacity change from 0 to 1024
[  165.971008][ T9787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.985484][ T9787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.251340][ T9796] loop3: detected capacity change from 0 to 8192
[  166.269816][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.578438][ T9819] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27745 sclass=netlink_route_socket pid=9819 comm=syz.1.1883
[  166.662182][ T9822] loop1: detected capacity change from 0 to 1024
[  166.669005][ T9823] loop0: detected capacity change from 0 to 128
[  166.679165][ T9822] ext4: Unknown parameter 'smackfsroot'
[  166.782288][ T9827] openvswitch: netlink: Message has 6 unknown bytes.
[  166.982136][ T9837] serio: Serial port ptm0
[  166.987761][ T9832] loop2: detected capacity change from 0 to 8192
[  167.160582][ T9851] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27745 sclass=netlink_route_socket pid=9851 comm=syz.0.1894
[  167.234492][ T9857] loop1: detected capacity change from 0 to 128
[  167.265525][ T9860] netlink: 'syz.2.1893': attribute type 1 has an invalid length.
[  167.310998][ T9865] loop1: detected capacity change from 0 to 4096
[  167.321582][ T9865] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.345542][ T9870] loop2: detected capacity change from 0 to 128
[  167.354719][ T9869] loop3: detected capacity change from 0 to 1024
[  167.370125][ T9870] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  167.400245][ T9869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.449859][ T9875] loop0: detected capacity change from 0 to 1024
[  167.457165][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.463507][ T9875] ext4: Unknown parameter 'smackfsroot'
[  167.529123][ T9881] loop3: detected capacity change from 0 to 1024
[  167.541128][ T9881] EXT4-fs: Ignoring removed orlov option
[  167.549814][ T9881] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.591135][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.600512][ T9886] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27745 sclass=netlink_route_socket pid=9886 comm=syz.0.1905
[  167.642251][ T9891] __nla_validate_parse: 6 callbacks suppressed
[  167.642300][ T9891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1907'.
[  167.670131][ T9891] lo speed is unknown, defaulting to 1000
[  167.676613][ T9891] vxcan1 speed is unknown, defaulting to 1000
[  167.738493][ T9895] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.1904: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  167.780274][ T9897] loop1: detected capacity change from 0 to 512
[  167.787113][   T29] kauditd_printk_skb: 221 callbacks suppressed
[  167.787131][   T29] audit: type=1400 audit(167.782:5714): avc:  denied  { mounton } for  pid=9893 comm="syz.1.1908" path="/378/bus" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  167.817587][ T9897] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  167.839559][ T9897] EXT4-fs (loop1): 1 truncate cleaned up
[  167.845801][ T9897] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.859057][ T9897] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.868972][ T9902] loop4: detected capacity change from 0 to 512
[  167.878052][ T9902] journal_path: Lookup failure for './file0/../file0'
[  167.884987][ T9902] EXT4-fs: error: could not find journal device path
[  167.905760][   T29] audit: type=1326 audit(167.892:5715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  167.928800][   T29] audit: type=1326 audit(167.892:5716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  167.929437][ T9899] loop0: detected capacity change from 0 to 8192
[  167.951783][   T29] audit: type=1326 audit(167.892:5717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  167.989071][   T29] audit: type=1326 audit(167.952:5718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  168.011977][   T29] audit: type=1326 audit(167.952:5719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  168.035067][   T29] audit: type=1326 audit(167.952:5720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  168.059577][ T9412] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  168.066527][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.069042][   T29] audit: type=1326 audit(168.002:5721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  168.100472][   T29] audit: type=1326 audit(168.002:5722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  168.123379][   T29] audit: type=1326 audit(168.002:5723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9900 comm="syz.4.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f60ddbae929 code=0x7ffc0000
[  168.145412][ T9904] loop2: detected capacity change from 0 to 1024
[  168.155462][ T9904] EXT4-fs: Ignoring removed nobh option
[  168.161097][ T9904] EXT4-fs: Ignoring removed bh option
[  168.191196][ T9904] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.213217][ T9915] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27745 sclass=netlink_route_socket pid=9915 comm=syz.4.1913
[  168.220757][ T9914] loop0: detected capacity change from 0 to 1024
[  168.238797][ T9914] ext4: Unknown parameter 'smackfsroot'
[  168.263034][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.355090][ T9928] FAULT_INJECTION: forcing a failure.
[  168.355090][ T9928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.368241][ T9928] CPU: 0 UID: 0 PID: 9928 Comm: syz.0.1918 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  168.368344][ T9928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  168.368358][ T9928] Call Trace:
[  168.368365][ T9928]  <TASK>
[  168.368375][ T9928]  __dump_stack+0x1d/0x30
[  168.368445][ T9928]  dump_stack_lvl+0xe8/0x140
[  168.368468][ T9928]  dump_stack+0x15/0x1b
[  168.368487][ T9928]  should_fail_ex+0x265/0x280
[  168.368523][ T9928]  should_fail+0xb/0x20
[  168.368557][ T9928]  should_fail_usercopy+0x1a/0x20
[  168.368589][ T9928]  _copy_from_user+0x1c/0xb0
[  168.368607][ T9928]  do_ipv6_setsockopt+0x220/0x22e0
[  168.368630][ T9928]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  168.368706][ T9928]  ? exc_page_fault+0x62/0xa0
[  168.368792][ T9928]  ? __rcu_read_unlock+0x4f/0x70
[  168.368817][ T9928]  ? avc_has_perm_noaudit+0x1b1/0x200
[  168.368874][ T9928]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  168.368931][ T9928]  ipv6_setsockopt+0x59/0x130
[  168.368959][ T9928]  rawv6_setsockopt+0x1d2/0x420
[  168.369051][ T9928]  sock_common_setsockopt+0x69/0x80
[  168.369081][ T9928]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  168.369111][ T9928]  __sys_setsockopt+0x184/0x200
[  168.369149][ T9928]  __x64_sys_setsockopt+0x64/0x80
[  168.369209][ T9928]  x64_sys_call+0x2bd5/0x2fb0
[  168.369234][ T9928]  do_syscall_64+0xd2/0x200
[  168.369254][ T9928]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  168.369364][ T9928]  ? clear_bhb_loop+0x40/0x90
[  168.369426][ T9928]  ? clear_bhb_loop+0x40/0x90
[  168.369449][ T9928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.369575][ T9928] RIP: 0033:0x7ff01dd7e929
[  168.369669][ T9928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.369691][ T9928] RSP: 002b:00007ff01c3c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  168.369711][ T9928] RAX: ffffffffffffffda RBX: 00007ff01dfa6080 RCX: 00007ff01dd7e929
[  168.369726][ T9928] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000003
[  168.369741][ T9928] RBP: 00007ff01c3c6090 R08: 0000000000000018 R09: 0000000000000000
[  168.369787][ T9928] R10: 0000200000001640 R11: 0000000000000246 R12: 0000000000000001
[  168.369798][ T9928] R13: 0000000000000000 R14: 00007ff01dfa6080 R15: 00007ffda531f308
[  168.369816][ T9928]  </TASK>
[  168.650972][ T9933] serio: Serial port ptm0
[  168.667831][ T9934] loop4: detected capacity change from 0 to 1024
[  168.681420][ T9934] EXT4-fs: Ignoring removed orlov option
[  168.698374][ T9934] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.745166][ T9937] FAULT_INJECTION: forcing a failure.
[  168.745166][ T9937] name failslab, interval 1, probability 0, space 0, times 0
[  168.757961][ T9937] CPU: 0 UID: 0 PID: 9937 Comm: +}[@ Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  168.757993][ T9937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  168.758007][ T9937] Call Trace:
[  168.758014][ T9937]  <TASK>
[  168.758023][ T9937]  __dump_stack+0x1d/0x30
[  168.758117][ T9937]  dump_stack_lvl+0xe8/0x140
[  168.758140][ T9937]  dump_stack+0x15/0x1b
[  168.758159][ T9937]  should_fail_ex+0x265/0x280
[  168.758194][ T9937]  ? sysfs_init_fs_context+0x7d/0x250
[  168.758240][ T9937]  should_failslab+0x8c/0xb0
[  168.758265][ T9937]  __kmalloc_cache_noprof+0x4c/0x320
[  168.758365][ T9937]  sysfs_init_fs_context+0x7d/0x250
[  168.758402][ T9937]  alloc_fs_context+0x3ec/0x4e0
[  168.758442][ T9937]  fs_context_for_mount+0x22/0x30
[  168.758516][ T9937]  do_new_mount+0xe9/0x680
[  168.758599][ T9937]  path_mount+0x4a4/0xb20
[  168.758630][ T9937]  ? user_path_at+0x109/0x130
[  168.758696][ T9937]  __se_sys_mount+0x28f/0x2e0
[  168.758812][ T9937]  __x64_sys_mount+0x67/0x80
[  168.758913][ T9937]  x64_sys_call+0xd36/0x2fb0
[  168.758939][ T9937]  do_syscall_64+0xd2/0x200
[  168.758965][ T9937]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  168.758994][ T9937]  ? clear_bhb_loop+0x40/0x90
[  168.759014][ T9937]  ? clear_bhb_loop+0x40/0x90
[  168.759095][ T9937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.759120][ T9937] RIP: 0033:0x7fbac3f4e929
[  168.759137][ T9937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.759188][ T9937] RSP: 002b:00007fbac25b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  168.759208][ T9937] RAX: ffffffffffffffda RBX: 00007fbac4175fa0 RCX: 00007fbac3f4e929
[  168.759220][ T9937] RDX: 0000200000000100 RSI: 00002000000006c0 RDI: 0000000000000000
[  168.759231][ T9937] RBP: 00007fbac25b7090 R08: 0000000000000000 R09: 0000000000000000
[  168.759242][ T9937] R10: 0000000000004014 R11: 0000000000000246 R12: 0000000000000001
[  168.759254][ T9937] R13: 0000000000000000 R14: 00007fbac4175fa0 R15: 00007ffe44876208
[  168.759273][ T9937]  </TASK>
[  169.040695][ T9939] loop3: detected capacity change from 0 to 1024
[  169.071111][ T9939] EXT4-fs: Ignoring removed orlov option
[  169.099085][ T9939] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.139406][ T9943] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.1921: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  169.336360][ T9939] ==================================================================
[  169.344509][ T9939] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  169.352793][ T9939] 
[  169.355141][ T9939] write to 0xffff888106a7c1a0 of 4 bytes by task 9946 on cpu 1:
[  169.362793][ T9939]  writeback_single_inode+0x14a/0x3e0
[  169.368225][ T9939]  sync_inode_metadata+0x5b/0x90
[  169.373193][ T9939]  generic_buffers_fsync_noflush+0xd9/0x120
[  169.379119][ T9939]  ext4_sync_file+0x1ab/0x690
[  169.383825][ T9939]  vfs_fsync_range+0x10d/0x130
[  169.388637][ T9939]  ext4_buffered_write_iter+0x34f/0x3c0
[  169.394219][ T9939]  ext4_file_write_iter+0x383/0xf00
[  169.399451][ T9939]  iter_file_splice_write+0x5f2/0x970
[  169.404864][ T9939]  direct_splice_actor+0x156/0x2a0
[  169.410007][ T9939]  splice_direct_to_actor+0x312/0x680
[  169.415431][ T9939]  do_splice_direct+0xda/0x150
[  169.420225][ T9939]  do_sendfile+0x380/0x650
[  169.424664][ T9939]  __x64_sys_sendfile64+0x105/0x150
[  169.429900][ T9939]  x64_sys_call+0xb39/0x2fb0
[  169.434511][ T9939]  do_syscall_64+0xd2/0x200
[  169.439026][ T9939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.444956][ T9939] 
[  169.447309][ T9939] read to 0xffff888106a7c1a0 of 4 bytes by task 9939 on cpu 0:
[  169.454880][ T9939]  __mark_inode_dirty+0x18e/0x760
[  169.459945][ T9939]  ext4_write_inline_data_end+0x3e5/0x5f0
[  169.465693][ T9939]  ext4_write_end+0x4cd/0x730
[  169.470391][ T9939]  generic_perform_write+0x30f/0x490
[  169.475690][ T9939]  ext4_buffered_write_iter+0x1ee/0x3c0
[  169.481248][ T9939]  ext4_file_write_iter+0x383/0xf00
[  169.486456][ T9939]  iter_file_splice_write+0x5f2/0x970
[  169.491849][ T9939]  direct_splice_actor+0x156/0x2a0
[  169.496986][ T9939]  splice_direct_to_actor+0x312/0x680
[  169.502392][ T9939]  do_splice_direct+0xda/0x150
[  169.507177][ T9939]  do_sendfile+0x380/0x650
[  169.511615][ T9939]  __x64_sys_sendfile64+0x105/0x150
[  169.516828][ T9939]  x64_sys_call+0xb39/0x2fb0
[  169.521436][ T9939]  do_syscall_64+0xd2/0x200
[  169.526053][ T9939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.531981][ T9939] 
[  169.534317][ T9939] value changed: 0x00000038 -> 0x00000000
[  169.540057][ T9939] 
[  169.542393][ T9939] Reported by Kernel Concurrency Sanitizer on:
[  169.548565][ T9939] CPU: 0 UID: 0 PID: 9939 Comm: syz.3.1923 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  169.561001][ T9939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  169.571073][ T9939] ==================================================================
[  169.579560][ T9948] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.1923: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  169.649052][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.790722][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.