last executing test programs:

18.151300485s ago: executing program 3 (id=1074):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, 0x0, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e0000000000000005000000"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCBRADDBR(r4, 0x89a0, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno='])
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f00000004c0))
creat(&(0x7f0000000180)='./file0\x00', 0x0)

16.420136003s ago: executing program 3 (id=1098):
syz_emit_ethernet(0x0, 0x0, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x5)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = getpgrp(0xffffffffffffffff)
syz_open_procfs(r1, &(0x7f0000000180)='net/nf_conntrack\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x100001f, &(0x7f0000000240)={[{@errors_remount}, {@grpquota}, {@i_version}, {@data_err_ignore}]}, 0x21, 0x44b, &(0x7f0000000dc0)="$eJzs281vG0UbAPBn7aR9274lKSof/YAGCqICkTRpgR44tAgkDiAhwaEcQ5JWoW6DmiDRKoKAUDmiShy4IY5I/AWc4IKAExJXuKNKFcqlhZPR2ruJ49hJnNh1iH8/aZWZ3XFmHu+OPbPjDaBnDUXEpxHx/4j4PSIGIiKpLzBU/XN3cX7i78X5iSTK5Tf/Sirl7izOT+RF89ftyzML1fyRBvXOXrt+abxUmrqa5UfmLr83Mnvt+rPTl8cvTl2cujJ25szpU6MvPD/2XFviTNt05/CHM0cPvfr2zdcnzt985+dvkyy8qIujTYbWOvhkmyvrtv016aSviw2hJcWISE9Xf6X/D0Qxlk/eQLzySVcbB3RUuVwu725+eKEM7GBJdLsFQHfkX/Tp/Dff7tHQY1u4fa46AUrjvptt1SN9UcjK9NfNb9spnW2dX/jnq3SLztyHAABY4ftz1b+rx3+FeLCm3NlsbWgwIg7ULG4cjIgHIiplH4qIh1usv36RZPX4p3CrxX/ZknT892K2trVy/JeP/mKwmOX2V+LvTy5Ml6ZORsR9EXEi+nen+dE16vjh5d8+b3ZsqGb8l25p/flYMGvHrb66G3ST43PjW4m51u2PIw73NYo/WVoJSCLiUEQcPra5Oqaf/uZos2Prx7+GNqwzlb+OeKp6/heiLv5csvb65Mj/ojR1ciS/Klb75dcbbzSrv9X4D3y5PGdrh/T87214/S/FP1gu1qzXzrZex40/Pms6p9ns9b8reauS3pXt+2B8bu7qaMSu5LVs/9nl/WPLr83zefk0/hPHG/f/+2P5nTgSEelF/EhEPBoRx7K2PxYRj0fE8TXi/+mlJ97dfPydlcY/uc75T2rX6zeRKF768bsVlQ62En96/k9XUieyPRv5/NtoA7f6/gEAAMB/QaHy2/+kMLyULhSGh6u/lz8Yewulmdm5Zy7MvH9lsvqMwGD0F/I7XQM190NHs2l9nh+ry5/K7ht/UdxTyQ9PzJQmux089Lh9Tfp/6s9it1sHdJzntaB36f/Qu/R/6F36P/SsRs//79lAGWAHaPT9/1EX2gHce8b/0Lta7f/VyYEpAewEvv+hd+n/0JO28lx/JxP5+sN2ac+KRLm8Xpm+7dLUziWisC2aIdGhRJc/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrk3wAAAP//+TvoKw==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mq_open(0x0, 0x6e93ebbbcc0884f2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f00000008c0)=@newtaction={0xac, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x3, {}, [{0x98, 0x1, [@m_connmark={0x50, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xd, 0x5, 0xe1, 0x3}, 0x8}}]}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xac}}, 0x0)

14.051935382s ago: executing program 3 (id=1120):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7}, 0x18)
socket$inet6(0xa, 0x3, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="a1832abd7000ffffffff05000000080003"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4040004)

13.879426454s ago: executing program 3 (id=1124):
setns(0xffffffffffffffff, 0x2000000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001f80)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x3, 0x0, @loopback}, 0x1c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x114, &(0x7f0000000080)=0xb94, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
shutdown(r5, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x64, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0x2, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x38, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xba2ceb09c15e9291}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xf49}, {}, 0x3, 0x8}}]}}]}, 0x64}}, 0x4000010)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2}, {0x2, 0x0, 0x5, 0x0, 0x0, 0x40}, 0x0, 0x8}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800d8f3434176000000000220000000000000000085000000ae00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4fb, &(0x7f0000000500)="$eJzs3U1vW1kZAODXzpeTyUwywywAIaYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9j8gUYkVLPkBrLviJyDYsYEFEh8RqKnE4qJ7bbduajduk9hp/DzS1b3nnmu/5yS559hvEp8ARtaliLgfEZMRcSsi5lrnc60tPm9u6XWPD+6tHh7cW81Fktz4Vy6rT89Fx2NSb7WesxARP/5+xM9yL8at7+1vrlQq5Z1mcXqhUd1eqO/tX92orqyX18tbpdLy0vLip9c+KZ1aXz+oTjYPxtIGfvsXabNmW3Wd/ThNza5PPI2TGo+IH55FsCEYa/VnctgN4bXkI+K9iPgwu//nYiz7bgIAF1mSzEUy11kGAC66fJYDy+WLrVzAbOTzxWIzh/d+zOQrtXrjyu3a7tZaM1c2HxP52xuV8mIrVzgfE7m0vJQdPyuXjpSvRcS7EfHLqemsXFytVdaG+cIHAEbYW0fm//9ONed/AOCCKwy7AQDAwJn/AWD0mP8BYPSY/wFg9Jj/AWD0mP8BYPSY/wFgpPzo+vV0Sw5bn3+9dmdvd7N25+paub5ZrO6uFldrO9vF9VptPfvMnupxz1ep1baXPo7du/Pf2a43Fup7+zertd2txs3sc71vlicG0isA4GXe/eDRn3MRcf+z6WyLjrUczNVwseWH3QBgaMaG3QBgaKz2BaPrBO/xpQfgguiyRO9zChExffTqJEmSs20WcIYuf0n+H0ZVR/7fXwHDiJH/h9HVb/7/uPwA8OZJkly/a/5HvxcCAOebHD/Q4/39e63971q/HPjp2tErHp5lqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8a6//W2ytBT4b+XyxGPF2RMzHRO72RqW8GBHvRMSfpiam0vLSkNsMAJxU/u+51vpfl+c+mj1aO5l7MpXtI+Lnv77xq7srjcbOH9Pz/356vvGwdb40jPYDAMdpz9PZvuON/OODe6vtbZDt+cf3IqLQjH94MBmHT+OPx3i2L8RERMz8J9cqN+U6chcncf9BRHyxW/9zMZvlQJornx6Nn8Z+e6Dx88/Fz2d1zX36tfjCK0dO5k6h+fBGe5SOP593u//ycSnbd7//C9kIdXKt8S99qtXDbAx8Fr89/o31GP8u9Rvj4z/8oHk0/WLdg4gvj0e0Yx92jD/t+Lke8T/qM/5fvvLVD3vVJb+JuBzd43fGWmhUtxfqe/tXN6or6+X18laptLy0vPjptU9KC1mOeqH3bPDPz66806su7f9Mj/iFY/r/jT77/9v/3frJ114S/1tf7xY/H++/JH46J36zz/grM78v9KpL46917X9b7/5f6TP+X/+2/8Ky4QDA8NT39jdXKpXyziAP2i8kBhrUwQU4SH9qzkEzuh58d1CxJuOVHpUkrxWr14hxGlk34Dxo3utJeScingy7MQAAAAAAAAAAAAAAQFeD+I+lYfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi+v/AQAA//+XC86k")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)

13.510861s ago: executing program 3 (id=1130):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r6, 0x84, 0xc, &(0x7f0000000380), 0x0)
close(r4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
r9 = syz_open_dev$usbfs(0x0, 0x205, 0x2581)
r10 = fcntl$dupfd(r9, 0x0, r9)
r11 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000440)='btrfs_inode_mod_outstanding_extents\x00', r12}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x0, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@block_validity}, {@norecovery}, {@auto_da_alloc}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000f80)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000001dc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
setsockopt$EBT_SO_SET_ENTRIES(r10, 0x0, 0x80, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x2, 0x2f4, [0x0, 0x200000000bc0, 0x200000000bf0, 0x200000000c20], 0x0, &(0x7f0000000280), &(0x7f0000000bc0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x2, [{0x11, 0x10, 0x9100, 'dummy0\x00', 'bond_slave_0\x00', 'wg0\x00', 'veth0_virt_wifi\x00', @local, [0x0, 0x0, 0xff, 0x0, 0x0, 0xff], @broadcast, [0x0, 0x0, 0xff, 0x0, 0x0, 0xff], 0xe6, 0x116, 0x14e, [@mac={{'mac\x00', 0x0, 0x10}, {{@remote}}}, @mark_m={{'mark_m\x00', 0x0, 0x18}, {{0x9, 0x9, 0x0, 0x3}}}], [@common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffd}}}], @common=@dnat={'dnat\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0xffffffffffffffff}}}}, {0xf, 0x28, 0x809b, 'xfrm0\x00', 'macvtap0\x00', 'wg1\x00', 'ip6tnl0\x00', @random="0a8da0d06dda", [0x0, 0x0, 0x0, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], 0x6e, 0x9e, 0xe6, [], [@common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x3}}}], @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00', 0x0, 0x0, {0x458}}}}}]}]}, 0x36c)
keyctl$chown(0x4, r11, r13, 0x0)
ioctl$USBDEVFS_SUBMITURB(r10, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
close_range(r8, 0xffffffffffffffff, 0x0)

13.353252933s ago: executing program 3 (id=1134):
syz_pidfd_open(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, 0x0, 0x0)
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x4041)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x2, 0x3, &(0x7f00000027c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0x9, 0x3, 0xc4f, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, 0x0, &(0x7f0000000100), 0x6c7, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=""/211, &(0x7f0000000080), &(0x7f0000000440), 0x3, r1}, 0x38)

13.332828733s ago: executing program 32 (id=1134):
syz_pidfd_open(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, 0x0, 0x0)
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x4041)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x2, 0x3, &(0x7f00000027c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0x9, 0x3, 0xc4f, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, 0x0, &(0x7f0000000100), 0x6c7, r1}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=""/211, &(0x7f0000000080), &(0x7f0000000440), 0x3, r1}, 0x38)

8.430631153s ago: executing program 5 (id=1199):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x200000001300, 0x200000001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000200000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000e5ffffffffffffff00000000000000000000fcffffff00000000"]}, 0x108)

8.366640464s ago: executing program 5 (id=1200):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200000000"], 0xfc}}, 0x0)

8.281711265s ago: executing program 5 (id=1204):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x100000001}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000040)={[{@jqfmt_vfsold}]}, 0xfe, 0x56e, &(0x7f00000011c0)="$eJzs3U1rVFcfAPD/nbz4+jxGEGm7KAEXtVgnJumLhS7ssrRSod3bIbkGycSRzERMKlQXdeOmSKGUCqUfoPsupV+g9EMIrSBFQrvoZsqd3ImjmcnEODrTzu8HV8+5947nnLn3nPmfOSM3gKE1mf1RiHg5Ir5KIg61HBuN/ODkxnnrD6/NZVsS9fonfySR5Pua5yf53wfyzEsR8fOXEScKW8utrq4tlsrldDnPT9WWLk9VV9dOXlwqLaQL6aWZ2dnTb83OvPvO2z1r6+vn/vr247sfnL51bP2bH+8fvp3EmTiYH2ttxzO43pqZjMn8PRmLM0+cON2DwgZJ0u8KsCsjeT8fi2wMOBQjea8H/vu+iIg6MKQS/R+GVDMOaM7tW+bBI52jhjYT+n+pB+9vTIC2tn9047uR2NuYG+1fTx6bGWXz3YkelJ+V8dPvd25nW/TuewiArq7fiIhTo6Nbx78kH/9279QOznmyDOMfvDh3s/jnjXbxT2Ez/ok28c+BNn13N7r3/8L9Ni9LevUtdRb/vdc2/t2McSdG8tz/GjHfWHLhYjnNxrb/R8TxGNuT5bdbzzm9fq/e6Vhr/JdtWfnNWDCvx/3RPY+/Zr5UKz1Lm1s9uBHxStv4N9m8/kmb65+9H+d2WMbR9M6rnY51b//zVf8h4rW21//Rilay/frkVON+mGreFVv9efPoL53K73f7s+u/f/v2TySt67XVpy/j+71/p52Obd/+gx3v//Hk00Z6PN93tVSrLU9HjCcfbd0/8+i1zXzz/Kz9x49tP/61u//3RcRnXVteb9T85pGbHU8dgOv/6/xTXf+nT9z78PPvOpW/s/HvzUbqeL5nJ+PfTiv4LO8dAAAAAAAADJpCY5U1KRQ304VCsbjx+44jsb9QrlRrJy5UVi7Nb6zGTsRYobnSfajl9xDT+e9hm/mZJ/KzEXE4Ir4e2dfIF+cq5fl+Nx4AAAAAAAAAAAAAAAAAAAAGxIEO//8/81v7J4CNv9gaAs+VR37D8Ora/3vxpCdgIPn8h+G1q/6/r/f1AF48n/8wpMb6XQGgn3z+w/DS/2F46f8wvPR/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KlzZ89mW3394bW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZa6/XvlSuXy9EysXJ2qpdXaVHV17fxSZeVS7fzFpdJCej71tCEAAAAAAAAAAAAAAAAAAADYqrq6tlgql9NlCYldJUYHoxoSLYlbPejdfR6YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDFPwEAAP//j6c30Q==")
r4 = open(&(0x7f0000000140)='./file1\x00', 0x141242, 0x40)
pwrite64(r4, &(0x7f0000000940)='2', 0x1, 0x8000c61)
fallocate(r4, 0x8, 0x0, 0x10000)

8.087783789s ago: executing program 5 (id=1211):
setns(0xffffffffffffffff, 0x2000000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001f80)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x3, 0x0, @loopback}, 0x1c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x114, &(0x7f0000000080)=0xb94, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
shutdown(r5, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x64, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0x2, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x38, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xba2ceb09c15e9291}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xf49}, {}, 0x3, 0x8}}]}}]}, 0x64}}, 0x4000010)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2}, {0x2, 0x0, 0x5, 0x0, 0x0, 0x40}, 0x0, 0x8}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800d8f3434176000000000220000000000000000085000000ae00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4fb, &(0x7f0000000500)="$eJzs3U1vW1kZAODXzpeTyUwywywAIaYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9j8gUYkVLPkBrLviJyDYsYEFEh8RqKnE4qJ7bbduajduk9hp/DzS1b3nnmu/5yS559hvEp8ARtaliLgfEZMRcSsi5lrnc60tPm9u6XWPD+6tHh7cW81Fktz4Vy6rT89Fx2NSb7WesxARP/5+xM9yL8at7+1vrlQq5Z1mcXqhUd1eqO/tX92orqyX18tbpdLy0vLip9c+KZ1aXz+oTjYPxtIGfvsXabNmW3Wd/ThNza5PPI2TGo+IH55FsCEYa/VnctgN4bXkI+K9iPgwu//nYiz7bgIAF1mSzEUy11kGAC66fJYDy+WLrVzAbOTzxWIzh/d+zOQrtXrjyu3a7tZaM1c2HxP52xuV8mIrVzgfE7m0vJQdPyuXjpSvRcS7EfHLqemsXFytVdaG+cIHAEbYW0fm//9ONed/AOCCKwy7AQDAwJn/AWD0mP8BYPSY/wFg9Jj/AWD0mP8BYPSY/wFgpPzo+vV0Sw5bn3+9dmdvd7N25+paub5ZrO6uFldrO9vF9VptPfvMnupxz1ep1baXPo7du/Pf2a43Fup7+zertd2txs3sc71vlicG0isA4GXe/eDRn3MRcf+z6WyLjrUczNVwseWH3QBgaMaG3QBgaKz2BaPrBO/xpQfgguiyRO9zChExffTqJEmSs20WcIYuf0n+H0ZVR/7fXwHDiJH/h9HVb/7/uPwA8OZJkly/a/5HvxcCAOebHD/Q4/39e63971q/HPjp2tErHp5lqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8a6//W2ytBT4b+XyxGPF2RMzHRO72RqW8GBHvRMSfpiam0vLSkNsMAJxU/u+51vpfl+c+mj1aO5l7MpXtI+Lnv77xq7srjcbOH9Pz/356vvGwdb40jPYDAMdpz9PZvuON/OODe6vtbZDt+cf3IqLQjH94MBmHT+OPx3i2L8RERMz8J9cqN+U6chcncf9BRHyxW/9zMZvlQJornx6Nn8Z+e6Dx88/Fz2d1zX36tfjCK0dO5k6h+fBGe5SOP593u//ycSnbd7//C9kIdXKt8S99qtXDbAx8Fr89/o31GP8u9Rvj4z/8oHk0/WLdg4gvj0e0Yx92jD/t+Lke8T/qM/5fvvLVD3vVJb+JuBzd43fGWmhUtxfqe/tXN6or6+X18laptLy0vPjptU9KC1mOeqH3bPDPz66806su7f9Mj/iFY/r/jT77/9v/3frJ114S/1tf7xY/H++/JH46J36zz/grM78v9KpL46917X9b7/5f6TP+X/+2/8Ky4QDA8NT39jdXKpXyziAP2i8kBhrUwQU4SH9qzkEzuh58d1CxJuOVHpUkrxWr14hxGlk34Dxo3utJeScingy7MQAAAAAAAAAAAAAAQFeD+I+lYfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi+v/AQAA//+XC86k")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)

7.862155062s ago: executing program 5 (id=1213):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7}, 0x18)
socket$inet6(0xa, 0x3, 0x6)
r4 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
finit_module(r4, 0x0, 0x2)

7.492273768s ago: executing program 5 (id=1218):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={0x0, r1}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f000801}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x87)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
shutdown(r4, 0x1)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
lsm_set_self_attr(0x69, &(0x7f0000000180)={0x65, 0x6, 0x21, 0x1, '!'}, 0x21, 0x0)

7.455526649s ago: executing program 33 (id=1218):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={0x0, r1}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f000801}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x87)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
shutdown(r4, 0x1)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
lsm_set_self_attr(0x69, &(0x7f0000000180)={0x65, 0x6, 0x21, 0x1, '!'}, 0x21, 0x0)

2.642595057s ago: executing program 1 (id=1284):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1e, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2a, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8)
name_to_handle_at(r1, &(0x7f0000004740)='\x00', &(0x7f0000004780)=ANY=[@ANYBLOB='\f'], &(0x7f00000047c0), 0x1200)
openat$cgroup_ro(r1, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4c881, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003d80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000001140)={0xa, 0x4e21, 0x1, @dev={0xfe, 0x80, '\x00', 0x3b}, 0x47}, 0x1c, 0x0, 0x0, &(0x7f0000001480)=[@rthdrdstopts={{0x18, 0x29, 0x37, {0x32}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x7594}}], 0x30}}], 0x2, 0x4040005)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

2.026044027s ago: executing program 2 (id=1287):
syz_usbip_server_init(0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {}, 0x4, 0x0, 0x1000}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x40047459, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200180100000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a3000000000ec000380e8000080d00001"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000880}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000040)='./file0\x00', 0x0)

1.979796198s ago: executing program 4 (id=1288):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
shutdown(r0, 0x0)
connect$unix(r0, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
r2 = accept(r1, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000007c0)="16b2ad", 0x3, 0x640408e9, 0x0, 0x0)

1.931741099s ago: executing program 0 (id=1289):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, 0x0, 0x0)
syz_clone(0x8008a00, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000888000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0xb16d9000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRESOCT=0x0, @ANYBLOB="0000000000000020b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000f80)=""/4096)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x8)

1.83036908s ago: executing program 4 (id=1290):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

1.768049501s ago: executing program 4 (id=1291):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0x9, 0x3, 0xc4f, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000100), 0x6c7, r2}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=""/211, &(0x7f0000000080), &(0x7f0000000440), 0x3, r2}, 0x38)

1.764042601s ago: executing program 0 (id=1292):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000010000305160000001dc76dcd00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000004400128009000100626f6e6400000000340002800500010004000000050016000000000008001c000000000005000c00000000000a001a"], 0xc3}, 0x1, 0x100000000000000}, 0x0)
shmctl$IPC_RMID(0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000001600), 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x6, 0x11, r5, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(r3, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r4, 0x1}, 0x1c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ftruncate(r3, 0x6a7)

1.740597502s ago: executing program 4 (id=1293):
r0 = socket$packet(0x11, 0x3, 0x300)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x1407, 0x200, 0x70bd27, 0x25dfdbfb}, 0x10}, 0x1, 0x0, 0x0, 0xa11d29964e281dd2}, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0xfffc, 0xb000}, 0x4)
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r1)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
close(0xffffffffffffffff)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r4, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r4)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/net\x00')
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f00000000c0)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@block_validity}, {@quota}]}, 0x3, 0x452, &(0x7f0000000780)="$eJzs289vFFUcAPDvTFug/LAV8Qc/1CoaG3+0tKBy8KLRxIMmJl7wWNtCkIUaWhMhRNEYPBoS78ajiX+BJ70Y9WTiVe+GhBguoqc1szvD/mC3tMu2g+znkwx9b+YN7333zdt9M283gIE1kf2TROyMiN8jYqyebS0wUf9z/dqF+X+uXZhPolp9+6+kVu7vaxfmi6LFeTvyzGQakX6WxP4O9S6fO39qrlJZPJvnp1dOvz+9fO78cydPz51YPLF4Zvbo0SOHZ158Yfb5vsR5b9bWfR8tHdj7+juX35w/dvndn79Nivjb4uiTidUOPlmt9rm6cu1qSifDJTaEdRmKiKy7RmrjfyyGotF5Y/Hap6U2DthQ1VyXwxerwF0sibJbAJSj+KDP7n+LbfNmH+W7+nL9BiiL+3q+1Y8MR5qXGWm7v+2niYg4dvHfr7ItNuY5BABAi++z+c+zneZ/aTzQVO6efG1oPF9L2R0R90XEnoi4P6JW9sGIeGid9bcvktw8/0mv9BTYGmXzv5fyta3W+V8x+4vxoTy3qxb/SHL8ZGXxUP6aTMbI1iw/s0odP7z62xfdjjXP/7Itq7+YC+btuDK8tfWchbmVuduJudnVTyL2DXeKP7mxEpBExN6I2NdjHSef/uZAt2O3jn8VfVhnqn4d8VS9/y9GW/yFZPX1yeltUVk8NF1cFTf75ddLb3Wr/7bi74Os/7d3vP5vxD+eNK/XLq+/jkt/fN71nmaqp+u/sWNL/vfDuZWVszMRW5I36o1u3j/bOLfIF+Wz+CcPdh7/u6PxSuyPiOwifjgiHomIR/O+eywiHo+Ig53Dy24d46dXnnivW/x3Qv8vtPX/eGuRtv5vJLZE+57OiaFTP37X+j82kmt7/ztSS03me9by/reWdvV2NQMAAMD/TxoROyNJp26kR9Opqfp3+PfE9rSytLzyzPGlD84s1H8jMB4jafGka6zpeehMfltf5Gfb8ofz58ZfDo3W8lPzS5WFsoOHAbfjpvGf1sZ/5s+hslsHbDi/14LB1TT+kzLbAWw+n/8wuIx/GFwdxv9oGe0ANl+nz/+PS2gHsPnaxr9lPxgg7v9hcBn/MLiax78vAMDAWB6NW/9IvlNiW/RylsRdk4j0jmhGfxJJj6NgrYmdZQe4/kTZ70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD98V8AAAD///Mv57k=")

1.710181852s ago: executing program 1 (id=1294):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, &(0x7f00000001c0)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7abff, 0x0, 0x3)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000680), 0x8800, 0x0)
r2 = fspick(0xffffffffffffff9c, 0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f00000005c0)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000240)=0x1c)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
process_mrelease(r1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffefe, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x100, 0x1, 0x5, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
r5 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
fchdir(r6)
setgroups(0x0, 0x0)
getgroups(0x1, &(0x7f0000000080)=[0xee00])
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000500)=ANY=[], 0xc9)
socket$kcm(0x10, 0x2, 0x4)
capset(0x0, &(0x7f0000000040)={0x0, 0x2})
syz_open_dev$tty1(0xc, 0x4, 0x1)

1.706506602s ago: executing program 6 (id=1220):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e)

1.652546493s ago: executing program 6 (id=1295):
setns(0xffffffffffffffff, 0x2000000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001f80)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x3, 0x0, @loopback}, 0x1c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x114, &(0x7f0000000080)=0xb94, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
shutdown(r5, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x64, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0x2, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x38, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xba2ceb09c15e9291}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xf49}, {}, 0x3, 0x8}}]}}]}, 0x64}}, 0x4000010)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2}, {0x2, 0x0, 0x5, 0x0, 0x0, 0x40}, 0x0, 0x8}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4fb, &(0x7f0000000500)="$eJzs3U1vW1kZAODXzpeTyUwywywAIaYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9j8gUYkVLPkBrLviJyDYsYEFEh8RqKnE4qJ7bbduajduk9hp/DzS1b3nnmu/5yS559hvEp8ARtaliLgfEZMRcSsi5lrnc60tPm9u6XWPD+6tHh7cW81Fktz4Vy6rT89Fx2NSb7WesxARP/5+xM9yL8at7+1vrlQq5Z1mcXqhUd1eqO/tX92orqyX18tbpdLy0vLip9c+KZ1aXz+oTjYPxtIGfvsXabNmW3Wd/ThNza5PPI2TGo+IH55FsCEYa/VnctgN4bXkI+K9iPgwu//nYiz7bgIAF1mSzEUy11kGAC66fJYDy+WLrVzAbOTzxWIzh/d+zOQrtXrjyu3a7tZaM1c2HxP52xuV8mIrVzgfE7m0vJQdPyuXjpSvRcS7EfHLqemsXFytVdaG+cIHAEbYW0fm//9ONed/AOCCKwy7AQDAwJn/AWD0mP8BYPSY/wFg9Jj/AWD0mP8BYPSY/wFgpPzo+vV0Sw5bn3+9dmdvd7N25+paub5ZrO6uFldrO9vF9VptPfvMnupxz1ep1baXPo7du/Pf2a43Fup7+zertd2txs3sc71vlicG0isA4GXe/eDRn3MRcf+z6WyLjrUczNVwseWH3QBgaMaG3QBgaKz2BaPrBO/xpQfgguiyRO9zChExffTqJEmSs20WcIYuf0n+H0ZVR/7fXwHDiJH/h9HVb/7/uPwA8OZJkly/a/5HvxcCAOebHD/Q4/39e63971q/HPjp2tErHp5lqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8a6//W2ytBT4b+XyxGPF2RMzHRO72RqW8GBHvRMSfpiam0vLSkNsMAJxU/u+51vpfl+c+mj1aO5l7MpXtI+Lnv77xq7srjcbOH9Pz/356vvGwdb40jPYDAMdpz9PZvuON/OODe6vtbZDt+cf3IqLQjH94MBmHT+OPx3i2L8RERMz8J9cqN+U6chcncf9BRHyxW/9zMZvlQJornx6Nn8Z+e6Dx88/Fz2d1zX36tfjCK0dO5k6h+fBGe5SOP593u//ycSnbd7//C9kIdXKt8S99qtXDbAx8Fr89/o31GP8u9Rvj4z/8oHk0/WLdg4gvj0e0Yx92jD/t+Lke8T/qM/5fvvLVD3vVJb+JuBzd43fGWmhUtxfqe/tXN6or6+X18laptLy0vPjptU9KC1mOeqH3bPDPz66806su7f9Mj/iFY/r/jT77/9v/3frJ114S/1tf7xY/H++/JH46J36zz/grM78v9KpL46917X9b7/5f6TP+X/+2/8Ky4QDA8NT39jdXKpXyziAP2i8kBhrUwQU4SH9qzkEzuh58d1CxJuOVHpUkrxWr14hxGlk34Dxo3utJeScingy7MQAAAAAAAAAAAAAAQFeD+I+lYfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi+v/AQAA//+XC86k")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)

1.506914016s ago: executing program 0 (id=1296):
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getpid()
io_setup(0xf447, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmmsg(0xffffffffffffffff, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="65c6d96326a838047976a77611d4c4ecc94b3585c42786716ad7c93fd3a228e9a1cd93801f5b4033ea9ae2b561f18c2893aba2af73f86ac4a65917672e186b297cada86c7b329c4831efa7228c040c757e6ce437d7853ac2cca9605a2e18bf6553fac161511f4483dc8b5294583cc78cd79fb68fb57bd8697ac1639517070e92cd2d36932b0e26cf8fdd87e817f08f7d", 0x90}, {&(0x7f00000002c0)="b16b5d1ddcad4b5eedb9593060ada4a1778939f40388ef540871ce291c1010f3310edf7028093cf8709632cad4866d5e448d5385c80db3518564b1194247acfb3b463ee97c794123a991311e51e1790748a23c3301974b905bbd18b3e54cb3cc90c180fba7461df205130349d430083d2c66828f43a4f66e274175218e8e3f", 0x7f}], 0x2}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000002880)="13d0dc432d3d3391fafe26160c215d30a476f4ac80d634079b6b579bb04ade2653f8c0f6b1a55451ddad18f6d9a81e8bc2121377f7a87a5e076ea2c1e4b0094d472684241faf30ebff5e58a61ba1c2ce470b99036209", 0x56}], 0x1}}], 0x2, 0x4000)
close(0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000201b80000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000001040)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x0, 0x12, 0x600, 0x1c0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "0000000000000019b5115c2aee68d23a465cd431e150c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baeb8989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b500", 0x2}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
r1 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x20400)
ioctl$EVIOCGSND(r1, 0x8040451a, 0x0)

1.504968886s ago: executing program 0 (id=1297):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, 0x0, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e0000000000000005000000"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCBRADDBR(r4, 0x89a0, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfd', @ANYRESHEX=r2])
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f00000004c0))
creat(&(0x7f0000000180)='./file0\x00', 0x0)

1.479994826s ago: executing program 4 (id=1298):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="d402000020000000180000000000000000000000000000009500"], &(0x7f00000000c0)='GPL\x00', 0x5, 0x9c, &(0x7f0000000000)=""/156, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x10)
socket$igmp(0x2, 0x3, 0x2)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket(0x28, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x600, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@deltaction={0x3c, 0x18, 0x1, 0x70bd28, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x28, 0x1, [{0x10, 0x80, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x3c}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18080000000000000000007e08f8650c25c83176840000000000950000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000440)=ANY=[], 0x0)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r6=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r5, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r6}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840)

1.381808138s ago: executing program 6 (id=1299):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
shutdown(r0, 0x0)
connect$unix(r0, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
r2 = accept(r1, 0x0, 0x0)
sendto$inet6(r2, &(0x7f00000007c0)="16b2ad", 0x3, 0x640408e9, 0x0, 0x0)

1.359216848s ago: executing program 2 (id=1300):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r1, 0x6, 0xc, &(0x7f0000000200)=0x1, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x3e, &(0x7f0000000540)={@broadcast, @random="e23dfb9c6ac7", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x4000, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x1, 0x0, 0x0, 0x7, 0x0, {0x5, 0x4, 0x1, 0x2, 0x6, 0x66, 0x9, 0x6, 0x89, 0xfff, @loopback, @multicast2}}}}}}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000280)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
socket$kcm(0x2, 0xa, 0x73)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
shutdown(r3, 0x0)
connect$unix(r3, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
accept(r4, 0x0, 0x0)

1.24882253s ago: executing program 2 (id=1301):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, 0x0, 0x0)
syz_clone(0x8008a00, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000888000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0xb16d9000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRESOCT=0x0, @ANYBLOB="0000000000000020b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000f80)=""/4096)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x8)

1.186909751s ago: executing program 2 (id=1302):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r6, 0x84, 0xc, &(0x7f0000000380), 0x0)
close(r4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
r9 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r10 = fcntl$dupfd(r9, 0x0, r9)
r11 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000440)='btrfs_inode_mod_outstanding_extents\x00', r12}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x0, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@block_validity}, {@norecovery}, {@auto_da_alloc}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000f80)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000001dc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
setsockopt$EBT_SO_SET_ENTRIES(r10, 0x0, 0x80, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x2, 0x2f4, [0x0, 0x200000000bc0, 0x200000000bf0, 0x200000000c20], 0x0, &(0x7f0000000280), &(0x7f0000000bc0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x2, [{0x11, 0x10, 0x9100, 'dummy0\x00', 'bond_slave_0\x00', 'wg0\x00', 'veth0_virt_wifi\x00', @local, [0x0, 0x0, 0xff, 0x0, 0x0, 0xff], @broadcast, [0x0, 0x0, 0xff, 0x0, 0x0, 0xff], 0xe6, 0x116, 0x14e, [@mac={{'mac\x00', 0x0, 0x10}, {{@remote}}}, @mark_m={{'mark_m\x00', 0x0, 0x18}, {{0x9, 0x9, 0x0, 0x3}}}], [@common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffd}}}], @common=@dnat={'dnat\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0xffffffffffffffff}}}}, {0xf, 0x28, 0x809b, 'xfrm0\x00', 'macvtap0\x00', 'wg1\x00', 'ip6tnl0\x00', @random="0a8da0d06dda", [0x0, 0x0, 0x0, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], 0x6e, 0x9e, 0xe6, [], [@common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x3}}}], @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00', 0x0, 0x0, {0x458}}}}}]}]}, 0x36c)
keyctl$chown(0x4, r11, r13, 0x0)
ioctl$USBDEVFS_SUBMITURB(r10, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
close_range(r8, 0xffffffffffffffff, 0x0)

1.104468702s ago: executing program 1 (id=1303):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1e, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2a, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8)
name_to_handle_at(r1, &(0x7f0000004740)='\x00', &(0x7f0000004780)=ANY=[@ANYBLOB='\f'], &(0x7f00000047c0), 0x1200)
openat$cgroup_ro(r1, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4c881, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003d80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000001140)={0xa, 0x4e21, 0x1, @dev={0xfe, 0x80, '\x00', 0x3b}, 0x47}, 0x1c, 0x0, 0x0, &(0x7f0000001480)=[@rthdrdstopts={{0x18, 0x29, 0x37, {0x32}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x7594}}], 0x30}}], 0x2, 0x4040005)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

712.954478ms ago: executing program 2 (id=1304):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x2, 0x400000000000003, 0x20, 0x0, 0x12, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3, 0x0, 0x0, 0x1, 0x4}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @rand_addr=0x64010100}}, @sadb_lifetime={0x4, 0x4, 0x0, 0xfffffffffffffffe}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @empty}}]}, 0x90}}, 0x0) (fail_nth: 2)

708.562648ms ago: executing program 1 (id=1305):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e)

683.438799ms ago: executing program 1 (id=1306):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, 0x0, 0x0)
syz_clone(0x8008a00, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000888000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0xb16d9000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRESOCT=0x0, @ANYBLOB="0000000000000020b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000f80)=""/4096)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x8)

385.514934ms ago: executing program 0 (id=1307):
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getpid()
io_setup(0xf447, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmmsg(0xffffffffffffffff, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="65c6d96326a838047976a77611d4c4ecc94b3585c42786716ad7c93fd3a228e9a1cd93801f5b4033ea9ae2b561f18c2893aba2af73f86ac4a65917672e186b297cada86c7b329c4831efa7228c040c757e6ce437d7853ac2cca9605a2e18bf6553fac161511f4483dc8b5294583cc78cd79fb68fb57bd8697ac1639517070e92cd2d36932b0e26cf8fdd87e817f08f7d", 0x90}, {&(0x7f00000002c0)="b16b5d1ddcad4b5eedb9593060ada4a1778939f40388ef540871ce291c1010f3310edf7028093cf8709632cad4866d5e448d5385c80db3518564b1194247acfb3b463ee97c794123a991311e51e1790748a23c3301974b905bbd18b3e54cb3cc90c180fba7461df205130349d430083d2c66828f43a4f66e274175218e8e3f", 0x7f}], 0x2}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000002880)="13d0dc432d3d3391fafe26160c215d30a476f4ac80d634079b6b579bb04ade2653f8c0f6b1a55451ddad18f6d9a81e8bc2121377f7a87a5e076ea2c1e4b0094d472684241faf30ebff5e58a61ba1c2ce470b99036209", 0x56}], 0x1}}], 0x2, 0x4000)
close(0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000201b80000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000001040)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x0, 0x12, 0x600, 0x1c0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "0000000000000019b5115c2aee68d23a465cd431e150c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baeb8989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b500", 0x2}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
r1 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x20400)
ioctl$EVIOCGSND(r1, 0x8040451a, 0x0)

302.112165ms ago: executing program 2 (id=1308):
syz_usbip_server_init(0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {}, 0x4, 0x0, 0x1000}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x40047459, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200180100000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a3000000000ec000380e8000080d00001"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000880}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f0000000040)='./file0\x00', 0x0)

285.777895ms ago: executing program 1 (id=1309):
r0 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
fallocate(r0, 0x0, 0x3ffffffc, 0x400)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
geteuid()
mount$9p_rdma(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040), 0x800d0, &(0x7f0000000cc0)=ANY=[])
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r4 = open_tree(0xffffffffffffffff, 0x0, 0x9000)
prlimit64(0x0, 0xe, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="2000000008000000020000000400000004480400", @ANYRES32, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32, @ANYBLOB="000000000000000000000000005ccb2d413f57000000000000000000"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003b8813359000000000000007cc340f74742fd48f8e58c221376ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000700)='f2fs_writepages\x00', r4, 0x0, 0x2}, 0xfffffffffffffd24)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r7 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r7, 0xc0109207, &(0x7f0000000080)={0x0, 0xffffffffffffff71})
ioctl$MON_IOCX_GETX(r7, 0x80089203, 0x0)
syz_open_dev$usbfs(&(0x7f0000000580), 0x4, 0x200)
r8 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
splice(0xffffffffffffffff, 0x0, r9, 0x0, 0x10d00, 0x0)
r10 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32=r10, @ANYBLOB], 0x0, 0xfffffffd, 0x0, 0x0, 0x20880, 0x23, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x1a, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x20, r8, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xc, @void, @value}, 0x94)
io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xdb90, 0x480, 0x1, 0x6})

3.69266ms ago: executing program 4 (id=1310):
setns(0xffffffffffffffff, 0x2000000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001f80)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x3, 0x0, @loopback}, 0x1c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x114, &(0x7f0000000080)=0xb94, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
shutdown(r4, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x64, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {}, {0x2, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x38, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xba2ceb09c15e9291}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xf49}, {}, 0x3, 0x8}}]}}]}, 0x64}}, 0x4000010)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800d8f3434176000000000220000000000000000085000000ae00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4fb, &(0x7f0000000500)="$eJzs3U1vW1kZAODXzpeTyUwywywAIaYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9j8gUYkVLPkBrLviJyDYsYEFEh8RqKnE4qJ7bbduajduk9hp/DzS1b3nnmu/5yS559hvEp8ARtaliLgfEZMRcSsi5lrnc60tPm9u6XWPD+6tHh7cW81Fktz4Vy6rT89Fx2NSb7WesxARP/5+xM9yL8at7+1vrlQq5Z1mcXqhUd1eqO/tX92orqyX18tbpdLy0vLip9c+KZ1aXz+oTjYPxtIGfvsXabNmW3Wd/ThNza5PPI2TGo+IH55FsCEYa/VnctgN4bXkI+K9iPgwu//nYiz7bgIAF1mSzEUy11kGAC66fJYDy+WLrVzAbOTzxWIzh/d+zOQrtXrjyu3a7tZaM1c2HxP52xuV8mIrVzgfE7m0vJQdPyuXjpSvRcS7EfHLqemsXFytVdaG+cIHAEbYW0fm//9ONed/AOCCKwy7AQDAwJn/AWD0mP8BYPSY/wFg9Jj/AWD0mP8BYPSY/wFgpPzo+vV0Sw5bn3+9dmdvd7N25+paub5ZrO6uFldrO9vF9VptPfvMnupxz1ep1baXPo7du/Pf2a43Fup7+zertd2txs3sc71vlicG0isA4GXe/eDRn3MRcf+z6WyLjrUczNVwseWH3QBgaMaG3QBgaKz2BaPrBO/xpQfgguiyRO9zChExffTqJEmSs20WcIYuf0n+H0ZVR/7fXwHDiJH/h9HVb/7/uPwA8OZJkly/a/5HvxcCAOebHD/Q4/39e63971q/HPjp2tErHp5lqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8a6//W2ytBT4b+XyxGPF2RMzHRO72RqW8GBHvRMSfpiam0vLSkNsMAJxU/u+51vpfl+c+mj1aO5l7MpXtI+Lnv77xq7srjcbOH9Pz/356vvGwdb40jPYDAMdpz9PZvuON/OODe6vtbZDt+cf3IqLQjH94MBmHT+OPx3i2L8RERMz8J9cqN+U6chcncf9BRHyxW/9zMZvlQJornx6Nn8Z+e6Dx88/Fz2d1zX36tfjCK0dO5k6h+fBGe5SOP593u//ycSnbd7//C9kIdXKt8S99qtXDbAx8Fr89/o31GP8u9Rvj4z/8oHk0/WLdg4gvj0e0Yx92jD/t+Lke8T/qM/5fvvLVD3vVJb+JuBzd43fGWmhUtxfqe/tXN6or6+X18laptLy0vPjptU9KC1mOeqH3bPDPz66806su7f9Mj/iFY/r/jT77/9v/3frJ114S/1tf7xY/H++/JH46J36zz/grM78v9KpL46917X9b7/5f6TP+X/+2/8Ky4QDA8NT39jdXKpXyziAP2i8kBhrUwQU4SH9qzkEzuh58d1CxJuOVHpUkrxWr14hxGlk34Dxo3utJeScingy7MQAAAAAAAAAAAAAAQFeD+I+lYfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi+v/AQAA//+XC86k")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)

0s ago: executing program 0 (id=1311):
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, 0x0, 0xfe33)
recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)=""/106, 0x6a}, {&(0x7f0000000940)=""/4096, 0x1000}], 0x2, 0x0, 0x45}, 0x0)

kernel console output (not intermixed with test programs):

.856151][ T6908]  loop4: p1 p2 p3
[  119.872636][ T6921] EXT4-fs (loop0): orphan cleanup on readonly fs
[  119.902768][ T6921] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.932: bg 0: block 131: padding at end of block bitmap is not set
[  119.924689][ T6934] loop1: detected capacity change from 0 to 512
[  119.949827][ T6934] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  119.984577][ T6935] Driver unsupported XDP return value 0 on prog  (id 648) dev N/A, expect packet loss!
[  120.006482][ T3560] udevd[3560]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  120.024726][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  120.040706][ T6908] loop4: detected capacity change from 0 to 1024
[  120.048183][ T6921] EXT4-fs (loop0): Remounting filesystem read-only
[  120.056199][ T6921] EXT4-fs (loop0): 1 truncate cleaned up
[  120.056467][ T3929] udevd[3929]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  120.088716][ T6934] EXT4-fs (loop1): 1 truncate cleaned up
[  120.260942][ T6948] loop1: detected capacity change from 0 to 512
[  120.275406][ T6948] ext4 filesystem being mounted at /183/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  120.290309][ T6948] FAULT_INJECTION: forcing a failure.
[  120.290309][ T6948] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.306319][ T6948] CPU: 0 UID: 0 PID: 6948 Comm: syz.1.939 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  120.306413][ T6948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  120.306425][ T6948] Call Trace:
[  120.306432][ T6948]  <TASK>
[  120.306441][ T6948]  __dump_stack+0x1d/0x30
[  120.306463][ T6948]  dump_stack_lvl+0xe8/0x140
[  120.306484][ T6948]  dump_stack+0x15/0x1b
[  120.306516][ T6948]  should_fail_ex+0x265/0x280
[  120.306572][ T6948]  should_fail+0xb/0x20
[  120.306596][ T6948]  should_fail_usercopy+0x1a/0x20
[  120.306629][ T6948]  _copy_from_user+0x1c/0xb0
[  120.306691][ T6948]  __sys_bind+0x106/0x2a0
[  120.306718][ T6948]  __x64_sys_bind+0x3f/0x50
[  120.306744][ T6948]  x64_sys_call+0x2086/0x2fb0
[  120.306766][ T6948]  do_syscall_64+0xd2/0x200
[  120.306839][ T6948]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  120.306861][ T6948]  ? clear_bhb_loop+0x40/0x90
[  120.306880][ T6948]  ? clear_bhb_loop+0x40/0x90
[  120.306898][ T6948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.306943][ T6948] RIP: 0033:0x7f2dc4bbe929
[  120.307341][ T6948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.307406][ T6948] RSP: 002b:00007f2dc3227038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  120.307424][ T6948] RAX: ffffffffffffffda RBX: 00007f2dc4de5fa0 RCX: 00007f2dc4bbe929
[  120.307436][ T6948] RDX: 000000000000006e RSI: 0000200000000180 RDI: 0000000000000004
[  120.307447][ T6948] RBP: 00007f2dc3227090 R08: 0000000000000000 R09: 0000000000000000
[  120.307457][ T6948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.307467][ T6948] R13: 0000000000000000 R14: 00007f2dc4de5fa0 R15: 00007ffd92e87018
[  120.307485][ T6948]  </TASK>
[  120.663834][ T6955] loop1: detected capacity change from 0 to 512
[  120.746660][ T6955] ext4 filesystem being mounted at /184/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  120.790223][ T6962] loop4: detected capacity change from 0 to 512
[  120.855448][ T6962] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.903878][ T6974] loop2: detected capacity change from 0 to 512
[  121.024521][ T6978] loop4: detected capacity change from 0 to 512
[  121.071914][ T6978] EXT4-fs (loop4): orphan cleanup on readonly fs
[  121.130766][ T6978] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm wg1: bad orphan inode 13
[  121.157866][ T6983] netlink: 'syz.2.952': attribute type 1 has an invalid length.
[  121.212718][ T6978] ext4_test_bit(bit=12, block=18) = 1
[  121.224458][ T6978] is_bad_inode(inode)=0
[  121.229419][ T6978] NEXT_ORPHAN(inode)=2130706432
[  121.236004][ T6978] max_ino=32
[  121.239301][ T6978] i_nlink=1
[  121.263062][ T6983] bond1: entered promiscuous mode
[  121.271010][ T6983] 8021q: adding VLAN 0 to HW filter on device bond1
[  121.282696][ T6978] FAULT_INJECTION: forcing a failure.
[  121.282696][ T6978] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.300015][ T6978] CPU: 1 UID: 0 PID: 6978 Comm: wg1 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  121.300032][ T6978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  121.300048][ T6978] Call Trace:
[  121.300101][ T6978]  <TASK>
[  121.300107][ T6978]  __dump_stack+0x1d/0x30
[  121.300127][ T6978]  dump_stack_lvl+0xe8/0x140
[  121.300138][ T6978]  dump_stack+0x15/0x1b
[  121.300147][ T6978]  should_fail_ex+0x265/0x280
[  121.300165][ T6978]  should_fail+0xb/0x20
[  121.300226][ T6978]  should_fail_usercopy+0x1a/0x20
[  121.300244][ T6978]  _copy_from_user+0x1c/0xb0
[  121.300332][ T6978]  bm_register_write+0xdb/0xbf0
[  121.300345][ T6978]  ? avc_policy_seqno+0x15/0x30
[  121.300418][ T6978]  ? selinux_file_permission+0x1e4/0x320
[  121.300433][ T6978]  ? __pfx_bm_register_write+0x10/0x10
[  121.300445][ T6978]  vfs_write+0x269/0x8e0
[  121.300462][ T6978]  ? __rcu_read_unlock+0x4f/0x70
[  121.300474][ T6978]  ? __fget_files+0x184/0x1c0
[  121.300495][ T6978]  ksys_write+0xda/0x1a0
[  121.300505][ T6978]  __x64_sys_write+0x40/0x50
[  121.300515][ T6978]  x64_sys_call+0x2cdd/0x2fb0
[  121.300597][ T6978]  do_syscall_64+0xd2/0x200
[  121.300608][ T6978]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  121.300623][ T6978]  ? clear_bhb_loop+0x40/0x90
[  121.300635][ T6978]  ? clear_bhb_loop+0x40/0x90
[  121.300646][ T6978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.300712][ T6978] RIP: 0033:0x7fb988d6e929
[  121.300723][ T6978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.300733][ T6978] RSP: 002b:00007fb9873d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  121.300744][ T6978] RAX: ffffffffffffffda RBX: 00007fb988f95fa0 RCX: 00007fb988d6e929
[  121.300752][ T6978] RDX: 0000000000000032 RSI: 0000200000000440 RDI: 0000000000000005
[  121.300761][ T6978] RBP: 00007fb9873d7090 R08: 0000000000000000 R09: 0000000000000000
[  121.300833][ T6978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.300840][ T6978] R13: 0000000000000000 R14: 00007fb988f95fa0 R15: 00007ffd1a23c678
[  121.300850][ T6978]  </TASK>
[  121.570220][   T29] kauditd_printk_skb: 387 callbacks suppressed
[  121.570235][   T29] audit: type=1326 audit(1750212530.446:4144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.604791][   T29] audit: type=1326 audit(1750212530.446:4145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.631597][   T29] audit: type=1326 audit(1750212530.446:4146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.662235][   T29] audit: type=1326 audit(1750212530.446:4147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.692070][   T29] audit: type=1326 audit(1750212530.446:4148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.718864][   T29] audit: type=1326 audit(1750212530.446:4149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.745807][   T29] audit: type=1326 audit(1750212530.446:4150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.789958][ T6995] loop1: detected capacity change from 0 to 512
[  121.802048][   T29] audit: type=1326 audit(1750212530.467:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.830184][   T29] audit: type=1326 audit(1750212530.467:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.859170][   T29] audit: type=1326 audit(1750212530.467:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6977 comm="syz1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  121.861376][ T6997] loop2: detected capacity change from 0 to 128
[  121.912105][ T6995] EXT4-fs (loop1): orphan cleanup on readonly fs
[  121.919328][ T6998] __nla_validate_parse: 44 callbacks suppressed
[  121.919413][ T6998] netlink: 4 bytes leftover after parsing attributes in process `syz.3.955'.
[  121.928754][ T6997] FAULT_INJECTION: forcing a failure.
[  121.928754][ T6997] name failslab, interval 1, probability 0, space 0, times 0
[  121.939661][ T6995] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm wg1: bad orphan inode 13
[  121.950717][ T6997] CPU: 0 UID: 0 PID: 6997 Comm: syz.2.956 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  121.950748][ T6997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  121.950760][ T6997] Call Trace:
[  121.950808][ T6997]  <TASK>
[  121.950881][ T6997]  __dump_stack+0x1d/0x30
[  121.950903][ T6997]  dump_stack_lvl+0xe8/0x140
[  121.950922][ T6997]  dump_stack+0x15/0x1b
[  121.950938][ T6997]  should_fail_ex+0x265/0x280
[  121.950968][ T6997]  should_failslab+0x8c/0xb0
[  121.951013][ T6997]  kmem_cache_alloc_noprof+0x50/0x310
[  121.951039][ T6997]  ? security_inode_alloc+0x37/0x100
[  121.951079][ T6997]  security_inode_alloc+0x37/0x100
[  121.951135][ T6997]  inode_init_always_gfp+0x4b7/0x500
[  121.951167][ T6997]  ? __pfx_fat_alloc_inode+0x10/0x10
[  121.951196][ T6997]  alloc_inode+0x58/0x170
[  121.951291][ T6997]  new_inode+0x1d/0xe0
[  121.951309][ T6997]  fat_build_inode+0x169/0x290
[  121.951392][ T6997]  vfat_lookup+0x15c/0x2d0
[  121.951425][ T6997]  lookup_one_qstr_excl_raw+0xc4/0x1b0
[  121.951481][ T6997]  do_renameat2+0x38e/0xab0
[  121.951550][ T6997]  ? get_pid_task+0x96/0xd0
[  121.951643][ T6997]  ? proc_fail_nth_write+0x12d/0x160
[  121.951721][ T6997]  __x64_sys_renameat2+0x7e/0x90
[  121.951742][ T6997]  x64_sys_call+0x2bf6/0x2fb0
[  121.951763][ T6997]  do_syscall_64+0xd2/0x200
[  121.951780][ T6997]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  121.951843][ T6997]  ? clear_bhb_loop+0x40/0x90
[  121.951864][ T6997]  ? clear_bhb_loop+0x40/0x90
[  121.951885][ T6997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.951906][ T6997] RIP: 0033:0x7f0d9e7de929
[  121.951922][ T6997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.952041][ T6997] RSP: 002b:00007f0d9ce47038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  121.952060][ T6997] RAX: ffffffffffffffda RBX: 00007f0d9ea05fa0 RCX: 00007f0d9e7de929
[  121.952078][ T6997] RDX: 000000000000000d RSI: 0000200000000140 RDI: 000000000000000d
[  121.952091][ T6997] RBP: 00007f0d9ce47090 R08: 0000000000000000 R09: 0000000000000000
[  121.952103][ T6997] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  121.952115][ T6997] R13: 0000000000000000 R14: 00007f0d9ea05fa0 R15: 00007ffe6473ec28
[  121.952190][ T6997]  </TASK>
[  122.010708][ T7005] loop4: detected capacity change from 0 to 512
[  122.016781][ T6995] ext4_test_bit(bit=12, block=18) = 1
[  122.075028][ T7005] ext4 filesystem being mounted at /187/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.080370][ T6995] is_bad_inode(inode)=0
[  122.106045][ T7005] netlink: 28 bytes leftover after parsing attributes in process `syz.4.960'.
[  122.113622][ T6995] NEXT_ORPHAN(inode)=2130706432
[  122.113640][ T6995] max_ino=32
[  122.113647][ T6995] i_nlink=1
[  122.203247][ T7011] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #4: comm syz.4.960: corrupted inode contents
[  122.269592][ T7013] loop3: detected capacity change from 0 to 512
[  122.294286][ T7011] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #4: comm syz.4.960: mark_inode_dirty error
[  122.327106][ T7011] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #4: comm syz.4.960: corrupted inode contents
[  122.343685][ T7005] netlink: 3 bytes leftover after parsing attributes in process `syz.4.960'.
[  122.357091][ T7011] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #4: comm syz.4.960: mark_inode_dirty error
[  122.372186][ T7005] 0ªX¹¦À: renamed from 
61ªX¹¦À
[  122.387536][ T7015] loop0: detected capacity change from 0 to 2048
[  122.410592][ T7011] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.960: Failed to acquire dquot type 1
[  122.412884][ T7013] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.460622][ T7005] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  122.513383][ T7015] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  122.643435][ T7028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.966'.
[  122.653007][ T7028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.966'.
[  122.693087][ T7030] loop3: detected capacity change from 0 to 1024
[  122.712552][ T7032] FAULT_INJECTION: forcing a failure.
[  122.712552][ T7032] name failslab, interval 1, probability 0, space 0, times 0
[  122.712610][ T7032] CPU: 1 UID: 0 PID: 7032 Comm: syz.4.967 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  122.712638][ T7032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.712648][ T7032] Call Trace:
[  122.712653][ T7032]  <TASK>
[  122.712660][ T7032]  __dump_stack+0x1d/0x30
[  122.712679][ T7032]  dump_stack_lvl+0xe8/0x140
[  122.712775][ T7032]  dump_stack+0x15/0x1b
[  122.712790][ T7032]  should_fail_ex+0x265/0x280
[  122.712817][ T7032]  should_failslab+0x8c/0xb0
[  122.712918][ T7032]  __kmalloc_cache_node_noprof+0x54/0x320
[  122.712973][ T7032]  ? __get_vm_area_node+0x106/0x1d0
[  122.713002][ T7032]  __get_vm_area_node+0x106/0x1d0
[  122.713032][ T7032]  __vmalloc_node_range_noprof+0x273/0xe00
[  122.713118][ T7032]  ? vc_do_resize+0x273/0xd70
[  122.713149][ T7032]  ? should_fail_ex+0xdb/0x280
[  122.713175][ T7032]  ? vc_do_resize+0x273/0xd70
[  122.713198][ T7032]  vzalloc_noprof+0x82/0xc0
[  122.713247][ T7032]  ? vc_do_resize+0x273/0xd70
[  122.713274][ T7032]  vc_do_resize+0x273/0xd70
[  122.713302][ T7032]  ? avc_has_perm_noaudit+0x1b1/0x200
[  122.713469][ T7032]  ? selinux_capable+0x1f9/0x270
[  122.713496][ T7032]  ? _raw_spin_lock_irqsave+0x3a/0x90
[  122.713519][ T7032]  __vc_resize+0x3c/0x50
[  122.713627][ T7032]  vt_resizex+0x2e1/0x350
[  122.713652][ T7032]  vt_ioctl+0x107a/0x1880
[  122.713675][ T7032]  ? tty_jobctrl_ioctl+0x29e/0x810
[  122.713698][ T7032]  tty_ioctl+0x7db/0xb80
[  122.713772][ T7032]  ? __pfx_tty_ioctl+0x10/0x10
[  122.713800][ T7032]  __se_sys_ioctl+0xce/0x140
[  122.713835][ T7032]  __x64_sys_ioctl+0x43/0x50
[  122.713861][ T7032]  x64_sys_call+0x19a8/0x2fb0
[  122.713942][ T7032]  do_syscall_64+0xd2/0x200
[  122.713957][ T7032]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.713983][ T7032]  ? clear_bhb_loop+0x40/0x90
[  122.714092][ T7032]  ? clear_bhb_loop+0x40/0x90
[  122.714114][ T7032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.714134][ T7032] RIP: 0033:0x7fb988d6e929
[  122.714149][ T7032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.714169][ T7032] RSP: 002b:00007fb9873d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  122.714187][ T7032] RAX: ffffffffffffffda RBX: 00007fb988f95fa0 RCX: 00007fb988d6e929
[  122.714198][ T7032] RDX: 0000200000001040 RSI: 000000000000560a RDI: 0000000000000003
[  122.714207][ T7032] RBP: 00007fb9873d7090 R08: 0000000000000000 R09: 0000000000000000
[  122.714217][ T7032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.714228][ T7032] R13: 0000000000000000 R14: 00007fb988f95fa0 R15: 00007ffd1a23c678
[  122.714245][ T7032]  </TASK>
[  122.714253][ T7032] syz.4.967: vmalloc error: size 500, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  122.714336][ T7032] CPU: 1 UID: 0 PID: 7032 Comm: syz.4.967 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  122.714362][ T7032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.714372][ T7032] Call Trace:
[  122.714377][ T7032]  <TASK>
[  122.714383][ T7032]  __dump_stack+0x1d/0x30
[  122.714398][ T7032]  dump_stack_lvl+0xe8/0x140
[  122.714449][ T7032]  dump_stack+0x15/0x1b
[  122.714464][ T7032]  warn_alloc+0x12b/0x1a0
[  122.714496][ T7032]  __vmalloc_node_range_noprof+0x297/0xe00
[  122.714530][ T7032]  ? should_fail_ex+0xdb/0x280
[  122.714603][ T7032]  ? vc_do_resize+0x273/0xd70
[  122.714653][ T7032]  vzalloc_noprof+0x82/0xc0
[  122.714681][ T7032]  ? vc_do_resize+0x273/0xd70
[  122.714708][ T7032]  vc_do_resize+0x273/0xd70
[  122.714737][ T7032]  ? avc_has_perm_noaudit+0x1b1/0x200
[  122.714817][ T7032]  ? selinux_capable+0x1f9/0x270
[  122.714857][ T7032]  ? _raw_spin_lock_irqsave+0x3a/0x90
[  122.714884][ T7032]  __vc_resize+0x3c/0x50
[  122.714965][ T7032]  vt_resizex+0x2e1/0x350
[  122.715014][ T7032]  vt_ioctl+0x107a/0x1880
[  122.715103][ T7032]  ? tty_jobctrl_ioctl+0x29e/0x810
[  122.715126][ T7032]  tty_ioctl+0x7db/0xb80
[  122.715151][ T7032]  ? __pfx_tty_ioctl+0x10/0x10
[  122.715228][ T7032]  __se_sys_ioctl+0xce/0x140
[  122.715257][ T7032]  __x64_sys_ioctl+0x43/0x50
[  122.715364][ T7032]  x64_sys_call+0x19a8/0x2fb0
[  122.715444][ T7032]  do_syscall_64+0xd2/0x200
[  122.715459][ T7032]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.715485][ T7032]  ? clear_bhb_loop+0x40/0x90
[  122.715505][ T7032]  ? clear_bhb_loop+0x40/0x90
[  122.715523][ T7032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.715599][ T7032] RIP: 0033:0x7fb988d6e929
[  122.715614][ T7032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.715633][ T7032] RSP: 002b:00007fb9873d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  122.715653][ T7032] RAX: ffffffffffffffda RBX: 00007fb988f95fa0 RCX: 00007fb988d6e929
[  122.715667][ T7032] RDX: 0000200000001040 RSI: 000000000000560a RDI: 0000000000000003
[  122.715735][ T7032] RBP: 00007fb9873d7090 R08: 0000000000000000 R09: 0000000000000000
[  122.715745][ T7032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.715756][ T7032] R13: 0000000000000000 R14: 00007fb988f95fa0 R15: 00007ffd1a23c678
[  122.715772][ T7032]  </TASK>
[  122.715790][ T7032] Mem-Info:
[  122.715797][ T7032] active_anon:29102 inactive_anon:0 isolated_anon:0
[  122.715797][ T7032]  active_file:19048 inactive_file:2232 isolated_file:0
[  122.715797][ T7032]  unevictable:0 dirty:275 writeback:0
[  122.715797][ T7032]  slab_reclaimable:3129 slab_unreclaimable:15549
[  122.715797][ T7032]  mapped:35449 shmem:22538 pagetables:1263
[  122.715797][ T7032]  sec_pagetables:0 bounce:0
[  122.715797][ T7032]  kernel_misc_reclaimable:0
[  122.715797][ T7032]  free:1865577 free_pcp:7060 free_cma:0
[  122.715892][ T7032] Node 0 active_anon:116408kB inactive_anon:0kB active_file:76192kB inactive_file:8928kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:141796kB dirty:1100kB writeback:0kB shmem:90152kB writeback_tmp:0kB kernel_stack:3360kB pagetables:5052kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  122.715938][ T7032] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  122.716022][ T7032] lowmem_reserve[]: 0 2882 7860 7860
[  122.716049][ T7032] Node 0 DMA32 free:2947836kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951364kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  122.716147][ T7032] lowmem_reserve[]: 0 0 4978 4978
[  122.716173][ T7032] Node 0 Normal free:4499112kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:116408kB inactive_anon:0kB active_file:76192kB inactive_file:8928kB unevictable:0kB writepending:1100kB present:5242880kB managed:5098232kB mlocked:0kB bounce:0kB free_pcp:24672kB local_pcp:17808kB free_cma:0kB
[  122.716328][ T7032] lowmem_reserve[]: 0 0 0 0
[  122.716413][ T7032] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  122.716687][ T7032] Node 0 DMA32: 3*4kB (M) 4*8kB (M) 5*16kB (M) 2*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947836kB
[  122.716949][ T7032] Node 0 Normal: 0*4kB 171*8kB (UME) 361*16kB (U) 354*32kB (UM) 244*64kB (UME) 167*128kB (UE) 130*256kB (UME) 114*512kB (UM) 50*1024kB (UME) 16*2048kB (UM) 1042*4096kB (UM) = 4499112kB
[  122.717229][ T7032] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  122.717245][ T7032] 43784 total pagecache pages
[  122.717254][ T7032] 0 pages in swap cache
[  122.717262][ T7032] Free swap  = 124996kB
[  122.717268][ T7032] Total swap = 124996kB
[  122.717302][ T7032] 2097051 pages RAM
[  122.717310][ T7032] 0 pages HighMem/MovableOnly
[  122.717341][ T7032] 80812 pages reserved
[  122.737135][ T7035] loop1: detected capacity change from 0 to 512
[  122.790203][ T7035] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  122.790481][ T7035] EXT4-fs (loop1): mount failed
[  122.882698][ T7044] loop2: detected capacity change from 0 to 512
[  122.884797][ T7042] loop3: detected capacity change from 0 to 512
[  122.885078][ T7042] EXT4-fs: Ignoring removed i_version option
[  122.911124][ T7042] EXT4-fs (loop3): orphan cleanup on readonly fs
[  122.911216][ T7042] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.970: bg 0: block 131: padding at end of block bitmap is not set
[  122.913017][ T7042] EXT4-fs (loop3): Remounting filesystem read-only
[  122.913097][ T7042] EXT4-fs (loop3): 1 truncate cleaned up
[  123.097408][ T7050] loop0: detected capacity change from 0 to 512
[  123.101931][ T7050] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  123.103652][ T7050] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  123.105867][ T7050] EXT4-fs (loop0): Remounting filesystem read-only
[  123.105967][ T7050] EXT4-fs (loop0): 1 orphan inode deleted
[  123.105981][ T7050] EXT4-fs (loop0): 1 truncate cleaned up
[  123.131447][ T7052] loop2: detected capacity change from 0 to 1024
[  123.208527][ T7062] loop0: detected capacity change from 0 to 512
[  123.236393][ T7062] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  123.240272][ T7062] EXT4-fs (loop0): 1 truncate cleaned up
[  123.385332][ T7069] loop1: detected capacity change from 0 to 2048
[  124.094398][ T7075] netlink: 24 bytes leftover after parsing attributes in process `syz.2.980'.
[  124.183068][ T7069] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  124.262445][ T7073] Invalid ELF header magic: != ELF
[  124.322167][ T7085] loop1: detected capacity change from 0 to 512
[  124.346136][ T7085] EXT4-fs: Ignoring removed i_version option
[  124.356235][ T7087] process 'syz.4.984' launched './file0' with NULL argv: empty string added
[  124.378666][ T7085] EXT4-fs (loop1): orphan cleanup on readonly fs
[  124.396770][ T7085] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.983: bg 0: block 131: padding at end of block bitmap is not set
[  124.440504][ T7085] EXT4-fs (loop1): Remounting filesystem read-only
[  124.476753][ T7094] loop3: detected capacity change from 0 to 1024
[  124.490156][ T7085] EXT4-fs (loop1): 1 truncate cleaned up
[  124.653095][ T7094] FAULT_INJECTION: forcing a failure.
[  124.653095][ T7094] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.667737][ T7094] CPU: 0 UID: 0 PID: 7094 Comm: syz.3.985 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  124.667784][ T7094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.667869][ T7094] Call Trace:
[  124.667876][ T7094]  <TASK>
[  124.667884][ T7094]  __dump_stack+0x1d/0x30
[  124.667977][ T7094]  dump_stack_lvl+0xe8/0x140
[  124.667998][ T7094]  dump_stack+0x15/0x1b
[  124.668056][ T7094]  should_fail_ex+0x265/0x280
[  124.668088][ T7094]  should_fail+0xb/0x20
[  124.668116][ T7094]  should_fail_usercopy+0x1a/0x20
[  124.668222][ T7094]  _copy_from_user+0x1c/0xb0
[  124.668345][ T7094]  vmemdup_user+0x59/0xd0
[  124.668369][ T7094]  path_setxattrat+0x1b6/0x310
[  124.668468][ T7094]  __x64_sys_setxattr+0x6e/0x90
[  124.668490][ T7094]  x64_sys_call+0x28a7/0x2fb0
[  124.668514][ T7094]  do_syscall_64+0xd2/0x200
[  124.668586][ T7094]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.668619][ T7094]  ? clear_bhb_loop+0x40/0x90
[  124.668640][ T7094]  ? clear_bhb_loop+0x40/0x90
[  124.668713][ T7094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.668735][ T7094] RIP: 0033:0x7fab7a51e929
[  124.668777][ T7094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.668796][ T7094] RSP: 002b:00007fab78b87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  124.668896][ T7094] RAX: ffffffffffffffda RBX: 00007fab7a745fa0 RCX: 00007fab7a51e929
[  124.668968][ T7094] RDX: 0000200000000300 RSI: 0000200000000100 RDI: 00002000000000c0
[  124.668981][ T7094] RBP: 00007fab78b87090 R08: 0010000000000000 R09: 0000000000000000
[  124.669054][ T7094] R10: 0000000000000381 R11: 0000000000000246 R12: 0000000000000001
[  124.669068][ T7094] R13: 0000000000000000 R14: 00007fab7a745fa0 R15: 00007ffea624bcf8
[  124.669088][ T7094]  </TASK>
[  124.694075][ T7099] loop2: detected capacity change from 0 to 2048
[  124.996118][ T7112] netlink: 36 bytes leftover after parsing attributes in process `syz.3.991'.
[  125.007360][ T7112] netlink: 36 bytes leftover after parsing attributes in process `syz.3.991'.
[  125.020153][ T7113] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  125.073807][ T7112] netlink: 36 bytes leftover after parsing attributes in process `syz.3.991'.
[  125.138995][ T7113] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  125.152519][ T7113] EXT4-fs (loop2): This should not happen!! Data will be lost
[  125.152519][ T7113] 
[  125.163411][ T7113] EXT4-fs (loop2): Total free blocks count 0
[  125.170268][ T7113] EXT4-fs (loop2): Free/Dirty block details
[  125.176608][ T7113] EXT4-fs (loop2): free_blocks=2415919504
[  125.183502][ T7113] EXT4-fs (loop2): dirty_blocks=384
[  125.189966][ T7113] EXT4-fs (loop2): Block reservation details
[  125.198953][ T7113] EXT4-fs (loop2): i_reserved_data_blocks=24
[  125.219818][ T7115] netlink: 24 bytes leftover after parsing attributes in process `syz.0.992'.
[  125.233452][ T7116] loop3: detected capacity change from 0 to 512
[  125.283630][ T7113] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  125.297577][ T7113] EXT4-fs (loop2): This should not happen!! Data will be lost
[  125.297577][ T7113] 
[  125.339123][ T7121] loop0: detected capacity change from 0 to 512
[  125.354730][ T7121] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  125.405684][ T7121] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.993: invalid indirect mapped block 83886080 (level 1)
[  125.431811][ T7121] EXT4-fs (loop0): Remounting filesystem read-only
[  125.474602][ T7121] EXT4-fs (loop0): 1 orphan inode deleted
[  125.482579][ T7121] EXT4-fs (loop0): 1 truncate cleaned up
[  125.631227][ T7132] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  125.771887][ T7139] loop2: detected capacity change from 0 to 1024
[  125.873850][ T7143] loop4: detected capacity change from 0 to 512
[  125.882170][ T7143] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  125.931438][ T7143] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  125.941982][ T7143] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  125.981808][ T7143] System zones: 0-1, 15-15, 18-18, 34-34
[  125.993934][ T7143] EXT4-fs (loop4): orphan cleanup on readonly fs
[  126.001352][ T7143] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  126.019277][ T7143] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  126.029690][ T7143] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1003: bg 0: block 40: padding at end of block bitmap is not set
[  126.123051][ T7143] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  126.155305][ T7162] loop2: detected capacity change from 0 to 1024
[  126.170997][ T7143] EXT4-fs (loop4): 1 truncate cleaned up
[  126.194813][ T7143] EXT4-fs mount: 119 callbacks suppressed
[  126.194830][ T7143] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  126.195261][ T7162] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.300867][ T7143] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  126.309807][ T7143] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  126.320443][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.330683][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.362142][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.431228][ T7181] 9pnet_fd: Insufficient options for proto=fd
[  126.443835][ T7176] loop1: detected capacity change from 0 to 2048
[  126.467495][ T7176] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.483379][ T7187] loop2: detected capacity change from 0 to 512
[  126.550765][ T7193] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  126.579352][   T29] kauditd_printk_skb: 66 callbacks suppressed
[  126.579368][   T29] audit: type=1400 audit(1750212535.696:4215): avc:  denied  { create } for  pid=7194 comm="syz.4.1018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  126.583563][ T7195] hsr0: entered promiscuous mode
[  126.587011][   T29] audit: type=1400 audit(1750212535.706:4216): avc:  denied  { ioctl } for  pid=7194 comm="syz.4.1018" path="socket:[15209]" dev="sockfs" ino=15209 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  126.653237][ T7195] macvtap1: entered promiscuous mode
[  126.660117][ T7195] macvtap1: entered allmulticast mode
[  126.666021][ T7195] hsr0: entered allmulticast mode
[  126.677058][ T7195] hsr_slave_0: entered allmulticast mode
[  126.683358][ T7195] hsr_slave_1: entered allmulticast mode
[  126.689736][ T7193] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  126.705750][ T7193] EXT4-fs (loop1): This should not happen!! Data will be lost
[  126.705750][ T7193] 
[  126.716689][ T7193] EXT4-fs (loop1): Total free blocks count 0
[  126.727665][ T7193] EXT4-fs (loop1): Free/Dirty block details
[  126.734815][ T7193] EXT4-fs (loop1): free_blocks=2415919504
[  126.742764][ T7193] EXT4-fs (loop1): dirty_blocks=672
[  126.750028][ T7193] EXT4-fs (loop1): Block reservation details
[  126.756139][ T7193] EXT4-fs (loop1): i_reserved_data_blocks=42
[  126.764564][ T7195] hsr0: left allmulticast mode
[  126.769908][ T7195] hsr_slave_0: left allmulticast mode
[  126.775735][ T7195] hsr_slave_1: left allmulticast mode
[  126.782555][ T7193] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  126.821303][ T7201] loop2: detected capacity change from 0 to 512
[  126.829676][ T7201] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  126.853924][ T7201] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  126.882456][ T7201] EXT4-fs (loop2): Remounting filesystem read-only
[  126.895061][ T7201] EXT4-fs (loop2): 1 orphan inode deleted
[  126.902880][ T7201] EXT4-fs (loop2): 1 truncate cleaned up
[  126.919906][   T29] audit: type=1326 audit(1750212536.053:4217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  126.947497][   T29] audit: type=1326 audit(1750212536.053:4218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  126.973827][   T29] audit: type=1326 audit(1750212536.053:4219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  126.999352][   T29] audit: type=1326 audit(1750212536.053:4220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  127.023571][   T29] audit: type=1326 audit(1750212536.053:4221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  127.043492][ T7201] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.050313][   T29] audit: type=1326 audit(1750212536.053:4222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  127.096599][   T29] audit: type=1326 audit(1750212536.053:4223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  127.122933][   T29] audit: type=1326 audit(1750212536.053:4224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  127.161176][ T7206] loop3: detected capacity change from 0 to 512
[  127.204997][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.248466][ T7206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.314632][ T7206] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.343216][ T7214] loop2: detected capacity change from 0 to 512
[  127.395097][ T7216] __nla_validate_parse: 20 callbacks suppressed
[  127.395112][ T7216] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1025'.
[  127.415039][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.423610][ T7216] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1025'.
[  127.429382][ T7214] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.469428][ T7214] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.514127][ T7222] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1028'.
[  127.590837][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.673645][ T7233] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  127.694268][ T7232] IPVS: stopping master sync thread 7233 ...
[  127.729896][ T7238] loop3: detected capacity change from 0 to 512
[  127.769743][ T7238] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  127.821623][ T7243] loop4: detected capacity change from 0 to 1024
[  127.834777][ T7248] loop2: detected capacity change from 0 to 512
[  127.857516][ T7238] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  127.866931][ T7238] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  127.883280][ T7238] System zones: 0-1, 15-15, 18-18, 34-34
[  127.891214][ T7238] EXT4-fs (loop3): orphan cleanup on readonly fs
[  127.899698][ T7238] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  127.916412][ T7258] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1038'.
[  127.923069][ T7238] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  127.944473][ T7243] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.961765][ T7238] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1034: bg 0: block 40: padding at end of block bitmap is not set
[  127.979518][ T7238] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  127.991153][ T7258] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1038'.
[  127.994719][ T7238] EXT4-fs (loop3): 1 truncate cleaned up
[  128.009883][ T7238] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  128.025251][ T7248] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.058656][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.103904][ T7248] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.136271][ T7238] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  128.147147][ T7238] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  128.179740][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.195937][ T7280] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1041'.
[  128.247010][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.258771][ T7287] loop1: detected capacity change from 0 to 512
[  128.274045][ T7284] loop0: detected capacity change from 0 to 512
[  128.292028][ T7284] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  128.293409][ T7287] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  128.356614][ T7284] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  128.377106][ T7287] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  128.445797][ T7287] EXT4-fs (loop1): Remounting filesystem read-only
[  128.453214][ T7287] EXT4-fs (loop1): 1 orphan inode deleted
[  128.459971][ T7287] EXT4-fs (loop1): 1 truncate cleaned up
[  128.470764][ T7287] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.496142][ T7284] EXT4-fs (loop0): Remounting filesystem read-only
[  128.530917][ T7284] EXT4-fs (loop0): 1 orphan inode deleted
[  128.537698][ T7284] EXT4-fs (loop0): 1 truncate cleaned up
[  128.550437][ T7284] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.588920][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.630903][ T7313] loop3: detected capacity change from 0 to 512
[  128.645483][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.664989][ T7314] 9pnet_fd: Insufficient options for proto=fd
[  128.693460][ T7313] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  128.769411][ T7313] EXT4-fs (loop3): 1 truncate cleaned up
[  128.781883][ T7325] loop0: detected capacity change from 0 to 2048
[  128.802628][ T7313] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.852380][ T7330] loop1: detected capacity change from 0 to 512
[  128.864484][ T3679]  loop0: p1 < > p4
[  128.884045][ T3679] loop0: p4 size 8388608 extends beyond EOD, truncated
[  128.904443][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.917790][ T7330] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  128.961926][ T7325]  loop0: p1 < > p4
[  128.969182][ T7330] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  128.979362][ T7330] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  128.991687][ T7325] loop0: p4 size 8388608 extends beyond EOD, truncated
[  128.998555][ T7330] System zones: 0-1, 15-15, 18-18, 34-34
[  129.002255][ T7325] FAULT_INJECTION: forcing a failure.
[  129.002255][ T7325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.022043][ T7325] CPU: 1 UID: 0 PID: 7325 Comm: syz.0.1056 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  129.022103][ T7325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.022114][ T7325] Call Trace:
[  129.022121][ T7325]  <TASK>
[  129.022129][ T7325]  __dump_stack+0x1d/0x30
[  129.022148][ T7325]  dump_stack_lvl+0xe8/0x140
[  129.022166][ T7325]  dump_stack+0x15/0x1b
[  129.022179][ T7325]  should_fail_ex+0x265/0x280
[  129.022284][ T7325]  should_fail+0xb/0x20
[  129.022308][ T7325]  should_fail_usercopy+0x1a/0x20
[  129.022361][ T7325]  _copy_to_user+0x20/0xa0
[  129.022382][ T7325]  simple_read_from_buffer+0xb5/0x130
[  129.022415][ T7325]  proc_fail_nth_read+0x100/0x140
[  129.022449][ T7325]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  129.022478][ T7325]  vfs_read+0x1a0/0x6f0
[  129.022503][ T7325]  ? __rcu_read_unlock+0x4f/0x70
[  129.022591][ T7325]  ? __fget_files+0x184/0x1c0
[  129.022614][ T7325]  ksys_read+0xda/0x1a0
[  129.022650][ T7325]  __x64_sys_read+0x40/0x50
[  129.022681][ T7325]  x64_sys_call+0x2d77/0x2fb0
[  129.022717][ T7325]  do_syscall_64+0xd2/0x200
[  129.022733][ T7325]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.022759][ T7325]  ? clear_bhb_loop+0x40/0x90
[  129.022829][ T7325]  ? clear_bhb_loop+0x40/0x90
[  129.022865][ T7325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.022943][ T7325] RIP: 0033:0x7f92eca9d33c
[  129.022956][ T7325] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  129.022972][ T7325] RSP: 002b:00007f92eb107030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  129.022989][ T7325] RAX: ffffffffffffffda RBX: 00007f92eccc5fa0 RCX: 00007f92eca9d33c
[  129.023000][ T7325] RDX: 000000000000000f RSI: 00007f92eb1070a0 RDI: 0000000000000005
[  129.023012][ T7325] RBP: 00007f92eb107090 R08: 0000000000000000 R09: 0000000000000000
[  129.023025][ T7325] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[  129.023035][ T7325] R13: 0000000000000000 R14: 00007f92eccc5fa0 R15: 00007fff0c780848
[  129.023110][ T7325]  </TASK>
[  129.031573][ T7335] loop3: detected capacity change from 0 to 512
[  129.055229][ T7330] EXT4-fs (loop1): orphan cleanup on readonly fs
[  129.117496][ T7328] lo speed is unknown, defaulting to 1000
[  129.124926][ T7330] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  129.328439][ T7330] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  129.330382][ T3298] udevd[3298]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  129.352297][ T3679] udevd[3679]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  129.377416][ T7335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.396764][ T7335] ext4 filesystem being mounted at /208/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.418619][ T7335] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1059'.
[  129.426449][ T7341] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1061'.
[  129.430513][ T7335] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1059'.
[  129.443951][ T7341] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1061'.
[  129.496436][ T7342] loop0: detected capacity change from 0 to 512
[  129.512568][ T7330] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1058: bg 0: block 40: padding at end of block bitmap is not set
[  129.520979][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.551036][ T7342] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  129.551425][ T7330] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  129.576922][ T7343] loop2: detected capacity change from 0 to 512
[  129.614325][ T7342] EXT4-fs (loop0): 1 truncate cleaned up
[  129.645677][ T7342] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.686292][ T7330] EXT4-fs (loop1): 1 truncate cleaned up
[  129.722877][ T7330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  129.872720][ T7330] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  129.883206][ T7330] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  129.926628][ T7360] loop4: detected capacity change from 0 to 512
[  129.941096][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.989681][ T7360] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.008125][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.064201][ T7367] loop2: detected capacity change from 0 to 512
[  130.091318][ T7360] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.138849][ T7367] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  130.183842][ T7370] FAULT_INJECTION: forcing a failure.
[  130.183842][ T7370] name failslab, interval 1, probability 0, space 0, times 0
[  130.198892][ T7370] CPU: 0 UID: 0 PID: 7370 Comm: syz.3.1063 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  130.198944][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.198955][ T7370] Call Trace:
[  130.198962][ T7370]  <TASK>
[  130.198970][ T7370]  __dump_stack+0x1d/0x30
[  130.198990][ T7370]  dump_stack_lvl+0xe8/0x140
[  130.199058][ T7370]  dump_stack+0x15/0x1b
[  130.199072][ T7370]  should_fail_ex+0x265/0x280
[  130.199099][ T7370]  should_failslab+0x8c/0xb0
[  130.199119][ T7370]  kmem_cache_alloc_noprof+0x50/0x310
[  130.199142][ T7370]  ? __se_sys_mbind+0x3d7/0xac0
[  130.199225][ T7370]  __se_sys_mbind+0x3d7/0xac0
[  130.199385][ T7370]  __x64_sys_mbind+0x78/0x90
[  130.199429][ T7370]  x64_sys_call+0x14af/0x2fb0
[  130.199480][ T7370]  do_syscall_64+0xd2/0x200
[  130.199496][ T7370]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.199519][ T7370]  ? clear_bhb_loop+0x40/0x90
[  130.199537][ T7370]  ? clear_bhb_loop+0x40/0x90
[  130.199554][ T7370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.199596][ T7370] RIP: 0033:0x7fab7a51e929
[  130.199611][ T7370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.199624][ T7370] RSP: 002b:00007fab78b66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  130.199640][ T7370] RAX: ffffffffffffffda RBX: 00007fab7a746080 RCX: 00007fab7a51e929
[  130.199649][ T7370] RDX: 0000000000000004 RSI: 0000000000800000 RDI: 0000200000001000
[  130.199672][ T7370] RBP: 00007fab78b66090 R08: 0000000000000000 R09: 0000000000000002
[  130.199681][ T7370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.199690][ T7370] R13: 0000000000000000 R14: 00007fab7a746080 R15: 00007ffea624bcf8
[  130.199703][ T7370]  </TASK>
[  130.251040][ T7376] sd 0:0:1:0: device reset
[  130.429107][ T7367] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  130.446150][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.509300][ T7386] loop4: detected capacity change from 0 to 512
[  130.512498][ T7367] EXT4-fs (loop2): Remounting filesystem read-only
[  130.550537][ T7386] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  130.571416][ T7367] EXT4-fs (loop2): 1 orphan inode deleted
[  130.579699][ T7367] EXT4-fs (loop2): 1 truncate cleaned up
[  130.595164][ T7386] EXT4-fs (loop4): 1 truncate cleaned up
[  130.633503][ T7386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.812138][ T7367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.913662][ T7406] 9pnet_fd: Insufficient options for proto=fd
[  130.923773][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.935250][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.078009][ T7422] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  131.141656][ T7429] loop1: detected capacity change from 0 to 512
[  131.189383][ T7429] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  131.223156][ T7429] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  131.231797][ T7429] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  131.262105][ T7437] loop4: detected capacity change from 0 to 512
[  131.269690][ T7429] System zones: 0-1, 15-15, 18-18, 34-34
[  131.276271][ T7429] EXT4-fs (loop1): orphan cleanup on readonly fs
[  131.295583][ T7429] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  131.312082][ T7429] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  131.324535][ T7429] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1080: bg 0: block 40: padding at end of block bitmap is not set
[  131.371279][ T7437] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.411360][ T7429] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  131.435405][ T7437] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.449723][ T7429] EXT4-fs (loop1): 1 truncate cleaned up
[  131.480052][ T7429] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  131.523978][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.595883][ T7429] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  131.605281][ T7429] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  131.650889][ T7445] 9pnet_fd: Insufficient options for proto=fd
[  131.689871][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.763982][ T7452] loop4: detected capacity change from 0 to 512
[  131.792733][ T7452] /dev/loop4: Can't open blockdev
[  131.813963][ T7447] Invalid ELF header magic: != ELF
[  131.884322][ T7452] 1ªX¹¦À: renamed from 
60ªX¹¦À
[  131.906985][ T7452] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  132.023590][ T7461] FAULT_INJECTION: forcing a failure.
[  132.023590][ T7461] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.038471][ T7461] CPU: 0 UID: 0 PID: 7461 Comm: syz.4.1094 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  132.038501][ T7461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.038515][ T7461] Call Trace:
[  132.038522][ T7461]  <TASK>
[  132.038530][ T7461]  __dump_stack+0x1d/0x30
[  132.038550][ T7461]  dump_stack_lvl+0xe8/0x140
[  132.038649][ T7461]  dump_stack+0x15/0x1b
[  132.038663][ T7461]  should_fail_ex+0x265/0x280
[  132.038690][ T7461]  should_fail+0xb/0x20
[  132.038713][ T7461]  should_fail_usercopy+0x1a/0x20
[  132.038756][ T7461]  copy_folio_from_iter_atomic+0x278/0x1170
[  132.038791][ T7461]  ? shmem_write_begin+0xa8/0x190
[  132.038819][ T7461]  ? shmem_write_begin+0xe1/0x190
[  132.038848][ T7461]  generic_perform_write+0x2c2/0x490
[  132.038943][ T7461]  shmem_file_write_iter+0xc5/0xf0
[  132.038962][ T7461]  do_iter_readv_writev+0x421/0x4c0
[  132.038982][ T7461]  vfs_writev+0x2df/0x8b0
[  132.039046][ T7461]  __se_sys_pwritev2+0xfc/0x1c0
[  132.039064][ T7461]  __x64_sys_pwritev2+0x67/0x80
[  132.039085][ T7461]  x64_sys_call+0x1cea/0x2fb0
[  132.039103][ T7461]  do_syscall_64+0xd2/0x200
[  132.039126][ T7461]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.039155][ T7461]  ? clear_bhb_loop+0x40/0x90
[  132.039245][ T7461]  ? clear_bhb_loop+0x40/0x90
[  132.039267][ T7461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.039290][ T7461] RIP: 0033:0x7fb988d6e929
[  132.039306][ T7461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.039390][ T7461] RSP: 002b:00007fb9873d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  132.039409][ T7461] RAX: ffffffffffffffda RBX: 00007fb988f95fa0 RCX: 00007fb988d6e929
[  132.039488][ T7461] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000003
[  132.039498][ T7461] RBP: 00007fb9873d7090 R08: 0000000000000000 R09: 0000000000000000
[  132.039510][ T7461] R10: 0000000000005405 R11: 0000000000000246 R12: 0000000000000001
[  132.039524][ T7461] R13: 0000000000000000 R14: 00007fb988f95fa0 R15: 00007ffd1a23c678
[  132.039542][ T7461]  </TASK>
[  132.102788][ T7465] loop2: detected capacity change from 0 to 2048
[  132.307839][ T7470] __nla_validate_parse: 25 callbacks suppressed
[  132.307857][ T7470] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1096'.
[  132.383453][ T7465] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.420664][ T7477] loop4: detected capacity change from 0 to 512
[  132.443040][ T7479] loop3: detected capacity change from 0 to 512
[  132.472145][ T7479] EXT4-fs: Ignoring removed i_version option
[  132.479484][ T7479] EXT4-fs (loop3): orphan cleanup on readonly fs
[  132.494732][ T7479] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1098: bg 0: block 131: padding at end of block bitmap is not set
[  132.521791][ T7479] EXT4-fs (loop3): Remounting filesystem read-only
[  132.530743][ T7479] EXT4-fs (loop3): 1 truncate cleaned up
[  132.534904][ T3454] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  132.541401][ T7479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  132.577392][ T3454] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1954 with error 28
[  132.591656][ T3454] EXT4-fs (loop2): This should not happen!! Data will be lost
[  132.591656][ T3454] 
[  132.603999][ T3454] EXT4-fs (loop2): Total free blocks count 0
[  132.610851][ T3454] EXT4-fs (loop2): Free/Dirty block details
[  132.617302][ T3454] EXT4-fs (loop2): free_blocks=2415919504
[  132.624161][ T3454] EXT4-fs (loop2): dirty_blocks=1968
[  132.636638][ T3454] EXT4-fs (loop2): Block reservation details
[  132.643643][ T3454] EXT4-fs (loop2): i_reserved_data_blocks=123
[  132.716659][ T7477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.736795][ T7477] ext4 filesystem being mounted at /215/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  132.761122][ T7477] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1097'.
[  132.771087][ T7477] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1097'.
[  132.805238][ T7488] loop1: detected capacity change from 0 to 512
[  132.816326][ T7488] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  132.829438][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.829940][ T7488] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  132.855100][ T7488] EXT4-fs (loop1): Remounting filesystem read-only
[  132.862642][ T7488] EXT4-fs (loop1): 1 orphan inode deleted
[  132.868821][ T7488] EXT4-fs (loop1): 1 truncate cleaned up
[  132.899461][ T3454] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 1954 with max blocks 1536 with error 28
[  132.907798][ T7488] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.996527][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.153234][ T7499] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1101'.
[  133.177053][ T7499] Invalid ELF header magic: != ELF
[  133.277575][ T7526] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1104'.
[  133.288973][ T7526] Invalid ELF header magic: != ELF
[  133.298661][ T7526] loop1: detected capacity change from 0 to 512
[  133.327994][ T7526] __quota_error: 176 callbacks suppressed
[  133.328009][ T7526] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[  133.390020][ T7526] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  133.430782][ T7526] EXT4-fs (loop1): mount failed
[  133.443278][ T7539] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1106'.
[  133.453194][ T7539] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1106'.
[  133.463593][ T7539] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1106'.
[  133.515282][ T7544] loop4: detected capacity change from 0 to 512
[  133.534776][ T7539] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1106'.
[  133.544323][ T7539] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1106'.
[  133.646970][ T7551] FAULT_INJECTION: forcing a failure.
[  133.646970][ T7551] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.664013][ T7551] CPU: 0 UID: 0 PID: 7551 Comm: syz.1.1108 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  133.664037][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.664049][ T7551] Call Trace:
[  133.664057][ T7551]  <TASK>
[  133.664065][ T7551]  __dump_stack+0x1d/0x30
[  133.664087][ T7551]  dump_stack_lvl+0xe8/0x140
[  133.664219][ T7551]  dump_stack+0x15/0x1b
[  133.664237][ T7551]  should_fail_ex+0x265/0x280
[  133.664288][ T7551]  should_fail+0xb/0x20
[  133.664310][ T7551]  should_fail_usercopy+0x1a/0x20
[  133.664336][ T7551]  _copy_from_user+0x1c/0xb0
[  133.664418][ T7551]  kstrtouint_from_user+0x69/0xf0
[  133.664453][ T7551]  ? 0xffffffff81000000
[  133.664516][ T7551]  ? selinux_file_permission+0x1e4/0x320
[  133.664542][ T7551]  proc_fail_nth_write+0x50/0x160
[  133.664563][ T7551]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  133.664623][ T7551]  vfs_write+0x269/0x8e0
[  133.664647][ T7551]  ? vfs_read+0x47f/0x6f0
[  133.664671][ T7551]  ? __rcu_read_unlock+0x4f/0x70
[  133.664690][ T7551]  ? __fget_files+0x184/0x1c0
[  133.664758][ T7551]  ksys_write+0xda/0x1a0
[  133.664783][ T7551]  __x64_sys_write+0x40/0x50
[  133.664801][ T7551]  x64_sys_call+0x2cdd/0x2fb0
[  133.664869][ T7551]  do_syscall_64+0xd2/0x200
[  133.664884][ T7551]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.664910][ T7551]  ? clear_bhb_loop+0x40/0x90
[  133.664929][ T7551]  ? clear_bhb_loop+0x40/0x90
[  133.664947][ T7551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.664982][ T7551] RIP: 0033:0x7f2dc4bbd3df
[  133.664998][ T7551] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  133.665014][ T7551] RSP: 002b:00007f2dc3227030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  133.665072][ T7551] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2dc4bbd3df
[  133.665085][ T7551] RDX: 0000000000000001 RSI: 00007f2dc32270a0 RDI: 0000000000000004
[  133.665097][ T7551] RBP: 00007f2dc3227090 R08: 0000000000000000 R09: 0000000000000000
[  133.665110][ T7551] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  133.665123][ T7551] R13: 0000000000000000 R14: 00007f2dc4de5fa0 R15: 00007ffd92e87018
[  133.665141][ T7551]  </TASK>
[  133.996852][ T7556] loop2: detected capacity change from 0 to 2048
[  134.042425][ T7556] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.145366][   T29] audit: type=1400 audit(1750212543.643:4398): avc:  denied  { write } for  pid=7565 comm="syz.4.1112" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  134.170897][   T29] audit: type=1400 audit(1750212543.643:4399): avc:  denied  { open } for  pid=7565 comm="syz.4.1112" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  134.192356][ T7573] loop1: detected capacity change from 0 to 2048
[  134.197302][   T29] audit: type=1400 audit(1750212543.643:4400): avc:  denied  { ioctl } for  pid=7565 comm="syz.4.1112" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  134.268269][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.279515][ T7573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.341660][   T29] audit: type=1400 audit(1750212543.738:4401): avc:  denied  { read } for  pid=7565 comm="syz.4.1112" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  134.343159][ T7372] syz.0.1072 (7372) used greatest stack depth: 6776 bytes left
[  134.427692][ T7573] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  134.446771][ T7573] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  134.461593][ T7573] EXT4-fs (loop1): This should not happen!! Data will be lost
[  134.461593][ T7573] 
[  134.472059][ T7573] EXT4-fs (loop1): Total free blocks count 0
[  134.479144][ T7573] EXT4-fs (loop1): Free/Dirty block details
[  134.486249][ T7573] EXT4-fs (loop1): free_blocks=2415919504
[  134.492804][ T7573] EXT4-fs (loop1): dirty_blocks=1408
[  134.499801][ T7573] EXT4-fs (loop1): Block reservation details
[  134.507250][ T7573] EXT4-fs (loop1): i_reserved_data_blocks=88
[  134.572093][   T29] audit: type=1326 audit(1750212544.063:4402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7585 comm="syz.4.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  134.598798][   T29] audit: type=1326 audit(1750212544.063:4403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7585 comm="syz.4.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  134.625146][   T29] audit: type=1326 audit(1750212544.063:4404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7585 comm="syz.4.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  134.651949][   T29] audit: type=1326 audit(1750212544.063:4405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7585 comm="syz.4.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  134.680295][   T29] audit: type=1326 audit(1750212544.063:4406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7585 comm="syz.4.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb988d6e929 code=0x7ffc0000
[  134.695890][ T7573] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  134.725804][ T7588] loop0: detected capacity change from 0 to 1024
[  134.763955][ T7588] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.797587][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.829731][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.922949][ T7598] loop0: detected capacity change from 0 to 512
[  134.972097][ T7601] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  134.984034][ T7601] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  134.992282][ T7601] vhci_hcd vhci_hcd.0: Device attached
[  135.021246][ T7598] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.035891][ T7602] vhci_hcd: connection closed
[  135.036445][ T3454] vhci_hcd: stop threads
[  135.049115][ T3454] vhci_hcd: release socket
[  135.052475][ T7598] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.054150][ T3454] vhci_hcd: disconnect device
[  135.104586][ T7610] loop1: detected capacity change from 0 to 164
[  135.106829][ T7605] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  135.139355][ T7610] bio_check_eod: 17 callbacks suppressed
[  135.139372][ T7610] syz.1.1125: attempt to access beyond end of device
[  135.139372][ T7610] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  135.169395][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.190699][ T7605] loop3: detected capacity change from 0 to 512
[  135.202365][ T7610] syz.1.1125: attempt to access beyond end of device
[  135.202365][ T7610] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  135.241013][ T7605] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.255292][ T7605] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.280173][ T7619] loop0: detected capacity change from 0 to 512
[  135.339907][ T3305] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  135.381398][ T7628] loop2: detected capacity change from 0 to 512
[  135.388312][ T3305] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  135.410274][ T7632] loop0: detected capacity change from 0 to 512
[  135.433722][ T7628] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.449934][ T7628] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.450926][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.474515][ T7632] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  135.500140][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.514640][ T7632] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1133: invalid indirect mapped block 83886080 (level 1)
[  135.534810][ T7632] EXT4-fs (loop0): Remounting filesystem read-only
[  135.544149][ T7632] EXT4-fs (loop0): 1 orphan inode deleted
[  135.550700][ T7632] EXT4-fs (loop0): 1 truncate cleaned up
[  135.571668][ T7632] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.648757][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.730316][ T7654] loop2: detected capacity change from 0 to 1024
[  135.743715][ T7654] EXT4-fs: Ignoring removed nomblk_io_submit option
[  135.754220][ T7654] EXT4-fs: Ignoring removed nomblk_io_submit option
[  135.831266][ T7654] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.865721][ T7641] lo speed is unknown, defaulting to 1000
[  135.913008][ T7653] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.934903][ T7653] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.983738][ T7641] chnl_net:caif_netlink_parms(): no params data found
[  136.042471][ T7665] loop2: detected capacity change from 0 to 512
[  136.100519][ T7674] netlink: 'syz.4.1140': attribute type 10 has an invalid length.
[  136.115718][ T7674] bridge_slave_1: left allmulticast mode
[  136.122617][ T7674] bridge_slave_1: left promiscuous mode
[  136.129197][ T7674] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.131453][ T7677] loop2: detected capacity change from 0 to 512
[  136.146335][ T7677] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  136.159380][ T7674] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  136.182188][ T7677] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  136.195127][ T7677] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  136.211712][ T7677] System zones: 0-1, 15-15, 18-18, 34-34
[  136.218893][ T7677] EXT4-fs (loop2): orphan cleanup on readonly fs
[  136.231489][ T7677] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  136.247834][ T7677] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  136.263277][ T7678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.273842][ T7677] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1144: bg 0: block 40: padding at end of block bitmap is not set
[  136.291533][ T7677] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  136.305519][ T7678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.315364][ T7677] EXT4-fs (loop2): 1 truncate cleaned up
[  136.326043][ T7677] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  136.334738][ T7677] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  136.344010][ T7678] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  136.356219][ T7678] bond0 (unregistering): Released all slaves
[  136.372433][ T7641] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.381171][ T7641] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.390239][ T7641] bridge_slave_0: entered allmulticast mode
[  136.396801][ T7641] bridge_slave_0: entered promiscuous mode
[  136.418646][ T7689] loop2: detected capacity change from 0 to 512
[  136.426974][ T7641] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.435469][ T7641] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.446940][ T7689] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  136.447067][ T7641] bridge_slave_1: entered allmulticast mode
[  136.476282][ T7641] bridge_slave_1: entered promiscuous mode
[  136.489986][ T7689] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.1148: invalid indirect mapped block 83886080 (level 1)
[  136.513996][ T7641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.517350][ T7689] EXT4-fs (loop2): Remounting filesystem read-only
[  136.529139][ T7641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.552517][ T7641] team0: Port device team_slave_0 added
[  136.566221][ T7641] team0: Port device team_slave_1 added
[  136.571324][ T7689] EXT4-fs (loop2): 1 orphan inode deleted
[  136.581274][ T7689] EXT4-fs (loop2): 1 truncate cleaned up
[  136.637387][ T7692] program syz.0.1149 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  136.647188][ T7702] loop4: detected capacity change from 0 to 512
[  136.657367][ T7641] batman_adv: batadv0: Adding interface: batadv_slave_0
[  136.667248][ T7641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.698238][ T7641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.726867][ T7702] ext4 filesystem being mounted at /231/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.747862][ T7707] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  136.756336][ T7707] team0: Device ipvlan2 is already an upper device of the team interface
[  136.773450][ T7641] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.781492][ T7641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.811301][ T7641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.853173][ T7641] hsr_slave_0: entered promiscuous mode
[  136.863367][ T7641] hsr_slave_1: entered promiscuous mode
[  136.903188][ T7713] loop4: detected capacity change from 0 to 512
[  136.917898][ T7715] loop0: detected capacity change from 0 to 512
[  136.933226][ T7715] EXT4-fs: Ignoring removed i_version option
[  136.944299][ T7715] EXT4-fs (loop0): orphan cleanup on readonly fs
[  136.981017][ T7713] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.998308][ T7715] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1157: bg 0: block 131: padding at end of block bitmap is not set
[  137.016964][ T7715] EXT4-fs (loop0): Remounting filesystem read-only
[  137.024471][ T7715] EXT4-fs (loop0): 1 truncate cleaned up
[  137.071703][ T7641] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  137.082792][ T7641] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  137.093862][ T7641] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  137.105244][ T7641] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  137.149538][ T7730] __nla_validate_parse: 35 callbacks suppressed
[  137.149592][ T7730] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1159'.
[  137.198119][ T7641] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.212595][ T7641] 8021q: adding VLAN 0 to HW filter on device team0
[  137.223312][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.231558][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.242086][ T7732] loop4: detected capacity change from 0 to 512
[  137.252179][ T7732] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  137.267189][ T7732] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  137.283585][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.291770][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.307848][ T7732] EXT4-fs (loop4): Remounting filesystem read-only
[  137.316435][ T7732] EXT4-fs (loop4): 1 orphan inode deleted
[  137.323244][ T7732] EXT4-fs (loop4): 1 truncate cleaned up
[  137.397666][ T7641] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.464004][ T7745] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1162'.
[  137.503470][ T7745] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  137.512700][ T7745] batman_adv: batadv0: Removing interface: batadv_slave_0
[  137.536222][ T7745] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  137.544084][ T7745] batman_adv: batadv0: Removing interface: batadv_slave_1
[  137.590567][ T7755] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1164'.
[  137.805625][ T7641] veth0_vlan: entered promiscuous mode
[  137.862558][ T7641] veth1_vlan: entered promiscuous mode
[  137.871149][ T7776] loop2: detected capacity change from 0 to 2048
[  137.889814][ T7778] loop4: detected capacity change from 0 to 2048
[  137.907856][ T7641] veth0_macvtap: entered promiscuous mode
[  137.947910][ T7782] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.989592][ T7792] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  138.036962][ T7788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.046129][ T7792] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  138.049067][ T7641] veth1_macvtap: entered promiscuous mode
[  138.061375][ T7792] EXT4-fs (loop2): This should not happen!! Data will be lost
[  138.061375][ T7792] 
[  138.061392][ T7792] EXT4-fs (loop2): Total free blocks count 0
[  138.061404][ T7792] EXT4-fs (loop2): Free/Dirty block details
[  138.061415][ T7792] EXT4-fs (loop2): free_blocks=2415919504
[  138.093565][ T7788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  138.097907][ T7792] EXT4-fs (loop2): dirty_blocks=512
[  138.119806][ T7792] EXT4-fs (loop2): Block reservation details
[  138.126525][ T7792] EXT4-fs (loop2): i_reserved_data_blocks=32
[  138.160356][ T7792] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  138.163302][ T7782] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.176780][ T7792] EXT4-fs (loop2): This should not happen!! Data will be lost
[  138.176780][ T7792] 
[  138.220513][ T7641] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.253356][ T7641] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.275363][ T7782] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.315427][ T7641] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.326399][ T7641] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.336557][ T7641] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.345909][ T7641] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.401225][ T7782] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.433705][   T29] kauditd_printk_skb: 142 callbacks suppressed
[  138.433785][   T29] audit: type=1400 audit(1750212548.148:4548): avc:  denied  { mount } for  pid=7641 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  138.549185][ T7782] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.562725][ T7782] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.577923][ T7782] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.604873][ T7782] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.660182][ T7814] loop5: detected capacity change from 0 to 512
[  138.668927][   T29] audit: type=1400 audit(1750212548.148:4549): avc:  denied  { mounton } for  pid=7641 comm="syz-executor" path="/root/syzkaller.L86lXm/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  138.701758][   T29] audit: type=1400 audit(1750212548.179:4550): avc:  denied  { mount } for  pid=7641 comm="syz-executor" name="/" dev="gadgetfs" ino=3496 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  138.727153][   T29] audit: type=1400 audit(1750212548.190:4551): avc:  denied  { add_name } for  pid=7641 comm="syz-executor" name="syz5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  138.755960][   T29] audit: type=1400 audit(1750212548.190:4552): avc:  denied  { associate } for  pid=7641 comm="syz-executor" name="syz5" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  138.824140][ T3454] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  138.861238][ T7814] ext4 filesystem being mounted at /0/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.884177][ T3454] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  138.890153][ T7814] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1136'.
[  138.898734][ T3454] EXT4-fs (loop4): This should not happen!! Data will be lost
[  138.898734][ T3454] 
[  138.898751][ T3454] EXT4-fs (loop4): Total free blocks count 0
[  138.933669][ T3454] EXT4-fs (loop4): Free/Dirty block details
[  138.946802][ T3454] EXT4-fs (loop4): free_blocks=2415919504
[  138.953749][ T3454] EXT4-fs (loop4): dirty_blocks=13248
[  138.961319][ T3454] EXT4-fs (loop4): Block reservation details
[  138.967814][ T3454] EXT4-fs (loop4): i_reserved_data_blocks=828
[  139.004801][  T403] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  139.020209][  T403] EXT4-fs (loop4): This should not happen!! Data will be lost
[  139.020209][  T403] 
[  139.039195][ T7814] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #4: comm syz.5.1136: corrupted inode contents
[  139.053303][ T7814] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #4: comm syz.5.1136: mark_inode_dirty error
[  139.067915][ T7814] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #4: comm syz.5.1136: corrupted inode contents
[  139.090022][ T7817] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1136'.
[  139.122388][ T7817] 0ªX¹¦À: renamed from caif0
[  139.145866][ T7817] 0ªX¹¦À: entered allmulticast mode
[  139.153502][ T7814] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #4: comm syz.5.1136: mark_inode_dirty error
[  139.156865][ T7817] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  139.200946][ T7814] Quota error (device loop5): write_blk: dquota write failed
[  139.209859][ T7814] Quota error (device loop5): find_free_dqentry: Can't write quota data block 5
[  139.223018][ T7814] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  139.234043][ T7814] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1136: Failed to acquire dquot type 1
[  139.324149][ T7819] loop0: detected capacity change from 0 to 512
[  139.335166][ T7819] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  139.382730][ T7827] loop5: detected capacity change from 0 to 512
[  139.393367][ T7819] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  139.402879][ T7819] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  139.414952][ T7819] System zones: 0-1, 15-15, 18-18, 34-34
[  139.422697][ T7827] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  139.451141][ T7819] EXT4-fs (loop0): orphan cleanup on readonly fs
[  139.460497][ T7819] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  139.473946][ T7819] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  139.492491][ T7819] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  139.501392][ T7821] loop2: detected capacity change from 0 to 512
[  139.509831][ T7827] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  139.520756][ T7827] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  139.530271][ T7819] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1174: bg 0: block 40: padding at end of block bitmap is not set
[  139.547938][ T7827] System zones: 0-1, 15-15, 18-18, 34-34
[  139.554856][ T7819] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  139.565906][ T7827] EXT4-fs (loop5): orphan cleanup on readonly fs
[  139.574829][ T7827] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0
[  139.585463][ T7827] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  139.601802][ T7827] EXT4-fs (loop5): Cannot turn on quotas: error -22
[  139.609612][ T7819] EXT4-fs (loop0): 1 truncate cleaned up
[  139.614011][ T7821] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  139.630756][ T7827] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1177: bg 0: block 40: padding at end of block bitmap is not set
[  139.648528][ T7819] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  139.657492][ T7819] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  139.666584][ T7821] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  139.694161][ T7827] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  139.708604][ T7821] EXT4-fs (loop2): Remounting filesystem read-only
[  139.716781][ T7827] EXT4-fs (loop5): 1 truncate cleaned up
[  139.727853][ T7847] loop4: detected capacity change from 0 to 1024
[  139.747869][ T7847] EXT4-fs (loop4): inodes count not valid: 19 vs 32
[  139.756008][ T7827] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  139.766035][ T7827] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  139.779516][ T7821] EXT4-fs (loop2): 1 orphan inode deleted
[  139.785397][ T7849] Invalid ELF header magic: != ELF
[  139.786045][ T7821] EXT4-fs (loop2): 1 truncate cleaned up
[  139.903409][ T7859] loop5: detected capacity change from 0 to 512
[  139.922035][ T7859] ext4 filesystem being mounted at /3/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.969151][ T7863] loop2: detected capacity change from 0 to 512
[  140.009543][ T7859] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1186'.
[  140.058916][ T7863] ext4 filesystem being mounted at /244/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  140.101607][ T7874] loop0: detected capacity change from 0 to 512
[  140.109486][ T7875] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #4: comm syz.5.1186: corrupted inode contents
[  140.147152][ T7859] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1186'.
[  140.151387][ T7875] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #4: comm syz.5.1186: mark_inode_dirty error
[  140.159898][ T7874] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  140.186381][ T7877] loop4: detected capacity change from 0 to 512
[  140.198514][ T7859] 1ªX¹¦À: renamed from 
60ªX¹¦À
[  140.208112][ T7875] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #4: comm syz.5.1186: corrupted inode contents
[  140.223415][ T7874] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  140.239353][ T7875] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #4: comm syz.5.1186: mark_inode_dirty error
[  140.252331][ T7859] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  140.278686][ T7877] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  140.289874][ T7875] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1186: Failed to acquire dquot type 1
[  140.318209][ T7877] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  140.351007][ T7874] EXT4-fs (loop0): Remounting filesystem read-only
[  140.372380][ T7874] EXT4-fs (loop0): 1 orphan inode deleted
[  140.379302][ T7874] EXT4-fs (loop0): 1 truncate cleaned up
[  140.397856][ T7892] loop2: detected capacity change from 0 to 512
[  140.420091][ T7892] /dev/loop2: Can't open blockdev
[  140.444956][ T7877] EXT4-fs (loop4): Remounting filesystem read-only
[  140.463785][ T7888] Invalid ELF header magic: != ELF
[  140.504717][ T7877] EXT4-fs (loop4): 1 orphan inode deleted
[  140.512002][ T7877] EXT4-fs (loop4): 1 truncate cleaned up
[  140.610721][ T7912] loop5: detected capacity change from 0 to 1024
[  140.658823][ T7927] loop4: detected capacity change from 0 to 512
[  140.699674][ T7927] ext4 filesystem being mounted at /244/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.716871][ T7927] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1207'.
[  140.770311][ T7927] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #4: comm syz.4.1207: corrupted inode contents
[  140.802391][ T7927] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #4: comm syz.4.1207: mark_inode_dirty error
[  140.841000][ T7944] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  140.849588][ T7946] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1207'.
[  140.856204][ T7927] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #4: comm syz.4.1207: corrupted inode contents
[  140.877856][ T7944] loop5: detected capacity change from 0 to 512
[  140.908890][ T7944] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.914960][ T7946] 0ªX¹¦À: renamed from 
61ªX¹¦À
[  140.937298][ T7950] loop0: detected capacity change from 0 to 512
[  140.944703][ T7927] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #4: comm syz.4.1207: mark_inode_dirty error
[  140.986877][ T7641] EXT4-fs error (device loop5): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  141.003854][ T7950] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  141.025043][ T7946] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  141.046681][ T7641] EXT4-fs error (device loop5): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  141.062142][ T7950] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  141.071419][ T7950] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  141.091276][ T7927] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1207: Failed to acquire dquot type 1
[  141.110512][ T7950] System zones: 0-1, 15-15, 18-18, 34-34
[  141.118385][ T7950] EXT4-fs (loop0): orphan cleanup on readonly fs
[  141.142969][ T7950] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  141.160982][ T7950] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  141.212381][ T7950] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1212: bg 0: block 40: padding at end of block bitmap is not set
[  141.245011][ T7950] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  141.259765][ T7950] EXT4-fs (loop0): 1 truncate cleaned up
[  141.271261][ T7950] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  141.281080][ T7950] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  141.339814][   T31] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.411204][   T31] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.441082][ T7972] loop0: detected capacity change from 0 to 512
[  141.476196][ T7972] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  141.496595][   T31] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.540576][ T7983] loop4: detected capacity change from 0 to 512
[  141.610160][   T31] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.685945][ T7983] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.738910][ T8002] Invalid ELF header magic: != ELF
[  141.764059][   T31] bridge_slave_1: left allmulticast mode
[  141.772026][   T31] bridge_slave_1: left promiscuous mode
[  141.778903][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.845442][   T31] bridge_slave_0: left allmulticast mode
[  141.852414][   T31] bridge_slave_0: left promiscuous mode
[  141.858933][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.900668][ T8011] FAULT_INJECTION: forcing a failure.
[  141.900668][ T8011] name failslab, interval 1, probability 0, space 0, times 0
[  141.919061][ T8011] CPU: 0 UID: 0 PID: 8011 Comm: syz.4.1232 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  141.919094][ T8011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.919106][ T8011] Call Trace:
[  141.919114][ T8011]  <TASK>
[  141.919122][ T8011]  __dump_stack+0x1d/0x30
[  141.919146][ T8011]  dump_stack_lvl+0xe8/0x140
[  141.919189][ T8011]  dump_stack+0x15/0x1b
[  141.919208][ T8011]  should_fail_ex+0x265/0x280
[  141.919237][ T8011]  should_failslab+0x8c/0xb0
[  141.919326][ T8011]  kmem_cache_alloc_node_noprof+0x57/0x320
[  141.919355][ T8011]  ? __alloc_skb+0x101/0x320
[  141.919382][ T8011]  __alloc_skb+0x101/0x320
[  141.919445][ T8011]  netlink_alloc_large_skb+0xba/0xf0
[  141.919477][ T8011]  netlink_sendmsg+0x3cf/0x6b0
[  141.919498][ T8011]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.919532][ T8011]  __sock_sendmsg+0x142/0x180
[  141.919623][ T8011]  ____sys_sendmsg+0x31e/0x4e0
[  141.919677][ T8011]  ___sys_sendmsg+0x17b/0x1d0
[  141.919805][ T8011]  __x64_sys_sendmsg+0xd4/0x160
[  141.919841][ T8011]  x64_sys_call+0x2999/0x2fb0
[  141.919864][ T8011]  do_syscall_64+0xd2/0x200
[  141.919884][ T8011]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.919908][ T8011]  ? clear_bhb_loop+0x40/0x90
[  141.920000][ T8011]  ? clear_bhb_loop+0x40/0x90
[  141.920021][ T8011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.920044][ T8011] RIP: 0033:0x7fb988d6e929
[  141.920060][ T8011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.920141][ T8011] RSP: 002b:00007fb9873d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.920161][ T8011] RAX: ffffffffffffffda RBX: 00007fb988f95fa0 RCX: 00007fb988d6e929
[  141.920174][ T8011] RDX: 0000000000002000 RSI: 0000200000000940 RDI: 0000000000000003
[  141.920255][ T8011] RBP: 00007fb9873d7090 R08: 0000000000000000 R09: 0000000000000000
[  141.920267][ T8011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.920280][ T8011] R13: 0000000000000000 R14: 00007fb988f95fa0 R15: 00007ffd1a23c678
[  141.920307][ T8011]  </TASK>
[  142.321139][ T8022] loop4: detected capacity change from 0 to 2048
[  142.383241][ T3929]  loop4: p1 < > p4
[  142.388825][ T3929] loop4: p4 size 8388608 extends beyond EOD, truncated
[  142.403774][ T8022]  loop4: p1 < > p4
[  142.408853][ T8022] loop4: p4 size 8388608 extends beyond EOD, truncated
[  142.410317][   T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.495012][ T3929] udevd[3929]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  142.507924][ T3679] udevd[3679]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  142.537278][ T8033] loop4: detected capacity change from 0 to 512
[  142.588403][   T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.600892][   T31] bond0 (unregistering): Released all slaves
[  142.624210][ T8017] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1234'.
[  142.637032][ T8033] ext4 filesystem being mounted at /254/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  142.793564][ T8041] loop2: detected capacity change from 0 to 512
[  142.797228][ T7980] lo speed is unknown, defaulting to 1000
[  142.803241][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  142.817840][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  142.822185][ T8049] loop0: detected capacity change from 0 to 1024
[  142.847223][ T8041] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  142.850311][ T8049] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.878140][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  142.893360][ T8049] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.904550][ T8041] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  142.929375][ T8057] loop4: detected capacity change from 0 to 512
[  142.936925][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  142.948038][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  142.959959][   T31] hsr_slave_0: left promiscuous mode
[  142.976177][   T31] hsr_slave_1: left promiscuous mode
[  143.004597][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  143.018917][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.027429][   T31] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.037713][ T8041] EXT4-fs (loop2): Remounting filesystem read-only
[  143.045252][ T8041] EXT4-fs (loop2): 1 orphan inode deleted
[  143.052284][ T8041] EXT4-fs (loop2): 1 truncate cleaned up
[  143.076325][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  143.078628][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.086504][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  143.094440][   T31] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.106315][ T8046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1240'.
[  143.168525][   T31] veth1_macvtap: left promiscuous mode
[  143.175014][   T31] veth0_macvtap: left promiscuous mode
[  143.182517][   T31] veth1_vlan: left promiscuous mode
[  143.188422][   T31] veth0_vlan: left promiscuous mode
[  143.260543][ T8070] FAULT_INJECTION: forcing a failure.
[  143.260543][ T8070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.275786][ T8070] CPU: 1 UID: 0 PID: 8070 Comm: syz.4.1244 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  143.275879][ T8070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  143.275898][ T8070] Call Trace:
[  143.275903][ T8070]  <TASK>
[  143.275910][ T8070]  __dump_stack+0x1d/0x30
[  143.275930][ T8070]  dump_stack_lvl+0xe8/0x140
[  143.275947][ T8070]  dump_stack+0x15/0x1b
[  143.275961][ T8070]  should_fail_ex+0x265/0x280
[  143.275988][ T8070]  should_fail+0xb/0x20
[  143.276091][ T8070]  should_fail_usercopy+0x1a/0x20
[  143.276118][ T8070]  _copy_from_iter+0xcf/0xe40
[  143.276134][ T8070]  ? __build_skb_around+0x1a0/0x200
[  143.276162][ T8070]  ? __alloc_skb+0x223/0x320
[  143.276189][ T8070]  pfkey_sendmsg+0x126/0x900
[  143.276279][ T8070]  ? avc_has_perm+0xd3/0x150
[  143.276374][ T8070]  ? selinux_socket_sendmsg+0x175/0x1b0
[  143.276408][ T8070]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  143.276446][ T8070]  __sock_sendmsg+0x142/0x180
[  143.276470][ T8070]  ____sys_sendmsg+0x31e/0x4e0
[  143.276502][ T8070]  ___sys_sendmsg+0x17b/0x1d0
[  143.276592][ T8070]  __x64_sys_sendmsg+0xd4/0x160
[  143.276626][ T8070]  x64_sys_call+0x2999/0x2fb0
[  143.276645][ T8070]  do_syscall_64+0xd2/0x200
[  143.276663][ T8070]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  143.276728][ T8070]  ? clear_bhb_loop+0x40/0x90
[  143.276763][ T8070]  ? clear_bhb_loop+0x40/0x90
[  143.276801][ T8070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.276819][ T8070] RIP: 0033:0x7fb988d6e929
[  143.276832][ T8070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.276861][ T8070] RSP: 002b:00007fb9873d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  143.276896][ T8070] RAX: ffffffffffffffda RBX: 00007fb988f95fa0 RCX: 00007fb988d6e929
[  143.276910][ T8070] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  143.276945][ T8070] RBP: 00007fb9873d7090 R08: 0000000000000000 R09: 0000000000000000
[  143.276957][ T8070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.276970][ T8070] R13: 0000000000000000 R14: 00007fb988f95fa0 R15: 00007ffd1a23c678
[  143.276988][ T8070]  </TASK>
[  143.531740][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  143.531805][   T29] audit: type=1326 audit(1750212553.502:4622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.607281][   T29] audit: type=1326 audit(1750212553.565:4623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.633739][   T29] audit: type=1326 audit(1750212553.565:4624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.660387][   T29] audit: type=1326 audit(1750212553.565:4625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.687849][   T29] audit: type=1326 audit(1750212553.565:4626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.718396][   T29] audit: type=1326 audit(1750212553.565:4627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.745844][   T29] audit: type=1326 audit(1750212553.565:4628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.746891][ T8081] 9pnet_fd: Insufficient options for proto=fd
[  143.772343][   T29] audit: type=1326 audit(1750212553.565:4629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.802058][ T8078] loop4: detected capacity change from 0 to 512
[  143.805264][   T29] audit: type=1326 audit(1750212553.565:4630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.838666][   T29] audit: type=1326 audit(1750212553.565:4631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8073 comm="syz.0.1246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  143.867961][   T31] team0 (unregistering): Port device team_slave_1 removed
[  143.903516][   T31] team0 (unregistering): Port device team_slave_0 removed
[  143.944515][ T8093] loop4: detected capacity change from 0 to 512
[  143.982742][ T8093] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.038236][ T8094] vhci_hcd: default hub control req: 0000 v0000 i0000 l65535
[  144.220812][ T7980] chnl_net:caif_netlink_parms(): no params data found
[  144.244616][ T8111] Invalid ELF header magic: != ELF
[  144.405314][ T7980] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.413655][ T7980] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.429279][ T8147] loop0: detected capacity change from 0 to 512
[  144.478684][ T7980] bridge_slave_0: entered allmulticast mode
[  144.503221][ T7980] bridge_slave_0: entered promiscuous mode
[  144.520773][ T8156] openvswitch: netlink: Message has 6 unknown bytes.
[  144.535861][ T8128] loop4: detected capacity change from 0 to 512
[  144.543063][ T7980] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.550929][ T7980] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.589349][ T8128] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  144.589710][ T7980] bridge_slave_1: entered allmulticast mode
[  144.613696][ T7980] bridge_slave_1: entered promiscuous mode
[  144.639409][ T8128] EXT4-fs (loop4): mount failed
[  144.677335][ T7980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.702845][ T7980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.772094][ T7980] team0: Port device team_slave_0 added
[  144.794080][ T7980] team0: Port device team_slave_1 added
[  144.807829][ T8180] SELinux:  Context system_u:object_r:dhcpd_var_run_t:s0 is not valid (left unmapped).
[  144.853423][ T7980] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.861366][ T7980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.875317][ T8192] Invalid ELF header magic: != ELF
[  144.890008][ T7980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.913887][ T7980] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.921377][ T7980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.950001][ T7980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.027579][ T7980] hsr_slave_0: entered promiscuous mode
[  145.034761][ T7980] hsr_slave_1: entered promiscuous mode
[  145.265658][ T8221] loop0: detected capacity change from 0 to 2048
[  145.274632][ T7980] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  145.296303][ T7980] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  145.324535][ T7980] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  145.324689][ T8223] 9pnet_fd: Insufficient options for proto=fd
[  145.354331][ T7980] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  145.408523][ T8237] loop0: detected capacity change from 0 to 512
[  145.417478][ T8237] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  145.502603][ T7980] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.527328][ T8237] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  145.536985][ T8237] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  145.573281][ T8237] System zones: 0-1, 15-15, 18-18, 34-34
[  145.573603][ T7980] 8021q: adding VLAN 0 to HW filter on device team0
[  145.580358][ T8237] EXT4-fs (loop0): orphan cleanup on readonly fs
[  145.594928][ T8237] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  145.610652][ T8237] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  145.618759][ T8237] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1277: bg 0: block 40: padding at end of block bitmap is not set
[  145.633783][ T8237] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  145.644410][ T8237] EXT4-fs (loop0): 1 truncate cleaned up
[  145.665961][ T8237] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  145.675061][ T8237] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  145.705735][ T6609] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.713702][ T6609] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.726596][ T6609] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.734137][ T6609] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.881834][ T7980] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.894941][ T8254] loop2: detected capacity change from 0 to 512
[  145.899063][ T8248] Invalid ELF header magic: != ELF
[  145.920627][ T8254] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  145.977384][ T8254] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  146.130667][ T8254] EXT4-fs (loop2): Remounting filesystem read-only
[  146.132100][ T8278] lo speed is unknown, defaulting to 1000
[  146.138951][ T8254] EXT4-fs (loop2): 1 orphan inode deleted
[  146.150931][ T8254] EXT4-fs (loop2): 1 truncate cleaned up
[  146.185203][ T8278] loop0: detected capacity change from 0 to 512
[  146.192834][ T8278] EXT4-fs: Ignoring removed mblk_io_submit option
[  146.200043][ T8278] EXT4-fs: Ignoring removed bh option
[  146.206801][ T8278] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  146.228260][ T8278] EXT4-fs (loop0): 1 truncate cleaned up
[  146.242954][ T8278] FAULT_INJECTION: forcing a failure.
[  146.242954][ T8278] name failslab, interval 1, probability 0, space 0, times 0
[  146.256519][ T8278] CPU: 0 UID: 0 PID: 8278 Comm: syz.0.1283 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  146.256545][ T8278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.256620][ T8278] Call Trace:
[  146.256628][ T8278]  <TASK>
[  146.256635][ T8278]  __dump_stack+0x1d/0x30
[  146.256668][ T8278]  dump_stack_lvl+0xe8/0x140
[  146.256685][ T8278]  dump_stack+0x15/0x1b
[  146.256813][ T8278]  should_fail_ex+0x265/0x280
[  146.256842][ T8278]  should_failslab+0x8c/0xb0
[  146.256864][ T8278]  kmem_cache_alloc_noprof+0x50/0x310
[  146.256887][ T8278]  ? ext4_mb_new_blocks+0x2ce/0x2050
[  146.256903][ T8278]  ? __mark_inode_dirty+0x43c/0x760
[  146.256961][ T8278]  ext4_mb_new_blocks+0x2ce/0x2050
[  146.257043][ T8278]  ? ext4_ind_map_blocks+0x814/0x14f0
[  146.257069][ T8278]  ? ext4_get_branch+0x321/0x3a0
[  146.257093][ T8278]  ext4_ind_map_blocks+0xb4c/0x14f0
[  146.257202][ T8278]  ext4_map_blocks+0x5d2/0xd70
[  146.257221][ T8278]  ? __rcu_read_unlock+0x4f/0x70
[  146.257248][ T8278]  _ext4_get_block+0x10a/0x350
[  146.257267][ T8278]  ext4_get_block+0x39/0x50
[  146.257285][ T8278]  ext4_block_write_begin+0x3d3/0xa60
[  146.257396][ T8278]  ? __pfx_ext4_get_block+0x10/0x10
[  146.257481][ T8278]  ? folio_mapping+0xb9/0x120
[  146.257501][ T8278]  ext4_write_begin+0x56b/0xd30
[  146.257590][ T8278]  generic_perform_write+0x184/0x490
[  146.257611][ T8278]  ext4_buffered_write_iter+0x1ee/0x3c0
[  146.257631][ T8278]  ext4_file_write_iter+0x383/0xf00
[  146.257667][ T8278]  ? kstrtouint_from_user+0x9f/0xf0
[  146.257691][ T8278]  ? avc_policy_seqno+0x15/0x30
[  146.257784][ T8278]  ? selinux_file_permission+0x1e4/0x320
[  146.257805][ T8278]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  146.257823][ T8278]  vfs_write+0x4a0/0x8e0
[  146.257864][ T8278]  ksys_write+0xda/0x1a0
[  146.257881][ T8278]  __x64_sys_write+0x40/0x50
[  146.257929][ T8278]  x64_sys_call+0x2cdd/0x2fb0
[  146.257946][ T8278]  do_syscall_64+0xd2/0x200
[  146.257987][ T8278]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  146.258072][ T8278]  ? clear_bhb_loop+0x40/0x90
[  146.258091][ T8278]  ? clear_bhb_loop+0x40/0x90
[  146.258108][ T8278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.258163][ T8278] RIP: 0033:0x7f92eca9e929
[  146.258176][ T8278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.258191][ T8278] RSP: 002b:00007f92eb107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  146.258208][ T8278] RAX: ffffffffffffffda RBX: 00007f92eccc5fa0 RCX: 00007f92eca9e929
[  146.258277][ T8278] RDX: 000000000208e24b RSI: 0000200000000040 RDI: 000000000000000a
[  146.258288][ T8278] RBP: 00007f92eb107090 R08: 0000000000000000 R09: 0000000000000000
[  146.258332][ T8278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.258342][ T8278] R13: 0000000000000000 R14: 00007f92eccc5fa0 R15: 00007fff0c780848
[  146.258357][ T8278]  </TASK>
[  146.739822][ T7980] veth0_vlan: entered promiscuous mode
[  146.757357][ T8304] loop2: detected capacity change from 0 to 512
[  146.798182][ T7980] veth1_vlan: entered promiscuous mode
[  146.822922][ T8296] loop0: detected capacity change from 0 to 512
[  146.830129][ T8296] /dev/loop0: Can't open blockdev
[  146.852183][ T7980] veth0_macvtap: entered promiscuous mode
[  146.868534][ T8313] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  146.876056][ T8313] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  146.884919][ T8313] vhci_hcd vhci_hcd.0: Device attached
[  146.891205][ T7980] veth1_macvtap: entered promiscuous mode
[  146.949509][ T7980] batman_adv: batadv0: Interface activated: batadv_slave_0
[  146.966130][ T7980] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.976829][ T7980] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.988745][ T7980] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.998952][ T7980] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.008916][ T7980] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.019643][ T8314] vhci_hcd: connection closed
[  147.037917][   T31] vhci_hcd: stop threads
[  147.047448][   T31] vhci_hcd: release socket
[  147.053219][   T31] vhci_hcd: disconnect device
[  147.056321][ T3382] vhci_hcd: vhci_device speed not set
[  147.148428][ T8333] loop4: detected capacity change from 0 to 512
[  147.164239][ T8333] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  147.214214][ T8339] loop1: detected capacity change from 0 to 1024
[  147.226817][ T8333] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm +}[@: invalid indirect mapped block 83886080 (level 1)
[  147.228045][ T8342] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  147.272230][ T8333] EXT4-fs (loop4): Remounting filesystem read-only
[  147.292101][ T8342] loop6: detected capacity change from 0 to 512
[  147.323263][ T8333] EXT4-fs (loop4): 1 orphan inode deleted
[  147.329360][ T8333] EXT4-fs (loop4): 1 truncate cleaned up
[  147.400813][ T8342] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.432247][ T7980] EXT4-fs error (device loop6): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  147.448758][ T8339] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.1294: Allocating blocks 497-513 which overlap fs metadata
[  147.464607][ T7980] EXT4-fs error (device loop6): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  147.510920][ T8370] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.569322][ T8375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.572020][ T8376] 9pnet_fd: Insufficient options for proto=fd
[  147.589667][ T8375] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.601487][ T8370] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.685339][ T8383] loop2: detected capacity change from 0 to 512
[  147.715460][ T8370] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.747688][ T8383] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  147.790440][ T8383] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  147.798587][ T8383] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  147.810457][ T8370] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.840620][ T8383] System zones: 0-1, 15-15, 18-18, 34-34
[  147.861517][ T8383] EXT4-fs (loop2): orphan cleanup on readonly fs
[  147.885569][ T8383] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  147.901769][ T8383] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  147.911619][ T8370] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.930858][ T8383] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1302: bg 0: block 40: padding at end of block bitmap is not set
[  147.945095][ T8370] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.968617][ T8370] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.978426][ T8383] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  147.986186][ T8370] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.067520][ T8383] EXT4-fs (loop2): 1 truncate cleaned up
[  148.074952][ T8383] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  148.083753][ T8383] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  148.196394][ T8407] FAULT_INJECTION: forcing a failure.
[  148.196394][ T8407] name failslab, interval 1, probability 0, space 0, times 0
[  148.210439][ T8407] CPU: 0 UID: 0 PID: 8407 Comm: syz.2.1304 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  148.210493][ T8407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  148.210506][ T8407] Call Trace:
[  148.210514][ T8407]  <TASK>
[  148.210523][ T8407]  __dump_stack+0x1d/0x30
[  148.210545][ T8407]  dump_stack_lvl+0xe8/0x140
[  148.210567][ T8407]  dump_stack+0x15/0x1b
[  148.210582][ T8407]  should_fail_ex+0x265/0x280
[  148.210715][ T8407]  should_failslab+0x8c/0xb0
[  148.210850][ T8407]  kmem_cache_alloc_node_noprof+0x57/0x320
[  148.210879][ T8407]  ? __alloc_skb+0x101/0x320
[  148.210904][ T8407]  __alloc_skb+0x101/0x320
[  148.210932][ T8407]  pfkey_sendmsg+0xd7/0x900
[  148.211067][ T8407]  ? avc_has_perm+0xd3/0x150
[  148.211098][ T8407]  ? selinux_socket_sendmsg+0x175/0x1b0
[  148.211134][ T8407]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  148.211171][ T8407]  __sock_sendmsg+0x142/0x180
[  148.211317][ T8407]  ____sys_sendmsg+0x31e/0x4e0
[  148.211355][ T8407]  ___sys_sendmsg+0x17b/0x1d0
[  148.211434][ T8407]  __x64_sys_sendmsg+0xd4/0x160
[  148.211468][ T8407]  x64_sys_call+0x2999/0x2fb0
[  148.211491][ T8407]  do_syscall_64+0xd2/0x200
[  148.211509][ T8407]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  148.211614][ T8407]  ? clear_bhb_loop+0x40/0x90
[  148.211632][ T8407]  ? clear_bhb_loop+0x40/0x90
[  148.211655][ T8407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.211677][ T8407] RIP: 0033:0x7f0d9e7de929
[  148.211754][ T8407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.211770][ T8407] RSP: 002b:00007f0d9ce47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  148.211787][ T8407] RAX: ffffffffffffffda RBX: 00007f0d9ea05fa0 RCX: 00007f0d9e7de929
[  148.211798][ T8407] RDX: 0000000000000000 RSI: 00002000005f5000 RDI: 0000000000000003
[  148.211811][ T8407] RBP: 00007f0d9ce47090 R08: 0000000000000000 R09: 0000000000000000
[  148.211866][ T8407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.211876][ T8407] R13: 0000000000000000 R14: 00007f0d9ea05fa0 R15: 00007ffe6473ec28
[  148.211892][ T8407]  </TASK>
[  148.497294][ T8412] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  148.504455][ T8412] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  148.505830][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  148.505846][   T29] audit: type=1326 audit(1750212558.720:4780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.512644][ T8412] vhci_hcd vhci_hcd.0: Device attached
[  148.519059][   T29] audit: type=1326 audit(1750212558.720:4781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.519089][   T29] audit: type=1326 audit(1750212558.720:4782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.605116][   T29] audit: type=1326 audit(1750212558.720:4783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.605830][ T8412] __nla_validate_parse: 44 callbacks suppressed
[  148.605907][ T8412] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1308'.
[  148.631579][   T29] audit: type=1326 audit(1750212558.720:4784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.641218][   T29] audit: type=1326 audit(1750212558.804:4785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.648983][ T8412] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1308'.
[  148.674580][   T29] audit: type=1326 audit(1750212558.804:4786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.737371][   T29] audit: type=1326 audit(1750212558.857:4787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.737529][ T8412] netlink: 204 bytes leftover after parsing attributes in process `syz.2.1308'.
[  148.763887][   T29] audit: type=1326 audit(1750212558.857:4788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.801269][   T29] audit: type=1326 audit(1750212558.857:4789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.0.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f92eca9e929 code=0x7ffc0000
[  148.801571][    T9] vhci_hcd: vhci_device speed not set
[  148.859271][ T8420] loop4: detected capacity change from 0 to 512
[  148.885578][ T2998] ==================================================================
[  148.895008][ T2998] BUG: KCSAN: data-race in dentry_unlink_inode / step_into
[  148.903210][ T2998] 
[  148.905629][ T2998] write to 0xffff88811c38ecf0 of 8 bytes by task 3929 on cpu 1:
[  148.913868][ T2998]  dentry_unlink_inode+0x65/0x260
[  148.919541][ T2998]  d_delete+0x164/0x180
[  148.924070][ T2998]  d_delete_notify+0x32/0x100
[  148.929752][ T2998]  vfs_unlink+0x30b/0x420
[  148.934884][ T2998]  do_unlinkat+0x28e/0x4c0
[  148.939977][ T2998]  __x64_sys_unlink+0x2e/0x40
[  148.945220][ T2998]  x64_sys_call+0x22a6/0x2fb0
[  148.950347][ T2998]  do_syscall_64+0xd2/0x200
[  148.956652][ T2998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.962756][ T2998] 
[  148.965225][ T2998] read to 0xffff88811c38ecf0 of 8 bytes by task 2998 on cpu 0:
[  148.973991][ T2998]  step_into+0x122/0x820
[  148.978435][ T2998]  walk_component+0x162/0x220
[  148.983573][ T2998]  path_lookupat+0xfe/0x2a0
[  148.989911][ T2998]  filename_lookup+0x147/0x340
[  148.998595][ T2998]  do_readlinkat+0x7d/0x320
[  149.005102][ T2998]  __x64_sys_readlink+0x47/0x60
[  149.010495][ T2998]  x64_sys_call+0x2cf3/0x2fb0
[  149.016657][ T2998]  do_syscall_64+0xd2/0x200
[  149.022278][ T2998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.029261][ T2998] 
[  149.032017][ T2998] value changed: 0xffff888119302930 -> 0x0000000000000000
[  149.039928][ T2998] 
[  149.042449][ T2998] Reported by Kernel Concurrency Sanitizer on:
[  149.049203][ T2998] CPU: 0 UID: 0 PID: 2998 Comm: udevd Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[  149.062420][ T2998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  149.073824][ T2998] ==================================================================
[  149.096184][ T8420] ext4 filesystem being mounted at /271/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.109891][ T8413] vhci_hcd: connection closed
[  149.110193][   T31] vhci_hcd: stop threads
[  149.120825][   T31] vhci_hcd: release socket
[  149.126746][   T31] vhci_hcd: disconnect device
[  149.142272][    T9] usb 5-1: new full-speed USB device number 5 using vhci_hcd
[  149.153557][    T9] usb 5-1: enqueue for inactive port 0
[  149.154695][ T3311] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  149.161913][    T9] usb 5-1: enqueue for inactive port 0
[  149.177263][ T3311] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  149.183800][    T9] usb 5-1: enqueue for inactive port 0
[  149.265717][    T9] vhci_hcd: vhci_device speed not set
[  149.452081][ T6620] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.554010][ T6620] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.595509][ T6620] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.639971][ T6620] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.706681][ T6620] bridge_slave_1: left allmulticast mode
[  150.713126][ T6620] bridge_slave_1: left promiscuous mode
[  150.719169][ T6620] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.730226][ T6620] bridge_slave_0: left allmulticast mode
[  150.736126][ T6620] bridge_slave_0: left promiscuous mode
[  150.742984][ T6620] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.812103][ T6620] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  150.823419][ T6620] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  150.834452][ T6620] bond0 (unregistering): Released all slaves
[  150.896688][ T6620] hsr_slave_0: left promiscuous mode
[  150.903010][ T6620] hsr_slave_1: left promiscuous mode
[  150.909364][ T6620] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  150.916936][ T6620] batman_adv: batadv0: Removing interface: batadv_slave_0
[  150.925581][ T6620] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  150.933480][ T6620] batman_adv: batadv0: Removing interface: batadv_slave_1
[  150.946644][ T6620] veth1_macvtap: left promiscuous mode
[  150.952253][ T6620] veth0_macvtap: left promiscuous mode
[  150.958137][ T6620] veth1_vlan: left promiscuous mode
[  150.963637][ T6620] veth0_vlan: left promiscuous mode
[  151.030670][ T6620] team0 (unregistering): Port device team_slave_1 removed
[  151.041081][ T6620] team0 (unregistering): Port device team_slave_0 removed
[  152.450856][   T31] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.487254][   T31] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.534184][   T31] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.591570][   T31] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.654191][   T31] bridge_slave_0: left allmulticast mode
[  152.660781][   T31] bridge_slave_0: left promiscuous mode
[  152.667057][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.744292][   T31] bond1 (unregistering): Released all slaves
[  152.797715][   T31] tipc: Left network mode
[  152.824065][   T31] hsr_slave_0: left promiscuous mode
[  152.832072][   T31] hsr_slave_1: left promiscuous mode
[  152.841978][   T31] veth1_macvtap: left promiscuous mode
[  152.850113][   T31] veth0_macvtap: left promiscuous mode
[  152.856061][   T31] veth1_vlan: left promiscuous mode
[  152.862620][   T31] veth0_vlan: left promiscuous mode
[  152.932239][   T31] team0 (unregistering): Port device team_slave_1 removed
[  152.942066][   T31] team0 (unregistering): Port device team_slave_0 removed